Abstract: A charging control method, performed by an electric vehicle supply equipment (EVSE), is provided. The method includes performing a charging session initiation procedure with an EV and calculating a session script hash associated with a charging session. A session access request is received from a user device and confirmed. Based on a result of the confirmation, session authentication is requested to the user device and a session script authentication value is received as a result of the session authentication from the user device. The method also includes determining whether to allow a user access to the charging session according to the session script authentication value.

Abstract: Provided is an information processing apparatus including a physical unclonable function (PUF) to generate a unique key using a process variation in a semiconductor manufacturing process, and an encryption unit to encrypt a password and/or bio-information received from a user using the unique key.

Abstract: A system and method is provided to allow access to centralized patient data captured from a medical device across an open network to a third party. The system and method receives the request based upon patient-specific information, checks the request and allows access if the request matches stored information.

Abstract: A system and method provide access to a remote resource locally by requesting content from an original address and receiving a first requested content and a first redirect uniform resource locator in response. The first redirect uniform resource locator reroutes the navigation from the original address requested to a redirect destination address that serves an access token. The system and method unlock access to a second application programming interface in response to validating the access token served by the redirect destination address and receives a second requested content and a second redirect uniform resource locator in response to transmitting the access token to the original address. The second redirect uniform resource locator transfers a user to an environment residing at an address different from the original address and the redirect destination address.

Abstract: Systems and methods for storing and recovering data for a device are described. In one embodiment, factory generated calibration data can be generated, sealed and restored securely even if two sensors in two different devices, such as a first ambient light sensor and a second ambient light sensor have the same sensor identifier. In one embodiment, a device transmits a database key to cause storage or recovery of the calibration data, and the database key includes a sensor identifier and a public cryptographic key of the device.

Abstract: A method for integrity protection scheme by a mobile communication device or a core network entity according to a first exemplary aspect of the present disclosure includes configuring settings and parameters for integrity protection for user data with another party; receiving user plane data from the other party, calculating Message Authentication Code for Integrity (MAC-I) for a part of the data and checking integrity of the part of the data.

Abstract: Embodiments of the invention relate to methods, apparatus and systems for biometric processes. The methods include updating stored ear model data for a user following successful authentication of the user. The ear model data may be acquired using a personal audio device that generates an acoustic stimulus and detects a measured response. The acquisition of the ear model data may be responsive to a determination that the personal audio device is inserted into or placed adjacent to the user's ear. The acquisition of the ear model data may also be responsive to the determination that the personal audio device has not been removed from or moved away from the user's ear.

Abstract: Disclosed is a computer-implemented method for establishing a secure connection between two electronic computing devices which are located in a network environment, the two electronic computing devices being a first computing device offering the connection and a second computing device designated to accept the connection, the method comprising executing, by at least one processor of at least one computer, a connection-establishing application for exchanging an information packet between the first computing device and the second computing device comprising a secret usable for establishing the connection, and evaluating a response from the second computing device for establishing the secure connection.

Abstract: A system that provides for the accessing and playing of media files having differing associated rights such as non-DRM media files, purchased and downloaded media files, subscription download files such as tethered downloads, and subscription streamed DRM files. The system also provides a method and user interface for sharing a media collection among computing devices in communication via a network. The system allows access and playback, from each computing device on a network, of all media files in a media collection, regardless of their associated rights.

Abstract: Systems and methods for periodically modifying data privacy elements are provided. The systems and methods may identify a set of data privacy elements. A data privacy element can characterizes a feature of a computing device and can be detectable by a network host. A first artificial profile can be generated by modifying a first data privacy element based on an artificial profile model that defines a relationship associated with one or more constraints between the set of data privacy elements. Subsequent to generating the first artificial profile, a second artificial profile can be generated by periodically modifying a second data privacy element in accordance with the relationship defined by the artificial profile model. The computer device can be masked from being identified by the network host by sending the second artificial profile including the second data privacy element to a requested network location.

Abstract: Methods, computer readable media, and devices for escrow of master keys and recovery of previously escrowed master keys may be disclosed. A method for escrow of master keys may include registering a root certificate authority (CA) within each of two first-party hardware security modules (HSMs), initializing each of three third-party HSMs as master escrow recovery devices, performing a bootstrap operation on an authoritative blockchain to generate three master keys, generating a first set of master key shard ciphertexts using a first one of the three master escrow recovery devices, a second set using a second one of the three master escrow recovery devices, and a third set using a third one of the three master escrow recovery devices, and storing the first, the second, and the third set of master key shard ciphertexts as opaque objects in each of the two first-party HSMs.

