Abstract: A device implementing a system for device-relationship based communication includes at least one processor configured to establish, by a first device associated with a first user, a secure communication channel with a second device associated with a second user via a direct wireless connection. The at least one processor is configured to transmit, over the secure communication channel, first device-identifying information to the second device, and receive, over the secure communication channel, second device-identifying information from the second device. The at least one processor is configured to establish a particular type of relationship with the second device, store the second device-identifying information in association with an indication of the particular type of relationship established with the second device, and transmit, to the second device and over the secure communication channel, the indication of the particular type of relationship established with the second device.

Abstract: Systems and methods that may implement an Oracle-aided protocol for producing and using FHE encrypted data. The systems and methods may initially encrypt and store input data in one encrypted form that is not performed using FHE, which does not substantially increase the size of the data and storage resources required to store the encrypted data. In accordance with the Oracle-aided protocol, the encrypted data is re-encrypted as FHE encrypted data when FHE encrypted data is required.

Abstract: A system and method for enabling two-way communication between a residents of a secure facility (inmate, patient, suspect, etc.) and outside parties shares a limited number of telephone numbers (ANIs) by creating distinct communication channels using other data in addition to the shared ANIs.

Abstract: An interactive multi-party system for collaboratively performing homomorphic operations, such that no party has access to unencrypted data or an unencrypted operator. A first party device may add noise to encrypted data and an encrypted linear operator to generate noisy encrypted data and a noisy encrypted operator, and transmit the noisy encrypted data and operator to a second party device possessing a secret decryption key for the encryption. The second party device may decrypt the noisy encrypted data and noisy encrypted operator to generate unencrypted noisy data and an unencrypted noisy operator, solve the linear operation using the unencrypted noisy data and an unencrypted noisy operator to generate a noisy solution, encrypt the noisy solution to the linear operation, and transmit it to the first party device. The first party device may then cancel the noise of the encrypted noisy solution to generate the encrypted solution to the linear operation.

Abstract: According to one aspect of the present invention, an information processing apparatus includes a determination unit that determines whether an identifier extracted from a one-way communication packet received from a sensor includes a first value indicating another information processing apparatus as a legitimate destination, a second value indicating a user different from a user of the information processing apparatus as the legitimate destination, or a third value indicating a sensor different from a sensor associated with the information processing apparatus as an origination, and a transmission unit that transmits, to a server, a second packet in which the first, the second, or the third value is stored, if the identifier includes the first, the second, or the third value.

Abstract: Adaptive network security policies can be selected by assigning a number of risk values to security intelligence associated with network traffic, and identifying a number of security policies to implement based on the risk values.

Abstract: A communications apparatus includes a transceiver and a processor. The processor is configured to perform operations comprising: performing a Non Access Stratum (NAS) security mode command procedure to derive a set of NAS key(s); transmitting a NAS security mode complete message to a network device for informing that the NAS security mode command procedure is complete; receiving an RRCReconfiguration message indicating derivation of a set of Access Stratum (AS) keys from the network device when an acknowledge message associated with the NAS security mode complete message has not been received; and performing a NAS procedure to communicate with the network device by using the set of NAS key(s).

Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.

Abstract: A security system that provides for secure communication between systems on a network without the need for encrypting the packets related to the communication, and thus, provides secure communications over the network without the processing capacity, memory, and/or processing delays caused by encryption of the packets. The disclosure aids in preventing rogue systems from being able to read communications over the network without the need for encryption. The packets for the communications are sent over the network in clear text, which are readable by any systems on the network, however, only the systems that are authorized are able to determine what packets are the correct packets and what packets are the imitation packets.

Abstract: Licenses to software services are assigned automatically to users as a function of one or more user attributes. An attribute can include membership in a group such as a license group or a security group, among other things such as location. License assignments can also be retracted automatically upon changes in one or more user attributes.

Abstract: Methods and apparatus are disclosed for facilitating online storage of files (e.g., audio tracks, video, etc.) for playback/access or sale/exchange by the owners of the files without violating copyrights that copyright holders have in the files. For example, by providing a playback service that does not store additional versions of an audio file when the file is transmitted to, and immediately played on, a user device without buffering, the present invention avoids violating copyright laws by not making copies of the file. Numerous other aspects are disclosed.

Abstract: A medical device with limited computational capability includes medical hardware, a first register to store a static, substantially unique identifier of the medical device, a second register to store a static encryption key, an interface to receive and transmit data over a short-range communication link, and processing hardware. The processing hardware is configured to apply the static encryption key to the identifier of the medical device to generate an encrypted identifier, transmit the encrypted identifier of to another device via the interface, receive an encrypted identifier of the other device, decrypt the encrypted identifier of the other device using the static encryption key to determine an identifier of the other device, generate a dynamic encryption key using the identifier of the medical device and the identifier of the other device, and apply the dynamic encryption key to medical data transmitted between the medical device and the other device.

