A system for detecting and mitigating forged authentication object attacks is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to retrieve the new authentication object from the authentication object inspector, calculate a cryptographic hash for the new authentication object, and store the cryptographic hash for the new authentication object in a data store; wherein subsequent access requests accompanied by authentication objects are validated by comparing hashes for each authentication object to previous generated hashes.

A method for enabling a secure communication with a target device over a network includes: opening an unsecured OPC UA Endpoint by an OPC UA Server that runs on the target device; connecting to the OPC UA Server over the network by an OPC UA Client running on a first device, and requesting the initial device certificate; receiving the initial device certificate by unsecured communication over the network; validating, by the first device, the initial device certificate; establishing, by the first device, a device certificate; encrypting, by the first device, at least the device certificate; sending the encrypted data over the network; decrypting, by the target device, the encrypted data using an initial device private key associated with the initial device certificate to obtain at least the device certificate; storing the device certificate on the target device; and opening a secured OPC UA Endpoint by the OPC UA Server.

A method for authorizing I/O (input/output) commands in a storage cluster is provided. The method includes generating a token responsive to an authority initiating an I/O command, wherein the token is specific to assignment of the authority and a storage node of the storage cluster. The method includes verifying the I/O command using the token, wherein the token includes a signature confirming validity of the token and wherein the token is revocable.

A server can record (i) a first digital signature algorithm with a first certificate, and a corresponding first private key, and (ii) a second digital signature algorithm with a second certificate, and a corresponding second private key. The server can select first data to sign for the first algorithm and the first private key in order to generate a first digital signature. The server can select second data to sign, wherein the second data to sign includes at least the first digital signature. The server can generate a second digital signature for the second data to sign using the second algorithm and the second private key. The server can transmit a message comprising (i) the first and second certificates, and (ii) the first and second digital signatures to a client device. Systems and methods can concurrently support the use of both post-quantum and classical cryptography to enhance security.

An integrated circuit having Radio Frequency Identification components and circuitry used for authentication is discussed. The RFID components and circuitry include two or more coils and corresponding electrical circuits that are tuned to use two or more different resonant frequencies including: a first resonant RF used for power generation and a second resonant RF used for data communication. The integrated circuit contains a unique signature that is used for the authentication with two or more aspects including i) a first aspect that is a programmed password in a memory embedded on the integrated circuit, and ii) a second aspect that is a unique, randomly generated code based upon a physical characteristic of the integrated circuit.

Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.

The present application discloses a method of issuing pseudonymous authorisation tickets to nodes of a cooperative ITS, for signing messages, comprising: receiving a ticket request from a node in an authorisation server, and sending a validation request to an enrolment server, conducting a validity check in the enrolment server, and, when the validity check is passed, incrementing a counter value of a counter assigned to an account at an account server enrolled with the enrolment server for the requesting node, sending a validation message to the authorisation server, and issuing a pseudonymous authorisation ticket from the authorisation server to the requesting node, repeating the aforementioned steps until a predetermined charging period expires, and, upon expiry, sending, from the enrolment server to the authorisation server, said counter value, and sending a charging request calculated from said counter value from the authorisation server to the account server for charging said account.

Methods and systems for transferring information, comprising: transmitting, by a first computing device of the first computing system, a first network function request to a decentralized network, the first network function request including first information; and transmitting, by a second computing device of the second computing system, a second network function request to the decentralized network, the second network function request including second information.

According to the present invention, there is provided a sales system (10) that includes a plurality of information acquisition units (11-1 to 11-N (N is an integer equal to or greater than 2)) installed for a plurality of respective products, a registration unit (12) that registers a product corresponding to a first information acquisition unit (11-A (A is an integer equal to or greater 1 and equal to or smaller than N)) in association with customer identification information when the customer identification information is input through the first information acquisition unit (11-A), a reception unit (13) that receives a request for a product list associated with the customer identification information from a customer terminal, and a transmission unit (14) that transmits the product list to the customer terminal in response to the request.

A method and system for determining whether a consensus has been achieved for adding a block to a distributed ledger. The system receives a candidate block to add to the distributed ledger and receives block approvals of approving participants for the candidate block. The system calculates a total block approval stake that the approving participants have in the distributed ledger. The system identifies a total stake that participants have in the distributed ledger. When the total block approval stake is at least a threshold fraction of the total skate, the system indicates that the consensus has been achieved for adding the candidate block to the distributed ledger.