Abstract: Systems and methods are provided for determining a set of objects, the objects corresponding to a given case or application of a deletion/retention policy; determining at least one object in the set of objects to be scheduled for deletion, the at least one object being associated with a given state that specifies a deletion and/or retention type and schedule for the at least one object; and scheduling data corresponding to the at least one object for deletion from one or more data sources based at least in part on the deletion and/or retention type and schedule specified in the object state.

Abstract: An apparatus, computer-implemented method and computer program are disclosed for performing a cryptographic operation in a high-trust (HT) environment. The HT environment including a compute service and key storage service. The compute service receives from a user device, a user request for performing a cryptographic operation on at least a portion of a large-scale dataset. The user request including a user token associated with a user of the user device. The compute service sends to the key storage service, a cryptographic key access request corresponding to the received user request. The cryptographic key access request including data representative of the user token and/or a compute service token.

Abstract: A system and method can provide charter-based access to resources using an object model. Charters are defined by an administrator to have certain markings, each marking indicating a control (e.g., permission, credential, qualification, constraint, requirement, etc.) that regulates work under the charter. Users are also associated with markings. A user starts a session to access the system and is authenticated. The system determines charters having markings that the user has, and these charters are provided to the user to select from. Selecting a charter allows the user access to resources associated with the charter, under the controls indicated by the markings. Charters, controls, qualifications, resources, authorizations and links between them can be implemented using an object model. Markings can control session parameters (e.g.

Abstract: A system and method can provide charter-based access to resources using an object model. Charters are defined by an administrator to have certain markings, each marking indicating a control (e.g., permission, credential, qualification, constraint, requirement, etc.) that regulates work under the charter. Users are also associated with markings. A user starts a session to access the system and is authenticated. The system determines charters having markings that the user has, and these charters are provided to the user to select from. Selecting a charter allows the user access to resources associated with the charter, under the controls indicated by the markings. Charters, controls, qualifications, resources, authorizations and links between them can be implemented using an object model. Markings can control session parameters (e.g.

Abstract: System and method for k-anonymization with a target k-value according to certain embodiments. For example, a method includes: receiving an input dataset; receiving a k-value, the k-value being a positive integer; receiving one or more quasi-identifiers corresponding to one or more data fields in the input dataset; receiving a data suppression strategy including one or more transformation steps, at least one transformation step of the one or more transformation steps associated with at least one quasi-identifier of one or more one or more quasi-identifiers; and applying the one or more transformation steps to the input dataset to generate a suppressed dataset including at least one suppressed data field corresponding to the at least one data field; checking an anonymity value of each data record of a plurality of data records in the suppressed dataset; selecting a subset of the suppressed dataset from the suppressed dataset.

Abstract: A cryptography administration system facilitates secure, user-friendly and auditable cryptography. An administrator may create channels with associated cryptographic keys and algorithms for performing cryptographic operations such as encryption and decryption. The channel may be associated with licenses which may include permissions to perform cryptographic operations. The licenses may be shared with one or more users. A user may perform cryptographic operations using the channel according to the permissions and operations included in the licenses, to which the user has access, associated with the channel. The user does not need a technical understanding of the cryptographic system (e.g., keys and algorithms) to perform the cryptographic operations and does not need access to the keys to perform the operations. The cryptographic operations may be stored in an audit log that can be reviewed by user.

Abstract: Systems and methods are provided for improved auditing of user actions associated with a software application. The system includes functionality to log user actions in a structured, standardized way. The system includes interactive user interfaces for analyzing the logs. The logging is based on a well-defined categorization of available actions. The log information includes (and distinguishes among) user details, context details, user inputs, and/or system outputs (including identification of data objects). The interactive user interfaces enable a user to view structured log data in an efficient manner, such as by presenting logs in a tabular format, executing queries on the log data, and/or presenting visualizations that summarize the log data. The interactive user interfaces provide functionality that allows a user to investigate and/or audit user interactions with a data object.

