Abstract: A method at a network element for securely sharing services across domains, the method including receiving a request at the network element to add a first domain and an edge domain to a system; provisioning a public key of the network element to the first domain and the edge domain; receiving a public key of the first domain; populating, in the network element, a table with services provided by the first domain or the edge domain; populating, in the network element, a second table with applications installed at the first domain or edge domain and permissions for services for the applications; and controlling access to the services by the applications.

Abstract: A method at a network element for securely sharing services across domains, the method including receiving a request at the network element to add a first domain and an edge domain to a system; provisioning a public key of the network element to the first domain and the edge domain; receiving a public key of the first domain; populating, in the network element, a table with services provided by the first domain or the edge domain; populating, in the network element, a second table with applications installed at the first domain or edge domain and permissions for services for the applications; and controlling access to the services by the applications.

Abstract: A rubber coating layer is prepared from a sprayable aqueous coating dispersion including: a rubber dispersion including a rubber binder dispersed in an aqueous medium, a sulfur-containing vulcanization agent, and a platy inorganic material. The coating dispersion or a film formed from the coating dispersion is vulcanized at a temperature of from 100° C. to less than 160° C. for up to 1 hour to form the rubber coating layer having a melt temperature of greater than 60° C. A sprayable pre-vulcanized coating dispersion is prepared from a coating dispersion including: a rubber dispersion comprising a rubber binder dispersed in an aqueous medium, a sulfur-containing vulcanization agent, and a platy inorganic material. The coating dispersion is vulcanized at a temperature of from 70° C. to less than the boiling point of the aqueous medium to form the pre-vulcanized coating dispersion.

Abstract: A method at a network element for securely sharing services across domains, the method including receiving a request at the network element to add a first domain and an edge domain to a system; provisioning a public key of the network element to the first domain and the edge domain; receiving a public key of the first domain; populating, in the network element, a table with services provided by the first domain or the edge domain; populating, in the network element, a second table with applications installed at the first domain or edge domain and permissions for services for the applications; and controlling access to the services by the applications.

Abstract: Disclosed is a polyester polymer prepared from a reaction mixture comprising a polyacid component and a polyol component that comprises lignin. Residues of lignin are incorporated into the backbone of the polyester polymer. Coatings comprising the same and substrates coated at least in part with such coatings are also disclosed.

Abstract: The present disclosure describes methods and systems, including computer-implemented methods, computer program products, and computer systems, for distributing recovery keys. One method includes: transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server; transmitting a first portion of a recovery key to secure community server for forwarding to the second user device; transmitting a second portion of the recovery key to the secure community server; and discarding the first portion and the second portion of the recovery key at the first user device.

Abstract: A system and method for a privacy mode are disclosed. A trusted execution environment and general operating system that has restricted access to the trusted execution environment are maintained on a processor. A privacy mode command indicating either one of a first value and a second value is received. A peripheral control interface, which is communicatively coupled to the trusted execution environment and otherwise communicatively isolated from the general operating system, is disabled when the privacy mode enable indicator has the first value and is enabled when the privacy mode enable indicator has the second value. An associated peripheral is disabled from providing signals to processing circuits when the peripheral control interface is in the disabled state and enabled to provide signals to processing circuits when the peripheral control interface is in the enabled state.

Abstract: A system and method for controlling functions on devices is disclosed. An occurrence of a start of an event is determined. Based on determining the occurrence of the start, a respective registration of a respective device associated with a respective attendee of the event is received. Based on receiving the respective registration and determining the occurrence of the start of the event, temporary restrictions are applied to the respective device from which the respective registration is received. Based on determining an occurrence of an end of the event, the temporary restrictions are removed from the respective device.

Abstract: Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a first primary secret key based on a primary ephemeral key pair and a primary master public key is generated by a primary data service application on an electronic device. A first primary ciphertext is generated by encrypting a first portion of the data using the first primary secret key. A second primary secret key is generated based on the first primary secret key. The first primary secret key is deleted. The first primary ciphertext is sent from the primary data service application to a secondary data service application. A first encrypted text is received from the secondary data service application. The first encrypted text is generated by encrypting the first primary ciphertext.

Abstract: Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a decryption request to decrypt the encrypted data is received from an application on an electronic device. A first secret key from a shared secret is generated. The shared secret is generated based on a master private key and an ephemeral public key associated with the encrypted data. A first encrypted secret key is generated using the first secret key and a context key. The context key is generated based on the master private key. A first portion of the encrypted data is decrypted using the first secret key. A second secret key is generated from the first secret key. The first secret key is deleted. At least a segment of the decrypted first portion of the encrypted data is sent to the application.

