Techniques and architectures may be used to provide an environment where a data owner storing private encrypted data in a cloud and a data evaluator may engage in a secure function evaluation on at least a portion of the data. Neither of these involved parties is able to learn anything beyond what the parties already know and what is revealed by the function, even if the parties are actively malicious. Such an environment may be useful for business transactions, research collaborations, or mutually beneficial computations on aggregated private data.

Systems and methods to securely send or write data to a cloud storage or server. In one embodiment, a method includes: establishing a connection to a client using a client-side transport protocol; receiving, over the connection, data from the first client; decrypting, using a client session key, the received data to provide first decrypted data; encrypting the first decrypted data using a stored payload key (that is associated with the client) to provide first encrypted data; encrypting, using a cloud session key, the first encrypted data using a remote-side transport protocol to provide second encrypted data; and sending the second encrypted data to the cloud storage or server.

Apparatus and methods disclosed herein provide technical solutions improving the security of email messages. An email message may be encrypted so that a predetermined passcode is not required to access the email message. Apparatus and methods may route email messages through a remote portal. The email message may only be transmitted to the recipient via the portal. In some instances, the contents of an email message may not be transmitted from the portal to the recipient. Rather, the recipient may only access the email message from within the portal. Such restricted access may be preferably less complex because the recipient’s computer terminal may automatically connect to the portal.

Techniques discussed herein relate to providing in-memory workflow management at an edge device (e.g., a computing device distinct from and operating remotely with respect to a data center). The edge device can operate as a computing node in a computing cluster of edge devices and implement a hosting environment (e.g., a distributed data plane). A work request can be obtained by an in-memory workflow manager of the edge device. The work request may include an intended state of a data plane resource (e.g., a computing cluster, a virtual machine, etc.). The in-memory workflow manager can determine the work request has not commenced and initialize an in-memory execution thread to execute orchestration tasks to configure a data plane of the computing cluster according to the intended state. Current state data corresponding to the configured data plane may be provided to the user device and eventually displayed.

A method comprising generating an updated security key upon expiration of a key exchange timer, transferring the updated security key to a Coaxial Network Unit (CNU), retaining an original key, wherein the updated security key comprises a different key identification number than the original key, accepting and decrypting upstream traffic that employs either the original key or the updated key, after transferring the updated security key to the CNU, creating a key switchover timer, before the key switchover timer expires, verify that upstream traffic transferred from the CNU on a logical link uses the updated security key, and when upstream traffic is encrypted using the updated security key, begin using the updated security key to encrypt downstream traffic and clear the key switchover timer.

Embodiments herein describe middleware that serves as an intermediary between two computing systems performing asynchronous communication. Rather than communicating directly with each other, the two computing system communicate with the middleware; however, the middleware can be introduced seamlessly so that the two system believe they are communicating with each other rather than the middleware—i.e., the middleware is invisible to the systems. Asynchronous communication with guaranteed delivery may require the two computing systems to perform a handshake operation where the computing system transmitting the object does not consider the task complete until receiving a confirmation from the receiving computing system that the object was processed successfully.

A computer generates a first encrypted message by encrypting an unencrypted message for decryption at a receiving device. The computer couples the first encrypted message with addressing data associated with the receiving device to generate a coupled message. The computer generates a second encrypted message by encrypting the coupled message for decryption at a data transmission service. The computer transmits the second encrypted message via the data transmission service to enable the receiving device to read the unencrypted message.

A computer generates a first encrypted message by encrypting an unencrypted message for decryption at a receiving device. The computer couples the first encrypted message with addressing data associated with the receiving device to generate a coupled message. The computer generates a second encrypted message by encrypting the coupled message for decryption at a data transmission service. The computer transmits the second encrypted message via the data transmission service to enable the receiving device to read the unencrypted message.

A routing device capable of performing application layer data caching is described. Application data caching at a routing device can alleviate the bottleneck that an application data host may experience during high demands for application data. Requests for the application data can also be fulfilled faster by eliminating the network delays for communicating with the application data host. The techniques described can also be used to perform analysis of the underlying application data in the network traffic transiting though a routing device.

The present disclosure is directed to systems and methods for securely providing telemetry data of a dispenser machine to an administrator system via an exposed web service over a computer network. To secure the exposed web service, the systems and methods of the present disclosure provide secure gateways at the dispenser machine and the administrator system that can provide one or more of message integrity, authentication, authorization, and confidentiality. The secure gateways are implemented separate from the applications creating web service request and response messages at the dispenser machine and the administrator system, respectively. Because the secure gateways are implemented separate from the applications creating the web service request and response messages, the applications creating the web service request and response messages can be created and modified without consideration to message security, which is handled transparently by the secure gateways.