A method is disclosed for authentic data transmission between control devices of a vehicle in which messages which are sent from a first control device to a receiver control device and are provided with a first cryptographic key for authentication, and messages that are sent from a second control device to the receiver control device are provided with a second cryptographic key for authentication. First status information provided with a third cryptographic key is sent from a monitoring module of the first control device to the receiver control device and second status information provided with the second cryptographic key is sent from the second control device to the receiver control device. The first status information and second status information are received by the receiver control device. The received first and second status information is evaluated to detect a manipulation of the first control device.

Disclosed is a database encryption method supporting composable SQL query, which mainly comprises the following steps: (1) a user encrypting and preprocessing data based on the encryption scheme provided by the present disclosure and uploading an encryption result and preprocessed data to a service provider; (2) setting and uploading a SQL query instructions: the user uploads the query instruction to the service provider according to actual needs, and uploads auxiliary parameters for the query instruction at the same time; (3) data query: the service provider performs SQL query according to the query instruction and auxiliary parameters received from the user, saves a calculation result, updates the data and returns a query result to the user.

An electronic device using a division permission and an operating method thereof are disclosed herein. The electronic device includes a processor or a memory storing at least one instruction executable by the processor, and when the at least one instruction is executed by the processor, the processor receives a request for installing a first application on an electronic device, acquires a division permission information corresponding to a signature permission declared by the first application, applies the division permission information to a database, installs the first application. The division permission information may be used for the signature permission on a second application different from the first application.

An electronic device using a division permission and an operating method thereof are disclosed herein. The electronic device includes a processor or a memory storing at least one instruction executable by the processor, and when the at least one instruction is executed by the processor, the processor receives a request for installing a first application on an electronic device, acquires a division permission information corresponding to a signature permission declared by the first application, applies the division permission information to a database, installs the first application. The division permission information may be used for the signature permission on a second application different from the first application.

Various embodiments of the present application set forth a computer-implemented method that includes generating, based on a resource file stored at an endpoint device, a credential data packet for authenticating with a first application executing in a first network, where the resource file includes a set of encryption keys associated with a plurality of applications including the first application, and where the credential data packet is encrypted with a device key signed by the endpoint device, and the credential data packet is signed by an endpoint device management (EDM) key extracted from the set of encryptions keys included in the resource file, sending, by the endpoint device, the credential data packet to the first application via a trusted communication channel, and receiving, by the endpoint device and in response to the credential data packet, an authorization packet from the first application via the trusted communication channel.

An example process includes breaking content into multiple fragments; and transmitting at least two of the multiple fragments over different physical channels in order to isolate the at least two fragments during transmission. The example process may include generating session keys; encrypting at least some of the fragments using different session keys; and associating, with each fragment, a session key used to encrypt a different fragment to produce fragment/session key pairs.

An example process includes breaking content into multiple fragments; and transmitting at least two of the multiple fragments over different physical channels in order to isolate the at least two fragments during transmission. The example process may include generating session keys; encrypting at least some of the fragments using different session keys; and associating, with each fragment, a session key used to encrypt a different fragment to produce fragment/session key pairs.

A device management service of a provider network maintain a device repository that is accessible to a remote managed network. The device management service assigns different service credentials for different edge devices indicated by the device repository. For a particular edge device, the device management service provides, based on the service credentials assigned for the edge device, secure transmission of a message between the device management service and a network manager of the managed network. The network manager of the managed network provides secure transmission of the message between the network manager and the edge device based on local credentials assigned for the edge device.

A device management service of a provider network maintain a device repository that is accessible to a remote managed network. The device management service assigns different service credentials for different edge devices indicated by the device repository. For a particular edge device, the device management service provides, based on the service credentials assigned for the edge device, secure transmission of a message between the device management service and a network manager of the managed network. The network manager of the managed network provides secure transmission of the message between the network manager and the edge device based on local credentials assigned for the edge device.

A scheme for securely transferring a patient data file to an intended recipient regardless of a transfer mode selected by a sender. Encryption system executing at the sender device is operative to encrypt each plaintext data line of a file, one by one, using a symmetric key and a starting IV that is incremented per each line, resulting in corresponding ciphertext lines added to an encrypted file. A hash is generated based on the encrypted file. An encrypted header containing the symmetric key, starting IV and the hash is generated using a public key of the recipient, which is appended to the encrypted file. The encrypted header and associated encrypted file are transmitted to the recipient in any manner. Upon receipt, the recipient decrypts the encrypted header using a private key to obtain the symmetric key, starting IV and the hash, which are used by the recipient to validate and decrypt the encrypted file on a line-by-line basis.