A vehicle control method of starting and shutting down an engine, in which a processor receives a blockchain update comprising a first transaction with instructions to perform an engine startup or shutdown; the blockchain update is validated; an engine startup or shutdown is performed based on the validated blockchain update; where the engine startup or shutdown is delayed based on validating a predetermined number of subsequent blockchain updates, including a second transaction with instructions to perform the engine startup or shutdown.

A methodology for requesting at least one signed security measurement from at least one module is provided. The methodology includes receiving the at least one signed security measurement from the at least one module; validating the at least one signed security measurement; generating a signed dossier including all validated signed security measurements in a secure enclave, the signed dossier being used by an external network device for remote attestation of the device.

Bitcoins and the underlying blockchain technology are one of the main innovations in building decentralized applications. The effects of quantum computing on this technology are analyzed in general. Provided herein are effective solutions to address security vulnerabilities in a blockchain-based system that can be exploited by a quantum attacker.

Methods and systems for facilitating authentication of a user with a plurality of applications are described. One method includes authenticating a user with a first secure application based on information received from a smart credential stored on a mobile device via a local wireless connection. The method includes obtaining a remote challenge from a remote authentication service and a mobile challenge, signing the mobile challenge with a private key, and transmitting a signed version of the mobile challenge, the remote challenge, and a public key to the mobile device. The method further includes receiving a signed version of the remote challenge and a certificate indicating validation of the mobile challenge, and transmitting the signed version of the remote challenge to the remote authentication service. Based on receiving an authentication result from the remote authentication service, access is granted to a remote secure application via the browser.

A network can operate a WiFi access point with credentials. An unconfigured device can (i) support a Device Provisioning Protocol (DPP), (ii) record responder bootstrap public and private keys, and (iii) be marked with a tag. The network can record initiator bootstrap public and private keys, as well as derived initiator ephemeral public and private keys. An initiator can (i) operate a DPP application, (ii) read the tag, (iii) establish a secure and mutually authenticated connection with the network, and (iv) send the network data within the tag. The network can record the responder bootstrap public key and derive an encryption key with the (i) recorded responder bootstrap public key and (ii) derived initiator ephemeral private key. The network can encrypt credentials using the derived encryption key and send the encrypted credentials to the initiator, which can forward the encrypted credentials to the device, thereby supporting a device configuration.

A method of operating a computer-controlled first device for establishing a secure data communication with a computer-controlled second device in a passenger transportation arrangement distributed control system includes: generating an encryption key including a public and private key pair; creating credentials (e.g. X.509 certificate) based on the generated encryption key; preparing a certificate signing request CSR and dispatching the CSR via a secured data communication path to a certificate authority CA that is based on a public key infrastructure PKI operated by the passenger transportation arrangement operator; receiving the certificate from the CA with a signature using a private key held secret by the operator; establishing the secure data communication with the second device by transmitting the credentials to the second device, wherein the second device accepts establishing the secure data communication upon verification of the signature of the credentials executed using a public key of the operator.

Systems and methods leverage trust anchors to generate tokens which can then be used by network functions (NFs). A virtualization infrastructure manager (VIM) for a virtualized platform receives a NF software package and a certificate request token (CRT) from a management function. The NF is a virtual NF, a containerized NF, or another virtual entity (xNF) to be deployed. The CRT is digitally signed by the management function and includes a network address of a trust anchor platform and a NF profile. The VIM deploys the NF and provides the CRT to the NF. The NF obtains from the CRT the network address of the trust anchor platform, generates a certificate signing request (CSR) for a digital certificate, and submits the CSR and the CRT to the trust anchor platform. The NF receives a digital certificate from the trust anchor platform based on validation of both the CSR and CRT.

The present disclosure is directed to methods that may store data securely at a set of linked data-blocks. Information that may be used to track a series of product or service purchases (transactions) may be stored in these sets of linked data-blocks to facilitate the fidelity of data associated with sets of transactions made by related users that belong to a multilevel marketing (MLM) organization. Data stored at these data-blocks may be protected by pairs of keys to mitigate data loss, data corruption, or accesses by nefarious individuals. Each data-block of this chain of data-blocks may be parsed to identify commission data and to identify users that should receive commissions based on the sale of the product or service. These data-blocks may store as a set of blockchain data where pointers point to different respective data-blocks that contain data used to identify specific users that should receive commissions.

Systems and methods are described that enable trusted communications between two entities. In one implementation, a controller of a vehicle may include one or more processors configured to receive data and a controller signature from a second controller of the vehicle. The controller signature may be generated based on at least a first portion of the data. The one or more processors may be further configured to transmit the data and the controller signature to a gateway of the vehicle and receive a gateway signature from the gateway. The gateway signature may be generated based on at least a second portion of the data and transmitted to the controller after the gateway verified the controller signature. In addition, the one or more processors may be configured to verify the gateway signature and process the data.

A computer implemented method includes generating, by a processor associated with a first client computer, a request message; generating, by the processor, a first public token based on a first private token; augmenting, by the processor, the electronic data transaction request message with the first public token; transmitting, by the processor, the augmented electronic data transaction request message to a second client computer; generating, by the processor, a second public token based on the first public token; identifying, by the processor, from a database of result messages, a result message labeled with the second public token, the identified result message including encrypted confidential information; generating, by the processor, a second private token corresponding to the second public token used to identify the result message; and decrypting, by the processor, the encrypted confidential information with the second private token.