Abstract: A block chain defining authority and access to confidential data may not be encrypted, and the access to the block chain can be regulated by the block chain itself and an access control server operating in an enterprise information technology (IT) environment. To incorporate authority defined in multiple sources, such as the block chain and the access control server, a token can be created containing multiple layers of permissions, i.e. constraints, coming from multiple sources. Each additional permission attenuates the authority granted by the token. When a processor controlling the access to the block chain receives the token, the processor can check the validity of the token and the authority granted by the token to determine whether the requester is authorized to access at least a portion of the block chain.

Abstract: The system obtains a first acyclic graph including multiple nodes and edges connecting the multiple nodes. A process to create a weave of the first acyclic graph produces a matching weave when executed on the first acyclic graph by different computing devices. An addition of a node to the first acyclic graph produces a second acyclic graph. The addition of the node to the first acyclic graph changes the weave of the first acyclic graph. The system obtains a process to reach a global consensus among the multiple computing devices. The process indicates a criterion to satisfy prior to reaching the global consensus and determines whether the multiple computing devices in the network satisfy the criterion. Upon determining that the criterion is satisfied, the system adds a finalize node to the first acyclic graph to obtain a third acyclic graph. A weave of the third acyclic graph cannot change.

Abstract: The system obtains an acyclic graph including multiple nodes and edges. An edge indicates a parent node and a child node to be included in a weave indicating a linear order of the multiple nodes. The parent node occurs before the child node in the weave. The acyclic graph includes a branch node having a first and a second child node that do not have a parent-child relationship indicating the weave. The system orders the multiple nodes in the acyclic graph by ordering a portion of the multiple nodes according to a portion of the multiple edges. The system orders the first child node and the second child node by obtaining a first priority associated with the first child node and a second priority associated with the second child node and, based on the first and second priority, creating the weave by ordering the first and second child node.

Abstract: A conflict-free method of independently governing user authority across one or more devices includes managing user and device authority without the use of a centralized server. The conflict-free method utilizes a conflict-free replicated data type (CRDT) which resolves potential conflicts between merging linear sequences. A first linear sequence at a first electronic device merges with a second linear sequence at a second electronic device. The first linear sequence and the second linear sequence are different due to independent processes performed on devices that are not connected via a network at some point in time. Potential conflicts between the first linear sequence and the second linear sequence are resolved in accordance with CRDTs.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.

Abstract: Disclosed is a system and method to create an encrypted file system on a block chain. The system creates the block chain controlling an access to the encrypted file system. The block chain defines a user permission to access at least a portion of the encrypted file system. The system creates the encrypted file system by recording a unique file ID in the block chain, where the unique file ID stores a chunk index including memory locations of multiple chunks storing portions of a file in the encrypted file system. The system encrypts the file using a channel session key and a file encryption key. The channel session key includes a cryptographic key computed based on information known to users granted at least a temporary access to the file, and the file encryption key includes a cryptographic key used to encrypt each file in the encrypted file system.

Abstract: A block chain defining authority and access to confidential data may not be encrypted, and the access to the block chain can be regulated by the block chain itself and an access control server operating in an enterprise information technology (IT) environment. To incorporate authority defined in multiple sources, such as the block chain and the access control server, a token can be created containing multiple layers of permissions, i.e. constraints, coming from multiple sources. Each additional permission attenuates the authority granted by the token. When a processor controlling the access to the block chain receives the token, the processor can check the validity of the token and the authority granted by the token to determine whether the requester is authorized to access at least a portion of the block chain.

Abstract: A conflict-free method of independently governing user authority across one or more devices includes managing user and device authority without the use of a centralized server. The conflict-free method utilizes a conflict-free replicated data type (CRDT) which resolves potential conflicts between merging linear sequences. A first linear sequence at a first electronic device merges with a second linear sequence at a second electronic device. The first linear sequence and the second linear sequence are different due to independent processes performed on devices that are not connected via a network at some point in time. Potential conflicts between the first linear sequence and the second linear sequence are resolved in accordance with CRDTs.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.

