Abstract: In a data theft prevention method, a data processing apparatus obtains target data, inputs the target data into a recognition model for recognition processing to obtain a first label, where the first label is a label to which the target data belongs. The recognition processing includes: performing, by the recognition model, feature extraction on the target data to obtain a first feature vector; and obtaining, by the recognition model, the first label through prediction based on the first feature vector; and outputs a target label when determining that a second feature vector exists. The second feature vector is a feature vector whose distance from the first feature vector is less than a first threshold. A second label obtained through prediction by using the recognition model is different from the first label and the target label is a label obtained by performing perturbation processing on the first label.

Abstract: An identity authentication method is described. The method includes, when receiving a group joining request that is sent by a first terminal and that is used for joining a trusted group, generating, by a server, a first certificate for the first terminal based on a first version number, and sending them to the first terminal. The method further includes, when determining that a second terminal is removed from the trusted group, updating the first version number to a second version number; and separately generating, by the server based on the second version number, a corresponding second certificate for a terminal not removed from the trusted group; and separately sending the corresponding second certificate and the second version number to the terminal not removed from the trusted group. In this way, during authentication, a terminal may compare a version number of the other party to perform identity authentication, thereby improving authentication efficiency.

Abstract: A system for controlling access to encrypted vehicular data employs a hierarchical access control method that allows select encrypted vehicular data stored in a cloud server to be accessed by an authorized user in a hierarchical manner whereby the authorized user is then able to decrypt the select encrypted data and all child data associated with the select encrypted data.

Abstract: An information processing method, a terminal device, and a network system include encrypting, by a first terminal, an authorization key based on a public key of a second terminal to obtain an authorization key ciphertext corresponding to the second terminal, and sending, by the first terminal, the authorization key ciphertext to the second terminal such that the second terminal decrypts the authorization key ciphertext based on a private key of the second terminal to obtain the authorization key, and then performs file decryption.

Abstract: This document describes a system and method for configuring a second wireless device to access a wireless network using a first wireless device whereby one-round key exchange protocol is adopted to share the wireless network's configuration data with the second wireless device in an efficient and secure manner.

Abstract: This document discloses a system and method for verifying system integrity of an electronic device. The electronic device includes a verifier device provided within a secure environment of the electronic device and a scanner device provided within a normal environment of the electronic device whereby the secure environment comprises hardware that is isolated from the hardware in the normal environment, i.e. these two environments are hardware isolated.

Abstract: An identity authentication method is described. The method includes, when receiving a group joining request that is sent by a first terminal and that is used for joining a trusted group, generating, by a server, a first certificate for the first terminal based on a first version number, and sending them to the first terminal. The method further includes, when determining that a second terminal is removed from the trusted group, updating the first version number to a second version number; and separately generating, by the server based on the second version number, a corresponding second certificate for a terminal not removed from the trusted group; and separately sending the corresponding second certificate and the second version number to the terminal not removed from the trusted group. In this way, during authentication, a terminal may compare a version number of the other party to perform identity authentication, thereby improving authentication efficiency.

Abstract: This document describes a system and method for configuring a second wireless device to access a wireless network using a first wireless device whereby one-round key exchange protocol is adopted to share the wireless network's configuration data with the second wireless device in an efficient and secure manner.

Abstract: This document describes a system and method for controlling access to encrypted vehicular data. The system described in this document employs a hierarchical access control method that allows select encrypted vehicular data stored in a cloud server to be accessed by an authorized user in a hierarchical manner whereby the authorized user is then able to decrypt the select encrypted data and all child data associated with the select encrypted data.

Abstract: This document discloses a system and method for verifying system integrity of an electronic device. The electronic device includes a verifier device provided within a secure environment of the electronic device and a scanner device provided within a normal environment of the electronic device whereby the secure environment comprises hardware that is isolated from the hardware in the normal environment, i.e. these two environments are hardware isolated.

Abstract: A user identity authenticating method, a terminal, and server are provided. The method includes determining according to a preset first-biological-feature processing instruction set, whether a currently-entered first user biological feature matches a second user biological feature, to obtain a first result, where the first-biological-feature processing instruction set is configured by a server, and the second user biological feature is a biological feature that is registered on the server; determining, whether the first result is correct; and if the first result is correct, sending the first result to the server to determine whether the first user biological feature is authenticated. The method not only enhances security when the server performs user identity authenticating, but also prevents the second user biological feature from being leaked to a non-secure area.