Abstract: The technology disclosed herein pertains to a method for mobile storage device registration to a management domain using a random token and a pin. In at least one implementation, a technology disclosed herein provides a method of authenticating a device on a system, the method including generating a random token, displaying the random token to a user, communicating the random token to an authentication system portal, in response the authentication system portal validating the random token receiving a PIN from the user, and communicating the PIN to the authentication system portal, and receiving a portal IP address and a certificate of authentication from the authentication system portal.

Abstract: Embodiments of the disclosure relate to methods, apparatus and systems for authentication of a user. The described embodiments relate to obtaining ear biometric data for a user to be authenticated. The ear biometric data comprises one or more features characteristic of the user's ear canal and an associated fit metric indicative of a positioning of a personal audio device relative to the user's ear canal, the personal audio device comprising a transducer for application of acoustic stimulus to the user's ear to obtain the ear biometric data. The user may be identified as a particular authorised user based on one or more features and the associated fit metric.

Abstract: The invention discloses a method for managing communication authority based on multi-energy equipment data flow using digital twin and a system thereof, comprising the following steps: generating a unique permission code; Establishing a data flow interaction channel; utilizing a broadcast detection mechanism to periodically check the data flow communication authority based on the channel and continuously remove the data flow interaction channel that is expired and illegally authorized, thus to complete the data flow communication management. The present invention has the advantages that the management is more scientific, the algorithm is clearer, more efficient and safer, and the level is well arranged; the channel resource utilization rate is improved, filling the gap in the current stage of a method for managing communication authority based on multi-energy equipment data flow using digital twin and a system thereof, and ensuring the real-time mapping between physical entities and virtual images.

Abstract: Accessing and organizing data sets directly from a data warehouse including receiving, by a data analyzer, a request from a service provider client instructing the data analyzer to retrieve a data set from a service provider data warehouse, wherein the service provider client is a client of a service provider, and wherein the service provider data warehouse stores data sets for the service provider; retrieving, by the data analyzer, the data set directly from the service provider data warehouse using credentials provided by the service provider; selecting, by the data analyzer, a worksheet template based on the service provider; organizing, by the data analyzer, the data set into a worksheet based on the worksheet template; and presenting, by the data analyzer to the service provider client, the worksheet comprising the data set.

Abstract: A security device provisioning hub, including: a memory; and a processor configured to: receive a first secret token from a device manufacturer, wherein the first secret token is associated with a first service; receive a second secret token from a customer device having a security chip; verify that the first secret token and the second secret token are the same; and provide to the customer device access credentials to the first service.

Abstract: System and techniques for multi-tenant cryptographic memory isolation are described herein. A multiple key total memory encryption (MKTME) circuitry may receive a read request for encrypted memory. Here, the read request may include an encrypted memory address that itself includes a sequence of keyid bits and physical address bits. The MKTME circuitry may retrieve a keyid-nonce from a key table using the keyid bits. The MKTME circuitry may construct a tweak from the keyid-nonce, the keyid bits, and the physical address bits. The MKTME circuitry may then decrypt data specified by the read request using the tweak and a common key.

Abstract: Techniques are described with respect to facilitating password creation via a secure device in a defined corporate environment. An associated method includes receiving an authentication request associated with an authorized client of a client system in the defined corporate environment and initializing the secure device with respect to the client system responsive to validating the authentication request. The method further includes creating a password for the client system in compliance with policy criteria associated with the defined corporate environment, encrypting the password, and distributing the password via at least one predetermined technique. In an embodiment, the method further includes creating access control credentials for the client system in compliance with the policy criteria associated with the defined corporate environment.

Abstract: The present invention puts forward a personal electronic access permission (Figure B, 31) that can both check on the customer's identity (Figure A, step 2) and right to access an event/venue in one scanning event, and address the unwanted secondary market, still enabling a customer (Figure D, 5) to sell back an electronic access permission to the system (Figure D, I) in case the customer is not able to attend the event.

Abstract: A computerized method of the invention includes software having instructions loaded on a computer system including a database populated with item information associated with owner, leasee and/or lien holder information. The CPU executes the instructions for, in a first step, registering user, in a second step, associating items and, in a third step, making registered item information available for updating and interrogation by users with the requisite permissions.