Methods, systems, and apparatus, including medium-encoded computer program products, for secure storage and retrieval of information, such as private keys, useable to control access to a blockchain, include, in at least one aspect, a method including: identifying for an action an associated private-keys group out of different private-keys groups, each having an associated cryptographic group key; decrypting, at a first computer, a first level of encryption of a private key associated with the action using the associated cryptographic group key; decrypting, at a second computer distinct from the first computer, a second level of encryption of the private key associated with the action using a hardware-based cryptographic key used by the second computer; using, at the second computer, the private key associated with the action in a process of digitally signing data to authorize the action; and sending the digitally signed data to a third computer to effect the action.

Described embodiments provide systems and methods for remapping connections to tunnels selected based on a security level of the communications. A first network device may be in communication with a second network device via a plurality of communication tunnels. The plurality of communication tunnels may include an encrypted communication tunnel and an unencrypted communication tunnel. The first network device may receive a packet, the packet including header information and a payload. The first network device may determine whether the received packet is encrypted to meet a threshold level of security. The first network device may, responsive to determining that the packet is to meet the threshold level of security, communicate an identifier of the payload and the header information to the second network device via the encrypted communication tunnel, and communicate the payload to the second network device via the unencrypted communication tunnel.

Described embodiments provide systems and methods for remapping connections to tunnels selected based on a security level of the communications. A first network device may be in communication with a second network device via a plurality of communication tunnels. The plurality of communication tunnels may include an encrypted communication tunnel and an unencrypted communication tunnel. The first network device may receive a packet, the packet including header information and a payload. The first network device may determine whether the received packet is encrypted to meet a threshold level of security. The first network device may, responsive to determining that the packet is to meet the threshold level of security, communicate an identifier of the payload and the header information to the second network device via the encrypted communication tunnel, and communicate the payload to the second network device via the unencrypted communication tunnel.

An implementation of the present application provides a computer-implemented method to increase the security of a blockchain-implemented transaction, the transaction including participation from a plurality of participating nodes, each participating node participating as a message originator, selector, and propagator. The method, implemented at a participating node, includes: receiving ciphertext from a prior node and determining whether the participating node is a selector node for said ciphertext received from the prior node. When the participating node is the selector node for said ciphertext, the method includes selecting a subset of said ciphertext, decrypting the selected subset of said ciphertext to provide opted ciphertext and transmitting said opted ciphertext to the next node. When the participating node is other than the selector node for said ciphertext, the method includes decrypting said ciphertext received from the prior node and transmitting the decrypted ciphertext to the next node.

This document discloses a method and device for implementing secure communication, and a storage medium. The method for implementing secure communication includes: encrypting first information and second information of a data packet respectively to generate an encrypted message; wherein, a region in which the encrypted first information is located is a first encrypted region, and a region in which the encrypted second information is located is a second encrypted region; the first information is used for a receiving device to determine whether to acquire the second information; and sending the encrypted message.

Techniques discussed herein relate to implementing a distributed computing cluster (the “cluster”) including a plurality of edge devices (e.g., devices individually configured to selectively execute within an isolated computing environment). One edge device may be configured to operate as a head node of the cluster at a given time. A request for virtual resources of the cluster may be received from a user device and directed to the first edge device of the cluster. The first edge device may determine it is not operating as a head node of the cluster. The first edge device may determine that a second edge device of the cluster is operating as the head node. In response, the first edge device may forward the request to the second edge device, wherein forwarding the request to the second edge device causes the second request to be processed by the cluster.

Systems, methods, and computer-readable media for facilitating an authentication processing service are provided.

Systems and methods to securely send or write data to a cloud storage or server. In one embodiment, a method includes: establishing a connection to a client using a client-side transport protocol; receiving, over the connection, data from the first client; decrypting, using a client session key, the received data to provide first decrypted data; encrypting the first decrypted data using a stored payload key (that is associated with the client) to provide first encrypted data; encrypting, using a cloud session key, the first encrypted data using a remote-side transport protocol to provide second encrypted data; and sending the second encrypted data to the cloud storage or server.

Provided are techniques for increasing security of objects in cloud environments by using a two-part encryption scheme. Objects to be stored in a cloud node are received. A number of keys to be used is determined. That number of keys are obtained. A sequence for the keys is obtained. The keys are concatenated using the sequence to form a concatenated key. The concatenated key is hashed to form an encryption key. Each of the objects is encrypted using the encryption key to form encrypted objects.

Described herein is a system for providing version control across APIs. In an embodiment, an application of a client device may transmit communications to a service application API that are in a format not accepted by the service application API, using the application API. A central (or public) API may receive the communication transmitted by the application's API. The central API may identify the versions of the application's API and the service application API. The central API may format the communication based on the mapped fields, to a format accepted by the service application API. The central API 106 may forward the formatted communication to the service application.