Abstract: A method, system, and program product for controlling power associated with connectivity between devices is provided. The method includes scheduling a copy function associated with copying data from a production hardware device to a secure hardware device at a specified time period. A first hardware connection between the production hardware device and a production network associated with the production hardware device is disabled during the specified time period and a second hardware connection between the production hardware device and the secure hardware device is enabled. A subsequent copy function is enabled for copying the data from the production hardware device to the secure hardware device. The second hardware connection between the production hardware device and the secure hardware device is disabled after the copy function has completed. In response, the first hardware connection between the production hardware device and the production network is enabled.

Abstract: In some embodiments, a processor may store a value and a hash of the value in a ledger associated with a blockchain network. The processor may construct a block hash from the hash of the value. The processor may validate a transaction by identifying that the hash of the value matches the hash of the value from a previous transaction. The processor may maintain integrity of the block hash. In some embodiments, a processor may provide a redact transaction for a blockchain network. The processor may initialize the redact transaction. The redact transaction may be associated with a validated transaction. The processor may identify a hash value indicated within the redact transaction and associated with the validated transaction. The processor may redact a value associated with the hash value.

Abstract: In a method for enabling a message receive end to quickly confirm a certificate status, a defined field of a certificate includes classification information of the certificate, and a defined field of a certificate revocation list includes classification information of a revoked certificate, so that the receive end can quickly narrow a searching or matching range in massive records of the certificate revocation list based on the classification information carried in the certificate of a transmit end.

Abstract: The method provides for dynamic retrieval of certificates, with remote, secure, and scalable lifecycle management. It enables importing, creating, renewing, rekeying, and retrieving leaf certificates and associated private keys, assigning to registered devices, and acquiring by applications executing on registered devices with device two-factor authentication. It is an agentless method to achieve device protection, application security, and data protection with data authenticity and confidentiality in intra-device, inter-device, device-to-edge, and device-to-cloud secure communications. It helps Transport Layer Security and Internet Key Exchange enabled applications retrieve leaf certificates and the associated private key, and verify certificates, programmatically for certificate-based authentication during protocol handshake, with policy-based authorization of trusted applications.

Abstract: A method is disclosed. The method comprises receiving, by an identity network computer, a query set including a plurality of test identity attributes. After receiving the query set, the identity network computer may retrieve derivatives of identity attributes associated with a user, and an encrypted trapdoor, then compute an obscured query set using the query set, and optionally the derivatives of identity attributes. The identity network computer may transmit the obscured query set (i) and the encrypted trapdoor to a user device associated with the user, which generates and transmits a first modified trapdoor and the obscured query set to a relying party computer, or (ii) and a second modified trapdoor to the relying party computer. The relying party computer may thereafter use the obscured query set, and the first modified trapdoor or the second modified trapdoor, to determine if the identity attributes is a member of the query set.

Abstract: Systems, methods, and computer program products are disclosed in regard to cryptographic containers or other on-chain modules. Some variants concern responding to on-chain metadata linkage disruption. Some concern confirming speculative on-chain module linkages. Some concern autonomy enhancement based on user-activity-related attributes. Some concern zero-knowledge proofs based on speculative on-chain module linkages. Some concern user-configurable privacy management or various considerations of efficiency or security.

Abstract: The present disclosure discloses an electric border gateway device which adopts the blockchain technology to implement communication authentication and data transmission encryption at the gateway. As a device for sinking and processing local information, the border gateway device may build not only a local blockchain network with a variety of local electric sensing terminal devices, but also a regional blockchain network with other border gateways and electric management platforms. As a critical node of these two types of blockchain, the border gateway may enable the authentication of identity legality between electric sensing terminal devices, the critical data storage in the blockchain ledger, the deployment and implementation of blockchain transaction by control and coordinated functions, and the safe and reliable data interaction. The present disclosure also discloses a method for chaining and storage of sensing data based on the electric border gateway device.

Abstract: A talking head digital identity immutable dual authentication method, comprising: publishing a talking head show, downloading talking head file, talking head show file, and signature files for each from a server into a playback device; downloading respective talking head hash and talking head show hashes from a blockchain into the playback device; using a talking head and talking head show public key to validate talking head and talking head show signatures; determining whether the talking head and talking head show signatures are correct, and if correct, a talking head hash and a talking head show hash are calculated and checked against respective hashes downloaded from the blockchain; if the calculated talking head hash and the calculated talking head show hash of the files from the server and the hashes of the talking head and talking head show from the blockchain match, respectively, then playback of the talking head show plays.

Abstract: Techniques for privacy-preserving contact tracing are disclosed, including: generating, by a first user device, a first proximity token for contact tracing; receiving, by the first user device, a second proximity token from a second user device; generating, by the first user device, a hash based on the first proximity token and the second proximity token; generating, by the first user device using a prover function of a preprocessing zero knowledge succinct non-interactive argument of knowledge (pp-zk-SNARK), a cryptographic proof attesting that an individual associated with the first user device tested positive for a pathogen; and transmitting, by the first user device, publicly verifiable exposure data including at least the cryptographic proof and the hash to a public registry.