Abstract: Systems and methods are provided for improved auditing of user actions associated with a software application. The system includes functionality to log user actions in a structured, standardized way. The system includes interactive user interfaces for analyzing the logs. The logging is based on a well-defined categorization of available actions. The log information includes (and distinguishes among) user details, context details, user inputs, and/or system outputs (including identification of data objects). The interactive user interfaces enable a user to view structured log data in an efficient manner, such as by presenting logs in a tabular format, executing queries on the log data, and/or presenting visualizations that summarize the log data. The interactive user interfaces provide functionality that allows a user to investigate and/or audit user interactions with a data object.

Abstract: Systems and methods are provided for processing an input dataset or running an inference. The systems and methods may be configured to accept an input dataset, access one or more predefined logic plugins for processing the input dataset, process the input dataset based at least in part on a first predefined logic plugin, and generate the one or more outputs based at least in part of the processing of the input dataset. The one or more outputs may have a different format than a format of the input dataset.

Abstract: A computer system is disclosed that provides purpose-based control of user actions and access to electronic data assets. For example, the computer system may perform operations including: receiving, from a user, a request to perform an action; determining any checkpoint config objects associated with the action; displaying checkpoint dialog based on checkpoint config object; determining whether criteria associated with the checkpoint object are satisfied; and in response to determining that the criteria associated with the checkpoint object are satisfied: generating a checkpoint record object; and proceeding to perform the action.

Abstract: Systems and methods are provided for improved auditing of user actions associated with a software application. The system includes functionality to log user actions in a structured, standardized way. The system includes interactive user interfaces for analyzing the logs. The logging is based on a well-defined categorization of available actions. The log information includes (and distinguishes among) user details, context details, user inputs, and/or system outputs (including identification of data objects). The interactive user interfaces enable a user to view structured log data in an efficient manner, such as by presenting logs in a tabular format, executing queries on the log data, and/or presenting visualizations that summarize the log data. The interactive user interfaces provide functionality that allows a user to investigate and/or audit user interactions with a data object.

Abstract: Systems and methods are provided for determining a set of objects, the objects corresponding to a given case or application of a deletion/retention policy; determining at least one object in the set of objects to be scheduled for deletion, the at least one object being associated with a given state that specifies a deletion and/or retention type and schedule for the at least one object; and scheduling data corresponding to the at least one object for deletion from one or more data sources based at least in part on the deletion and/or retention type and schedule specified in the object state.

Abstract: Systems and methods are provided for improved auditing of user actions associated with a software application. The system includes functionality to log user actions in a structured, standardized way. The system includes interactive user interfaces for analyzing the logs. The logging is based on a well-defined categorization of available actions. The log information includes (and distinguishes among) user details, context details, user inputs, and/or system outputs (including identification of data objects). The interactive user interfaces enable a user to view structured log data in an efficient manner, such as by presenting logs in a tabular format, executing queries on the log data, and/or presenting visualizations that summarize the log data. The interactive user interfaces provide functionality that allows a user to investigate and/or audit user interactions with a data object.

Abstract: Systems and methods are provided for determining a set of objects, the objects corresponding to a given case or application of a deletion/retention policy; determining at least one object in the set of objects to be scheduled for deletion, the at least one object being associated with a given state that specifies a deletion and/or retention type and schedule for the at least one object; and scheduling data corresponding to the at least one object for deletion from one or more data sources based at least in part on the deletion and/or retention type and schedule specified in the object state.

Abstract: A system and method can provide charter-based access to resources using an object model. Charters are defined by an administrator to have certain markings, each marking indicating a control (e.g., permission, credential, qualification, constraint, requirement, etc.) that regulates work under the charter. Users are also associated with markings. A user starts a session to access the system and is authenticated. The system determines charters having markings that the user has, and these charters are provided to the user to select from. Selecting a charter allows the user access to resources associated with the charter, under the controls indicated by the markings. Charters, controls, qualifications, resources, authorizations and links between them can be implemented using an object model. Markings can control session parameters (e.g.

Abstract: Systems and methods are provided for determining a set of objects, the objects corresponding to a given case or application of a deletion/retention policy; determining at least one object in the set of objects to be scheduled for deletion, the at least one object being associated with a given state that specifies a deletion and/or retention type and schedule for the at least one object; and scheduling data corresponding to the at least one object for deletion from one or more data sources based at least in part on the deletion and/or retention type and schedule specified in the object state.