Abstract: Techniques for monitoring the health of services of a system are disclosed. A system determines that a detected alarm is associated with a service feature, and the service feature is associated with a service of a cloud environment. The system computes a health metric for the service based at least on the detected alarm that is associated with the service feature. Additionally, the system generates a visual representation that includes the health metric for display on a service health interface.

Abstract: Techniques for monitoring the health of services of a system are disclosed. A system determines a health metric for a service in a cloud environment. Additionally, the system determines a first service feature of the service and a plurality of downstream service features that depend on the first service feature. The system determines an impact weight for the first service based on the plurality of downstream service features. Additionally, the system computes a weighted health metric for the service at least by applying the impact weight to the health metric. The system generates a visual representation that includes the weighted health metric for display on a service health interface.

Abstract: The subject technology enables encryption key distribution when a processor is in offline mode. When offline, key distribution servers can distribute private/public key pairs in place of the processor. The servers can distribute a public key to a user device for encryption of data. The encrypted data can be provided to the processor, which can return a token in response to provide to the first server.

Abstract: Methods, systems, and media are provided for enabling encryption key distribution when a processor is in offline mode. When offline, key distribution servers can distribute private/public key pairs in place of the processor. The servers can distribute a private key to a first server for encryption of data and a public key to the processor, when it is online, to decrypt the data.

Abstract: An access control system is described in which a primary credential device has a master key and a secondary credential device has a key derived from the master key. Both the master key and the derivative key are required to gain access to the resource protected by the access control system. If the secondary credential device is lost, misplaced, or stolen, it cannot be used to gain illicit access to the protected resource, and it can be easily replaced by providing a different secondary credential device with another key derived from the master key.

Abstract: A method and device for delivering one or more keys to an offline mobile communication device are provided. The method includes receiving the one or more keys from a backend issuance system, preparing the one or more keys for delivery to the offline mobile communication device via a short-to-medium communication channel, and transmitting the one or more keys to the offline mobile communication device via the short-to-medium range communication channel.

Abstract: Methods, devices, and systems are provided for providing continuous authentication to a user having a wearable device in an access control system. The wearable device allows the authentication of the user to be maintained until an authentication interruption signal is received. The interruption signal may be based on user biometrics, a state of the wearable device, a communication range of the wearable device with a trusted mobile device, and more. Upon receiving the interruption signal, the continuous authentication for the wearable device, and the user, may be revoked, destroyed, or disabled.

Abstract: A method and device for delivering one or more keys to an offline mobile communication device are provided. The method includes receiving the one or more keys from a backend issuance system, preparing the one or more keys for delivery to the offline mobile communication device via a short-to-medium communication channel, and transmitting the one or more keys to the offline mobile communication device via the short-to-medium range communication channel.

Abstract: A method enables the transmission of encrypted and unencrypted data over different channels. The method includes: receiving, at a first device, unencrypted data via a first channel; causing, by the first device, generating a data entry form at a second device based on the received unencrypted data; causing, by the first device, transmitting, from the second device, the generated data entry form to a third device via a second channel, the generated data entry to be displayed within a webpage on the third device; causing, by the first device, intercepting and encrypting data entered into the generated data entry from by a user; and receiving, by the first device, via the second channel the encrypted data.

Abstract: A method and device for delivering one or more keys to an offline mobile communication device are provided. The method includes receiving the one or more keys from a backend issuance system, preparing the one or more keys for delivery to the offline mobile communication device via a short-to-medium communication channel, and transmitting the one or more keys to the offline mobile communication device via the short-to-medium range communication channel.

Abstract: An access control system is described in which a credential may be authenticated and permitted to access a protected resource only after discovery of a second device. Requiring discovery of a second device prior to authentication enhances security by protecting against unauthorized access by an illicit user of a credential.

Abstract: An access control system is described in which a primary credential device has a master key and a secondary credential device has a key derived from the master key. Both the master key and the derivative key are required to gain access to the resource protected by the access control system. If the secondary credential device is lost, misplaced, or stolen, it cannot be used to gain illicit access to the protected resource, and it can be easily replaced by providing a different secondary credential device with another key derived from the master key.

Abstract: Method and devices for making access decisions in a secure access network are provided. The access decisions are made by one or more portable credentials using data and algorithms stored on or received by two or more credentials. Since access decisions are made by the portable credential or credentials, non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database, thereby reducing the cost of building and maintaining the secure access network.

Abstract: An access control system is described in which a primary credential device has a master key and a secondary credential device has a key derived from the master key. Both the master key and the derivative key are required to gain access to the resource protected by the access control system. If the secondary credential device is lost, misplaced, or stolen, it cannot be used to gain illicit access to the protected resource, and it can be easily replaced by providing a different secondary credential device with another key derived from the master key.