Each instance environment of a plurality of computing instance environments is associated with its corresponding set of users belonging to one or more user groups, its corresponding processes, and its corresponding data access privileges. For at least one of the computing instance environments, database tables accessible by the corresponding computing instance environment are analyzed to determine whether each of the database tables includes data belonging to one or more sensitive data categories. Based at least in part on a result of the analysis determining whether each of the database tables includes data belonging to the one or more sensitive data categories, a data risk metric is determined for the corresponding computing instance environment.

Persistent storage contains a parent table and one or more child tables, the parent table containing: a class field specifying types, and one or more filter fields. One or more processors may: receive a first request to read first information of a first type for a first entity; determine that, in a first entry of the parent table for the first entity, the first type is specified in the class field; obtain the first information from a child table associated with the first type; receive a second request to read second information of a second type for a second entity; determine that, in a second entry of the parent table for the second entity, the second type is indicated as present by a filter field that is associated with the second type; and obtain the second information from a set of additional fields in the second entry.

Systems, computer program products, and methods are described herein for implementing multi-dimensional data obfuscation. The present invention is configured to electronically receive, from a computing device of a user, a request to implement a multi-dimensional data obfuscation on a first database; initiate a data obfuscation engine on the first database based on at least receiving the request, wherein initiating further comprises: determining one or more data types associated with the one or more data artifacts; determining one or more exposure levels of the one or more data artifacts; retrieving, from a data obfuscation repository, one or more data obfuscation algorithms; and implementing the one or more data obfuscation algorithms on the one or more data artifacts based on at least the one or more data types; and generate an obfuscated first database based on at least initiating the data obfuscation engine on the first database.

One embodiment of the invention provides a method for speaker identity and content de-identification under privacy guarantees. The method comprises receiving input indicative of privacy protection levels to enforce, extracting features from a speech recorded in a voice recording, recognizing and extracting textual content from the speech, parsing the textual content to recognize privacy-sensitive personal information about an individual, generating de-identified textual content by anonymizing the personal information to an extent that satisfies the privacy protection levels and conceals the individual's identity, and mapping the de-identified textual content to a speaker who delivered the speech. The method further comprises generating a synthetic speaker identity based on other features that are dissimilar from the features to an extent that satisfies the privacy protection levels, and synthesizing a new speech waveform based on the synthetic speaker identity to deliver the de-identified textual content. The new speech waveform conceals the speaker's identity.

A computer-aided design system enables physical articles to be customized via printing or embroidering and enables digital content to be customized and electronically shared. A user interface may be generated that includes an image of a model of an article of manufacture and user customizable design areas that are graphically indicated on the image corresponding to the model. A design area selection may be received. In response to an add design element instruction and design element specification, the specified design element is rendered in the selected design area on the model image. Customization permissions associated with the selected design area are accessed, and using the customization permissions, a first set of design element edit tools are selected and rendered. User edits to the design element may be received and rendered in real time. Manufacturing instructions may be transmitted to a printing system.

A computer-aided design system enables physical articles to be customized via printing or embroidering and enables digital content to be customized and electronically shared. A user interface may be generated that includes an image of a model of an article of manufacture and user customizable design areas that are graphically indicated on the image corresponding to the model. A design area selection may be received. In response to an add design element instruction and design element specification, the specified design element is rendered in the selected design area on the model image. Customization permissions associated with the selected design area are accessed, and using the customization permissions, a first set of design element edit tools are selected and rendered. User edits to the design element may be received and rendered in real time. Manufacturing instructions may be transmitted to a printing system.

An improvement to a database management system including receiving a data and creating a record key for the data, storing the data with an altered record ID obfuscates the data without an encryption step. In some embodiments hashing includes adding or subtracting a predetermined number from the record key. The record key may be created by combining a user key and a private key. Data querying operations may include extensions that allow for field specific operations to sunder and thereby obscure personally identifiable information. To retrieve data, the method provides for receiving a record request including parameters that conditionally determine if personally identifiable information should be returned as the proper data. These methods may be incorporated into database operations providing a secure database without the resource overhead of encryption.

A method may include a method of automating processes for remote work. The method may include receiving, at a server, first login data from a client software application. The client software application may be executing on a user device of a remote worker user. The method may include authenticating the remote worker user based on the first login data. The method may include receiving, at the server, command data from the client software application. The command data may include data indicating to the server to launch a software application. The method may include launching, on the server, the software application. The method may include inputting, using a robotic process automation (RPA) process, second login data of the remote worker user into the software application. The method may include key site information, speech-to-text functionality, onboarding functionality, automated support, or activity logging.

Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.

A method of configuring a controller 14 for controlling access to a memory 12 is provided. The controller 14 has a display 18 configured to selectively display a plurality of different input screens, wherein each input screen has a unique code associated therewith and the input screens are for receiving user credentials from a user. The method comprises the steps: a) inputting to the controller 14 a plurality of authentication factors required to access at least a first portion of the memory 12; b) generating, by the controller 14, a first encryption key for encrypting data stored on the first portion of the memory 12; c) displaying a first input screen at the display 18; d) entering first user credentials to the first input screen and storing the first user credentials as a first factor of authentication; e) displaying a second input screen at the display 18; f) entering second user credentials to the second input screen and storing the user credentials as a second factor of authentication; g) encrypting the code for the second input screen using the first user credentials; and h) encrypting the first encryption key using at least one of the user credentials. A method of gaining access to the memory 12 is also provided in which the code for each subsequent input screen is decrypted using user credentials provided at the previous input screen. A method of authenticating a user and a device configured according to the method are also disclosed.