Abstract: A method, computer program product and system for preventing unauthorized access of confidential information. The transmission of data from a first user to a second user is detected. An authorization level corresponding to the second user is then determined. Furthermore, a probability that the authorization level corresponding to the second user and the data is accurate is generated. Additionally, a determination is made that the data includes sensitive information that the second user is not authorized to access based on the authorization level. Moreover, the data can be modified based on the probability, where the data is to be redacted if the probability is within a range of a threshold value or the data is to be blocked from transmission if the probability is above the range.

Abstract: Embodiments of the present invention disclose methods and systems which receive a user credential corresponding to a user, a task to be performed by the user, a security policy including a user role, and sensitive information. These methods and systems dynamically provision virtual machines including un-redacted information from received sensitive information. Furthermore, a set of tools process the redacted information, based on the user credential, the task to be performed, and the security policy.

Abstract: Detecting malware attacks is described herein. A computer-implemented method may include receiving, via a processor, events from a plurality of activity monitors. The method also include extracting, via the processor, a plurality of behavioral features from the received events. The method may further include detecting, via the processor, a malware attack based on the extracted behavioral features using a malware identification model trained on private data and public data. The method may also include executing, via the processor, an ad hoc protection improvement based on the detected malware attack.

Abstract: Disclosed herein is a system and method that can retrieve, via a file monitor, a file and policy data from a case management system or a content management system, wherein the file and the policy data are retrieved in response to detecting a user request for the file. A processor can also modify, via the file monitor, access to the file based on the policy data, and intercept a plurality of document management instructions executed with the file. The processor can also detect at least one of the document management instructions is a malicious action, wherein the malicious action is detected based on the policy data, wherein the policy data is updated in response to detecting each of the document management instructions. Additionally, the processor can execute a policy instruction to prevent execution of the at least one document management instruction.

Abstract: Disclosed herein is a system and method that can retrieve, via a file monitor, a file and policy data from a case management system or a content management system, wherein the file and the policy data are retrieved in response to detecting a user request for the file. A processor can also modify, via the file monitor, access to the file based on the policy data, and intercept a plurality of document management instructions executed with the file. The processor can also detect at least one of the document management instructions is a malicious action, wherein the malicious action is detected based on the policy data, wherein the policy data is updated in response to detecting each of the document management instructions. Additionally, the processor can execute a policy instruction to prevent execution of the at least one document management instruction.

Abstract: Receiving contextual data including a facial movement associated with an active document. A response associated with the active document is detected and associated with the received contextual data. A contextual metadata tag is generated based on the detected response to the active document. A contextual keyword is created that corresponds to the contextual metadata tag. Search results received in response to the query are filtered based on the contextual metadata tag.

Abstract: Receiving contextual data including a facial movement associated with an active document. A response associated with the active document is detected and associated with the received contextual data. A contextual metadata tag is generated based on the detected response to the active document. A contextual keyword is created that corresponds to the contextual metadata tag. Search results received in response to the query are filtered based on the contextual metadata tag.

Abstract: An example computer-implemented method includes receiving, via a processor, a plurality of structured query statements associated with an application and a database. The method includes detecting, via the processor, a logical relationship between at least two of the plurality of structured query statements based on a common source, a predetermined threshold time, a common transaction. The method includes generating, via the processor, a model based on the detected logical relationship. The method further includes receiving, via the processor, a request to modify the database. The method also further includes modifying, via the processor, the database in response to detecting that a predetermined threshold probability of application functionality impairment is not exceeded.

Abstract: An example computer-implemented method includes receiving, via a processor, a plurality of structured query statements associated with an application and a database. The method includes detecting, via the processor, a logical relationship between at least two of the plurality of structured query statements based on a common source, a predetermined threshold time, a common transaction. The method includes generating, via the processor, a model based on the detected logical relationship. The method further includes receiving, via the processor, a request to modify the database. The method also further includes modifying, via the processor, the database in response to detecting that a predetermined threshold probability of application functionality impairment is not exceeded.

Abstract: Receiving contextual data including a facial movement associated with an active document. A response associated with the active document is detected and associated with the received contextual data. A contextual metadata tag is generated based on the detected response to the active document. A contextual keyword is created that corresponds to the contextual metadata tag. Search results received in response to the query are filtered based on the contextual metadata tag.

