A disclosed method for provisioning a computing device includes receiving, by provisioning software that executes on the computing device to provision the computing device for access to an enterprise infrastructure from a device orchestration service through which computing devices are provisioned to access the enterprise infrastructure, a digital certificate representing a credential for accessing, by a user via the computing device, the enterprise infrastructure. The method also includes storing, by the provisioning software, the digital certificate in dedicated secure credential storage on the computing device, receiving, by the provisioning software, a one-time-usable nonce value generated by the device orchestration service and usable by the provisioning software to unlock the digital certificate stored in the dedicated secure credential storage, unlocking the digital certificate, and presenting the digital certificate to the enterprise infrastructure to authorize access to the enterprise infrastructure by the user via the computing device.

A communication system is provided, the communication system including an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service. A storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals. A receiving unit receives designation information that designates the provider registration information. A transmitting unit transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider information.

A communication system is provided, the communication system including an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service. A storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals. A receiving unit receives designation information that designates the provider registration information. A transmitting unit transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider information.

The invention relates to a method and a device, in particular a flame monitor, for authenticating interactions in microcontroller- and/or FPGA-based devices or appliances independently of a system time, in particular in embedded systems, in which a cryptographic hash value (R′TOTP, RTOTP) which may also be present in truncated form is calculated in a requesting device (10) and in an authenticating device (30) on the basis of a shared secret (S) used by both devices (10, 30) and in a TOTP module (12, 32) that operates in both devices (10, 30) in accordance with the TOTP method, wherein instead of a system time (R) a predefinable item of information (R) for computing the respective hash values (R′TOTP, RTOTP) is fed to the TOTP modules (12, 32), in such a way that the predefinable item of information (R) is generated or provided by the authenticating device (30) and in response to a request from the requesting device (10) or in response to direct input to the authenticating device (30) is transmitted to the requesting device (10), where it is then fed to the TOTP module therein (12) in order to compute a hash value, and the hash value (R′TOTP) computed there is passed on to the authenticating device (30), and such that, if said hash value (R′TOTP, RTOTP) received by the authenticating device (30) is identical to the hash value (R′TOTP) computed in the authenticating device (30) using the predefined item of information (R), authentication is successful and the interaction is released, or otherwise blocked in the case of a mismatch.

The invention relates to a method and a device, in particular a flame monitor, for authenticating interactions in microcontroller- and/or FPGA-based devices or appliances independently of a system time, in particular in embedded systems, in which a cryptographic hash value (R′TOTP, RTOTP) which may also be present in truncated form is calculated in a requesting device (10) and in an authenticating device (30) on the basis of a shared secret (S) used by both devices (10, 30) and in a TOTP module (12, 32) that operates in both devices (10, 30) in accordance with the TOTP method, wherein instead of a system time (R) a predefinable item of information (R) for computing the respective hash values (R′TOTP, RTOTP) is fed to the TOTP modules (12, 32), in such a way that the predefinable item of information (R) is generated or provided by the authenticating device (30) and in response to a request from the requesting device (10) or in response to direct input to the authenticating device (30) is transmitted to the requesting device (10), where it is then fed to the TOTP module therein (12) in order to compute a hash value, and the hash value (R′TOTP) computed there is passed on to the authenticating device (30), and such that, if said hash value (R′TOTP, RTOTP) received by the authenticating device (30) is identical to the hash value (R′TOTP) computed in the authenticating device (30) using the predefined item of information (R), authentication is successful and the interaction is released, or otherwise blocked in the case of a mismatch.

Methods and systems are described for verifying an identity of a user through contextual knowledge-based authentication. The system described uses contextual knowledge-based authentication. By verifying an identity of a user through contextual knowledge-based authentication, the verification is both more secure and more intuitive to the user. For example, by relying on confidential and/or proprietary information, the system may generate verification questions, the answers to which are known only by the user.

Methods and systems are described for verifying an identity of a user through contextual knowledge-based authentication. The system described uses contextual knowledge-based authentication. By verifying an identity of a user through contextual knowledge-based authentication, the verification is both more secure and more intuitive to the user. For example, by relying on confidential and/or proprietary information, the system may generate verification questions, the answers to which are known only by the user.

Systems and methods for providing independent situational awareness messages are provided. The method includes receiving, by a rendering engine, a request for information from an input interface. The rendering engine queries at least one data store in response to the request. The rendering engine obtains public content data and private content data from the data store. The rendering engine transmits the public content data over a public output interface. The rendering engine transmits the private content data over a private output interface.

A communication system is provided, the communication system including an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service. A storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals. A receiving unit receives designation information that designates the provider registration information. A transmitting unit transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider information.

A communication system is provided, the communication system including an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service. A storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals. A receiving unit receives designation information that designates the provider registration information. A transmitting unit transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider information.