Abstract: A data authentication system stores a token representing data distributed from a data source to a data recipient, allowing the data recipient to authenticate the data. The data authentication system receives, from a data source, a first token that represents a digital entity distributed by the data source to a data recipient. A representation of the first token is sent for storage on a blockchain. A request is received from a data recipient to authenticate the digital entity, where the request includes a second token that represents the digital entity as distributed to the data recipient. The data authentication system authenticates the second token against the stored first token to verify that the data recipient received authentic data.

Abstract: A document source that generates, maintains, or distributes electronic documents receives a policy that defines for an electronic document, a set of guidelines for access to the electronic document. Based on the policy, the document source generates a smart contract including a set of rules that when executed change a user's access rights with respect to the document and publishes the smart contract to a blockchain. An oracle is triggered to input a user request related to an electronic document to the smart contract. Based on execution of at least one of the rules, the document source receives an indication of an access right for the user and enforces the access right with respect to the electronic document.

Abstract: A data authentication system stores a data fingerprint representing data distributed from a data source to a data recipient, allowing the data recipient to authenticate the data. The data authentication system receives, from a data source, a first data fingerprint that represents a digital entity distributed by the data source to a data recipient. A representation of the first data fingerprint is sent for storage on a blockchain. A request is received from a data recipient to authenticate the digital entity, where the request includes a second data fingerprint that represents the digital entity as distributed to the data recipient. The data authentication system authenticates the second data fingerprint against the stored first data fingerprint to verify that the data recipient received authentic data.