Abstract: Methods and systems for managing and/or processing a blockchain to maintain data security for confidential and/or personal data are provided. According to certain aspects, the disclosed data security techniques may enable access sharing functionality utilizing the blockchain. For example, access sharing may be utilized to share policy information. The policy information may be associated with a smart contract. Accordingly, the policy information may be encrypted using a public key for the smart contract and compiled into a block of the blockchain. In response to a request to provide access to the information to a particular node, the private key for the smart contract may be encrypted using the public key for the particular node and compiled into a block of the blockchain.

Abstract: A communication adapter for authentication of a user includes a receiving unit for receiving encrypted credentials, a decryption unit for decrypting the encrypted credentials and an output unit for outputting the decrypted credentials to a terminal device.

Abstract: This invention is directed to a computerized system for encryption and transmission of digital information comprising: an encryption server in communications with a sender computer device and a recipient computer device; and, a set of encryption server computer readable instructions included on the encryption server that, when executed by a processor, preform the steps of: receiving an original information set from the sender computer device, generating a sender symmetrical key, encrypting a portion of the original information set with the sender symmetrical key, generating an asymmetric key pair having a public and private key pair, encrypting the sender symmetrical key with the public key of the asymmetrical key pair, encrypting the private key of the asymmetrical key pair with a master key, generating a hyperlink to the encrypted portion of the original information set, transmitting the hyperlink to the recipient computer device.

Abstract: A method and system for controlling access to external networks by an air-gapped endpoint are provided. The method includes identifying a type of an external network being connected, upon detection of a new network connection to the air-gapped endpoint; determining for each security zone of a plurality of isolated security zones at least one access rule to access the network, wherein the plurality of isolated security zones is operable in a virtual environment instantiated on the air-gapped endpoint; allowing a connection between a security zone and the external network based on the at least one access rule; and monitoring all traffic between the security zone and the external network to at least maintain compliance with a security policy set for the respective security zone.

Abstract: Certain aspects of the present disclosure provide techniques for managing data in a plurality of nodes of a distributed system. Embodiments include storing, by a node of the plurality of nodes, sensitive data in a block of a hash chain. Embodiments further include determining, by the node, that the sensitive data should not be distributed to other nodes of the plurality of nodes. Embodiments further include distributing, by the node, a limited version of the block to the other nodes. The limited version of the block may comprise a hash and a pointer to a previous block of the hash chain, and the limited version of the block may not contain the sensitive data.

Abstract: Embodiments of the disclosure provide a method for verifying a trusted terminal, including: determining whether a login terminal of a user matches the trusted terminal of the user recorded locally; determining, when it is determined that the login terminal does not match the trusted terminal of the user recorded locally, whether a login account of the user is associated with a frequent-use login account of the login terminal; and determining that the login terminal is the trusted terminal of the user if Yes. By means of solutions of the disclosure, in an application scenario of a login terminal being exchanged between users, repetitively performing complicated verifying on the login terminal may be avoided.