Abstract: A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files.

Abstract: Method for establishing secure communication between a plurality of IoT devices in one or more vehicles include: provisioning the plurality of IoT devices by providing a unique identification, a digital identity token and a cryptographic key to each of the plurality of IoT devices; establishing a secure communication line between the plurality of IoT devices by authenticating respective communication lines between respective IoT devices and issuing a digital certificate to the respective communication lines; grouping the plurality of IoT devices into different groups based on a predetermined criteria; and including a group membership for a group of the different groups in an attribute certificate indicating group characterization.

Abstract: One example method of operation may include receiving a request, from an entity, for one or more tokens based on one or more attributes, encrypting and masking the one or more attributes, adding the encrypted and masked one or more attributes to the one or more tokens, and transmitting the one or more tokens to the entity.

Abstract: One example method may include generating a template transaction certificate by one or more entities which verify proof of ownership of attributes incorporated into the template transaction certificate, and generating one or more operational transaction certificates by the one or more entities which verified proof of ownership of the template transaction certificate.

Abstract: Method for establishing secure communication between a plurality of IoT devices in one or more vehicles include: provisioning the plurality of IoT devices by providing a unique identification, a digital identity token and a cryptographic key to each of the plurality of IoT devices; establishing a secure communication line between the plurality of IoT devices by authenticating respective communication lines between respective IoT devices and issuing a digital certificate to the respective communication lines; grouping the plurality of IoT devices into different groups based on a predetermined criteria; and including a group membership for a group of the different groups in an attribute certificate indicating group characterization.

Abstract: System and method for authenticating a computer user includes: sending an invitation message from an entity computer to an API for authenticating a user of a user computer; receiving and translating by the API the invitation message and sending the translated invitation message including the first public key to the platform server; sending an invitation response to the API to be translated and sending the translated invitation response to the entity computer; preparing a first message including a link and a unique code by the entity computer and sending the first message to the user computer; registering with the platform server utilizing the link and the unique code, and generating a second public key, by the user computer; receiving a correct answer to the secret from the user computer; receiving the second public key by the platform server; and authenticating the user based on the received correct answer.

Abstract: System and method for establishing a secure communication between a plurality of Internet of Things (IoT) devices, includes provisioning a first and a second IoT devices by providing a unique identification, a digital identity token and a cryptographic key to each of the first and second IoT devices; authenticating the second IoT device by the first IoT device; inviting the second IoT device by the first IoT device to establish a communication line with the first IoT device; establishing a secure communication line between the first IoT device and the second IoT device by authenticating the communication line between the first IoT device and the second IoT device and issuing a digital certificate to the communication line between the first IoT device and the second IoT device; establishing secure communication lines between the first IoT device, the second IoT device and a plurality of more devices; and grouping the first IoT device, the second IoT device and the plurality of more devices into different group

Abstract: System and method for authenticating a computer user includes: sending an invitation message from an entity computer to an API for authenticating a user of a user computer; receiving and translating by the API the invitation message and sending the translated invitation message including the first public key to the platform server; sending an invitation response to the API to be translated and sending the translated invitation response to the entity computer; preparing a first message including a link and a unique code by the entity computer and sending the first message to the user computer; registering with the platform server utilizing the link and the unique code, and generating a second public key, by the user computer; receiving a correct answer to the secret from the user computer; receiving the second public key by the platform server; and authenticating the user based on the received correct answer.

Abstract: A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files.

