A processing system may obtain a first source data and encoding the first source data in accordance with a first key via an encoder associated with an encoder-decoder model to generate a first source data encoding that is a first output of the encoder and a second key that is a second output of the encoder. The processing system may then transmit the first source data encoding to a recipient system, where the second key is for generating a second source data encoding for transmission by the processing system to the recipient system. A processing system may also obtain a first encoded source data from a sending system, apply the first encoded source data and a first key as inputs to a decoder associated with an encoder-decoder model to obtain a first decoded source data and a second key as outputs, and present the first decoded source data.

A method for processing data of an analytical instrument for analyzing biological samples is presented. The method comprises receiving instrument data from the analytical instrument at a data processing module communicatively connected with the analytical instrument, generating metadata from the received instrument data at the data processing module, applying a first encryption to the instrument data at the data processing module, applying a second encryption to the generated metadata at the data processing module, and transmitting the encrypted metadata and encrypted instrument data to a remote server. The remote server and the data processing module are communicatively connected. The method also comprises removing the second encryption from the metadata at the remote server and forwarding the instrument data encrypted by the first encryption from the remote server to a management system of the analytical instrument.

A data communication system that sends SMS communications that are end-to-end ciphered when communicated from first device to second device. The data payloads of SMS communications are hard-encrypted by layers at first device. Each layer is combination of encryption function and obfuscation function. A data map is associated with layers and is provided in SMS message from first device to second device. The data map provides information about combination in each layer to enable inverse layer-by-layer decryption and de-obfuscation of hard-encrypted data payloads at second device. The second device has key wallet in which encryption function are defined according to first index, and obfuscation function are defined according to second index. The data map includes references to first and second index such that second device requires use of key wallet to interpret indices to enable inverse layer-by-layer decryption and de-obfuscation of hard-encrypted data payloads communicated to second device. Optionally, the first device is a mobile telephone of a given user, and the second device is implemented as a server of a banking, governmental institution or financial institution, wherein the end-to-end ciphered SMS communications include financial transaction instructions, PIN codes, passwords, reset codes and so forth.

An encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

A mechanism for building decentralized computer applications that execute on a distributed computing system. The present technology works within a web browser, client application, or other software and provides access to decentralized computer applications through the browser. The present technology is non-custodial, wherein a public-private key pair, which represents user identity, is created on a client machine and then directly encrypted by a third-party platform without relying on one centralized computing system.

Described herein is a system, method, and non-transitory computer readable medium related to a service provider using a third party identity provider to authenticate a user with improved security. An authentication token is received from the identity provider, and can be verified against internal configuration information. The internal configuration information includes data that is not included in the authentication token, and therefore, is not vulnerable to some security attacks, such as a man-in-the-middle attack. After the authentication token is verified, the internal configuration information and authentication token may be used to create a custom identifier, referred to as an identity ID. The identity ID may be used by the service provider to verify user access to resources.

Auditing data containing sensitive data are stored in a data structure comprising data objects. Each data object comprises one or more pairs of a name and a value. Pairs that are flagged or identified as containing sensitive data are partially encrypted; the value is encrypted using an asymmetric key and the name corresponding to the encrypted value remains unencrypted. Some pairs that are not flagged or identified as containing sensitive data are left unencrypted. Unencrypted data may be stored in the partially encrypted auditing data as plain text. The auditing data may be analyzed to generate business metrics and identify application errors. The auditing data may also be queried, and data objects containing unencrypted pairs and/or partially encrypted pairs may be returned based on matching unencrypted names and/or values to the data query.

Systems and methods for providing policy-controlled communication over the Internet are provided. A system may include a client endpoint function configured to execute on a client device while coupled to a first VPN tunnel, a service endpoint function that operates a remote service of a plurality of remote services, and a mid-link server coupled to the first VPN tunnel and a second VPN tunnel. The mid-link server may include an inspection component that analyzes network packet traffic in accordance with a plurality of policies. The inspection component may inspect the network packet traffic for specific content and provide instructions to a router component and/or a mediation component of the mid-link server. The instructions may be a function of at least one policy that applies to the specific content.

Techniques discussed herein relate to providing in-memory workflow management at an edge device (e.g., a computing device distinct from and operating remotely with respect to a data center). The edge device can operate as a computing node in a computing cluster of edge devices and implement a hosting environment (e.g., a distributed data plane). A work request can be obtained by an in-memory workflow manager of the edge device. The work request may include an intended state of a data plane resource (e.g., a computing cluster, a virtual machine, etc.). The in-memory workflow manager can determine the work request has not commenced and initialize an in-memory execution thread to execute orchestration tasks to configure a data plane of the computing cluster according to the intended state. Current state data corresponding to the configured data plane may be provided to the user device and eventually displayed.

Techniques discussed herein relate to implementing a distributed computing cluster (the “cluster”) including a plurality of edge devices (e.g., devices individually configured to selectively execute within an isolated computing environment). One edge device may be configured to operate as a head node of the cluster at a given time. A request for virtual resources of the cluster may be received from a user device and directed to the first edge device of the cluster. The first edge device may determine it is not operating as a head node of the cluster. The first edge device may determine that a second edge device of the cluster is operating as the head node. In response, the first edge device may forward the request to the second edge device, wherein forwarding the request to the second edge device causes the second request to be processed by the cluster.