Data security and privacy are improved by a client providing a hashed version of collected data to a remote analysis service, and having the analysis service determine the relevancy of the data from the hashes before requesting the plaintext of the data. In one example, a browser plug-in obtains data which is divided into overlapping three-character sequences, and the sequences are hashed to produce a sequence of hashes. The sequence of hashes is sent by the plug-in to the remote service, which uses the hashes to determine if the associated data is relevant to the analysis performed by the remote service, without requiring access to the associated plaintext. After making the determination, the remote service may request that relevant data be provided to the service in plaintext form, while data that is not relevant need not be sent to the remote service.

The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.

The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.

The disclosure provides an approach for distribution of functions among data centers of a cloud system that provides function-as-a-service (FaaS). For example, the disclosure provides one or more function distributors configured to receive a request for loading or executing a function, automatically determine an appropriate data center to load or execute the function, and automatically load or execute the function on the determined data center. In certain embodiments, the function distributors are further configured to determine an appropriate data center to provide storage resources for the function and configure the function to utilize the storage resources of the determined data center.

Apparatus and methods for managing content delivery in a packetized network. In one embodiment, the network provide content to a plurality of clients via a plurality of nodes and origin points, and resources are discreetly represented (e.g., with IP addresses, such as those afforded under the IPv6 protocol) to allows for direct advertisement of resources. Exemplary solutions described herein further advantageously leverage extant architectures and protocols (such as BGP), and make use of a common control plane, which can be utilized for example by different content delivery network (CDN) operators and different delivery components to advertise resources. Internally within a given CDN, increased granularity of resource addressing and advertisement may provide benefits including: (i) resource affinity; (ii) resource-level balancing; (iii) dynamic resource scoping; and (iv) “zero-touch” provisioning and resource relocation.

A method, computer program, and computer system is provided for asynchronous Network-Based Media Processing (NBMP) request processing. A first function call corresponding to a CreateWorkflow request to an NBMP workflow manager is received. A hypertext transfer protocol (HTTP) status code and a delay value retrieved from a database are returned based on receiving the first function call, and the CreateWorkflow request is performed at a later time after the delay has elapsed, whereby a response to the request is performed asynchronously according to the retrieved delay value. A second function call corresponding to an UpdateWorkflow request to the NBMP workflow manager is received after performing the CreateWorkflow request, and results of performing the CreateWorkflow request are returned based on receiving the second function call, wherein a response to the CreateWorkflow request is provided asynchronously according to the retrieved delay value.

A method, computer program, and computer system is provided for asynchronous Network-Based Media Processing (NBMP) request processing. A first function call corresponding to a CreateWorkflow request to an NBMP workflow manager is received. A hypertext transfer protocol (HTTP) status code and a delay value retrieved from a database are returned based on receiving the first function call, and the CreateWorkflow request is performed at a later time after the delay has elapsed, whereby a response to the request is performed asynchronously according to the retrieved delay value. A second function call corresponding to an UpdateWorkflow request to the NBMP workflow manager is received after performing the CreateWorkflow request, and results of performing the CreateWorkflow request are returned based on receiving the second function call, wherein a response to the CreateWorkflow request is provided asynchronously according to the retrieved delay value.

Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network slice information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network slice information.

An image forming apparatus includes a communication interface and a processor. The communication interface is configured to transmit data to and receive data from a cloud server that provides a cloud service. The processor is configured to receive a token from the cloud server via the communication interface, transmit a request including the token to the cloud server via the communication interface, receive a response including user information from the cloud server via the communication interface, and shift to a login state based on the user information.

Embodiments described include systems and methods for executing in an embedded browser an application script for network applications of different origins. A client application can establish a first session with a first network application of a first entity at a first origin via an embedded browser within the client application and a second session with a second network application of a second entity at a second origin via the embedded browser within the client application. A scripting engine within the client application of a client device of a user at a third origin can identify an application script having instructions to interact with the first network application and the second network application, and can execute the instructions to perform a task across the first network application of the first entity at the first origin and the second network application of the second entity at the second origin.