Abstract: A method of providing a cryptographic platform for exchanging information includes identifying a first information transaction stored within a blockchain sequence that provides a mathematically verifiable record of information transactions. The first information transaction includes a first information transaction identifier, associated with the first party such that the first information transaction identifier provides identification of the information transferred to the first party and stored within the blockchain, and a first information payload. The first information transaction is identified based on the first information transaction identifier, to provide a first information identifier that includes a hash of the first information payload.

Abstract: A process of triggering an Internet packet protocol against malware includes providing protocol trigger mechanisms configured to affect network access and data object access against malware, denial of service attacks, and distributed denial of service attacks, A multi-level security system is established with a cryptographically secure network channel, or another equivalent encrypted channel, and a second object of an encrypted document or data message that uses the secure network channel. The equivalent encrypted channel can be a Virtual Private Network tunnel (VPN) including MPPE/PPTP/CIPE/Open VPN, Secure Socket Layer (SSL), or IPSec tunnel.

Abstract: A cryptographic key split combiner includes a plurality of key split generators adapted to generate cryptographic key splits, a key split randomizer adapted to randomize the cryptographic key splits to produce a cryptographic key, and a digital signature generator. Each of the key split generators is adapted to generate key splits from seed data. The digital signature generator is adapted to generate a digital signature based on the cryptographic key. The digital signature generator can also be adapted to generate the digital signature based on a credential value. A process for forming cryptographic keys includes generating a plurality of cryptographic key splits from seed data. The cryptographic key splits are randomized to produce a cryptographic key. A digital signature is generated based on the cryptographic key. Generating a digital signature based on the cryptographic key can include generating the digital signature based on a credential value.

Abstract: A cryptographic key split combiner includes a plurality of key split generators adapted to generate cryptographic key splits, a key split randomizer adapted to randomize the cryptographic key splits to produce a cryptographic key, and a digital signature generator. Each of the key split generators is adapted to generate key splits from seed data. The digital signature generator is adapted to generate a digital signature based on the cryptographic key. The digital signature generator can also be adapted to generate the digital signature based on a credential value. A process for forming cryptographic keys includes generating a plurality of cryptographic key splits from seed data. The cryptographic key splits are randomized to produce a cryptographic key. A digital signature is generated based on the cryptographic key. Generating a digital signature based on the cryptographic key can include generating the digital signature based on a credential value.

Abstract: A container security device includes a housing, electronic circuitry, and cabling. The electronic circuitry is disposed within the housing, and includes first and second microprocessor functions and an interface for accepting and providing data. The cabling is removably coupled to the housing, provides the only communicative coupling between the first microprocessor function and the second microprocessor function, and is adapted to be attached to a container latch so as to break the communicative coupling if the latch is opened. The housing includes a port for the electronic circuitry interface. A method of providing container security includes closing a container using a latch device and removably coupling the cabling to the housing so that the communicative coupling is broken if the latch is opened., providing the only communicative coupling between the first microprocessor function and the second microprocessor function.

Abstract: Cryptographically converting raw data into a structured electronic document can include parsing the raw data to identify at least one raw data object. A target data object is selected from the raw data object(s). For each selected target data object, the target data object is encrypted according to a cryptographic scheme to create an encrypted data object. Each selected target data object is replaced with the respective encrypted data object, and is associated with markup data in a structured format for each respective encrypted data object, resulting in the structured electronic document. The format of the structured electronic document can be compliant with a formatting language, which can be a general-purpose or specific-purpose formatting language.

Abstract: A container security device includes a housing, electronic circuitry, and cabling. The electronic circuitry is disposed within the housing, and includes first and second microprocessor functions and an interface for accepting and providing data. The cabling is removably coupled to the housing, provides the only communicative coupling between the first microprocessor function and the second microprocessor function, and is adapted to be attached to a container latch so as to break the communicative coupling if the latch is opened. The housing includes a port for the electronic circuitry interface. A method of providing container security includes closing a container using a latch device and removably coupling the cabling to the housing so that the communicative coupling is broken if the latch is opened., providing the only communicative coupling between the first microprocessor function and the second microprocessor function.

Abstract: A cryptographic key split combiner, which includes a number of key split generators for generating cryptographic key splits and a key split randomizer for randomizing the cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Each of the key split generators generates key splits from seed data. The key split generators may include a random split generator for generating a random key split based on reference data. Other key split generators may include a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data, and a biometric split generator for generating a biometric key split based on biometric data. All splits may further be based on static data, which may be updated, for example by modifying a prime number divisor of the static data. The label data may be read from a storage medium, and may include user authorization data.

Abstract: A container security device includes a housing, electronic circuitry, and cabling. The electronic circuitry is disposed within the housing, and includes first and second microprocessor functions and an interface for accepting and providing data. The cabling is removably coupled to the housing, provides the only communicative coupling between the first microprocessor function and the second microprocessor function, and is adapted to be attached to a container latch so as to break the communicative coupling if the latch is opened. The housing includes a port for the electronic circuitry interface. A method of providing container security includes closing a container using a latch device and removably coupling the cabling to the housing so that the communicative coupling is broken if the latch is opened, providing the only communicative coupling between the first microprocessor function and the second microprocessor function.

