A method implements a customer recognition system. A request with an identifier of an unidentified user is received. Sparse data is generated from string information corresponding to the identifier. Preexisting identifiers are filtered to generate a list of candidate identifiers using the sparse data. The plurality of preexisting identifiers correspond to a plurality of preexisting users. A core identifier is selected by determining a match between the identifier and a preexisting identifier from the preexisting identifiers using distance information generated using the list of candidate identifiers. The core identifier is matched to the identifier using the match to identify the unidentified user as a preexisting user from the plurality of preexisting users.

Convenient sharing of information among authorized network users may be facilitated by allowing a user to send information originating from multiple applications in aggregate form to another user, e.g., using a secure messaging service. In scenarios where data access is restricted, a server may check the recipient's access privileges prior to forwarding the information to her.

Systems, methods, and interfaces for the management of virtual machine instances and other programmatically controlled networks are provided. The hosted virtual networks are configured in a manner such that a virtual machine manager of the virtual network may monitor activity such as user requests, network traffic, and the status and execution of various virtual machine instances to determine possible security assessments. Aspects of the virtual network may be assessed for vulnerabilities at varying levels of granularity and sophistication when a suspicious event or triggering activity is detected. Illustrative embodiments of the systems and methods may be implemented on a virtual network overlaid on one or more intermediate physical networks that are used as a substrate network.

Disclosed herein are apparatuses and methods for verifying a level of trust in a zone having multiple persons. One or more persons of the multiple persons within the zone can be identified and, based on identifying the one or more persons, it can be determined whether the one or more persons are associated with a level of trust. An observable indicator can be set to specify whether the multiple persons in the zone, including the one or more persons, are associated with the level of trust.

A facility management system comprises a server, a biometric identification unit, and a processing circuit. The server is configured to store a list of registered users, and biometric information and access rights pertaining to each registered users. The biometric identification unit is associated with the building equipment. The biometric identification unit is enabled to facilitate a user desiring access to the associated building equipment to scan at least one biometric parameter, and subsequent to scanning of the biometric parameter the biometric identification unit is configured to generate a scanned biometric information. The processing circuit is communicatively coupled with the server and the biometric identification unit, and is configured to: authenticate the user based on the biometric information and the scanned biometric information; determine the access rights for the authenticated user; and subsequently provide access to the authenticated user to operate the associated building equipment based on the determined access rights.

A trusted entity provides an API interface to online streaming platforms and sports betting platforms acting as an intermediary between the online streaming platforms and the sports betting platforms. The trusted entity generates unique authorization tokens that are used to authenticate users between the online streaming platforms and the sports betting platforms and provides a secure environment that separates the online streaming platforms and the sports betting platforms, allowing online streaming platforms to provide online betting services to their users without having to interface to multiple online betting services.

A trusted entity provides an API interface to online streaming platforms and sports betting platforms acting as an intermediary between the online streaming platforms and the sports betting platforms. The trusted entity generates unique authorization tokens that are used to authenticate users between the online streaming platforms and the sports betting platforms and provides a secure environment that separates the online streaming platforms and the sports betting platforms, allowing online streaming platforms to provide online betting services to their users without having to interface to multiple online betting services.

An apparatus comprises a processing device configured to determine, utilizing a firmware-based agent running in firmware, a boot flag status during a boot process of the processing device. The processing device is also configured to execute, responsive to the boot flag status being a first value, a system update handler of the firmware-based agent configured for provisioning of a secured runtime operating system on the processing device, wherein the provisioning comprises digitally signing an image of the secured runtime operating system utilizing a hardware-based root of trust key. The processing device is further configured to execute, responsive to the boot flag status being a second value, a secured operating system boot handler of the firmware-based agent configured for validating and loading secured runtime operating system, wherein the validation comprises performing attestation of a signature of the image of the secured runtime operating system utilizing the hardware-based root of trust key.

This invention relates generally to distributed ledger technology (including blockchain related technologies), particularly a method and corresponding system for providing a blockchain transaction comprising a redeem script for an output that comprises: i) a plurality of public keys, each associated with a corresponding private key, wherein each public key is uniquely associated with a potential state of at least one data source; and ii) logic arranged to provide a result based on: A) a determination of which of the plurality of associated private key(s) is/are used to sign the unlocking script, so as to provide an interim result: and B) a comparison of a parameter supplied via the unlocking script against the interim result, and further attempting to spend the transaction output more than once, each attempt supplying a different parameter.

A server can record a device static public key (Sd) and a server static private key (ss). The server can receive a message with (i) a device ephemeral public key (Ed) and (ii) a ciphertext encrypted with key K1. The server can (i) conduct an EC point addition operation on Sd and Ed and (ii) send the resulting point/secret X0 to a key server. The key server can (i) perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using X0 and a network static private key to derive a point/secret X1, and (ii) send X1 to the server. The server can conduct a second ECDH key exchange using the server static private key and point X0 to derive point X2. The server can conduct an EC point addition on X1 and X2 to derive X3. The server can derive K1 using X3 and decrypt the ciphertext.