Abstract: The present disclosure describes methods and systems, including computer-implemented methods, computer program products, and computer systems, for distributing recovery keys. One method includes: transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server; transmitting a first portion of a recovery key to secure community server for forwarding to the second user device; transmitting a second portion of the recovery key to the secure community server; and discarding the first portion and the second portion of the recovery key at the first user device.

Abstract: A system and method for controlling functions on devices is disclosed. An occurrence of a start of an event is determined. Based on determining the occurrence of the start, a respective registration of a respective device associated with a respective attendee of the event is received. Based on receiving the respective registration and determining the occurrence of the start of the event, temporary restrictions are applied to the respective device from which the respective registration is received. Based on determining an occurrence of an end of the event, the temporary restrictions are removed from the respective device.

Abstract: A system and method for a privacy mode are disclosed. A trusted execution environment and general operating system that has restricted access to the trusted execution environment are maintained on a processor. A privacy mode command indicating either one of a first value and a second value is received. A peripheral control interface, which is communicatively coupled to the trusted execution environment and otherwise communicatively isolated from the general operating system, is disabled when the privacy mode enable indicator has the first value and is enabled when the privacy mode enable indicator has the second value. An associated peripheral is disabled from providing signals to processing circuits when the peripheral control interface is in the disabled state and enabled to provide signals to processing circuits when the peripheral control interface is in the enabled state.

Abstract: Disclosed is a polyester polymer prepared from a reaction mixture comprising a polyacid component and a polyol component that comprises lignin. Residues of lignin are incorporated into the backbone of the polyester polymer. Coatings comprising the same and substrates coated at least in part with such coatings are also disclosed.

Abstract: A method is provided for verifying proper operation of a left elevator tab disposed at an end portion of a left elevator of an aircraft and a right elevator tab disposed at an end portion of a right elevator of the aircraft. Because proper operation of the elevator tabs cannot be directly verified by existing aircraft instrument, the operation of the elevator tabs can be indirectly verified by analyzing flight data of the aircraft. After identification of a verification event, in which the elevator tabs move relative to the elevators, the positions of the left elevator and right elevator can be measured, and differences in the positions of the left elevator and right elevator can indicate proper operation of the left and right elevator tabs.

Abstract: Systems, methods, and software can be used to provide security assurance information. In some aspects, a certificate request for a client process on a mobile device is received. A security assurance character for the client process is determined. Whether to grant the certificate request is determined based on the determined security assurance character. In response to determining to grant the certificate request, a certificate is generated.

Abstract: Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a first primary secret key based on a primary ephemeral key pair and a primary master public key is generated by a primary data service application on an electronic device. A first primary ciphertext is generated by encrypting a first portion of the data using the first primary secret key. A second primary secret key is generated based on the first primary secret key. The first primary secret key is deleted. The first primary ciphertext is sent from the primary data service application to a secondary data service application. A first encrypted text is received from the secondary data service application. The first encrypted text is generated by encrypting the first primary ciphertext.

Abstract: Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a decryption request to decrypt the encrypted data is received from an application on an electronic device. A first secret key from a shared secret is generated. The shared secret is generated based on a master private key and an ephemeral public key associated with the encrypted data. A first encrypted secret key is generated using the first secret key and a context key. The context key is generated based on the master private key. A first portion of the encrypted data is decrypted using the first secret key. A second secret key is generated from the first secret key. The first secret key is deleted. At least a segment of the decrypted first portion of the encrypted data is sent to the application.

Abstract: A method is provided for verifying proper operation of a left elevator tab disposed at an end portion of a left elevator of an aircraft and a right elevator tab disposed at an end portion of a right elevator of the aircraft. Because proper operation of the elevator tabs cannot be directly verified by existing aircraft instrument, the operation of the elevator tabs can be indirectly verified by analyzing flight data of the aircraft. After identification of a verification event, in which the elevator tabs move relative to the elevators, the positions of the left elevator and right elevator can be measured, and differences in the positions of the left elevator and right elevator can indicate proper operation of the left and right elevator tabs.

Abstract: A method and apparatus for controlling access to encrypted data is provided. The device comprises: a processor and a memory, the processor configured to: control access to encrypted data, stored at the memory, the encrypted data categorized according to a plurality of categories, using a respective encryption key for each category in the plurality of categories; and, control access to a given encryption key according to given criteria associated with a given category, respective criteria different for each respective category, access to the given encryption key including one or more of, when the respective criteria are met, generating the given encryption key and decrypting the given encryption key.