Techniques described herein relate to systems and methods of data storage, and more particularly to providing layering of file system functionality on an object interface. In certain embodiments, file system functionality may be layered on cloud object interfaces to provide cloud-based storage while allowing for functionality expected from a legacy applications. For instance, POSIX interfaces and semantics may be layered on cloud-based storage, while providing access to data in a manner consistent with file-based access with data organization in name hierarchies. Various embodiments also may provide for memory mapping of data so that memory map changes are reflected in persistent storage while ensuring consistency between memory map changes and writes. For example, by transforming a ZFS file system disk-based storage into ZFS cloud-based storage, the ZFS file system gains the elastic nature of cloud storage.

A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

A computer-implemented method of pseudo-randomly selecting game elements for use in playing a game. An oracle obtains: a set of seed data items, the set of seed data items comprises one or more user seed data items generated by a respective user; a sequence of public keys; and a list of game elements. A total number of public keys corresponds to a total number of game elements. The oracle generates a first output of a game transaction. The first output comprises the sequence of public keys and a script configured to generate at least one pseudorandom number based on the set of seed data items. The script is configured to generate a list of the public keys based on the at least one pseudorandom number. An order of public keys in the list of public keys differs compared to an order of public keys in the sequence of public keys.

A computer-implemented method of pseudo-randomly selecting game elements for use in playing a game. An oracle obtains: a set of seed data items, the set of seed data items comprises one or more user seed data items generated by a respective user; a sequence of public keys; and a list of game elements. A total number of public keys corresponds to a total number of game elements. The oracle generates a first output of a game transaction. The first output comprises the sequence of public keys and a script configured to generate at least one pseudorandom number based on the set of seed data items. The script is configured to generate a list of the public keys based on the at least one pseudorandom number. An order of public keys in the list of public keys differs compared to an order of public keys in the sequence of public keys.

This disclosure relates to a method for vertical federated learning. In multiple participation nodes deployed in a multi-way tree topology, an upper-layer participation node corresponds to k lower-layer participation nodes. After the upper-layer participation node and the k lower-layer participation nodes exchange public keys with each other, the upper-layer participation node performs secure two-party joint computation with the lower-layer participation nodes with a first public key and second public keys as encryption parameters to obtain k two-party joint outputs of a federated model. Further, the upper-layer participation node aggregates the k two-party joint outputs to obtain a first joint model output corresponding to the federated model. As such, a multi-way tree topology deployment-based vertical federated learning architecture is provided, improving the equality of each participation node in a vertical federated learning process.

This disclosure relates to a method for vertical federated learning. In multiple participation nodes deployed in a multi-way tree topology, an upper-layer participation node corresponds to k lower-layer participation nodes. After the upper-layer participation node and the k lower-layer participation nodes exchange public keys with each other, the upper-layer participation node performs secure two-party joint computation with the lower-layer participation nodes with a first public key and second public keys as encryption parameters to obtain k two-party joint outputs of a federated model. Further, the upper-layer participation node aggregates the k two-party joint outputs to obtain a first joint model output corresponding to the federated model. As such, a multi-way tree topology deployment-based vertical federated learning architecture is provided, improving the equality of each participation node in a vertical federated learning process.

A privacy information transmission method, an apparatus, a computer device and a computer-readable medium are disclosed. The method may include: generating authentication information in response to receiving of an identity registration request message sent by a terminal device via a base station, and encrypting the authentication information with a first private key to generate encrypted authentication information; sending a first identity identification request message carrying the encrypted authentication information to the terminal device; and receiving an identity identification response message returned by the terminal device, and acquiring privacy information from the identity identification response message.

A privacy information transmission method, an apparatus, a computer device and a computer-readable medium are disclosed. The method may include: generating authentication information in response to receiving of an identity registration request message sent by a terminal device via a base station, and encrypting the authentication information with a first private key to generate encrypted authentication information; sending a first identity identification request message carrying the encrypted authentication information to the terminal device; and receiving an identity identification response message returned by the terminal device, and acquiring privacy information from the identity identification response message.

The disclosure provides an approach for cryptographic agility. Embodiments include establishing, by a proxy component associated with a cryptographic agility system, a first secure connection with an application. Embodiments include receiving, by the proxy component, via the first secure connection, a communication from the application directed to an endpoint. Embodiments include selecting, by the cryptographic agility system, a cryptographic technique based on contextual information related to the communication. Embodiments include establishing, by the proxy component, a second secure connection with the endpoint based on the cryptographic technique. Embodiments include transmitting, by the proxy component, a secure communication to the endpoint via the second secure connection based on the communication.