According to an aspect, a method for accessing a computing device includes receiving, by the computing device, an authentication credential for recovery access to the computing device, the authentication credential being different from an authentication credential used to access encrypted data on the computing device, obtaining, in response to receipt of the authentication credential for recovery access, a first key portion stored on the computing device, transmitting, over a network, a request to receive a second key portion, receiving, over the network, a response that includes the second key portion, recovering a decryption key using the first key portion and the second key portion, and decrypting the encrypted data on the computing device using the decryption key.

A method to implement traceability and provability on a particular project in software development based on blockchain-recorded transactions of assigned developer time, the method comprising of the following steps: setting up a blockchain network comprised of a distributed, redundant, and tamper-resistant ledger; issuing each user an attestable pre-fabricated and signed virtualized environment on approved hardware that comes with functionality required for the user's role implemented as one of a set of virtual machine templates fashioned from a signed and approved pre-fabricated image; and verifying that assigned developer time is valid, and if so, record each development action on the ledger to enable extensive tracking and auditing of end- to-end software development process.

A method may include splitting an original token into a first sub-token and a second sub-token, generating a first hash value of the first sub-token and a first randomness value, and generating a second hash value of the second sub-token and a second randomness value. The method may also include evaluating an NIZKP regarding the split, and sampling first and second signature keys and verification keys associated with the first and second sub-tokens, respectively. The method may additionally include generating first and second signed values of concatenations of the first and second hash values and the first and second verification keys, respectively, and signed using an initial signature key of a current owner of the original token. The method may additionally include sending the NIZKP, the first and second hash values, the first and second signed values, and the first and second verification keys to the blockchain.

An example operation includes one or more of saving a hash of data including occupant data and transport data on a transport in response to the transport is started, performing a security check that validates the hash of data against the data in response to the transport is started, and providing a resolution when the security check fails.

A system includes a ledger on which a task giver may register a task. The task may include executable code. A task solver may accept the task and execute the code to produce a solver output that is recorded on the ledger. Verifiers may provide competing verifier outputs which may also be recorded on the ledger. The solver and verifiers may compare their outputs to determine if there is agreement. Agreement may signify consistent and accurate execution of the code. Disagreement may indicate the presence of errors. In some cases, the solver and verifiers may compete in a contention-based protocol where a solver may assert control of tokens where the solver identifies an error in verifier execution. Additionally or alternatively, a verifier may assert control of tokens where the verifier identifies an error in solver execution.

Methods, systems, apparatuses, and computer-readable storage mediums described herein enable executable code of a hardware security platform (HSP) circuit to communicate with a hypervisor in a separate processor. The hypervisor generates and manages virtual machines. The HSP code comprises trusted platform module (TPM) logic, that processes TPM commands received via the hypervisor, and in response to the processing, communicates security information (e.g., measurements, keys, authorization data) with the virtual machines via the hypervisor. The TPM logic receives security information related to a virtual machine from the hypervisor and stores the security information in non-volatile memory of the HSP circuit, where security information from a particular VM is distinguishable from security information from another VM in the HSP memory. The hypervisor (and VMs) communicate via a network fabric with the HSP circuit within an SOC, or the HSP may reside on a discrete chip and communicate via a secure encrypted channel.

Systems, computer program products, and methods are described herein for enhanced authentication framework using multi-dimensional hashing. The present invention is configured to electronically receive, from a computing device of a user, a resource transfer request; retrieve, from an authentication database, a multi-dimensional hash for a first set of data files for the user and a user identification artifact; retrieve, from the computing device of the user, a second set of data files matching the user identification artifact; initiate an asynchronous hash processing engine on the second set of data files; generate, using the asynchronous hash processing engine, a multi-dimensional hash for the second set of data files; compare the multi-dimensional hash for the first set of data files with the multi-dimensional hash for the second set of data files to determine a match; and authorize the resource transfer request based on at least determining the match.

The present disclosure provides a graphical watermark, a method and an apparatus for generating a graphical watermark, and a method and an apparatus for authenticating a graphical watermark. The graphical watermark includes: a plurality of graphical markers carrying position and pose information, and identity information of the graphical watermark; and a watermark pattern provided between a pair of graphical markers.

Described herein is a system and method for validating media integrity using asymmetric key cryptography utilizing a public/private cryptographic key pair. The private key is kept secret and is known to an originator and/or publisher of a media file. The public key is added to the media file and is used to validate integrity of the media file, that is, that content of the media file (e.g., portion(s), frame(s)) has not been altered since publication of the media file. By validating integrity of the media file, strong proof that the media file came from an owner of the keypair (e.g., had possession of the private key) can be obtained, for example, resolving issues of trust and/or authenticity common in altered content. In some embodiments, information regarding an origin of the content can further be determined.

A system for security key rotation in a cloud computing environment is disclosed. The system performs steps to at least initiate, at a predetermined interval, a call to determine whether to initiate generation of a public-private key pair for a client application. The system determines whether to initiate generation of the public-private key pair for the client application and based on determining to initiate generation of the public-private key pair for the client application, transmits a control signal requesting generation of the public-private key pair The system generates the public-private key pair and transmits a private key associated with the public-private key pair to a secure storage location for later retrieval by the client application and transmits a public key associated with the public-private key pair to a public key service for later retrieval by a client associated with the client application.