A random number generating unit generates random numbers s.sub.1, s.sub.2, s.sub.1, and s.sub.2. A public keys randomizing unit generates first randomized public keys information obtained by randomizing public keys using the random number s.sub.1 and second randomized public keys information obtained by randomizing the public keys using the random number s.sub.2. A proxy calculation unit calculates a first commission result by using a secret key and calculates a second commission result by using the secret key. A verification unit calculates a first verification value by using the random number s.sub.2, calculates a second verification value by using the random number s.sub.1, and verifies whether or not the first verification value and the second verification value coincide with each other. A common key calculation unit calculates a common key by using the random numbers s.sub.1 and s.sub.2 if the first verification value and the second verification value coincide with each other.

Apparatus, methods and systems facilitating communications via a mobile internet-enabled connection interface are provided. One apparatus is configured to perform various operations, including performing a first type of security function associated with determining whether an information package is authorized to be received and downloaded to a device other than the apparatus, wherein the information package is associated with updating a functionality of the device; and performing a second type of security function associated with identifying an authorized user of the apparatus.

A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities. The cryptography service is configured to receive and respond to requests to perform cryptographic operations, such as encryption and decryption. The requests may originate from entities using the distributed computing environment and/or subsystems of the distributed computing environment.

Described herein are systems, devices, and methods for content delivery on the Internet. In certain non-limiting embodiments, a caching model is provided that can support caching for indefinite time periods, potentially with infinite or relatively long time-to-live values, yet provide prompt updates when the underlying origin content changes. Origin-generated tokens can drive the process of caching, and can be used as handles for later invalidating origin responses within caching proxy servers delivering the content. Tokens can also be used to control object caching behavior at a server, and in particular to control how an object is indexed in cache and who it may be served to. Tokens may indicate, for example, that responses to certain requested URL paths are public, or may be used to map user-id in a client request to a group for purposes of locating valid cache entries in response to subsequent client requests.

In an embodiment, a computer-implemented method comprises: in response to receiving a first authentication request from one or more first computing devices, authenticating the first computing devices on behalf of a first client device using a first set of identity information; in response to authenticating the first computing devices, generating and queuing a first set of one or more transactions corresponding to at least one of the one or more first computing devices; in response to receiving a second authentication request from the first client device configured to access the first set of one or more transactions, authenticating the first client device on behalf of a second computing device using a second set of identity information that is associated with the first client device; in response to performing the second authentication service, encrypting and sending the first set of one or more transactions to the first client device.

A method includes receiving and temporarily storing data streams from Internet of Things (IoT) sensors. The method continues with determining whether some of the data streams have been requested by a subscribing computing entity. When some of the data streams are requested and the request is valid, the method continues with sending the requested data streams to the subscribing computing entity. The method continues with receiving additional data streams from the IoT sensors and overwriting the temporary storage of the data streams with the additional data streams.

Methods for secure communication transmission is provided. Methods include shredding a secure communication into a first plurality of communication segments using a first fine-grain shredding algorithm. Methods include creating a first recombination key suitable for recombining data subjected to the first shredding algorithm. Methods include transmitting each of the first plurality of communication segments and the first recombination key to an intermediary device. Methods include shredding the first plurality of communication segments using a second fine-grain shredding algorithm. Methods include creating a second recombination key suitable for recombining data subjected to the second shredding algorithm. Methods include transmitting the second plurality of communication segments and the first and second recombination key to a target device. Methods include recombining the second plurality of communication segments into the first plurality of communication segments using the first key. Methods include recombining the first plurality of communication segments using the second key.

A mapping server provisions network elements to optimize the cryptographic resources of a computer network. The mapping server obtains from a source network element, a request for a source endpoint to communicate with a destination endpoint across the computer network. The mapping server determines a cryptographic policy based on the source endpoint, the destination endpoint, and an availability of cryptographic resources on the network elements. The mapping server identifies a destination network element based on the cryptographic policy. The destination network element is associated with the destination endpoint. The mapping server selects a security association based on the cryptographic policy to secure a communication from the source endpoint to the destination endpoint. The security association secures the communication between the source network element and the destination network element. The mapping server provides the security association to the source network element along with a network address of the destination network element.

A security device (6) is provided for facilitating management of secret data items such as cryptographic keys which are used by a remote server (2) to authenticate operations of the server (2). The device (6) has a user interface (13), control logic (16) and a computer interface (11) for connecting the device (6) to a local user computer (5) for communication with the remote server (2) via a data communications network (3). The control logic is adapted to establish via the user computer (5) a mutually-authenticated connection for encrypted end-to-end communications between the device (6) and server (2). In a backup operation, the secret data items are received from the server (2) via this connection. The control logic interacts with the user via the user interface (13) to obtain user authorization to backup secret data items and, in response, stores the secret data items in memory (10). To restore secret data items to the server, the control logic interacts with the user via the user interface (13) to obtain user authorization to restore secret data items and, in response, sends the secret data items to the server (2) via said connection.

The disclosure details the implementation of an apparatus, method, and system comprising a portable device configured to communicate with a terminal and a network server, and execute stored program code in response to user interaction with an interactive user interface. The portable device contains stored program code configured to render an interactive user interface on a terminal output component to enable the user the control processing activity on the portable device and access data and programs from the portable device and a network server.