An aggregate sum is efficiently obtained while keeping confidentiality. A prefix-sum part computes a prefix-sum from a share of a sorted value attribute. A flag converting part converts a format of a share of a flag representing the last element of a group. A flag applying part generates a share of a vector in which a prefix-sum is set when a flag representing the last element of a group is true, and a sum of the whole is set when the flag is false. A sorting part generates a share of a sorted vector obtained by sorting a vector with a permutation which moves elements so that the last elements of each group are sequentially arranged from beginning. A sum computing part generates a share of a vector representing a sum for each group.

An optical code scanner being operated using an algorithm is provided. The scanner may scan an optical label. The label may include machine-readable code. The scanner may derive a single set of instructions from the code or multiple sets of instructions from the code. The scanner may process the code. The processing may upload a set of instructions from the code to the scanner and store the set of instructions in an instructions library. The scanner may also derive a picture associated with the instructions and store the picture in the library. The scanner may display a plurality of pictures. Each of the pictures may correspond to a set of uploaded instructions stored on the scanner. Each of the plurality of pictures may be selectable by a user. In response to a user selection of a picture, the scanner may be configured to execute the uploaded instructions that correspond to the selected picture.

Techniques discussed herein relate to providing composable edge devices. In some embodiments, a user request specifying a set of services to be executed at a cloud-computing edge device may be received by a computing device operated by a cloud computing provider. A manifest may be generated in accordance with the user request. The manifest may specify a configuration for the cloud-computing edge device. Another request can be received specifying the same or a different set of services to be executed at another edge device. Another manifest which specifies the configuration for that edge device may be generated and subsequently used to provision the request set of services on that device. In this manner, manifests can be used to compose the platform to be utilized at any given edge device.

This disclosure describes methods, non-transitory computer readable storage media, and systems that provide secure password sharing across a plurality of users and client devices via a shared folder. For example, in one or more embodiments, the disclosed system retrieves a public key set including public encryption keys for client devices having access to the shared folder. The disclosed system provides the public key set to a client device requesting to share the shared folder. The disclosed system receives an encrypted payload for the shared folder and a shared encryption key that is utilized to encrypt the payload and is encrypted in the shared folder utilizing the public key set. The disclosed system also detects key rotation events and notifies one or more client devices to generate a modified shared encryption key and re-encrypt the payload for storage within the shared folder.

Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

A communication device includes a plurality of key distributing units, a plurality of communicating units, a monitoring unit, and a switching unit. The plurality of key distributing units have a quantum key distribution function for sharing a quantum key with an external distribution device. The plurality of communicating units communicate with an external communication device using the quantum key. The monitoring unit monitors operational status indicating at least one of transmission-reception status of photons in the quantum key distribution function, generation status of generating the quantum key, and obtaining status of obtaining the quantum key. The switching unit switches a control target, which either represents one of the key distributing units or represents one of the communicating units, from a first control target to a second control target other than the first control target according to the operational status.

A communication device includes a plurality of key distributing units, a plurality of communicating units, a monitoring unit, and a switching unit. The plurality of key distributing units have a quantum key distribution function for sharing a quantum key with an external distribution device. The plurality of communicating units communicate with an external communication device using the quantum key. The monitoring unit monitors operational status indicating at least one of transmission-reception status of photons in the quantum key distribution function, generation status of generating the quantum key, and obtaining status of obtaining the quantum key. The switching unit switches a control target, which either represents one of the key distributing units or represents one of the communicating units, from a first control target to a second control target other than the first control target according to the operational status.

Disclosed are various examples for securing the transmission of files to and from a client device. In some examples, an initialization token is identified for a file that includes a number of portions. An algorithm is iteratively applied to the initialization token to determine that no repeated output occurs over a number of iterations corresponding to the number of file portions. Initialization data is transmitted from a client device to a management service that manages access to the file. The initialization token is included in the initialization data if no repeated output occurs when the algorithm is iteratively applied over the number of iterations.

A storage apparatus sends a request for a key encryption key to a key management server using a storage apparatus ID as a parameter, acquires the key encryption key, for which a request has been sent to the key management server, and its attribute information, and stores the key encryption key and its attribute information in a key encryption key list while eliminating the key encryption key that is duplicated. Then, in the order listed in the key encryption key list, decryption of the encryption key is attempted by the key encryption key stored in the key encryption key list, and the success or failure of the decryption of the encryption key is determined. When the decryption of the encryption key using the key encryption key fails, the decryption of the encryption key is attempted using a key encryption key, which has not been attempted yet, in the key encryption key list.

Techniques for changing the presentation of information on a user interface based on presence are described. In an example, a computer system determines, based on an image sensor associated with the system, a first presence of a first user relative to a computing device. The computer system also determines an identifier of the first user. The identifier is associated with operating the computing device. The operating comprises a presentation of the user interface by the computing device. The computer system also determines, based on the image sensor, a second presence of a second person relative to the computing device. The computer system causes an update to the user interface based on the second presence.