A record linking platform having a computer system with a processor, multiple databases each having records, such as private health information. Each of the multiple databases are not in direct communication with one another. A control center is in communication with the different entities, the control center configured to: generate a site configuration file, a key configuration file, and a broker configuration file. A keymaster configured to: receive the key configuration file, generate a hash key, and transmit the hash key to the databases. The databases configured to: receive the site configuration file and the hash key; process the records to generate evaluation records data that conform to a data model specified in the site configuration file; and encrypt the evaluation records using the hash key. An honest broker configured to: receive the broker configuration file and the encrypted evaluation records; and link the encrypted evaluation records without decrypting.

Systems and methods for managing provisioning of keys prior to a key rotation are provided. A license server generates a license that is associated with a renewal time. The renewal time is a time that is prior to a key rotation time, and triggers a receiver device to send a renewal request prior to the key rotation time. The renewal time may be a randomized time prior to the key rotation time that differs for different receiver devices. The license is transmitted to the receiver device. The license server then receives a renewal request from the receiver device that is triggered at the renewal time. The license server generates a next license that comprises a next key, whereby the next key is a decryption key for decrypting the encrypted signal after the key rotation time. The next license is transmitted to the receiver device prior to the key rotation time.

A system and method for constructing an improved computing model that preserves use rights for data utilized by the model. A first dataset is accessed to build a computing model. The first data set is subject to terminable usage rights provisions. A portion of the first dataset is sampled to generate a second dataset. Vectors present in the first dataset and the second dataset are discretized. In response to determine that the usage rights associated with the primary dataset have been terminated, a coverage depletion for the second dataset is computed based on the usage rights termination associated with the first dataset. An estimated mean time to coverage failure for the first model based on the depletion coverage is determined for the second dataset. One or more data points are removed from the first dataset due to the termination of usage rights.

Encrypting a document, including: generating first and second nonces; combining the first and second nonces to generate a secret key that is deterministically defined by the first and second nonces; encrypting the document using the secret key to produce an encrypted document; delivering the first nonce to a license manager; and delivering the second nonce to a rights manager.

A non-volatile memory device includes a plurality of memory cells arranged in a matrix, a plurality of word lines extended in a row direction, and a plurality of bit lines extended in a column direction. Each of the memory cells is coupled to one of the word lines and one of the bit lines. The memory device further includes a word-line control circuit coupled to and configured to control the word lines, a first bit-line control circuit configured to control the bit lines and sense the memory cells in a digital mode, and a second bit-line control circuit configured to bias the bit lines and sense the memory cells in an analog mode. The first bit-line control circuit is coupled to a first end of each of the bit lines. The second bit-line control circuit is coupled to a second end of each of the bit lines.

Techniques are disclosed relating to securely storing data in a computing system. In some embodiments, a computing system performs a boot sequence that includes generating ephemeral key data and preventing the generated ephemeral key data from being stored in a non-volatile storage including persisting the generated ephemeral key data in the volatile storage. The boot sequence further includes creating, in the non-volatile storage, an ephemeral data volume and encrypting the ephemeral data volume by using the ephemeral key data persisted in the volatile storage.