A combined security access system for a building that includes a controllable building component. The system includes a combined security access device connected to the building component. The access device further includes: a processor; a first memory device connected to the processor; a second memory device connected to the processor; and a wireless interface module connected to the processor. The access device may be connected to an external electronic device, and the external electronic device communicates with the processor of the access control system to control the building component.

A system for transmitting data objects among user profiles receives a request to transmit a particular number of a first type of data object to a receiver profile. The system determines whether a sender profile is associated with the particular number of the first type of data object. In response to determining that the sender profile is not associated with the particular number of the first type of data object, the system identifies one or more other types of data objects that correspond to the particular number of the first type of data object. The system initiates a user interaction session. The system generates a block within a blockchain network to store user interaction session metadata. The system transmits the identified one or more other types of data objects to the receiver profile. The system stores, in the block, a completion token that indicates the user interaction session is completed.

Methods, systems, devices, and tangible non-transitory computer readable media for resource provisioning based on risk scores. The disclosed technology can include accessing resource request data including information associated with a request for a resource from an entity associated with an organization. Organizational data associated with the entity can be accessed. The organizational data can include information associated with risk factors and previous resource allocations of the entity. Based on performance of risk evaluation operations on the organizational data, a risk score associated with provisioning the resource to the entity can be determined. A resource provisioning amount can be determined based on the risk score. The resource provisioning amount can include an amount of the resource authorized to be provisioned to the entity. Furthermore, output including indications associated with the resource provisioning amount can be generated.

A technological approach can be employed to protect data. Datasets from distinct computing environments of an organization can be scanned to identify data elements subject to protection, such as sensitive data. The identified elements can be automatically protected such as by masking, encryption, or tokenization. Data lineage including relationships amongst data and linkages between computing environments can be determined along with data access patterns to facilitate understanding of data. Further, personas and exceptions can be determined and employed as bases for access recommendations.

In one embodiment, a method comprises: establishing, by a secure executable container executed by a network device, a two-way trusted relationship with a verified subscriber that enables secure user access by the verified subscriber to a secure peer-to-peer data network, including creating a secure public key and a first device identifier uniquely identifying the network device, for insertion into a first device identity container that provides secure identification of the network device in the secure peer-to-peer data network; obtaining a second device identity container for a second network device and comprising a second public key owned by the second network device and a second device identifier uniquely identifying the second network device; and establishing a corresponding two-way trusted relationship with the second network device based on executing a prescribed secure salutation protocol with the second network device based on the second public key and the second device identifier.

A system for managing and controlling a mesh VPN includes a management computing platform, a control computing platform, teleworker computing subsystems, and an office computing subsystem. The management computing platform provides deployment and management services to an organization for operation of a mesh VPN in a WAN in accordance with a service profile. The mesh VPN includes a hub node and a plurality of end nodes. Each end node communicates with the VPN hub node and with other end nodes via peer-to-peer paths. The control computing platform is the hub node and provide a control service for operation of the mesh VPN based on the service profile. The teleworker and office computing subsystems are end nodes. Various methods for operation of the computing platforms and subsystems in the mesh VPN are also provided.

Apparatuses, systems, methods, and computer program products are presented for aggregation platform permissions. A hardware computing device is configured to aggregate a user's data from a first plurality of third-party service providers over a data network for the user to access through a second plurality of third-party service providers, the hardware computing device comprising a trusted intermediary between the first plurality of third-party service providers and the second plurality of third-party service providers. A permissions module is configured to monitor which of a second plurality of third-party service providers have access to which portions of data from which of a first plurality of third-party service providers. A graphical user interface is configured to display one or more user interface elements allowing a user to grant and/or revoke access to portions of data from a first plurality of third-party service providers individually to a second plurality of third-party service providers.

An electronic device is disclosed. The electronic device includes a memory, a camera module, a communications module, and a processor that is configured to: receive, from the camera module, image data associated with a machine-readable optical label, the optical label encoding transaction details of a transfer of data to a recipient account, wherein the transaction details do not indicate an identity of the recipient account; receive a user input indicating authorization to initiate a transfer of data, via a protected resource, from an account associated with the user to the recipient account; and in response to receiving the user input, generate a request for initiating the transfer of data based on the transaction details, the request including an access token for use in authenticating the user on requests to access the protected resource.

In one embodiment, a method comprises: receiving, by a secure executable container executed by a network device, a request initiated by a user for a community forum in a secure data network, the user having generated the request via an endpoint device and the user having established a two-way trusted relationship with the endpoint device in the secure data network; processing, by the secure executable container, the request for the community forum in the secure data network, the processing including causing a network device executing a community server to post the community forum in the secure data network according to identifiable features selected by the user; and preventing, by the secure executable container, any executable resource in the network device from accessing the secure data network without authorized access via a prescribed Application Programming Interface (API) required by the secure executable container.

Disclosed are systems, methods, and non-transitory computer readable media for making virtual colored markings on objects. Instructions may include receiving an indication of an object; receiving from an image sensor an image of a hand of an individual holding a physical marking implement; detecting in the image a color associated with the marking implement; receiving from the image sensor image data indicative of movement of a tip of the marking implement and locations of the tip; determining from the image data when the locations of the tip correspond to locations on the object; and generating, in the detected color, virtual markings on the object at the corresponding locations.