Two-way secure channels are provided between two parties to a communication with certification being provided by one party. One method comprises providing, by a first entity that provides a certificate authority, a first signed certificate to a second entity, wherein the first signed certificate is signed by the certificate authority and wherein the second entity generates a first request to sign a second certificate generated by the second entity, wherein the first request is generated by the second entity using a first credential generated by the second entity; receiving, from the second entity, (i) the first request to sign the second certificate, and (ii) the first signed certificate; and providing, in response to the certificate authority verifying the first signed certificate, a second signed certificate, signed by the certificate authority, to the second entity; wherein one or more additional communications between the first entity and the second entity use the two-way channel.

A covert channel construction method in a blockchain network includes: sharing, by a first terminal and a second terminal, a secret key and transaction information, and generating a blockchain network address by using the secret key and a standard public key address generation algorithm, wherein the transaction information comprises a permutation mapping table and an information capacity of a single transaction; sending, by the first terminal, information by using an information hiding method, and performing simultaneously, by the first terminal and the second terminal, transaction recording; and monitoring, by the first terminal and the second terminal, whether an account transaction of the blockchain network address exists in a blockchain, if yes, extracting, by the second terminal, the information by using an information extraction method, and after extracting the information, replying to the information by using the information hiding method, thereby enabling communication parties to safely transmit information.

A video player for playing a video stream that receives a master playlist identifying at least one variant playlist identifying a video file encoded as a series of video frames that when decoded provide the video stream. The video player based upon a configuration tag in the master play list selectively determining whether the video file is to be processed in a trusted execution environment. The trusted execution environment of the video player selectively includes at least one of (i) hack one, only hack one; (ii) output and link protection; (iii) hardware root of trust; and (iv) forensic watermarking, and decrypts and/or decodes the video stream in such an environment.

Data privacy using federated learning is provided by receiving one or more instance(s) of a master RL agent model and training the instance(s) of the master RL agent model on a corresponding graph, thereby generating corresponding sets of RL model weights. One or more information gains corresponding to one or more software stacks are generated. The information gain(s) and the RL model weight(s) are transmitted to a central server to enable the central server to update the master RL agent model based on the information gain(s) and the RL model weights.

Aspects of the disclosure include a method and associated network device. The method includes authenticating an identity of a user of a client device after the client device is associated with an access network provider. Authenticating the identity of the user comprises receiving, from an identity provider, a credential associated with the identity, and receiving, from the identity provider, information identifying a network-based service to be applied to network traffic with the client device. The method further includes establishing, using the credential and the received information, a secure connection between the access network provider and a service provider that is capable of providing the network-based service. The method further includes receiving network traffic from the service provider. Packets of the network traffic include an assurance value that enables the client device to determine that the network-based service is being provided by the service provider.

The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.

Apparatus for the transfer of sensitive information between two parties facilitated by an intermediary, the apparatus adapted to: receive from the first party voice signals and data signals; determine a parameter relating to an estimate of the time required for sensitive information to be determined from the data signals received from the first party; transmit to the intermediary the received voice signals and the parameter; determine sensitive information from the received data signals; and transmit the sensitive information to the second party. A corresponding method is also provided.

Use of embedded metadata for data privacy compliance is provided. In a data store, self-managed data is maintained including metadata specifying retention policy data. Responsive to a self-update to scrub PII from the self-managed data being indicated by the retention policy data, the PII is removed from the self-managed data maintained by the data store. Responsive to a self-update to delete the self-managed data from the self-managed data being indicated by the retention policy data, the self-managed data is removed from the data store.

Various implementations described herein may refer to a compliance platform for use with identity data. In one implementation, a method may include receiving a compliance data package from a user, where the compliance data package includes encrypted evidence data corresponding to digital identity data of the user. The method may also include encrypting the compliance data package using a first cryptographic key. The method may further include generating a user key shard, a requestor key shard, and a regulator key shard based on the first cryptographic key. The method may include generating an unlock data package that includes the requestor key shard and encrypting the unlock data package using a second cryptographic key. The method may also include transmitting the user key shard, the encrypted unlock data package, and the encrypted compliance data package to the user. The method may include transmitting the regulator key shard to a regulator.

Information associated with loans on personal property assets, such as vehicles or buildings, may be managed. An access computing device may be configured to access a blockchain network including a plurality of node computing devices that store a respective copy of a plurality of blockchains, each blockchain including a sequence of one or more blocks. The access computing device may manage communication of data between the blockchain network and a loan applicant or loan provider. The access computing device may transmit instructions to a node computing device to generate new blocks in the blockchain associated with new and/or updated loans on a personal property asset.