Abstract: Embodiments of the present invention disclose methods and systems which receive a user credential corresponding to a user, a task to be performed by the user, a security policy including a user role, and sensitive information. These methods and systems dynamically provision virtual machines including un-redacted information from received sensitive information. Furthermore, a set of tools process the redacted information, based on the user credential, the task to be performed, and the security policy.

Abstract: An example system includes a processor to monitor a data asset and associated access policies to be synchronized to detect a trigger. The processor is to also request and receive data lineage information on the monitored data asset in response to detecting the trigger. The processor is to further detect a source system and a target system based on the data lineage information. The processor is also to query an access policy of the source system and an access policy of the target system. The processor is to merge the access policy of the source system and the access policy of the target system based on a predetermined merger configuration to generate a merged access policy. The processor is to update a monitoring system based on the merged access policy.

Abstract: An example system includes a processor to monitor a data asset and associated access policies to be synchronized to detect a trigger. The processor is to also request and receive data lineage information on the monitored data asset in response to detecting the trigger. The processor is to further detect a source system and a target system based on the data lineage information. The processor is also to query an access policy of the source system and an access policy of the target system. The processor is to merge the access policy of the source system and the access policy of the target system based on a predetermined merger configuration to generate a merged access policy. The processor is to update a monitoring system based on the merged access policy.

Abstract: An example computer-implemented method includes receiving, via a processor, a plurality of structured query statements associated with an application and a database. The method includes detecting, via the processor, a logical relationship between at least two of the plurality of structured query statements based on a common source, a predetermined threshold time, a common transaction. The method includes generating, via the processor, a model based on the detected logical relationship. The method further includes receiving, via the processor, a request to modify the database. The method also further includes modifying, via the processor, the database in response to detecting that a predetermined threshold probability of application functionality impairment is not exceeded.

Abstract: An example computer-implemented method includes receiving, via a processor, a plurality of structured query statements associated with an application and a database. The method includes detecting, via the processor, a logical relationship between at least two of the plurality of structured query statements based on a common source, a predetermined threshold time, a common transaction. The method includes generating, via the processor, a model based on the detected logical relationship. The method further includes receiving, via the processor, a request to modify the database. The method also further includes modifying, via the processor, the database in response to detecting that a predetermined threshold probability of application functionality impairment is not exceeded.

Abstract: An example system includes a processor to receive data lineage including a plurality of levels, and a configuration. The processor is to also build a three dimensional (3D) virtual reality (VR) model including a first floor based on data lineage content corresponding to a first level of the plurality of levels and the configuration. The processor is to further display a view of the 3D VR model.

Abstract: An example computer-implemented method includes receiving, via a processor, a plurality of structured query statements associated with an application and a database. The method includes detecting, via the processor, a logical relationship between at least two of the plurality of structured query statements based on a common source, a predetermined threshold time, a common transaction. The method includes generating, via the processor, a model based on the detected logical relationship. The method further includes receiving, via the processor, a request to modify the database. The method also further includes modifying, via the processor, the database in response to detecting that a predetermined threshold probability of application functionality impairment is not exceeded.

Abstract: Disclosed aspects relate to information presentation management by an electronic presentation device. With respect to a set of information for presentation, a set of information profile data is detected. Using a set of sensors linked to the electronic presentation device, a set of device sensor data of the electronic presentation device is collected. Based on both the set of device sensor data and the set of information profile data, a determination of a security configuration for presentation of the set of information on the electronic presentation device is made. Based on the security configuration, the set of information is presented by the electronic presentation device.

Abstract: An embodiment of the invention may include a method, computer program product and system for redacting a document. The embodiment may include receiving an unredacted document. The embodiment may include determining portions of the unredacted document containing sensitive information. The embodiment may include applying a redaction method to the portions containing sensitive information to create a redacted document. The redaction method replaces the portion containing sensitive information with a different piece of content. The different piece of content correlates to a most stringent redaction method. The embodiment may include displaying the redacted document to a user. The embodiment may include determining the user is frustrated, and replacing the piece of content with a piece of content corresponding to a next most stringent redaction method from the list of redaction methods. The embodiment may include displaying the updated redacted document to the user.

Abstract: A mechanism is provided in a data processing system for image anonymization. The mechanism identifies a plurality of items in an image and extracts properties of the plurality of items into one or more data structures. The mechanism queries an analytics tool about whether a combination of properties of the plurality of items identifies a person in the image. Responsive to determining a given combination of properties of the plurality of items identifies a person in the image, the mechanism modifies the plurality of items in the image to form an anonymized image and outputs the anonymized image.