Abstract: A system and method for performing licensing monitoring and compliance within a service provider platform are provided. The system comprises a memory and a processor configured to execute instructions stored within the memory. The system further comprises a central instance that executes on the processor and comprises a license repository containing licensing data for application components. The system further comprises a customer instance that includes a third-party application component installed within the customer instance from an application store. The system further includes a licensing module. The third-party application component is switchable between a monitor mode in which the licensing module reports usage of the third-party application component to the central instance and an enforcement mode in which the usage is controlled on the customer instance based on the license repository.

Abstract: The methods, systems, and computer readable media discussed herein are directed to enabling a fifth generation cellular-wireless access technology (5G) user equipment (UE) to receive 5G service using a fourth generation cellular-wireless access technology (4G) subscriber identity module (SIM). Upon powering on, the 5G UE may determine whether a mobile network operator (MNO) public key file exists in the 4G SIM. Upon determining that the MNO public key file exists in the 4G SIM, the 5G UE may retrieve a MNO public key value from the MNO public key file, read a subscription permanent identifier (SUPI) from the 4G SIM, generate a subscription concealed identifier (SUCI) based on the SUPI and the MNO public key value, send the SUCI to a 5G mobile network for registering the 5G UE, and begin receiving 5G services from the 5G mobile network.

Abstract: In an aspect, a wireless communication between a transmitter and a receiver involves determining updated keys according to a key management process for MAC layer encryption. Such key is propagated to a transmitter MAC and though a receiver key management process to a receiver MAC. After a delay, transmitter MAC device begins using the updated key, instead of a prior key, for payload encryption. Receiver MAC continues to use the prior key until a packet that was accurately received fails a message integrity/authentication check. Then, the receiver MAC swaps in the updated key and continues to process received packets. The packet data that failed the message integrity check is discarded. Transmitter MAC retries the failed packet at a later time, and if the packet was accurately received and was encrypted by the transmitter MAC using the updated key, then the receiver will determine that the message is authentic and will receive it and acknowledge it.

Abstract: A messaging system interacts with the messaging applications of customer, admin, and agent clients to support encrypted communications among customers and businesses. To register as an agent of the business, an agent client sends registration information to the messaging system and receives a barcode in response. The messaging system validates information about the barcode received from the admin client and sends a validation code to the admin client. The admin client displays the validation code, and the validation code is entered into the agent client. The admin client generates a membership list including an agent client identifier, digitally signs the membership list, and provides the signed membership list to the messaging system. When a customer messages the business, the messaging system forms a customer group using the signed membership list and distributes the message to the agent clients in the group.

Abstract: A management device installed in a vehicle includes a master key storing part configured to share the master key that is used to generate an initial key held by an ECU together with an identifier of the ECU; a communication part configured to communicate with the ECU; a key generation part configured to generate the initial key of the ECU by use of the master key stored on the master key storing part and the identifier of the ECU received from the ECU via the communication part; and an initial key storing part configured to store the initial key of the ECU that is generated by the key generation part in connection with the identifier of the ECU.

Abstract: A method at a primary communication device for participating in log-in of a secondary communication device where, upon recognizing a successful log-in of the primary communication device, a request for extended log-in to the secondary communication device is received from the secondary communication device. Instruction to initiate the requested extended log-in is transmitted to the secondary communication device. After having received physiological data, associated with the user of the secondary communication device, the first physiological data is compared with the physiological data provided from the secondary device for determining whether there is a match between the compared physiological data. In case of a match at least one credential is transmitted to the secondary communication device, whereas no credential is transmitted to the secondary device if no match is determined.

Abstract: The present invention is a system and method for the repeated, dynamic, and automated transformation and manipulation of strings of printable or typeable characters that are commonly used for passwords, PINs, keys, tokens, keys, encryption, and filenames forming a class of printable strings. The system and method described makes use of secured password “Hopping” to maximize data security and user's ease of implementation. “Hopping” refers to a method of automated random-password construction and serial substitution. The process of Hopping as described herein is based upon a set of user-selected transformation rules that employ, among other variables, easily accessible, time-variable, data as sources of randomized inputs. Use of randomized inputs and automated serial substitution at time intervals heightens the security of resulting generated passwords.

Abstract: A system described herein may use automated techniques to verify network connection integrity and provide visual indicators of connection validity or invalidity. The system may generate a unique identifier related to a user and/or web resource during an initial use. The unique identifier may be utilized to transform a secure image and store the transformed image. Upon subsequent use of the web resource, a visit identifier may be generated and utilized to perform an inverse transformation of the transformed image and display the result, where the resulting image will be the same as the secure image if the visit identifier matches the unique identifier.