Abstract: Aspects of the disclosure relate to ensuring information security in data transfers by utilizing decoy data. A computing platform may receive, from a data source computing device, a source data collection for a secure physical-storage-media data transfer and may identify one or more transmission parameters associated with the secure physical-storage-media data transfer. Subsequently, the computing platform may generate decoy data and may produce a secure dataset for the secure physical-storage-media data transfer by combining the decoy data with the source data collection received from the data source computing device. Then, the computing platform may encrypt the secure dataset based on the one or more transmission parameters to produce an encrypted dataset for the secure physical-storage-media data transfer.

Abstract: A computing system for redacting and/or tokenizing non-public information of electronic documents stored in a database may include a data redaction computing device and/or a data tokenization computing device, a first database storing a plurality of electronic documents, and a second database storing computer executable instructions for analyzing information associated with the plurality of electronic documents stored in the first database. The computer executable instructions may cause the data redaction/tokenization computing device to identify non-public information in one or more of the plurality of electronic documents and/or at least one of a document type, a source of the electronic document, and a destination to which the electronic document is to be communicated.

Abstract: An enterprise-wide centralized system for managing data transfer/movement provided by a technology-agnostic and protocol-agnostic data transfer/movement module. The system comprises a plurality of networked servers, one or more hub servers and a service delivery management framework. The system is structured for controlling the initiation and disablement of data transfers and configuring routing, timing and protocol(s) for data transfers.

Abstract: Systems are provided for using a message spinning engine to create and/or manage messaging queues in a distributed network using virtualized servers. An abstraction layer formed by virtualized servers may enable the message spinning engine to seamlessly transition messaging queues while minimizing the likelihood of exceeding the parameters of existing service level agreements. The message spinning engine may include a service mapping module to maintain mappings between source business applications and virtualized servers, a product bridge to implement message encapsulation for communication between different messaging queue products, and a messaging queue monitoring console to analyze performance and capacity of physical services and messaging services and accordingly adjust levels of service for source business applications.

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for providing elastic authentication based on a continuum of elastic authentication credentials. In particular, the invention provides a secure platform for authorization of a user activity at least partly based on validation of the continuum of elastic authentication credentials comprising cumulative tiered elastic authentication tokens captured during an extended time period prior to initiation of a user activity. The invention provides a novel method for capturing multiple elastic authentication tokens, for example, arbitrarily during an extended time period preceding a user activity, and validating the cumulative elastic authentication tokens at a time during or after initiation of the user activity.

Abstract: Aspects of the disclosure relate to ensuring information security in data transfers by dividing and encrypting data blocks. A computing platform may receive, from a data source computing device, a source data collection for a secure physical-storage-media data transfer and may identify one or more transmission parameters associated with the secure physical-storage-media data transfer. Subsequently, the computing platform may divide the source data collection into two or more data blocks and may separately encrypt the two or more data blocks based on the one or more transmission parameters to produce two or more encrypted data blocks for the secure physical-storage-media data transfer. Then, the computing platform may store the two or more encrypted data blocks on two or more physical media, and each encrypted data block of the two or more encrypted data blocks may be stored on a different physical medium of the two or more physical media.

Abstract: A technology/operating system-agnostic and protocol-agnostic service delivery system that includes a unified means data movement/transfer. By unifying the delivery of such services the need to deploy numerous different technology/OS-specific and/or protocol-specific applications/services conventionally used to provide such services is obviated. The unified nature of the system, not only provides for comprehensive delivery of services, such as data movement amongst all the servers in the enterprise's network but also provides for unified management of the services delivered, such as governance control over the services, unified tracking of services delivered, unified provisioning of updates/revisions to modules, and auditing processes for services delivered.

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for providing elastic authentication based on a continuum of elastic authentication credentials. In particular, the invention provides a secure platform for authorization of a user activity at least partly based on validation of the continuum of elastic authentication credentials comprising cumulative tiered elastic authentication tokens captured during an extended time period prior to initiation of a user activity. The invention provides a novel method for capturing multiple elastic authentication tokens, for example, arbitrarily during an extended time period preceding a user activity, and validating the cumulative elastic authentication tokens at a time during or after initiation of the user activity.

Abstract: A computing system for redacting and/or tokenizing non-public information of electronic documents obtained from monitored communications includes a data redaction computing device and/or a data tokenization computing device, a communications network, and a database storing computer executable instructions for analyzing information associated with a plurality of electronic documents stored communicated via the computing network. The computer executable instructions may cause the data redaction/tokenization computing device to identify non-public information in one or more of the plurality of electronic documents and/or at least one of a document type, a source of the electronic document, and a destination to which the electronic document is to be communicated. Based on this analysis, the data redaction/tokenization computing device may modify the electronic document to redact and/or tokenize the non-public information based on the computer executable instructions retrieved from the second database.

Abstract: A computing system for redacting and/or tokenizing non-public information of electronic documents stored in a database may include a data redaction computing device and/or a data tokenization computing device, a first database storing a plurality of electronic documents, and a second database storing computer executable instructions for analyzing information associated with the plurality of electronic documents stored in the first database. The computer executable instructions may cause the data redaction/tokenization computing device to identify non-public information in one or more of the plurality of electronic documents and/or at least one of a document type, a source of the electronic document, and a destination to which the electronic document is to be communicated.

