Example data verification methods and apparatus are described. One example method is applied to a first device in a vehicle, where the vehicle includes the first device and a second device. The first device receives a first message from the second device, where the first message includes first verification information, the first verification information is used to perform verification on first data, and the first data is configuration information of the second device that is stored in the second device. The first device performs verification on the first data based on configuration information of the second device that is stored in the first device and the first verification information.

An embedded policy takes the form of an executable entity local to the endpoint or end application attempting to access target data. The executable entity is compiled from a declarative remote policy based on objects, subjects and actions, and includes a library and API (Application Programming Interface) in conjunction with a client application seeking access according to the policy. Evaluation of appropriate access is resolved with a local function call to the executable entity, rather than a network message exchange, thus providing data target access according to the policy without incurring network latency.

A control method implemented by a first node in a blockchain network, the blockchain network including the first node that stores logic of first processing and a second node that does not store the logic of the first processing, the control method including: executing the first processing on the basis of the logic of the first processing; and when the first processing is executed, recording, in a blockchain managed by the blockchain network, a block that includes information that indicates that the first processing has been executed.

Heartbeat consensus forming for the state of a digital ledger built upon a blockchain to provide users with the ability to securely, accurately, and verifiably share state information between distrustful parties is provided herein. The digital ledger is hosted in a networked environment, accessible by multiple parties. Heartbeat transactions allow clients, who are not in direct communication with one another and may distrust one another, to verify the integrity of the digital ledger via consensus. The consensus is readily verifiable by each client on its own machine and allows the ledger to be recovered to an agreed-to state in the event of a fault initiated by a client or the host of the ledger, whether malicious or otherwise. The digital ledger is freely movable to different hosts in the event of a fault.

An information processing device includes a memory; and a processor coupled to the memory and configured to transmit, to a terminal, a program and a first identifier related to the program, the program being encrypted with a first public key corresponding to a first private key of the terminal, the first identifier being encrypted by using the first public key and a second public key not corresponding to the first private key; and when the terminal receives the first identifier decrypted by the first public key and encrypted by the second public key, register, in a blockchain, transaction information which includes the first identifier decrypted with the second private key corresponding to the second public key.

Protecting PII submitted through a browser. In some embodiments, a method may include detecting multiple PII of a user submitted to multiple organization websites through a browser. The method may also include encrypting each of the PII. The method may further include storing each of the encrypted PII along with an identifier of the organization website to which the PII was submitted. The method may also include receiving a request to view the PII along with an indicator of the organization website to which the PII was submitted. The method may further include retrieving each of the encrypted PII along with the identifier of the organization website to which the PII was submitted. The method may also include decrypting each of the encrypted PII. The method may further include displaying each of the PII along with the indicator of the organization website to which the PII was submitted.

A computer-implemented method is disclosed. The method includes: receiving a first request to initiate a first resource transfer for transferring a first defined quantity of resources from a transferor data record to a transferee data record; determining that the first resource transfer is of a first type; in response to determining that the first resource transfer is of a first type, performing verification of the transferee data record by: transmitting, to a first server associated with the transferee data record, a second request to initiate a second resource transfer for transferring a second defined quantity of resources from the transferee data record to the transferor data record; receiving, from the first server, a response message associated with the second request, the response message authorizing the second resource transfer; and verifying the transferee data record based on the response message, and after verifying the transferee data record, initiating a third resource transfer for transferring a third defined quantity from the transferor data record to the transferee data record.

Signature-based authentication is a core cryptographic primitive essential for most secure networking protocols. A new signature scheme, MSS, allows a client to efficiently authenticate herself to a server. The new scheme is modeled in an offline/online model where client online time is premium. The offline component derives basis signatures that are then composed based on the data being signed to provide signatures efficiently and securely during run-time. MSS requires the server to maintain state and is suitable for applications where a device has long-term associations with the server. MSS allows direct comparison to hash chains-based authentication schemes used in similar settings, and is relevant to resource-constrained devices, e.g., IoT. MSS instantiations are derived for two cryptographic families, assuming the hardness of RSA and decisional Diffie-Hellman (DDH) respectively. Then used is the new scheme to design an efficient time-based one-time password (TOTP) protocol.

Embodiments include systems, methods, computer readable media, and devices configured to, for a first processor of a platform, generate a platform root key; create a data structure to encapsulate the platform root key, the data structure comprising a platform provisioning key and an identification of a registration service; and transmit, on a secure connection, the data structure to the registration service to register the platform root key for the first processor of the platform. Embodiments include systems, methods, computer readable media, and devices configured to store a device certificate received from a key generation facility; receive a manifest from a platform, the manifest comprising an identification of a processor associated with the platform; and validate the processor using a stored device certificate.

The present disclosure relates generally to data access control solutions. In particular, techniques are provided to implement a secure and distributed file storage scheme and in particular, a managed access system using a blockchain. In some aspects, a process of the disclosed technology includes operations for associating a first key share with a first copy of a file, wherein the first copy of the file is stored by a first party, associating a second key share with a second copy of the file, and recording versioning information corresponding with the file on a distributed ledger accessible by the first party and the second party. In some aspects, the process can further include operations for managing access to the file using the first key share and the second key share. Systems and machine-readable media are also provided.