Abstract: A method for authentication using location correlation is disclosed. The method includes determining geographic zones and zone identifiers associated with a location of a mobile communication device. Later, transaction data is received and a zone identifier is determined from that transaction data. If the zone identifier matches one of the previously determined zone identifiers, then a match indicator is sent to an authorizing entity computer system or the transaction may be allowed to proceed.

Abstract: A processor may segment a media key block into two or more subsets. Each of the two or more subsets may be respectively associated with a particular group of receivers, and each receiver of the particular group of receivers may be in a blockchain network. The processor may receive, from a first receiver, a request for permission to process the media key block. The processor may identify which of the two or more subsets that the first receiver is associated. The processor may provide a media key block value to the first receiver.

Abstract: The computer-implemented method for processing sets of data for storing and keeping track of the same in a specific network implements a Sparsed Merkle tree. The method includes dividing at least one of the hash values into multiple sections of rim-keys of a given bit-width; and determining leave rim-keys being archive leaves of the Sparsed Merkle tree, and parent rim keys supporting the creation of a subtree.

Abstract: Described are techniques for generating and employing decentralized asset identifiers for cross-blockchain network asset transfers, the techniques including registering a decentralized asset identifier to an asset with a local asset identifier, where the decentralized asset identifier is immutable. The techniques further include endorsing a proposed transaction for transferring the asset from a first controller associated with a first blockchain network to a second controller associated with a second blockchain network, where the proposed transaction utilizes the decentralized asset identifier. The techniques further include exchanging, in a document associated with the decentralized asset identifier and retrieved from an identity network, the first controller for the second controller.

Abstract: A method to secure boot an electronic device is disclosed according to some embodiments. The method includes receiving a request to initiate a boot sequence using memory content stored in a non-volatile memory circuit. A secure boot circuit receives verification data from the non-volatile memory circuit indicating the memory content. The verification data includes an error correction code for the memory content without including all of the memory content. A cryptographic hashing operation is performed to the error correction code in the secure boot circuit to obtain a digest of the error correction code. The digest is compared with a pre-stored reference digest to generate a verification signal. The verification signal is provided to the electronic device indicating whether the boot sequence passes the verification.

Abstract: A blockchain-based platform system for interworking with one machine-to-machine (oneM2M) and lightweight machine-to-machine (LWM2M) and a method of implementing a blockchain-based platform are provided. The blockchain-based platform system for interworking with oneM2M and LWM2M includes a hyperledger fabric network configured to validate chaincode called in association with a first client application and generate an event in association with the validated chaincode, and a fabric bridge gateway configured to perform interworking with an LWM2M protocol and a oneM2M platform by transmitting a request or a response corresponding to the event to a second client application.

Abstract: Embodiments of the present invention provide a system for secure communication of information that may be used to authorize communications or transfer of resources by use of an intelligent resource instrument with embedded tactile or audio feedback mechanism. The provided systems, methods, and computer program products are designed to select and generate stimulus information, simultaneously record EEG readings for a user, and use this information to verify user identity. Upon verification of user identity, the intelligent resource instrument may be activated for use in a resource transfer.

Abstract: Methods and compositions for decentralized systems for mitigating climate change are provided. In some embodiments, the compositions comprise: one or more first servers operable to store a plurality of first tokens, wherein each one of the plurality of first tokens is associated with fiscal value; one or more second servers operable to store a plurality of second tokens, wherein each one of the plurality of second tokens corresponds to a unit of voting power; one or more project developer nodes operable to transmit project data corresponding to renewable energy or carbon sequestration; one or more auditor nodes operable to verify an identity, validate credentials, perform a project assessment, generate a smart contract, receive signals, and transmit signals; and one or more steward nodes, wherein each one of the one or more steward nodes is operable to stake tokens for voting power and to distribute voting power.

Abstract: A method for blockchain-based time stamping for digital signature is disclosed. The method includes two participants: a signer who signs a message, a verifier who verifies the message. In the method, the signer obtains hash values of a certain number of latest confirmed blocks in blockchain, binds these hash values and the message together to be a new message. The signer then generates a signature of the new message and inserts identification data of this signature and the new message into a transaction of blockchain. This method ensures that the generation time of the signature is prior to the generation time of the block which contains the signature and, at the same time, is after the generation time of the blocks whose hash values are included in the signature, which produces an accurate time interval for the digital signature.

Abstract: In one aspect, a computerized method for digitally tracking ownership of goods with a blockchain includes the steps of providing a blockchain. The blockchain includes a set of blockchain ownership records provided in a chronological mathematical proof format such that specified data exists in a specific chronological order. The method includes the step of saving a smart contract that references a real-world object in the blockchain. The smart contract includes a tool for tracking ownership of the real-world object. With a computer application, the method enables an owner of the real-world object to modify an owner data portion of the smart contract to a new owner entity to change the ownership of the real-world object in the blockchain. The method includes the step of updating the owner data portion of the smart contract in the blockchain to include the new owner entity.

Abstract: A multi-factor identification system is provided in which enrolled user authentication information is updated in the course of an authorization request based upon at least one of a confidence level of a match between a request first factor identifier, produced based upon first unique user identifying information received with the authentication request, and a respective matching enrolled first factor identifier and a confidence level of a match between a request second factor identifier, produced based upon second unique user identifying information received with the authentication request, and a respective matching enrolled second factor identifier.