Abstract: A system and method for establishing trust between management entities with different authentication mechanisms in a computing system utilizes a token exchange service to acquire a second security token used in a second management entity in exchange for a first security token used in a first management entity. In an embodiment, an endpoint is set at the first management entity as an authentication endpoint for the second management entity, which is used to authenticate a request with the second security token that is sent from the first management entity to the second management entity. After authentication, the request is processed at the second management entity and a response is transmitted to the first management entity.

Abstract: An apparatus includes a memory to store subscription data for access to a network, the subscription data including at least terms and conditions information for the network; circuitry linked to the memory; and a connection component for execution on the circuitry to identify an access point connected to the network and automatically forward at least a portion of the subscription data to the identified access point in an association message. Other embodiments are disclosed and claimed.

Abstract: A device may receive, from a network device, a user equipment (UE) parameter update request notification indicating an update to a UE parameter of a universal subscriber identity module (USIM), and may generate an encrypted UE parameter update request. The device may cause the encrypted UE parameter update request to be provided to the USIM to cause the USIM to update the UE parameter and to generate an encrypted UE parameter update response. The device may receive, from the network device, the encrypted UE parameter update response, and may verify an authenticity of content of the encrypted UE parameter update response based on whether the encrypted UE parameter update response is signed by the USIM. The device may provide, to the network device, a result indicating whether the UE parameter is updated and whether the authenticity of the content of the encrypted UE parameter update response is verified.

Abstract: A user equipment (UE) may update multicast-broadcast key for securing a data session for a multicast or broadcast service. The UE may receive a multicast-broadcast key for the for a multicast or broadcast service carried by a radio bearer (RB) associated with the data session. The UE may receive packets for the multicast or broadcast service. The UE may decode the packets using the multicast-broadcast key, or a key derived from the multicast-broadcast key. The UE may receive an updated multicast-broadcast key for the multicast or broadcast service. The UE may decode the packets for the multicast or broadcast service received on the RB using the updated multicast-broadcast key, or a key derived from the updated multicast-broadcast key.

Abstract: A terminal includes: a communicator that wirelessly performs encrypted communication with an access point; a processor; and a memory that stores at least one program executed by the processor and a key management table for storing a group key for the encrypted communication. The processor performs: acquiring the group key from the access point and storing the group key acquired in the key management table as a first group key; receiving a broadcast packet encrypted by the access point via the communicator; making a first determination as to whether the broadcast packet received is decryptable by using the first group key; and when it is determined, in the first determination, that the broadcast packet is not decryptable by using the first group key, generating information indicating that the first group key needs to be updated.

Abstract: Apparatus, system, methods, and articles of manufacture are disclosed to identify media using hash keys. An example system includes a hybrid hash key analyzer to access a metered hash key of an exposure record obtained from a meter, access reference records representative of respective portions of a plurality of media, and determine reference confirmation data candidates from respective ones of the reference records that include hash keys matching the metered hash key. The example system includes an impression logger to, when first confirmation data associated with the exposure record matches one of the reference confirmation data candidates, store an impression record that associates the media identification data associated with the matching one of the reference confirmation data candidates with a meter identifier of the exposure record. The impression logger also is to credit at least a portion of the media corresponding to the media identification data with an exposure credit.

Abstract: In certain embodiments, a service provider provides both wireless communication services to a wireless device and access to a network server associated with an application running on the wireless device. Network infrastructure of the service provider stores registration information about the wireless device in a provider database, receives from the wireless device an initial request for the application to access the network infrastructure, wherein the initial request includes device ID information identifying the wireless device but not explicit authentication information about a user of the wireless device, uses the device information to access the provider database to determine that the wireless device is registered, and transmits to the wireless device permission for the application to access the network infrastructure, thereby enabling the user to access the network infrastructure without having to provide explicit authentication information such as username and password.

Abstract: Particular embodiments described herein provide for a network element that can be configured to receive, from an electronic device, a request to access a network service. In response to the request, the network element can send data related to the network service to the electronic device and add a test link to the data related to the network service. The network element can also be configured to determine if the test link was successfully executed and classify the electronic device as untrusted if the test link was not successfully executed.

Abstract: A method may include retrieving, by one or more processors of an industrial automation component, one or more parameters from a configuration file stored in a memory of the industrial automation component and one or more additional parameters from a vendor certificate stored in the memory. The vendor certificate is cryptographically signed by an entity. The method may also include determining, by the processors, whether the parameters from the configuration file match the additional parameters from the vendor certificate, and in response to determining that the parameters from the configuration file do not match the additional parameters from the vendor certificate, transmitting, by the processors, an indication that the industrial automation component is an unauthorized component to a display device for display, disabling the industrial automation component, or both.

Abstract: To provide a structure capable of performing more secure authentication between devices. There is provided a processing device comprising: a processing unit that executes a defined process that is defined in advance according to an input first request, executes calculation using first information included in the first request, and transmits a first response including a result of the calculation to a first device having output the first request, wherein the processing unit transmits a second request including second information different from the first information to at least one second device different from the first device, and acquires a second response including a result of calculation using the second information from the at least one second device.

