Abstract: Some embodiments provide a system to protect an electric vehicle charging infrastructure. An electric vehicle charging site may receive AC power from a power grid and provide DC power to electric vehicles. The charging site may include a plurality of monitoring nodes each generating a series of current monitoring node values over time that represent a current operation of the electric vehicle charging infrastructure. A supply equipment communication controller may receive an access request from an access requestor associated with an electric vehicle, the access request being associated with a platform certificate. A secondary actor policy decision point at the charging site may evaluate the access requestor's identity and respond with an action message allowing high-level communication with the access requestor to proceed. Note that information associated with the current monitoring node values and/or the access request may be stored in a secure, distributed transaction ledger (e.g.

Abstract: A cyber-security improvement platform database may store electronic records including information, received from remote submitting devices, associated with vulnerability data for computing elements. Information associated with first vulnerability data for a first computing element may be retrieved from the database and verified. Information about the first vulnerability data may then be recorded in a secure, distributed transaction ledger, and a crypto-currency payment may be transferred in connection with the recorded information. Similarly, the electronic records may further include fix data for computing elements. In this case, first fix data associated with the first vulnerability data may be retrieved, verified, and applied in connection with the first computing element. Additional information, about the first fix data, may then be recorded in the transaction ledger and an additional crypto-currency payment may be transferred in connection with the recorded additional information.

Abstract: Some embodiments provide a system to prioritize power delivery from a charging station to electric vehicles. The charging station may include a communication port to receive a charge request from an electric vehicle associated with a delta platform certificate. The charging station may evaluate the delta platform certificate to determine if the electric vehicle is associated with a prioritized charging category (e.g., if the vehicle is an ambulance, police care, fire truck, etc.). A constrained optimizer may allocate power to the electric vehicle, relative to other electric vehicles being charged at the charging station, based at least in part on said determination. A charge pump may then provide power to the electric vehicle in accordance with a result from the constrained optimizer.

Abstract: Some embodiments provide a system to protect an electric vehicle charging infrastructure. An electric vehicle charging site may receive AC power from a power grid and provide DC power to electric vehicles. The charging site may include a plurality of monitoring nodes each generating a series of current monitoring node values over time that represent a current operation of the electric vehicle charging infrastructure. A supply equipment communication controller may receive an access request from an access requestor associated with an electric vehicle, the access request being associated with a platform certificate. A secondary actor policy decision point at the charging site may evaluate the access requestor's identity and respond with an action message allowing high-level communication with the access requestor to proceed. Note that information associated with the current monitoring node values and/or the access request may be stored in a secure, distributed transaction ledger (e.g.

Abstract: The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.

Abstract: According to some embodiments, an edge device may receive, via a secure, distributed transaction ledger (e.g., associated with blockchain technology), information about a task contract published by a publisher device including an indication of a benefit and encryption information. The task contract might be associated with, for example, a compute transaction task and/or a physical task. The edge device may evaluate the received information in accordance with resources locally available at the edge device, and, responsive to said evaluation, transmit to the secure, distributed transaction ledger an indication of acceptance of the published task contract. According to some embodiments, the edge device may execute the published task contract, and, upon completion, arrange to receive the benefit associated with the published task contract.

Abstract: The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.

Abstract: A method and system computes a basepoint for use in a signing operation of a direct anonymous attestation scheme. The method and system includes computing a basepoint at a host computing device and verifying the base point at a trusted platform module (TPM) device.

Abstract: A method and system computes a basepoint for use in a signing operation of a direct anonymous attestation scheme. The method and system includes computing a basepoint at a host computing device and verifying the base point at a trusted platform module (TPM) device.

Abstract: A trusted workstation includes a network interface card (NIC) with trusted computing base (TCB) extensions that provide for securely booting the workstation and performing subsequent receive and transmit packet filtering in support of a network's system architecture requirements. The NIC includes a send address confirm circuit which includes a trusted source address (e.g., a MAC address) uniquely associated with the trusted workstation. For each packet to be transmitted from the trusted workstation over the network, the NIC first checks the source address inserted in the packet by the NIC driver running in the user session to be sure that the driver inserted source address is to equal to the trusted address resident. Thus, if untrusted software on the workstation attempts mischiefly transmit a forged packet with a source address other than the trusted source address, the NIC prohibits transmission of the packet with the forged source address.

Abstract: A trusted workstation includes a network interface card (NIC) with trusted computing base (TCB) extensions that provide for securely booting the workstation and performing subsequent receive and transmit packet filtering in support of a network's system architecture requirements. The NIC includes a send address confirm circuit which includes a trusted source address (e.g., a MAC address) uniquely associated with the trusted workstation. For each packet to be transmitted from the trusted workstation over the network, the NIC first checks the source address inserted in the packet by the NIC driver running the user session to be sure that the driver inserted source address is equal to the trusted address resident. Thus, if untrusted software on the workstation attempts mischiefly transmit a forged packet with a source address other than the trusted source address, the NIC prohibits transmission of the packet with the forged source address.