Abstract: A process of cryptographically securing a data object including one or more respectively tagged data elements includes selecting a tagged data element from among a plurality of tagged data elements, based on an associated data tag. A plurality of cryptographic key splits is generated from seed data. The cryptographic key splits are bound together to produce a first cryptographic key. A second cryptographic key is generated based on security requirements of the data object. The tagged data element is encrypted using the first cryptographic key. The data object encrypting using the second cryptographic key. At least one of the cryptographic key splits is based on the associated data tag.

Abstract: A silo system process includes providing a partner with a digitally-signed CKM authorization key by an issuer, thereby allowing the partner to create a silo of an agreed size on a storage medium. The owner of the storage medium provides a personal card for provisioning. The partner creates a silo on the personal card. The partner instantiates a silo and provisions the silo with partner-specific CKM keys. The partner notifies the issuer by that the silo has been created, thereby allowing the issuer to track creation of silos on each card for card management and billing purposes. The partner manages the silo by using the partner-specific keys.

Abstract: A cryptographic key split combiner, which includes a number of key split generators for generating cryptographic key splits and a key split randomizer for randomizing the cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Each of the key split generators generates key splits from seed data. The key split generators may include a random split generator for generating a random key split based on reference data. Other key split generators may include a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data, and a biometric split generator for generating a biometric key split based on biometric data. All splits may further be based on static data, which may be updated, for example by modifying a prime number divisor of the static data. The label data may be read from a storage medium, and may include user authorization data.

Abstract: A process of cryptographically securing a data object including one or more respectively tagged data elements includes selecting a tagged data element from among a plurality of tagged data elements, based on an associated data tag. A plurality of cryptographic key splits is generated from seed data. The cryptographic key splits are bound together to produce a first cryptographic key. A second cryptographic key is generated based on security requirements of the data object. The tagged data element is encrypted using the first cryptographic key. The data object encrypting using the second cryptographic key. At least one of the cryptographic key splits is based on the associated data tag.

Abstract: A cryptographic key split binder includes key split generators that generate cryptographic key splits from seed data and a key split randomizer for randomizing cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Key split generators can include a random split generator for generating a random key split based on reference data, a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data or a biometric split generator for generating a biometric key split based on biometric data. Any key split can further be based on static data, which can be updated. Label data can be read from a storage medium, and can include user authorization data. A cryptographic key can be, for example, a stream of symbols, at least one symbol block, or a key matrix.

Abstract: A cryptographic key split combiner includes a number of key split generators for generating cryptographic key splits from seed data, and a key split randomizer for randomizing the key splits to produce a cryptographic key. The key split generators can include a random split generator for generating random key splits, a token split generator for generating token key splits based on label data, a console split generator for generating console key splits based on maintenance data, a biometric split generator for generating biometric key splits based on biometric data, and a location split generator for generating location key splits based on location data. Label data can be read from storage, and can include user authorization data. A process for forming cryptographic keys includes randomizing or otherwise binding the splits to form the key.

Abstract: A system for securing data includes a set of descriptors associated with data, a node, and a server. The set of descriptors include a first group of descriptors, and at least one additional descriptor. Each descriptor has a respective, associated value. The node provides a first component by binding together the respective values of each of the first group of descriptors. The server receives the first component from the node, provides a key by binding together the first component and the respective values of each of the additional descriptor, and encrypts the data with the key. The user (via a token) and/or the server can provide at least one of the descriptors. At least one server can establish a trusted cryptographic virtual domain that exhibits an established trust based on the descriptors that are policy enforced.

Abstract: A method of generating a constructive channel key includes providing an issuer with a card public key as the keying part of a CKM credential. An ephemeral key pair is computed by the issuer using pre-established enterprise domain parameters. A shared value for the ephemeral private key and the card public key is computed using D-H key agreement. The ephemeral private key is destroyed. The shared value is combined with a static key value. The static key value is split into four blocks. The first block is truncated to be used for a session encryption key. The second block is truncated to be used for a session MAC key. The third block is truncated to be used for a session key encryption key. The fourth block is truncated to be used for an initial IVEC.

Abstract: A cryptographic key split combiner, which includes a number of key split generators for generating cryptographic key splits and a key split randomizer for randomizing the cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Each of the key split generators generates key splits from seed data. The key split generators may include a random split generator for generating a random key split based on reference data. Other key split generators may include a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data, and a biometric split generator for generating a biometric key split based on biometric data. All splits may further be based on static data, which may be updated, for example by modifying a prime number divisor of the static data. The label data may be read from a storage medium, and may include user authorization data.

Abstract: A method of providing object security includes selecting an object to secure, selecting at least one criterion for authorization to access the object, generating an authorization profile based on the at least one criterion, generating an encryption key, binding the authorization profile to at least one of the object and the key, and encrypting the object with the encryption key.

Abstract: A cryptographic key split binder includes key split generators that generate cryptographic key splits from seed data and a key split randomizer for randomizing cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Key split generators can include a random split generator for generating a random key split based on reference data, a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data or a biometric split generator for generating a biometric key split based on biometric data. Any key split can further be based on static data, which can be updated. Label data can be read from a storage medium, and can include user authorization data. A cryptographic key can be, for example, a stream of symbols, at least one symbol block, or a key matrix.