Systems and techniques for securing vehicle privacy in a driving infrastructure are described herein. A vehicle may contact a group identification (ID) issuer to register itself. A group ID may be received from the group ID issuer to indicate acceptance as a member. The vehicle may then contact the driving infrastructure to attach to the driving infrastructure using the group ID to identify the vehicle. In response, the vehicle receives an attachment ID from the driving infrastructure. Here, the attachment ID is used to secure communications between the vehicle and the driving infrastructure.

Methods and systems provide for reducing privacy leaks in DNS request by using a private DNS service. The private DNS service provides for matching a level of privacy provided by a type of communication protocol to a level of privacy desired or required for a particular client communication. When the DNS service determines that an intended communication protocol does not supply at least the level of privacy desired for a particular communication, the private DNS service may initiate the creation of a connection with the desired level of privacy.

An agent device transmits certain data, which is used for generating display data, of data relating to a plurality of pieces of operation data collected from an instrument to a computation server device. A service broker device relays certain data transmitted from the agent device to the server device. The server device generates display data on the basis of certain data relayed by the service broker device.

When a client certificate is required to connect to a client according to a predetermined communication protocol, a server receives a connection request that is a message associated with specific information from the client in a handshake for connection with the client. The server makes a client judgement as to whether or not a cache hit occurs, which is to find a summary client certificate in a cache area using the specific information associated with the connection request. When the result of the client judgement is true, the server returns to the client a connection response including hit information indicating that a cache hit occurs.

Data processing systems and methods according to various embodiments are adapted for automatically detecting and documenting privacy-related aspects of computer software. Particular embodiments are adapted for: (1) automatically scanning source code to determine whether the source code include instructions for collecting personal data; and (2) facilitating the documentation of the portions of the code that collect the personal data. For example, the system may automatically prompt a user for comments regarding the code. The comments may be used, for example, to populate: (A) a privacy impact assessment; (B) system documentation; and/or (C) a privacy-related data map. The system may comprise, for example, a privacy comment plugin for use in conjunction with a code repository.

A method comprising receiving, by a one-time pad (OTP) hub, from a first user of a computer network, a communication encrypted with an OTP associated with said first user, wherein said communication is intended for a second user; encrypting, by said hub, said communication with an OTP associated with said second user; decrypting, by said hub, said communication with an OTP associated with said first user; and delivering said communication to said second user.

A method for physical layer secure transmission against an arbitrary number of eavesdropping antennas includes: S1: communication between legitimate transmitter Alice and legitimate receiver Bob is confirmed; S2: Alice randomly generates a key bit b.sub.k with M.sub.S bits, maps the key bit b.sub.k into a key symbol K, and performs an XOR on the key bit b.sub.k and to-be-transmitted confidential information b to obtain an encrypted bits b.sub.s; S3: Bob transmits a pilot sequence to Alice, and Alice calculates a candidate precoding space W and transmits modulated symbol streams s=(s.sub.1, . . , s.sub.N) by using precoding W(e); S4: Bob measures received signal strength of each antenna, estimates the corresponding antenna vector e, inversely maps the vector e to obtain key symbols and key bits, and demodulates the received symbol streams in sequence at each activated antenna to obtain demodulated ciphertext bits; S5: Bob performs an XOR on observed key bits and the demodulated ciphertext bits to obtain the confidential information.

A computer-implemented method is for controlling access to a private message (1) of a user of a first terminal (4) to a user of a second terminal (5). The method includes detecting (8) the private message (1) and the receiver (3) on the first terminal (4) and ascertaining (9) the address of the second terminal (5) based on the detected receiver. A request (13, 16) of the status of an access control is transmitted from the first terminal (4) to the second terminal (5). A private message (1) is transmitted from the first terminal (4) to the second terminal (5) only if the request (16) has been answered by the second terminal (5) with a status notification (19) and the access control (17) at the second terminal (5) is active according to the status notification (19).

A secure translator is described herein for use with an insecure device. An insecure device is a computing device that either does not have the ability to or can no longer communicate at desired security levels. The secure translator is configured to act as a proxy for insecure devices, allowing for full translation of any inbound communication to be secured, with information scrubbed or otherwise manipulated, then translated over a direct connection to the insecure device.

The techniques described herein increase the throughput of a single VPN connection by creating multiple outbound and/or inbound Security Associations (SAs). For instance, two or more different SAs can encrypt outbound data packets to be sent over the VPN connection to a remote device. Moreover, two or more different SAs can decrypt inbound data packets received over the VPN connection from the remote device. Each of the SAs can be bound to a different processing core via the use of a Security Parameter Index (SPI) identifier. Consequently, inbound data packets communicated over a single VPN connection from a remote device to a physical host in a VPN gateway can be distributed amongst multiple processing cores for decryption purposes. Further, outbound data packets to be communicated over the single VPN connection from the physical host to the remote device can be distributed amongst multiple processing cores for encryption purposes.