Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to personalized secure communication session management, such as for virtual private networks (VPNs). In one embodiment, a user is authenticated at a client device to verify that the user is present at the client device and authorized to access one or more secured resources, and in response, a secure communication session is established for the client device to access the secured resources. At a later time during the secure communication session, it is determined whether the user is still authenticated at the client device, such that if so, access to the one or more secured resources is maintained on the secure communication session, or else access is restricted to the one or more secured resources (e.g., the session is terminated, or access is otherwise limited).

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: In one embodiment, the techniques herein are directed to receiving a reason for a call at a user device. For instance, an illustrative method herein may comprise: receiving, at an application on a recipient device of a user, information about a call to be made from an initiating device, the information having an outbound phone number of the call, a name of an organization of the initiating device, and a reason for the call; and configuring, by the application, a caller identification process on the recipient device to display, in response to receiving a subsequent call from the outbound phone number, the name of the organization and the reason for the call; wherein, in response to the initiating device calling the recipient device using the outbound phone number, the caller identification process on the recipient device displays the name of the organization and the reason for the call.

Abstract: In one embodiment, a method herein may comprise: receiving, at a first device, an encrypted private key of a second device encrypted using a public key of the first device, wherein the second device encrypts data into encrypted data using a public key of the second device and stored the encrypted data on a storage server: and decrypting, by the first device, a private key of the second device from the encrypted private key using a private key of the first device; and accessing, by the first device, the encrypted data on the storage server by utilizing the private key of die second device.

Abstract: In one embodiment, a method herein may comprise: receiving, at a first device, an encrypted private key of a second device encrypted using a public key of the first device, wherein the second device encrypted data into encrypted data using a public key of the second device and stored the encrypted data on a storage server; and decrypting, by the first device, a private key of the second device from the encrypted private key using a private key of the first device; and accessing, by the first device, the encrypted data on the storage server by utilizing the private key of the second device.

Abstract: In one embodiment, the techniques herein are directed to coordinating conveying a reason for a call from a user device. For instance, an illustrative method herein may comprise: receiving, at an intermediate service device, a message from a user device, the message informative of a second device to participate in a call with a user of the user device and a reason for the call; and conveying, from the intermediate service device, the user device, the user, and the reason for the call to the second device, wherein the second device initiates the call to the user device and is aware of the user and the reason for the call prior to initiating the call.

Abstract: In one embodiment, a method herein may comprise: identifying, by an initiating device of an organization, a user and a reason for a call to a recipient device of the user, the recipient device having an inbound phone number; informing an intermediate service about the call to the recipient device and the reason for the call, wherein the intermediate service coordinates with an application on the recipient device to inform the recipient device of the call, an outbound phone number of the call, a name of the organization, and the reason for the call; and calling, using the outbound phone number, the recipient device at the inbound phone number, wherein the application on the recipient device has configured a caller identification process on the recipient device to display, in response to receiving the call from the outbound phone number, the name of the organization and the reason for the call.

Abstract: In one embodiment, the techniques herein are directed to conveying a reason for a call from a user device. For instance, an illustrative method herein may comprise: determining, by a user device, a second device to participate in a call with a user of the user device and a reason for the call; transmitting, from the user device, a message to an intermediate service to inform the intermediate service about the second device, the user, and the reason for the call, wherein the intermediate service conveys the user and the reason for the call to the second device; and receiving, at the user device, the call initiated by the second device, wherein the second device is aware of the user and the reason for the call prior to initiating the call.

Abstract: In one embodiment, the techniques herein are directed to receiving a reason for a call from a user device. For instance, an illustrative method herein may comprise: receiving, by a particular device, an indication from an intermediate service that a user device requested that the particular device participate in a call with a user of the user device, the indication also including a reason for the call; determining, by the particular device, when the particular device is able to initiate the call; and initiating, by the particular device and in response to being able to initiate the call, the call to the user device, wherein the particular device is aware of the user and the reason for the call prior to initiating the call.

Abstract: In one embodiment, an intermediate service device: receives information about a call to be made from an initiating device to a recipient device of a user, the information including a reason for the call; and coordinates with an application on the recipient device to inform the recipient device of the call, an outbound phone number of the call, a name of an organization of the initiating device, and the reason for the call, wherein the application on the recipient device configures a caller identification process on the recipient device to display, in response to receiving a subsequent call from the outbound phone number, the name of the organization and the reason for the call.

Abstract: The techniques herein are directed generally to personalized secure communication session management, such as for virtual private networks (VPNs). In one embodiment, a user is authenticated at a client device to verify that the user is present at the client device and authorized to access one or more secured resources, and in response, a secure communication session is established for the client device to access the secured resources. At a later time during the secure communication session, it is determined whether the user is still authenticated at the client device, such that if so, access to the one or more secured resources is maintained on the secure communication session, or else access is restricted to the one or more secured resources (e.g., the session is terminated, or access is otherwise limited).

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to personalized secure communication session management, such as for virtual private networks (VPNs). In one embodiment, a user is authenticated at a client device to verify that the user is present at the client device and authorized to access one or more secured resources, and in response, a secure communication session is established for the client device to access the secured resources. At a later time during the secure communication session, it is determined whether the user is still authenticated at the client device, such that if so, access to the one or more secured resources is maintained on the secure communication session, or else access is restricted to the one or more secured resources (e.g., the session is terminated, or access is otherwise limited).