Abstract: Transport Layer Security (TLS) connection establishment between a client and a server for a new session is enabled using an ephemeral (temporary) key pair. In response to a request, the server generates a temporary certificate by signing an ephemeral public key using the server's private key. A certificate chain comprising at least the temporary certificate that includes the ephemeral public key, together with a server certificate, is output to the client by the server, which acts as a subordinate Certificate Authority. The client validates the certificates, generates a session key and outputs the session key wrapped by the ephemeral public key. To complete the connection establishment, the server applies the ephemeral private key to recover the session key derived at the client for the new session. The client and server thereafter use the session key to encrypt and decrypt data over the link. The ephemeral key pair is not reused.

Abstract: Systems, methods, and software for management of partitioned data storage spaces is provided herein. An exemplary method includes storing sets of structured data records among partitioned data storage spaces, with data fields of the structured data records correlated among the sets by relational associations. The method includes receiving a change action related to a selected structured data record, and responsive to the change action, scheduling execution of the change action in a reminder index. The method includes executing the change action according to at least scheduling indicated by the reminder index.

Abstract: Systems, methods, and software for management of partitioned data storage spaces is provided herein. An exemplary method includes storing sets of structured data records among partitioned data storage spaces, with data fields of the structured data records correlated among the sets by relational associations. The method includes receiving a change action related to a selected structured data record, and responsive to the change action, scheduling execution of the change action in a reminder index. The method includes executing the change action according to at least scheduling indicated by the reminder index.

Abstract: Retrieving stored data using a web service is provided. An access request from a user account may be received at a web service via a proxy. The web service may decode information received in the access request. The web service may then authorize the user account utilizing the decoded information. The web service may then determine a request type based on the access request. The web service may then send a response based on the determined request type, which is based on data retrieved from a data store.

Abstract: Retrieving stored data using a web service is provided. An access request from a user account may be received at a web service via a proxy. The web service may decode information received in the access request. The web service may then authorize the user account utilizing the decoded information. The web service may then determine a request type based on the access request. The web service may then send a response based on the determined request type, which is based on data retrieved from a data store.