Systems and methods of the present disclosure are directed to providing remote access capabilities in information technology infrastructure. In particular, systems and methods of the present disclosure can provide remotely access capabilities to facilitate the management, configuration, or maintenance of information technology infrastructure.

Methods, systems, and apparatus, including computer programs encoded on computer storage media for data security protection are provided. One of the methods includes: receiving a job associated with a project, wherein the project is associated with one or more data sources; identifying a plurality of inputs and a plurality of outputs associated with the job; determining a plurality of required permissions associated with the job, wherein each of the required permissions comprises an operation on a required data source, the operation corresponding to at least one of the inputs or the outputs; verifying that the one or more data sources associated with the project comprise the required data source associated with each of the required permissions; and generating a token associated with the job, the token encoding the required permissions associated with the job, wherein the token is required for execution of the job.

A robotic process automation system provides a capability to deploy software robots (bots) by receiving from a deployment user a bot deployment request comprising a bot identification that identifies a specific preexisting bot and an authorized class of user to execute the specific preexisting bot. Credentials of the deployment user are checked. An execution device upon which the specific preexisting bot will execute is identified from a set of available devices. An authorization token is issued for the execution device to uniquely identify the execution device and to authorize the execution device to communicate with the robotic process automation system. In response to a request by the execution device the specific preexisting bot and credentials corresponding to the authorized class of user are provided, wherein the specific preexisting bot executes on the execution device automatically without input from any individual corresponding to the authorized class of user.

Techniques for data source driven expected network policy control are described. A policy enforcement service receives, from a compute instance in a virtual network implemented within a service provider system, a request to access data. The policy enforcement service determines that a virtual network security condition of a policy statement is not satisfied. The policy statement was configured by a user for use in controlling access to the data. The virtual network security condition defines a condition of the virtual network that is to be met. The policy enforcement service performs one or more security actions in response to the determination that the virtual network security condition of the policy statement is not satisfied.

Disclosed are various embodiments for controlling access to data on a network. Upon receiving a request comprising a device identifier and at least one user credential to access a remote resource, the request may be authenticated according to at least one compliance policy. If the request is authenticated, a resource credential associated with the remote resource may be provided.

The generation, actuation, and enforcement of policies within a distributed computing system is provided. The policies are employed to manage the resources of the system. The resources include virtualized resources, such as virtual machines (VMs) and virtual storage disks (VSDs). A policy includes a rule and scope. Enforcing a policy includes applying the rule to resources that are within the policy's scope. Policies are employed to constrain the leasing period and reclaim leased resources, as well constrain the access of certain users to specific operations on the leased resources. Policies may be created via a UI that automatically generates a policy encoding. The policy is registered and accessed via a policy store. When multiple policies target a common resource, merging strategies are applied to the multiple policies. The multiple policies are ranked, merged, filtered, and any remaining conflicts are resolved to generate an effective policy that is consistent with the multiple policies and is enforced on the common resource.

There is provided a method performed by a first entity of a network. Contextual information for the first entity and a timestamp for the contextual information is acquired (102). An authentication token is generated (104) using the acquired contextual information. Transmission of an authentication request message is initiated (106) towards a second entity of the network requesting authentication of the first entity with the second entity. The authentication request message comprises the generated authentication token and the timestamp for use in the authentication. An authentication response message indicative of whether authentication of the first entity with the second entity is successful or unsuccessful received (108).

A method and apparatus with provider information access authorization are provided. The method includes receiving a single sign-on (SSO) token from a provider apparatus for a validated login request by a client device for a user account, wherein the SSO token is indicative of the provider apparatus having authorized secure protocol access with the provider apparatus to access information at the provider apparatus associated with the user account, retrieving customer information from the provider apparatus using the SSO token, receiving information from the client device, confirming whether, based on the information and the customer information that a user of the user account is eligible to complete a data exchange, and in response to a result of the confirming being that the user of the user account is confirmed eligible to compete the data exchange, cause the provider apparatus to process the data exchange corresponding to the information.

A processing device receives a command to arm a memory device for self-destruction. In response to the command, a self-destruction countdown timer is commenced. An expiry of the self-destruction countdown timer and based on detecting the expiry of the self-destruction countdown timer, data stored by the memory device is destructed.

Aspects of the disclosure relate to using secure authentication tokens to grant power of attorney. A computing platform may receive user input indicating a task and requesting that a power of attorney be granted to an individual. The computing platform may generate an authority token granting the individual the power of attorney to perform the task, and may send the authority token, along with task information indicating the task, to the individual. The computing platform may receive a validation request including the authority token and the task information. Based on successful validation, the computing platform may send validation information to an event processing system. After receiving confirmation that the task has been performed by the individual, the computing platform may update dashboard information to indicate that the task has been completed, which may cause the user device to display a dashboard indicating completion of the task.