Abstract: Disclosed is a system and method to create an encrypted file system on a block chain. The system creates the block chain controlling an access to the encrypted file system. The block chain defines a user permission to access at least a portion of the encrypted file system. The system creates the encrypted file system by recording a unique file ID in the block chain, where the unique file ID stores a chunk index including memory locations of multiple chunks storing portions of a file in the encrypted file system. The system encrypts the file using a channel session key and a file encryption key. The channel session key includes a cryptographic key computed based on information known to users granted at least a temporary access to the file, and the file encryption key includes a cryptographic key used to encrypt each file in the encrypted file system.

Abstract: A block chain defining authority and access to confidential data may not be encrypted, and the access to the block chain can be regulated by the block chain itself and an access control server operating in an enterprise information technology (IT) environment. To incorporate authority defined in multiple sources, such as the block chain and the access control server, a token can be created containing multiple layers of permissions, i.e. constraints, coming from multiple sources. Each additional permission attenuates the authority granted by the token. When a processor controlling the access to the block chain receives the token, the processor can check the validity of the token and the authority granted by the token to determine whether the requester is authorized to access at least a portion of the block chain.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.

Abstract: Disclosed is a system to efficiently compute validity of a block chain controlling access to an encrypted data. The block chain defines user permissions to access the encrypted data. The system creates a computational checkpoint proving a validity of the block chain based on the user permissions defined in the block chain. The system performs an expensive computation from an initial block in the block chain to a last block in the block chain, wherein the expensive computation validates each block between the initial block and the last block. The system creates a proof of the validity of the block chain based on the expensive computation and stores the proof after the last block in the block chain. The system can provide the proof of the validity, without performing the expensive computation, where verifying the proof is at least ten times faster than the expensive computation.

Abstract: Presented here is a system to enable secure communication between a first and a second communicator on a communication channel. The system can use multiple rotating cryptographic keys that are rotating according to a predetermined schedule to encrypt the communication between the first and the second communicator. The system can record the authority associated with the communication channel on a block chain. To determine whether the first and the second communicator have the authority to access the communication channel, the system can compute the authority of the first and the second communicator by checking the block chain from an initial block to a last block. The system can encrypt multiple communications sent via the communication channel using the multiple rotating cryptographic keys and can send the communications via the communication channel.

Abstract: Disclosed is a system and method to create an encrypted file system on a block chain. The system creates the block chain controlling an access to the encrypted file system. The block chain defines a user permission to access at least a portion of the encrypted file system. The system creates the encrypted file system by recording a unique file ID in the block chain, where the unique file ID stores a chunk index including memory locations of multiple chunks storing portions of a file in the encrypted file system. The system encrypts the file using a channel session key and a file encryption key. The channel session key includes a cryptographic key computed based on information known to users granted at least a temporary access to the file, and the file encryption key includes a cryptographic key used to encrypt each file in the encrypted file system.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.

Abstract: Disclosed is a system and method to create an encrypted file system on a block chain. The system creates the block chain controlling an access to the encrypted file system. The block chain defines a user permission to access at least a portion of the encrypted file system. The system creates the encrypted file system by recording a unique file ID in the block chain, where the unique file ID stores a chunk index including memory locations of multiple chunks storing portions of a file in the encrypted file system. The system encrypts the file using a channel session key and a file encryption key. The channel session key includes a cryptographic key computed based on information known to users granted at least a temporary access to the file, and the file encryption key includes a cryptographic key used to encrypt each file in the encrypted file system.

Abstract: Presented here is a system to enable secure communication between a first and a second communicator on a communication channel. The system can use multiple rotating cryptographic keys that are rotating according to a predetermined schedule to encrypt the communication between the first and the second communicator. The system can record the authority associated with the communication channel on a block chain. To determine whether the first and the second communicator have the authority to access the communication channel, the system can compute the authority of the first and the second communicator by checking the block chain from an initial block to a last block. The system can encrypt multiple communications sent via the communication channel using the multiple rotating cryptographic keys and can send the communications via the communication channel.

Abstract: Presented here is a system that manages secured file system, and an authority to the secured file system, by granting access only to a user who is authorized to access the file system. The user within the system is identified using a unique key unique to each user. The user's authority is recorded in a linear sequence distributed among multiple devices each of which independently verifies the validity of each block in the linear sequence. The validity of the linear sequence is guaranteed by preventing certain operations from being performed on the linear sequence, such as branching of the linear sequence, deletion, and modification of the blocks within the linear sequence. Prior to adding a new block to the linear sequence, the validity of the block is independently computed by each of the devices.