Various embodiments relating to exchanging a cryptographic key between a display device and an input device via electrostatic communication are disclosed. In one embodiment, an interactive communication device includes one or more electrodes and a radio transceiver. The one or more electrodes may be excited to capacitively couple with one or more electrodes of a proximate communication device so as to capacitively send a cryptographic key from the interactive communication device to the proximate communication device. The radio transceiver may be configured to communicate with a radio transceiver of the proximate communication device via a radio channel. The interactive communication device may be configured to subsequently exchange encrypted communications with the proximate communication device over the radio channel. The encrypted communications may be encrypted using the cryptographic key.

Web-filtering operations may be implemented on the user device, rather than on a centralized proxy server, to improve reliability, performance, and/or security of the web-filtering operations. Some or all of the necessary functions related to web-filtering may be performed on the end user device to remove the complexity and security issues inherent with the current methodology. One technique for allowing operation of proxy servers on user devices is to install smart agents on the user device. The smart agents, under control of a management server, may configure the proxy server, issue trust certificates to applications on the device, and/or provide proxy access configuration (PAC) files to applications on the device.

Systems and methods for controlling access to data in applications using client-side encryption. In that regard, in some examples, a first application (e.g., an email application, calendar application, messaging application, word processing application, file storage application, etc.) hosted from a particular web domain may be configured to invoke a second application hosted from a different origin (e.g., a different web domain or subdomain) to handle receiving and encrypting any sensitive information from a client entered through a client application (e.g., a web browser), and to handle decrypting information to be provided to the client through the client application. This second application may be loaded in an inline frame or similar subwindow or subroutine configured to prevent or limit the first application from having access to sensitive information in the second application.

Security system for protecting a vehicle electronic system by selectively intervening in the communications path in order to prevent the arrival of malicious messages at ECUs, in particular at the safety critical ECUs. The security system includes a filter which prevents illegal messages sent by any system or device communicating over a vehicle communications bus from reaching their destination. The filter may, at its discretion according to preconfigured rules, send messages as is, block messages, change the content of the messages, request authentication or limit the rate such messages can be delivered, by buffering the messages and sending them only in preconfigured intervals.

Systems and methods are disclosed for cross-platform token exchange. One method comprises receiving a primary token exchange request from an upstream entity, generating an ancillary detokenization request based on the primary token exchange request, and transmitting the ancillary detokenization request to an input token vault. An ancillary detokenization response comprising sensitive data may then be received from the input token vault, and one or more ancillary tokenization requests may be generated based on the ancillary detokenization response and the primary token exchange request. The one or more ancillary tokenization requests may be transmitted to one or more output token vaults. Subsequently, one or more ancillary tokenization responses may be received from the one or more output token vaults, each ancillary tokenization response comprising an output token. A primary token exchange response may be generated based on the one or more ancillary tokenization responses and transmitted to the upstream entity.

A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.

A method for facilitating secure communication between a user device and a network device. Encrypted data from a user device is received at the network device. The encrypted data is encrypted based on first physiological data captured by a first sensor of the user device. The first physiological data is representative of a physiological characteristic of a user of the user device. A second sensor of the network device captures second physiological data representative of the physiological characteristic of the user. A common key for encrypting further data transferred between the user device and the network device is determined, based on the encrypted data and the second physiological data. Further aspects relate to other methods for facilitating secure communication between a user and network device, a network, and a method of operating a network.

A security processor includes a key generator circuit configured to randomly generate a key, an encryption circuit configured to encrypt user data based on the key, and a security manager circuit configured to receive a first user identification (ID), which uniquely corresponds to a user of a device, and determine whether to allow access to the user data by authenticating the first user

ID.

A computer-implemented method comprising receiving, based on a first user interface of a first application executing on a first device, user input that indicates a recipient, the recipient associated with registration information that indicates a method of communication with the recipient and an encryption key associated with the method of communication. The method causing an encrypted message to be generated based on the encryption key, the encrypted message encrypting clear data based on received user input, causing the encrypted message to be formatted into an encrypted package, that is in an application format compatible with a second application corresponding to the method of communication, wherein the application format is compatible with the second application by at least being a format that is allowed to be sent or to be processed by the second application, and providing the encrypted package to the second application to be sent to the recipient.

Methods, systems, and devices for facilitating joint submissions. In an example embodiment, a system may facilitate a joint submission from multiple devices. For example, a primary device may receive data for a joint submission with a peripheral device, and the data may be segmented into sensitive and non-sensitive data.