Abstract: Systems are provided for using a message spinning engine to create and/or manage messaging queues in a distributed network using virtualized servers. An abstraction layer formed by virtualized servers may enable the message spinning engine to seamlessly transition messaging queues while minimizing the likelihood of exceeding the parameters of existing service level agreements. The message spinning engine may include a service mapping module to maintain mappings between source business applications and virtualized servers, a product bridge to implement message encapsulation for communication between different messaging queue products, and a messaging queue monitoring console to analyze performance and capacity of physical services and messaging services and accordingly adjust levels of service for source business applications.

Abstract: A computing system for redacting and/or tokenizing non-public information of electronic documents stored in a database may include a data redaction computing device and/or a data tokenization computing device, a first database storing a plurality of electronic documents, and a second database storing computer executable instructions for analyzing information associated with the plurality of electronic documents stored in the first database. The computer executable instructions may cause the data redaction/tokenization computing device to identify non-public information in one or more of the plurality of electronic documents and/or at least one of a document type, a source of the electronic document, and a destination to which the electronic document is to be communicated.

Abstract: The present invention provides for managing and controlling data file transfer exchange to and from file hosting services, such as cloud-based file hosting services. Specifically, the present invention control what data files are authorized for uploading to the file hosting service and downloading from the file hosting service, as well as, controlling the access to such files after uploading or downloading the data file.

Abstract: A centralized workflow management system is described that provides for the ability to manage workflows existing throughout a large enterprise regardless of the format of the workflow platform/system providing the workflows. The system and other embodiments provide for workflow extensibility, such that changes to existing workflows and/or addition of new workflows result in automatic adaption to all downstream and upstream workflows that are affected by the change or addition.

Abstract: Systems are provided for using a message spinning engine to create and/or manage messaging queues in a distributed network using virtualized servers. An abstraction layer formed by virtualized servers may enable the message spinning engine to seamlessly transition messaging queues while minimizing the likelihood of exceeding the parameters of existing service level agreements. The message spinning engine may include a service mapping module to maintain mappings between source business applications and virtualized servers, a product bridge to implement message encapsulation for communication between different messaging queue products, and a messaging queue monitoring console to analyze performance and capacity of physical services and messaging services and accordingly adjust levels of service for source business applications.

Abstract: Systems are provided for using a message spinning engine to create and/or manage messaging queues in a distributed network using virtualized servers. An abstraction layer formed by virtualized servers may enable the message spinning engine to seamlessly transition messaging queues while minimizing the likelihood of exceeding the parameters of existing service level agreements. The message spinning engine may include a service mapping module to maintain mappings between source business applications and virtualized servers, a product bridge to implement message encapsulation for communication between different messaging queue products, and a messaging queue monitoring console to analyze performance and capacity of physical services and messaging services and accordingly adjust levels of service for source business applications.

Abstract: A multi-tier platform provides security at a perimeter of a computer system, where an intermediate layer interacts between a web layer and an application layer. A data request that is associated with a data set is received at the web layer and passed to the intermediate layer. The intermediate layer determines the authoritative source for the data set and whether the data set has a static or dynamic value. If the value is static, the intermediate layer accesses the value stored at the intermediate layer. However, if the value is dynamic, the intermediate layer queries the source registered to the data set, obtains the value from the authoritative source, and returns the dynamic value via the web layer, where the registered source may be internal or external to the computer system. Consequently, the intermediate layer may function as an aggregate layer that supports both database and messaging services.

Abstract: Methods, systems, and computer-readable media for managing enterprise data movement using a heuristic data movement detection engine are presented. In some embodiments, a computer system may receive one or more data packets associated with a movement of enterprise data intercepted by a filtering engine. Subsequently, the computer system may evaluate the one or more data packets associated with the movement of enterprise data intercepted by the filtering engine based on at least one predefined data movement pattern. Then, the computer system may detect at least one variation from the at least one predefined data movement pattern based on the evaluating of the one or more data packets associated with the movement of enterprise data intercepted by the filtering engine. Thereafter, the computer system may send at least one alert message based on the detecting of the at least one variation from the at least one predefined data movement pattern.

Abstract: An enterprise-wide centralized system for managing data transfer/movement provided by a technology-agnostic and protocol-agnostic data transfer/movement module. The system comprises a plurality of networked servers, one or more hub servers and a service delivery management framework. The system is structured for controlling the initiation and disablement of data transfers and configuring routing, timing and protocol(s) for data transfers.

Abstract: A computing system for redacting and/or tokenizing non-public information of electronic documents obtained from monitored communications includes a data redaction computing device and/or a data tokenization computing device, a communications network, and a database storing computer executable instructions for analyzing information associated with a plurality of electronic documents stored communicated via the computing network. The computer executable instructions may cause the data redaction/tokenization computing device to identify non-public information in one or more of the plurality of electronic documents and/or at least one of a document type, a source of the electronic document, and a destination to which the electronic document is to be communicated. Based on this analysis, the data redaction/tokenization computing device may modify the electronic document to redact and/or tokenize the non-public information based on the computer executable instructions retrieved from the second database.