Abstract: A system for credential authentication comprises an interface configured to receive a create indication to create a visitor network credential and receive a certify indication to certify an authentication device to use a network, and a processor configured to provide the visitor network credential to the authentication device in response to the certify indication, provide a proof request to the authentication device, receive a proof response, validate the proof response using a distributed ledger, generate a network certificate, and provide the network certificate to the authentication device.

Abstract: A system for providing an application includes an interface and a processor. The interface is configured to receive an indication to provide an application to a device. The processor is configured to provide the application to the device. The application is configured to receive a request for credentialed information associated with a user from a requesting server; determine whether a stored credential satisfies the request for the credentialed information; and in response to a determination that the stored credential satisfies the request for the credentialed information: determine a response credential for responding to the request; determine that the user approves sharing the credentialed information indicated by the response credential; and provide the response credential to the requesting server.

Abstract: A system for creating an identity mapping on a distributed ledger includes an interface and a processor. The interface is configured to receive a request to create an identity mapping on a distributed ledger. The processor is configured to generate an identity key pair; generate a mobile encryption key; encrypt a private identity key of the identity key pair using the mobile encryption key to create an encrypted private key; store the encrypted private key; create a mapping document; sign the mapping document with the private identity key of the identity key pair; and provide the signed mapping document to be stored in a distributed ledger.

Abstract: The system for providing an application includes an interface and a processor. The interface is configured to receive a providing indication to provide the application to a device. The processor is configured to provide the application to the device. The application is configured to receive login information associated with a user; receive an adding indication to add a credential; provide an available indication of credentials available to the user; create a credential request; provide the credential request to a server system; receive the credential; and store the credential.

Abstract: A system for providing access is configured to receive an application access request from an application for authorization to access and a sensitive data access request from the application for authorization to access a document that includes sensitive data. The system is further configured to determine to authorize access to the application in response to the application access request; to determine the user authentication device in response to the sensitive data access request; to provide a secondary request for authorization to access sensitive data to the user authentication device in response to the sensitive data access request, receive a secondary request response from the user authentication device to the secondary request; and to provide the secondary request response to the application enabling access to the sensitive data, where the document is encrypted for delivery to the application for the user using a blinding secret and an identity private key.

Abstract: A system for secure retrieval of stored data includes an encrypted key database and a processor. The encrypted key database is configured to store an encrypted tenant service key and an encrypted tenant master key. The processor is configured to request decryption of the encrypted tenant master key into an unencrypted tenant master key. The decryption of the encrypted master key is approved by a key release system. The processor is further configured to decrypt the encrypted tenant service key using the unencrypted tenant master key into an unencrypted tenant service key and authorize a response to a request using the unencrypted tenant service key.

Abstract: A system for secure storage of data includes a key database and a processor. The processor is configured to receive a request associated with securely storing data and encrypt the tenant service key using a tenant master key. The data is encrypted using the tenant service key. The processor is further configured to encrypt the tenant master key using a customer key and store encrypted tenant service key and encrypted tenant master key in the key database.

Abstract: A system for accessing data includes and interface and a processor. The interface is configured to receive a request to move stored data to a new location and requestor information. The stored data comprises sensitive data. The processor is configured to determine whether read access, storage access, and deletion access are allowed based at least in part on the requestor information; in the event that read access, storage access, and deletion access are allowed: read the sensitive data at an original location using an original token, store the sensitive data to the new location and receive a new token associated with the new location, and delete the original token and the sensitive data at the original location.

Abstract: A system for dynamically utilizing data storage comprises a processor and a memory. The processor is configured to determine whether a data storage criterion is satisfied; and, in the event that the data storage criterion is satisfied: determine a new archiving threshold based on a target data storage usage level; and set the archiving threshold. The memory is coupled to the processor and is configured to provide the processor with instructions.

Abstract: A system for accessing data includes an interface and a processor. The interface is to receive a request to access data and requestor information. The processor is to determine whether the data comprises sensitive data configured to have an assigned access policy and an assigned storage policy; and in the event that the data comprises sensitive data configured to have the assigned access policy and the assigned storage policy, determine whether access is allowed based at least in part on the requestor information; and in the event that access is allowed, retrieve the data based on information provided by a token and provide the data.