Abstract: System and method for establishing a secure communication between a plurality of Internet of Things (IoT) devices, includes provisioning a first and a second IoT devices by providing a unique identification, a digital identity token and a cryptographic key to each of the first and second IoT devices; authenticating the second IoT device by the first IoT device; inviting the second IoT device by the first IoT device to establish a communication line with the first IoT device; establishing a secure communication line between the first IoT device and the second IoT device by authenticating the communication line between the first IoT device and the second IoT device and issuing a digital certificate to the communication line between the first IoT device and the second IoT device; establishing secure communication lines between the first IoT device, the second IoT device and a plurality of more devices; and grouping the first IoT device, the second IoT device and the plurality of more devices into different group

Abstract: System and method for establishing a secure communication between a plurality of Internet of Things (IoT) devices, includes issuing a first digital certificate to the second IoT device, inviting the second IoT device by the first IoT device to establish a communication line with the first IoT device by receiving a digital token from the second IoT device, authenticating the second IoT device using the unique identification and cryptographic key of the second IoT device; establishing a secure communication line between the first IoT device and the second IoT device by authenticating the established communication line and issuing a second digital certificate to the communication line between the first IoT device and the second IoT device; and preventing a third IoT device for which a secure communication line to the first or second IoT device has not been established from communicating with the first or second IoT device.

Abstract: System and method for establishing a secure communication between a plurality of Internet of Things (IoT) devices, includes issuing a first digital certificate to the second IoT device, inviting the second IoT device by the first IoT device to establish a communication line with the first IoT device by receiving a digital token from the second IoT device, authenticating the second IoT device using the unique identification and cryptographic key of the second IoT device; establishing a secure communication line between the first IoT device and the second IoT device by authenticating the established communication line and issuing a second digital certificate to the communication line between the first IoT device and the second IoT device; and preventing a third IoT device for which a secure communication line to the first or second IoT device has not been established from communicating with the first or second IoT device.

Abstract: A security system for authenticating users and protecting content that provides an application program interface (API) with a Cloud Platform integration (Platform) to extend the security capabilities of Public Key Infrastructure and Privilege Management Infrastructure systems to authenticated external users and protected content.

Abstract: Embodiments of the present invention may provide techniques by which replay attacks in a blockchain network may be efficiently resisted, while preserving valid user permissions and privacy in the blockchain network. For example, in an embodiment of the present invention, in a network of computer systems, a method of communication may comprise at a user computer system, generating a security value that is to be used only once, generating a message signed with a security certificate and including the security value, and transmitting the message over the network of computer systems.

Abstract: A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files.

Abstract: Disclosed are methods for extracting and using information about an entity that has a presence in a number of information domains. The entity has separate identifiers in each of several domains. Various techniques are described that bind together the identifiers of the entity across the domains. The results of the binding are provided to an interested party that can review information extracted about the entity's behavior in the multiple domains. The interested party is not given access to information that would compromise the confidentiality of the entity. A trusted broker has access to information about the behavior of the entity in the several domains. The broker analyzes that information and provides the analysis to the interested party, again without compromising the confidentiality of the entity. An “incentivizer” works with the broker to extract from the domains information that would be useful in binding together the different identifiers of the entity.

Abstract: A security system for authenticating users and protecting content that provides an application program interface (API) with a Cloud Platform integration (Platform) to extend the security capabilities of Public Key Infrastructure and Privilege Management Infrastructure systems to authenticated external users and protected content.

Abstract: A security system for authenticating users and protecting content that provides an application program interface (API) with a Cloud Platform integration (Platform) to extend the security capabilities of Public Key Infrastructure and Privilege Management Infrastructure systems to authenticated external users and protected content.

Abstract: In a method for enabling support for backwards compatibility in a User Domain, in one of a Rights Issuer (RI) and a Local Rights Manager (LRM), a Rights Object Encryption Key (REK) and encrypted REK are received from an entity that generated a User Domain Authorization for the one of the RI and the LRM and the REK is used to generate a User Domain Rights Object (RO) that includes the User Domain Authorization and the encrypted REK.

Abstract: In a method for enabling support for backwards compatibility in a User Domain, in one of a Rights Issuer (RI) and a Local Rights Manager (LRM), a Rights Object Encryption Key (REK) and encrypted REK are received from an entity that generated a User Domain Authorization for the one of the RI and the LRM and the REK is used to generate a User Domain Rights Object (RO) that includes the User Domain Authorization and the encrypted REK.