Abstract: The present disclosure relates to a method of fault detection in an application, by an electronic circuit, of a first function to a message, including the steps of generating, from the message, a non-zero even number N of different first sets, each including P shares; applying, to the P shares of each first set, one or a plurality of second functions delivering, for each first set, a second set including Q images; and cumulating all the images, starting with at most Q-1 images selected from among the Q images of a same second set.

Abstract: A method for generating a dynamic username includes receiving a static component of a dynamic username and a selection of a dynamic parameter component of the dynamic username from a user. The static component and the selected dynamic parameter component are combined in a predetermined order, based on a user selected option. The dynamic username is produced from the combined static component and the selected dynamic parameter component based on the predetermined order. A rule for producing the dynamic username is generated. The rule defines the predetermined order of the static component and the selected dynamic parameter component. The static component and the rule are stored in a credential database with the rule being associated with the static component.

Abstract: An integrated circuit including an input terminal and an output terminal, signal generator circuitry that generates a pseudo-random digital signal provided at the output terminal, and comparator circuitry that compares an input signal received via the input terminal with the pseudo-random digital signal for providing a tamper detection signal indicative thereof. The signal generator circuitry may be a pseudo-random binary sequence generator or may be a linear-feedback shift register with software triggered reloading. The comparator circuitry may include a Boolean logic exclusive-OR gate for comparing the output and input signals. A method of detecting tampering including generating and providing a pseudo-random digital signal at an output terminal and comparing an input signal received via an input terminal with the pseudo-random digital signal for providing a tamper detection signal indicative thereof.

Abstract: The present disclosure relates exposure notification, and in particular to techniques for verification of positive test results from public health authorities where individuals submit notice using public health approved mobile applications for exposure notification and/or contact tracing. When an individual attempts to submit a positive test result notification in a mobile application, the associated device's mobile number will be requested. This mobile number will then be sent a verification code to be entered in the application. At this point, these codes shall be stored digitally in escrow. A regular data feed from a health authority shall be provided that shall include an agreed encryption (irreversibly encrypted or reversibly encrypted) of the mobile numbers associated with any reported test. Any results submitted in the application that have a matching encryption of the mobile numbers shall be released from the escrow for subsequent notification.

Abstract: An article management system collects articles from different sources, processes each article to extract information about the article (such as the topics covered in the article), and stores the information in one or more knowledge graphs. The system also maintains user profiles for each of its users. Each user profile includes a user genome representing the user's interests and preferences. The information in the knowledge graphs can be used to select articles to be displayed to users of the article management system. Articles can be displayed as part of the search results for an associated topic or concept, as part of a personalized feed that is generated based on the data in a user's profile, or as part of a feature that displays multiple articles that cover a given topic from multiple different viewpoints. The system can also provide a platform for users to create and publish research collections.

Abstract: Methods, apparatuses, and computer program products are disclosed for providing verified application access. An example method includes an access request for a first user device associated with a first user profile and determining an application associated with the access request. The example method further includes generating an evaluation element that includes testable content associated with the determined application and determining of the evaluation element by the first user device. In response to completion of the evaluation element by the first user device, the method includes providing access to the application for the first user device. The method also may include modifying the testable content of the evaluation element based upon one or more user parameters of the first user profile received from a user parameter database.

Abstract: A management apparatus includes a memory, a unification policy setting unit, and a security level setting unit. The memory stores, for each of a user belonging to a first group and a user belonging to a second group, an authentication level of a domain assigned to a corresponding one of the users. The unification policy setting unit sets a unification policy that specifies a relationship between the authentication level and a security level for a state after unification. The security level setting unit sets the security level in a case where the first group and the second group undergo the unification into a third group. The security level is set for each of the users belonging to the third group by using the authentication level and the unification policy.

Abstract: A system and method allows a user to register one or more PINs on one or more user devices, and then authenticates the user to a server via the PIN and a token deposited on the user device being used by the user to allow access to an application on the user device. Individual tokens, or all tokens deposited on the user devices for a user account, may be invalidated, and the user is prevented from authenticating himself or herself via a PIN to allow access to an application on any device for which the last token deposited was invalidated, until the same or different PIN is registered for that device.

Abstract: A system and method generate private keys for devices participating in a self-certified identity based encryption scheme. A private key is used by the devices to establish a common session key for encoding digital communications between devices.

Abstract: Systems, methods, apparatus, and articles of manufacture to facilitate configuration and naming of a multimedia playback device on a local playback network are disclosed. An example method includes identifying and analyzing local network topology to identify playback device(s) connected to the network at location(s). The example method includes analyzing a playback device to be added and comparing the playback device to be added to the playback device(s) already connected to the network. The example method includes displaying available option(s) to name the playback device to be added based on the analysis of the network, the already connected playback device(s) and the playback device to be added to the network. The example method includes naming the playback device to be added based on a selected available option.