Abstract: Methods and systems for managing data workflows performed by data processing systems throughout a distributed environment are disclosed. To manager data workflows, a system may include a data workflow manager and one or more data processing systems. The data workflow manager may host and operate a digital twin intended to duplicate operation of each corresponding data processing system involved in a data workflow. In the event of a loss of functionality of a data processing system involved in the data workflow, the data workflow manager may initiate operation of a corresponding digital twin and re-route the data workflow through the digital twin to facilitate continued performance of computer-implemented services based on the data workflow. When a replacement data processing system becomes available, the replacement data processing system may be inserted into the data workflow and the digital twin may no longer be used.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system, and may be based on a reputation (e.g., weighted reputation) of each of the data processing systems within the distributed system. Consequently, the impact of compromise of a data processing system may be limited by the distributed authority.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system. Consequently, the impact of compromise of a data processing system may be limited by the distributed authority.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system, and may be based on a reputation (e.g., weighted reputation) of each of the data processing systems within the distributed system. The hierarchy may be dynamically updated over time as new information regarding data processing systems is discovered. Consequently, the impact of compromise of a data processing system may be limited by the distributed authority.

Abstract: Last resort access to backups is disclosed. An encrypted backup associated with a first system or vault is stored in the backup associated with another system. If a key needed to decrypt a backup in the first vault is unavailable, an encrypted copy of a backup in the second vault may be used for the recovery operation. Incremental backups from the first and/or second vault, which may be difference incremental backups and may be unencrypted, may be used in the recovery operation.

Abstract: Protecting digital assets is disclosed. A primary digital asset associated with a shadow asset are stored, in a first and a second digital wallet. The primary digital asset and the shadow asset are each associated with respective smart contracts. When the primary smart contract executes, the second smart contract also executes. These smart contracts convert the shadow asset to be the primary digital asset and invalidate the original digital asset. This allows smart contracts to effectively protect a digital asset using digital wallets associated with different private keys and without having to actually transfer the digital asset. The activation of the shadow asset and invalidation of the original primary digital asset can be effected without a private key. The smart contracts execute when the conditions are satisfied.

Abstract: Reinstating access to a system of an admin whose certificate is invalid or expired is disclosed. A requestor may send a request for reinstatement to tenant admins. The initiating tenant admin may initiate a voting operation to reinstate the requestor as an admin of a computing system. During the voting operation, multiple control points are implemented. At each control point, a key of the requestor is verified. The voting operation only proceeds when the key verification is successful. The voting operation is a gradual access recovery process where required keys are revealed over time and in a specific sequence.

Abstract: Techniques for data classification using clustering. A method includes replacing a plurality of portions of metadata for a plurality of data objects with a plurality of replacement characters in order to generate a plurality of replaced strings; clustering the plurality of data objects into a plurality of clusters based on commonalities between the plurality of replaced strings of data objects of the plurality of data objects; classifying a subset of the data objects in each cluster into at least one class; and aggregating classes within at least one cluster of the plurality of clusters, wherein aggregating classes within each of the at least one cluster includes applying the at least one class for the subset of the data objects in each cluster to each other data object within the cluster.

Abstract: Methods and systems for securing deployments are disclosed. The deployments may be secured by generating and deploying security models to components of the deployment. The security models may be obtained through simulation of the operation of the deployment. During the simulation, different types of attacks on its operation and potential defenses to the attacks may be evaluated. The defenses able to defend against the different types of attacks may be used to generate the security models.

Abstract: Methods and systems for managing performance of data processing systems throughout a distributed environment are disclosed. To manage performance of data processing systems, a system may include a data processing system manager and one or more data processing systems. If operation of a data processing system of the one or more data processing systems meets certain criteria, the data processing system manager may operate a digital twin of the data processing system. Simulated operational data obtained from the digital twin may be compared to operational data from the data processing system. If the simulated operational data and the operational data match within a threshold, the data processing system meeting the criteria may be due to environmental conditions. If the simulated operational data does not match the operational data within the threshold, the data processing system may be deteriorating and may require further intervention.

