The present disclosure describes methods and systems for establishing a Session Initiation Protocol Session. One method includes transmitting a first message requesting authentication configuration information; in response to the first message, receiving a second message that includes the authentication configuration information; transmitting a third message that includes authentication information based upon the received authentication configuration information; receiving an authentication challenge request that is formatted according to the second protocol; and in response to receiving the authentication challenge request, transmitting an authentication response to the second network node.

Methods and systems for performing on demand access transactions are disclosed. In one example, the method includes receiving, by a directory service computer from an authorizing computer, a file including a primary access identifiers and virtual access identifiers, the virtual access identifiers not being capable of being used at resource providers to conduct transactions. The method also includes receiving a request to provide an access token that is associated with an account, the request comprising information that identifies the account. The method further includes retrieving a virtual access identifier based on the identifying information; and requesting, by the directory service computer to a token service computer, that the access token be provisioned on the user device or an application computer associated with an application on the user device.

A method for obtaining a command relating to a profile for a security module of the equipment to access a network by mobile equipment. The method includes: sending, to a first server, a request including an anonymous identifier of the security module based on a physical identifier of the module and a random variable; receiving, from the first server, an address of a second server, which prepared the command and associated the command with the anonymous identifier, a request of the command having been previously received from a third server via the second server; sending, to the second server, the physical identifier of the module and of the random variable; receiving, from the second server, the command when a verification by the second server that the anonymous identifier of the security module has been computed on the basis of the received physical identifier and of the random variable is positive.

The present invention provides a health file access control system and method in an electronic medical cloud. The system comprises: a medical management center unit configured to generate a system public key and a system private key, and generate a private key for corresponding utilizer's attributes according to the system public key, the system private key, and a set of utilizer's attributes; an electronic medical cloud storage unit configured to receive and store a privacy-protected health file ciphertext; and at least one health file user access unit configured to encrypt the health file according to the system public key to obtain the privacy-protected health file ciphertext, and/or generate the set of utilizer's attribute, and decrypt the privacy-protected health file ciphertext according to the system public key and the private key for utilizer's attributes. The health file access control system and method in the electronic medical cloud provided by the present invention not only ensure the confidentiality of the health file, but also improve the security and calculation efficiency of the health file access.

A computer platform includes an artificial neural network (ANN) as well as a classifier. The ANN is configured, after a learning phase, to transform an input data vector into a discriminating feature vector having a smaller dimension. A user then generates, from a plurality of reference data vectors, the same plurality of reference feature vectors, which are encrypted in an encryption module using the public key of a homomorphic cryptosystem and stored in a reference database of the platform. When the user requests the classification of an input data vector, the ANN, or a copy thereof, provides the classifier with a corresponding discriminating feature vector (y). Distances from the vector to the different reference feature vectors are calculated in the homomorphic domain and the index of the reference feature vector closest to y, i.e. the identifier i.sub.0 of the class to which it belongs, is returned to the user.

A method for directly transmitting an electronic coin data record between first and second terminals, with the following steps carried out by the second terminal: receiving the electronic coin data record from the first terminal, wherein the at least one electronic coin data record includes a monetary amount and a concealment amount; generating a modified electronic coin data record using the received electronic coin data record; masking the modified electronic coin record by applying a homomorphic one-way function to the modified electronic coin record in order to obtain a masked modified electronic coin record; sending a registration request for the masked modified electronic coin data record to a monitoring entity. A currency system and a payment system includes a decentrally controlled database in which masked electronic coin data records are stored; and a direct transaction layer including at least two terminals in which the method can be carried out.

A computer-implemented information protection method comprises: obtaining a plurality of encrypted transaction amounts associated with transactions among a plurality of accounts, wherein each of the encrypted transaction amounts is associated with one of the accounts that sends or receives one of the transaction amounts, and the encryption of each of the transaction amounts at least conceals whether the one account sends or receives the one of the transaction amounts; generating a sum proof based on the obtained encrypted transaction amounts, the sum proof at least indicating that the transaction amounts are balanced; and transmitting the encrypted transaction amounts and the sum proof to one or more nodes on a blockchain network for the nodes to verify the transactions.

A method for implementing blockchain-based transactions comprises: determining a transaction amount to be remitted from a blockchain account of a remitter into a blockchain account of a receiver, wherein the blockchain account of the remitter records a homomorphic encryption ciphertext of the remitter's balance, the blockchain account of the receiver records a homomorphic encryption ciphertext of the receiver's balance; generating a homomorphic encryption ciphertext of the transaction amount with respect to the remitter and a homomorphic encryption ciphertext of the transaction amount with respect to the receiver; and submitting to the blockchain a transaction for the homomorphic encryption ciphertext of the transaction amount with respect to the remitter to be subtracted from the homomorphic encryption ciphertext of the remitter's balance and for the homomorphic encryption ciphertext of the transaction amount with respect to the receiver to be added to the homomorphic encryption ciphertext of the receiver's balance.

An anonymous signature system in which a signature σ is anonymized by an agent specified by a signer, includes computers each including a memory and a processor configured to, from a security parameter, generate a system parameter ρ independent of the agent; from ρ, generate an agent secret key w and an agent public key g.sub.A; from ρ, generate a secret key x and a public key y of the signer; from x, a message m on which σ is to be put, and g.sub.A, generate σ to be put on m; from an identifier i of the signer, w, σ, a ring L representing a group to which the signer belongs, a list y.sub.L of public keys y of signers in L, and m, generate a ring signature σ′ by anonymizing σ; and from L, y.sub.L, m, and σ′, output a verification result b form.

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymized database (DB) from data relating to entities and originating from data sources (DS.sub.i), wherein the data are identified at the data sources (DS.sub.i) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymized database KM (DB) by pseudonyms (P) assigned to the respective entity identifiers (D) applying a one-to-one mapping. According to the invention, more than one, a number k of mappers (M.sub.j) are applied, and the respective pseudonyms (P) are generated by sequentially performing, in a permutation of the mappers (M.sub.j), a number k of mappings utilizing mapping cryptographic keys (h.sub.ij) of the mappers (M.sub.j) belonging to the particular data source (DS.sub.i) on each encrypted entity identifier (C.sub.i0) encrypted by the data source (DS.sub.i). The invention is further a computer system realizing the invention, as well as a computer program and a computer-readable medium.