The disclosed technology relates to a context service system configured to receive, from a subscriber, a shared customer lookup request that includes a first customer data identifier and identify, in a shared data partition, a second customer data identifier associated with the first customer data identifier. The context service system is further configured to determine that the second customer data identifier is associated with customer information in a subscriber data partition and transmit, to the subscriber system, the customer information from the subscriber data partition.

Computer systems and methods are provided for determining an authentication result. A computer system receives a first set of data that corresponds to a first entity. A machine learning system determines a first set of one or more values that correspond to the first set of data. The computer system receives a second set of data that corresponds to a second entity. The machine learning system determines a second set of one or more values that corresponds to the second set of data. The second set of one or more values are determined using at least a portion of the first set of one or more values.

A method, computer system, and a computer program product for accessing data in a network is provided. The present invention may include reading a control blockchain, by a non-trusted node, to enable the non-trusted node to read an asset from a trusted node blockchain on a trusted node. The present invention may also include reading the trusted node blockchain by the non-trusted node. The present invention may then include creating, by the non-trusted node, a new block on a temporary blockchain based on the read trusted node blockchain. The present invention may further include transmitting, by the non-trusted node, the created new block to the trusted node, wherein transmitting the created new block causes the created new block to be added to the trusted node blockchain.

A method implemented in a computing system hosting a three-dimensional virtual reality world. The computer system collects personally identifiable information of users of accounts, where each account in the accounts is identified by an account identifier and each data field of personally identifiable information of each account is identified by a data field identifier. The system uses a scrypt function to generate an encryption key from the global key, the account identifier, and the data field identifier specifically for the content of the data field of the personally identifiable information of the respective account. Different encryption keys are used for different data fields and different accounts. Encrypted content of a data field is stored at a random location; and the identification of the random location is stored in a device, database or system, separate from where the encrypted contents of the data fields of the accounts are stored.

Encryption of sensitive data on consumer devices is provided with format-preserving cryptography and feedback via the use of security identifiers. A request to access the sensitive data will specify user credentials for the access. The submitter is requested to confirm a security identifier for the requested access. An incorrect security identifier will be presented for incorrect credentials, which will be easy for a user to identify but not for an attacker or other unauthorized user. If the incorrect security identifier is confirmed, the device assumes the request was received from an unauthorized source. The sensitive data is stored under format-preserving cryptography, such that false data values can be generated that have the correct format. An unauthorized user receiving the false data will not be readily able to determine the data received is incorrect, and will be likely to discontinue the attack, particularly for an automated process.

The present disclosure relates to a trustworthy data exchange. Embodiments include receiving, from a device, a query, wherein the query comprises a question. Embodiments include identifying particular information related to the query. Embodiments include receiving credentials from a user for retrieving the particular information related to the query. Embodiments include retrieving, using the credentials, the particular information related to the query from one or more data repositories that are part of a distributed database comprising an immutable data store that maintains a verifiable history of changes to information stored in the distributed database. Embodiments include determining, based on the particular information related to the query, an answer to the query. Embodiments include providing the answer to the device.

The present invention provides a health file access control system and method in an electronic medical cloud. The system comprises: a medical management center unit configured to generate a system public key and a system private key, and generate a private key for corresponding utilizer's attributes according to the system public key, the system private key, and a set of utilizer's attributes; an electronic medical cloud storage unit configured to receive and store a privacy-protected health file ciphertext; and at least one health file user access unit configured to encrypt the health file according to the system public key to obtain the privacy-protected health file ciphertext, and/or generate the set of utilizer's attribute, and decrypt the privacy-protected health file ciphertext according to the system public key and the private key for utilizer's attributes. The health file access control system and method in the electronic medical cloud provided by the present invention not only ensure the confidentiality of the health file, but also improve the security and calculation efficiency of the health file access.

Within one or more instances of a computing environment where an instance is a self-contained architecture to provide at least one database with corresponding search and file system. User information from the one or more instances of the computing environment is organized as zones. A zone is based on one or more characteristics of corresponding user information that are different than the instance to which the user information belongs. User information is selectively obfuscated prior to transmitting blocks of data including the obfuscated user information. The selective obfuscation is based on zone information for one or more zones to which the user information belongs.

A system and method for securely verifying a connection between a remote device and an audio device. The method includes establishing a wireless connection between the remote device and the audio device. The remote device has an application configured to control operation of the audio device. An identity resolving key (IRK) for the application is obtained with the remote device. The IRK is transmitted to the audio device via the wireless connection. An instruction to is transmitted the audio device to generate a random resolvable address for the application using the IRK and to broadcast data containing the random resolvable address. The data containing the random resolvable address is received by the application of the remote device. An active audio connection between the remote device and the audio device is identified if the random resolvable address is able to be resolved by the application using the IRK.

An offline batch processing system classifies sensitive data contained in consumer data, such as telemetric data, using a manual classification process and a machine learning model. The machine learning model is used to recheck the policy settings used in the manual classification process and to learn relationships between the features in the consumer data in order to identify sensitive data. The identified sensitive data is then scrubbed so that the remaining data may be used.