Embodiments disclosed systems and methods to broadcast a message to one or more virtual data processing (DP) accelerators. In response to receiving a broadcast instruction from an application, the broadcast instruction designating one or more virtual DP accelerators of a plurality of virtual DP accelerators to receive a broadcast message, the system encrypts the broadcast message based on a broadcast session key for a broadcast communication session. The system determines one or more public keys of one or more security key pairs each associated with one of the designated virtual DP accelerators. The system encrypts the broadcast session key based on the determined one or more public keys. The system broadcasts the encrypted broadcast message, and the one or more encrypted broadcast session keys to adjacent virtual DP accelerators for propagation.

A device, system and method for privacy enhanced proximity detection by secure collaboration between a first party without access to user locations and a second party without access to a target user identifier. The second party may receive from the first party a homomorphic encryption public key and homomorphic encrypted target user identifier or masked target location, and may determine an associated homomorphic encrypted target user location. The second party may search a homomorphically encrypt database of user locations and associated user identifiers for homomorphic encrypted proximate user identifiers associated with homomorphic encrypted user locations proximate to the homomorphic encrypted target user location. The second party may send the first user the search result of homomorphic encrypted proximate user identifiers to be decrypted by the first party with a private key to identify proximate user identifiers without knowing their locations.

According to some embodiments, systems and methods are provided for revoking one or more of a plurality of entities in a vehicular public-key infrastructure. The systems and methods balance privacy and efficiency by distributing activation codes according to various approaches, including a direct request approach, a fixed-size subset approach, and a variable-size subset approach.

Today an individual attending an event must undertake a second registration and purchasing sequence in order to attend a subsequent occurrence of the event. However, by the time they remember to re-register their interest may have waned or the event is sold out. In other instances, they forget even though the event does not sell out. Accordingly, it would be beneficial to provide registrants of an event with a means to re-register for the next occurrence of the event in a manner that was quick, simple, independent of execution of the registration/purchase steps with a service provider, and independent of completion of service provider support for the next event. Further, it would be beneficial to leverage the credential provided to the registrant for the current event in progress or just completed in the re-registration of the registrant for the next event. It would be further beneficial for said method to leverage the technology and devices of portable electronic devices associated with the registrant.

A method for operating an electronic control unit (ECU) includes a normal mode and a protected mode. In the protected mode a new security artifact is stored in a microcontroller. The security artifact is transferred from the microcontroller to a microprocessor, and, after having received the security artifact, the microprocessor uses the security artifact for authenticating a program.

Trusted execution environment verification of a software package. An operating system (OS) initiates a software package verification process in a trusted execution environment, the OS being part of an OS environment comprising a file system. It is determined that a first software package in a software repository is to be installed into the OS environment. The first software package is downloaded to a storage device. The OS sends, to the software package verification process, first location information that identifies a location of the first software package. The OS receives, from the software package verification process, information that indicates that the first software package on the storage device is trusted.

A system and method of determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices. A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value. The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device. Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device. The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.

A piezoelectric container for tamper detection and damage monitoring of products within supply chains is described. The piezoelectric container enables tamper monitoring for a variety of items in transit including but not limited to those in the following sectors: medical, pharmaceutical, industrial, automotive, textiles, electronics, gems, precious metals, semiconductor chips, high value items, art, antiquities, safety critical components. For example, a sealed blister pack of prescription medicine may be stored and shipped in a piezoelectric container. The piezoelectric container can indicate tampering such as punctures, partial or total replacement of container contents, partial removal of contents, or other adverse or unwanted changes to the contents during transport.

The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.

Methods, systems, and devices are provided for authenticating API messages using PKI-based authentication techniques. A client system can generate a private/public key pair associated with the client system and sign an API message using the private key of the private/public key pair and a PKI-based cryptographic algorithm, before sending the signed API message to a server system. The server system (e.g., operated by a service provider) can authenticate the incoming signed API message using a proxy authenticator located in less trusted zone (e.g., a perimeter network) of the server system. In particular, the proxy authenticator can be configured to verify the signature of the signed API message using the public key corresponding to the private key and the same cryptographic algorithm. The authenticated API message can then be forwarded to a more trusted zone (e.g., an internal network) of the server system for further processing.