Abstract: A consent block is a type of block that may be stored in a blockchain. Each consent block has an owner and may store an owner consent contract, i.e., a smart contract containing owner-specified access rules that determine who may access data assets that are stored in other blocks of the blockchain and owned by the same owner. The consent block may alternatively store a global consent contract containing global access rules that supersede owner-specified access rules. The consent block also stores a hash value determined from the consent contract and a previous hash value of the block immediately preceding the consent block. The consent contract and the position of the consent block in the blockchain are verifiable from the hash value. Each consent block, once added to the blockchain, becomes part of the immutable record of data stored in the blockchain, and therefore leaves an auditable trail.

Abstract: A consent block is a type of block that may be stored in a blockchain. Each consent block has an owner and may store an owner consent contract, i.e., a smart contract containing owner-specified access rules that determine who may access data assets that are stored in other blocks of the blockchain and owned by the same owner. The consent block may alternatively store a global consent contract containing global access rules that supersede owner-specified access rules. The consent block also stores a hash value determined from the consent contract and a previous hash value of the block immediately preceding the consent block. The consent contract and the position of the consent block in the blockchain are verifiable from the hash value. Each consent block, once added to the blockchain, becomes part of the immutable record of data stored in the blockchain, and therefore leaves an auditable trail.

Abstract: A consent block is a type of block that may be stored in a blockchain. Each consent block has an owner and may store an owner consent contract, i.e., a smart contract containing owner-specified access rules that determine who may access data assets that are stored in other blocks of the blockchain and owned by the same owner. The consent block may alternatively store a global consent contract containing global access rules that supersede owner-specified access rules. The consent block also stores a hash value determined from the consent contract and a previous hash value of the block immediately preceding the consent block. The consent contract and the position of the consent block in the blockchain are verifiable from the hash value. Each consent block, once added to the blockchain, becomes part of the immutable record of data stored in the blockchain, and therefore leaves an auditable trail.

Abstract: A consent block is a type of block that may be stored in a blockchain. Each consent block has an owner and may store an owner consent contract, i.e., a smart contract containing owner-specified access rules that determine who may access data assets that are stored in other blocks of the blockchain and owned by the same owner. The consent block may alternatively store a global consent contract containing global access rules that supersede owner-specified access rules. The consent block also stores a hash value determined from the consent contract and a previous hash value of the block immediately preceding the consent block. The consent contract and the position of the consent block in the blockchain are verifiable from the hash value. Each consent block, once added to the blockchain, becomes part of the immutable record of data stored in the blockchain, and therefore leaves an auditable trail.

Abstract: Systems and methods authenticate a device to operate within an enterprise system with an enterprise policy. An agent, installed on the device, analyzes the device to determine profile information of the device. The determined profile information is sent to a type 2 super peer that verifies whether the profile information conforms to the enterprise policy. If the profile information conforms to the enterprise policy, an agent trust credential is generated, within the type 2 super peer, for the agent, based upon the profile information, and issued to the agent. Authenticity of the device is verified based upon the agent trust credential. If the device is authenticated, communications with the device are permitted. If the device is not authenticated, communications with the device is prevented. In another embodiment, a method restores a device to conform to a system policy. A snapshot of critical components of the device is taken while the device is in compliance with the system policy.

Abstract: Zero-knowledge authentication proves identity without revealing information about a secret that is used to prove that identity. An authentication agent performs authentication of a prover agent without knowledge or transfer of the secret. A non-centralized zero-knowledge authentication system contains multiple authentication agents, for access by multiple computers seeking access on a computer network through local prover agents. Once authenticated, those multiple computers may also implement authentication agents. The secret may periodically expire by publishing a new encrypted secret by a trusted source, thwarting attempts to factor or guess information about the secret.

Abstract: Zero-knowledge authentication proves identity without revealing information about a secret that is used to prove that identity. An authentication agent performs authentication of a prover agent without knowledge or transfer of the secret. A non-centralized zero-knowledge authentication system contains multiple authentication agents, for access by multiple computers seeking access on a computer network through local prover agents. Once authenticated, those multiple computers may also implement authentication agents. The secret may periodically expire by publishing a new encrypted secret by a trusted source, thwarting attempts to factor or guess information about the secret.

Abstract: Systems and methods authenticate a device to operate within an enterprise system with an enterprise policy. An agent, installed on the device, analyzes the device to determine profile information of the device. The determined profile information is sent to a type 2 super peer that verifies whether the profile information conforms to the enterprise policy. If the profile information conforms to the enterprise policy, an agent trust credential is generated, within the type 2 super peer, for the agent, based upon the profile information, and issued to the agent. Authenticity of the device is verified based upon the agent trust credential. If the device is authenticated, communications with the device are permitted. If the device is not authenticated, communications with the device is prevented. In another embodiment, a method restores a device to conform to a system policy. A snapshot of critical components of the device is taken while the device is in compliance with the system policy.