Abstract: A system for executing an embedded intelligence process comprises an interface and a processor. The interface is for receiving an input object for a process associated with an embedded intelligence applet. The processor is for searching a database for a set of objects. The set of objects is based at least in part on the input object. The processor is for determining display information for the embedded intelligence applet based at least in part on the set of objects.

Abstract: A system for secure storage of data includes a key database and a processor. The processor is configured to receive a request associated with securely storing data and encrypt the tenant service key using a tenant master key. The data is encrypted using the tenant service key. The processor is further configured to encrypt the tenant master key using a customer key and store encrypted tenant service key and encrypted tenant master key in the key database.

Abstract: A system for secure retrieval of stored data includes an encrypted key database and a processor. The encrypted key database is configured to store an encrypted tenant service key and an encrypted tenant master key. The processor is configured to request decryption of the encrypted tenant master key into an unencrypted tenant master key. The decryption of the encrypted master key is approved by a key release system. The processor is further configured to decrypt the encrypted tenant service key using the unencrypted tenant master key into an unencrypted tenant service key and authorize a response to a request using the unencrypted tenant service key.

Abstract: A system for dynamically utilizing data storage comprises a processor and a memory. The processor is configured to determine whether a data storage criterion is satisfied; and, in the event that the data storage criterion is satisfied: determine a new archiving threshold based on a target data storage usage level; and set the archiving threshold. The memory is coupled to the processor and is configured to provide the processor with instructions.

Abstract: A system for accessing data includes an interface and a processor. The interface is to receive a request to access data and requestor information. The processor is to determine whether the data comprises sensitive data configured to have an assigned access policy and an assigned storage policy; and in the event that the data comprises sensitive data configured to have the assigned access policy and the assigned storage policy, determine whether access is allowed based at least in part on the requestor information; and in the event that access is allowed, retrieve the data based on information provided by a token and provide the data.

Abstract: A system for database updating includes a database, a spreadsheet storage of a spreadsheet for planning, an interface, and a processor. The spreadsheet storage is separate from the database. The interface is configured to receive an indication to modify the spreadsheet. The processor is configured to store a modification in the spreadsheet storage based at least in part on the indication, determine one or more objects to change in the database based at least in part on the indication, and cause change to the one or more objects in the database.

Abstract: A system for data transformation includes a database, a spreadsheet storage of a spreadsheet for planning, an interface, and a processor. The spreadsheet storage is separate from the database. The interface is configured to receive a database datum associated with a large time period. The processor is configured to generate a plurality of spreadsheet data based at least in part on the database datum. Each spreadsheet datum is associated with one of a set of small time periods. The plurality of spreadsheet data is stored in the spreadsheet storage. The spreadsheet storage is separate from the database. The processor is configured to provide the plurality of spreadsheet data for display in the spreadsheet.

Abstract: A system for processing a batch job comprises a processor and a memory. The processor is configured to receive a batch job comprising a sequential or parallel flow of operations, wherein each operation has a defined input type and a defined output type. The processor is further configured to verify that the batch job can run successfully, wherein verifying includes checking that a first operation output defined type is compatible with a second operation input defined type when a first operation output is connected to a second operation input, and wherein verifying includes checking that a parameter used by a calculation in an operation is input to the operation. The memory is coupled to the processor and configured to provide the processor with instructions.

Abstract: A system for secure storage of data includes a key database and a processor. The processor is configured to receive a request associated with securely storing data and encrypt the tenant service key using a tenant master key. The data is encrypted using the tenant service key. The processor is further configured to encrypt the tenant master key using a customer key and store encrypted tenant service key and encrypted tenant master key in the key database.

Abstract: A system for secure retrieval of stored data includes an encrypted key database and a processor. The encrypted key database is configured to store an encrypted tenant service key and an encrypted tenant master key. The processor is configured to request decryption of the encrypted tenant master key into an unencrypted tenant master key. The decryption of the encrypted master key is approved by a key release system. The processor is further configured to decrypt the encrypted tenant service key using the unencrypted tenant master key into an unencrypted tenant service key and authorize a response to a request using the unencrypted tenant service key.