Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: According to one or more embodiments herein, interferometry-based satellite location accuracy is provided.

Abstract: According to one or more of the embodiments herein, systems and techniques for multi-subset-based detection and mitigation of Global Navigation Satellite System (GNSS) spoofing are provided. In one embodiment, a method comprises: determining data associated with a distance between an object and each of a plurality of satellites to produce a corresponding plurality of datums; creating a plurality of different subsets of the datums; determining a plurality of possible computed solutions for the object based on the subsets of datums; determining, in response to the plurality of possible computed solutions falling within an acceptable proximity of each other, a trusted computed solution for the object based on the plurality of datums; and initiating, in response to at least one the plurality of possible computed solutions not falling within the acceptable proximity of each other of the plurality of possible computed solutions, one or more mitigation actions.

Abstract: The present disclosure relates generally to satellite communication systems, and, more particularly, to trilateration-based satellite location accuracy for improved satellite-based geolocation are provided.

Abstract: In one embodiment, a method comprises: receiving a signal from a remote antenna at first and second antennas, the first and second antenna being collocated and offset from one another by a fixed predetermined angle such that a center of a high gain region of a main lobe of the first antenna is substantially aligned with a low gain region of a main lobe of the second antenna; determining a set of characteristics of the signal based on the signal being received at the first antenna; decoding a first data set based on the signal being received at the first antenna and a second data set based on the signal being received at the second antenna, both using the set of signal characteristics; and determining a currently aimed direction of the first antenna with relation to the remote antenna based on the difference between the first and second data sets.

Abstract: According to one or more of the embodiments herein, systems and techniques for multi-system-based detection and mitigation of Global Navigation Satellite System (GNSS) spoofing are provided. In one embodiment, a method comprises: obtaining a first location of an object from a primary location determination hardware system; obtaining a second location of the object from a secondary location determination hardware system; determining a distance difference between the first location and the second location; determining whether the distance difference between the first location and the second location is acceptable based on a threshold distance; and initiating one or more mitigation actions in response to the distance difference between the first location and the second location being unacceptable.

Abstract: Satellite echoing for geolocation and mitigation of Global Navigation Satellite System (GNSS) denial are provided herein, where an example method comprises: transmitting an initiated message to a communication satellite along a communication path that has a target device with an unknown distance to the communication satellite; receiving a returned message from the communication satellite over the communication path in response to the initiated message; determining a local time difference between the transmission time and the reception time; calculating a distance between the communication satellite and the target device, the distance calculated based on a portion of the determined time difference associated with only a single traversal of a portion of the communication path that is between the communication satellite and the target device; and performing one or more actions based on the distance between the communication satellite and the target device.

Abstract: According to one or more of the embodiments herein, systems and techniques for satellite relaying for geolocation and mitigation of Global Navigation Satellite System (GNSS) denial are provided.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: Disclosed are embodiments for automatically resolving faults in a complex network system. Some embodiments monitor one or more of system operational parameter values and message exchanges between network components. A machine learning model detects a fault in the complex network system, and an action is selected based on a cause of the fault. After the action is applied to the complex network system, additional monitoring is performed to either determine the fault has been resolved or additional actions are to be applied to further resolve the fault.

Abstract: The techniques herein are directed generally to a “zero-knowledge” data management network. Users are able to share verifiable proof of data and/or identity information, and businesses are able to request, consume, and act on the data—all without a data storage server or those businesses ever seeing or having access to the raw sensitive information (where server-stored data is viewable only by the intended recipients, which may even be selected after storage). In one embodiment, source data is encrypted with a source encryption key (e.g., source public key), with a rekeying key being an encrypting combination of a source decryption key (e.g., source private key) and a recipient's public key. Without being able to decrypt the data, the storage server can use the rekeying key to re-encrypt the source data with the recipient's public key, to then be decrypted only by the corresponding recipient using its private key, accordingly.

Abstract: Embodiments provide for guided alignment of the orientation of two wireless devices. A first wireless device is at a known position and a known orientation. A signal from a second wireless device is received via a plurality of receive elements of the first wireless device. The first wireless device measures phase differences of the signal at the plurality of receive elements, and determines locations of each of the second wireless device's transmit elements based on the differences. Based on the transmit element locations, and a known antenna layout of the second wireless device, an orientation of the second wireless device is determined. Based on differences between the determined orientation and the known orientation of the first wireless device, instructions for aligning the devices are generated. Once the devices are aligned, location estimates of a third wireless device are made by both the first wireless device and the second wireless device.

Abstract: The disclosed embodiments estimate a location of a first wireless device based on signals received from the wireless device from two other wireless devices. To combine estimates of the two wireless devices, the two wireless devices share a definition of a plurality of geographic regions. A first set of expected phase differences for the plurality of regions are determined for a first of the two wireless devices, and a second set of expected phase differences for the plurality of regions are determined for a second of the two wireless devices. Based on these two sets of expected phase differences, each of the two devices estimate a position of the first wireless device.

Abstract: Disclosed are embodiments that determine a location of a first wireless device based on estimates of two other wireless devices. Each of the other wireless devices is assigned or defines its own plurality of regions. Each wireless device estimates a location of the first wireless device with respect to its assigned or defined plurality of regions. One of the estimates is then translated to the other device's plurality of regions. The two estimates are then combined to estimate the location of the first wireless device.

Abstract: In one embodiment, a communicating device (e.g., either a ground station server or a particular distributed module of a satellite communication system) mitigates congestion on a particular return communication path via an intermediate satellite from the plurality of distributed modules to the ground station server. In particular, in response to determining that the level of congestion is above a threshold, then the communication device mitigates the congestion by, e.g.

Abstract: The techniques herein are directed generally to providing access control and persona validation for interactions. In one embodiment, a method for a first device comprises: interacting with a second device on a communication channel; determining, over a verification channel with a verification service, that an identity of a user communicating on the second device is a verified identity according to the verification service; determining a persona of the user; querying a third-party entity to make a determination whether the persona is validated and to correspondingly determine a current privilege level; and managing interaction with the second device according to the determination whether the persona is validated and the corresponding current privilege level. Another embodiment comprises a verification server's perspective of facilitating the interaction between the first and second devices, where the verification server queries the third-party entity to validate the persona.

Abstract: In one embodiment, the techniques herein provide a fully automated satellite-based backhaul system. In particular, a system in accordance with the techniques herein may utilize a satellite communication terminal to allow an Internet of Things (IoT) device (or any device) to be deployed in any location which has a line of sight towards a communication satellite. Specifically, the placement, orientation, and/or communication characteristics of the IoT device and/or satellite communication terminal (or antenna) may be manipulated (e.g., manual adjustment based on calculated directions and/or completely autonomously) to ensure avoidance of interference in any other wireless communication network.

Abstract: A system in accordance with one aspect mitigates interference with PtPRs (Point to Point Receivers) that may be caused by a Wi-Fi base station or terminal devices associated with the Wi-Fi base station.

Abstract: The techniques herein are directed generally to providing access control and identity verification for communications when receiving a communication at an entity to be verified. In one embodiment, a receiving device receives a communication from an initiating device on a communication channel, wherein the initiating device is configured to determine whether an identity associated with the receiving device is verified by a verification service. The receiving device verifies the identity through a verification service client application on the receiving device, and conveys, to the verification service over a verification channel, that the identity associated with the receiving device is verified, wherein the verification service is caused to convey, to the initiating device over the verification channel, that the identity is verified.