Abstract: Systems and methods for implementing a decentralized consensus-based object-oriented platform with the scalability and bandwidth necessary to constitute a single unified infrastructure for web 3.0. Each object in the system represents a piece of data and/or an entity and/or a function and can be owned, controlled, and interacted with by its creator and/or by other objects. Messages are sent between the objects, validation clusters then reach a consensus among themselves per each of the messages received in conjunction with a respective one of the objects, and actions are finally made in conjunction with each of the messages by at least the validation clusters that are in consensus regarding the message, thereby assuring state-coherence among all objects. The platform has the capability/capacity to become “the computer”, which is a computational extension of “the internet”, with the potential to encompass virtually any activity, from social networks to financial systems, e-commerce and metaverse.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system, and may be based on a reputation (e.g., weighted reputation) of each of the data processing systems within the distributed system. If the reputation indicates that a data processing system is compromised, the data processing system may be ejected and a communication topology of the distributed system may be remodeled.

Abstract: Access to digital assets when a private key is lost or unavailable is disclosed. A digital wallet may store a digital asset and a smart contract. When conditions of the smart contract are satisfied, the digital asset is automatically transferred to a new digital wallet that is associated with a new digital key. A user may acquire the new digital key and access the digital assets now stored in the new digital wallet.

Abstract: Methods and systems for managing operation of data processing systems with limited access to an uplink pathway are disclosed. To manage the operation, a system may include a data processing system manager, a data collector, and one or more data processing systems. As the data processing system may not be able to transmit data to the data processing system manager, the data collector may provide observational data related to the operation of the data processing system to the data processing system manager. The data processing system manager may utilize a digital twin to simulate the operation of the data processing system and identify potential future occurrences of events that may impact the operation of the data processing system. The data processing system manager may identify instructions to remediate or avoid the future occurrences of the events and may provide the instructions as commands to the data processing system.

Abstract: Methods and systems for managing methods of communication used by data processing systems throughout a distributed environment are disclosed. To manage methods of communication, a system may include a communication manager and one or more data processing systems. The communication manager may monitor use of an existing method of communication by a data processing system over time. If characteristics of the existing method of communication do not meet criteria specified by a communication requirement, the communication manager may determine whether to update the existing method of communication. To do so, the communication manager may host and operate a digital twin of the data processing system and may simulate operation of the data processing system using other methods of communication using the digital twin. If one of the other methods of communication has characteristics that meet the communication requirement, the communication manager may update the existing method of communication.

Abstract: Reinstating access to a system of an admin whose certificate is invalid or expired and detecting an attack are disclosed. A requestor, who may be an admin whose certificate is expired or invalid, may send a request for reinstatement to validators. The system may provide honeypot validators in addition to legitimate validators. When the request is received by a honeypot validator or if the honeypot validator is requested to provide their share or a secret, the requestor is determined to be malicious and a protective operation or action is performed.

Abstract: The present disclosure provides methods for evaluating the immunological state in a subject by determining the levels of resistance and/or disease tolerance of the subject, using specific signatory biomarkers for disease tolerance and resistance. The present disclosure further provides diagnostic compositions and kits, as well as therapeutic methods based on manipulating the expression of the disclosed resistance and/or disease-tolerance biomarkers to modulate the immunological state and disease outcome.

Abstract: One example method includes, in connection with receipt of a backup request, using a consolidated bitmap, that is associated either with multiple bitmap fragments or with multiple backup streams, to read data from a volume and transmitting the data to a recipient, identifying new write IOs, received in parallel with transmission of the data, that are directed to data included in the backup request, reading from the volume, only once, the data to which the new write IOs are directed, writing the data read from the volume to multiple temporary logs, where each of the temporary logs is associated either with a respective one of the bitmap fragments, or with a respective one of the multiple backup streams, and transmitting the data from the temporary log to the recipient, wherein the transmitted data comprises the backup.

Abstract: One example method includes receiving backup requests, creating a respective bitmap fragment for each backup request, each bitmap fragment corresponding to a respective tracking start time, for one of the requested backups, identifying a group of bitmap fragments that correspond to at timeframe extending from a time at which a previous backup was requested to a time at which the particular backup was requested, using the bitmap fragments of the group to create a consolidated bitmap that includes all changes to data in a volume resulting from IOs during the timeframe, with the consolidated bitmap, reading the data from the volume and transmit the data to a recipient, identifying new write IOs, received in parallel with transmission of the data, that are directed to data included in the particular backup, and reading, from the volume, the data to which the new write IOs are directed, and temporarily storing that data.

Abstract: Reinstating access to a system of an admin whose certificate is invalid or expired is disclosed. When the admin's certificate is expired, the admin may send a request for reinstatement to tenant admins. The voting operation is based on shares of a secret that have been distributed to validators. When the shares are successfully reconstructed to obtain the secret, the voting operation is affirmed or allowed to proceed. If the vote is successful, access for the admin is restored or reinstated.