Methods, systems, and media for protecting and verifying video files are provided. In some embodiments, a method for verifying video streams is provided, the method comprising: receiving, at a user device, a request to present a video that is associated with a video archive, wherein the video archive includes a file list, a signature corresponding to the file list, video metadata, a signature corresponding to the video metadata, and at least one encrypted video stream corresponding to the video, and wherein the file list indicates a plurality of files that are to be included in the video archive; verifying the signature corresponding to the file list; in response to determining that the signature corresponding to the file list has been verified, determining whether the plurality of files indicated in the file list are included in the video archive; in response to determining that the plurality of files indicated in the file list are included in the video archive, verifying the signature corresponding to the video metadata; in response to determining that the signature corresponding to the video metadata has been verified, requesting a decryption key corresponding to the video stream; in response to receiving the decryption key, decrypting the encrypted video stream; and causing the decrypted video stream to be presented on the user device.

An identification, authentication and authorization method in a laboratory system is presented. The system comprises at least one laboratory device. The method comprises receiving identification data identifying a user; receiving identity confirmation data to authenticate the user; and generating authentication data upon successful authentication of the user. The authentication data is configured to enable authentication of the user based on only the identification data during a validity time period without repeated receipt of the identity confirmation data. The method further comprises receiving the identification data by an identification unit; validating the authentication data corresponding to the identification data comprising the step of verifying non-expiry of the validity time period; and granting authorization to the user for the laboratory device upon successful validation of the authentication data.

A virtual secure mode is enabled for a virtual machine operating in a computing environment that is associated with a plurality of different trust levels. First, a virtual secure mode image is loaded into one or more memory pages of a virtual memory space of the virtual machine. Then, the one or more memory pages of the virtual memory space are made inaccessible to one or more trust levels having a relatively lower trust level than a launching trust level that is used by a virtual secure mode loader to load the virtual secure mode image. A target virtual trust level is also enabled on a launching virtual processor for the virtual machine that is higher than the launching trust level.

A method for authenticating data, implemented during a payment transaction between a merchant's communications terminal and a user device of the type including authentication by the communications terminal of at least one message generated by the user device, by using near field communications wireless data. The method includes the following acts by the user's device: obtaining an authentication code from the message, a piece of random data and a hash function; obtaining a first signature component from the message, the random piece of data, a public key of the communications terminal, a first private key of the user device and the authentication code; obtaining a second signature component from the message, the random piece of data, the public key of the communications terminal, a second private key of the user device and the authentication code; and transmitting the authentication code and of the two signature components to the communications terminal.

Methods and systems for encrypting and decrypting data comprising sending sensitive information to a first cryptographic processing system in a first cloud region for encryption with a first key encryption key generated by and stored by the first cryptographic processing system. The first encrypted sensitive information received from the first cryptographic processing system is stored in a first database. The sensitive information is also sent to a second cryptographic processing system in a second cloud region different from the first cloud region for encryption with a second key encryption key generated by and stored by the second cryptographic processing system. The second encrypted sensitive information received from the second cryptographic processing system is stored in a second database. If the first encrypted sensitive information cannot be decrypted by the first cryptographic processing system, the second encrypted sensitive information is sent to the second cryptographic processing system.

A method transmits a message from a transmitter to a receiver. A telegram generated by the transmitter and contains the message and check data, is transferred to a transmitter-side access protection device. The transmitter-side access protection device modifies the telegram and then transmits it to a receiver-side access protection device. The transmitter-side access protection device modifies the telegram by encrypting the check data, which contains a security code formed with the message by the transmitter, using a secret key forming coded data. The message remains unencrypted in the telegram. The receiver-side access protection device processes the modified telegram and passes the processed telegram to the receiver. The receiver-side access protection device forms the processed telegram by decrypting the coded data, and the receiver verifies the processed telegram using the message contained therein and the check data contained therein and rejects the message if the check data does not correlate.

Cryptographic keys can include logging properties that enable those keys to be used only if the properties can be enforced by the cryptographic system requested to perform one or more actions using the keys. The logging property can specify how to log use of a respective key. A key can also include a mutability property for specifying whether the logging property can be changed, and if so under what circumstances or in which way(s). The ability to specify and automatically enforce logging can be important for environments where audit logs are essential. These can include, for example, public certificate authorities that must provide accurate and complete audit trails. In cases where the data is not to be provided outside a determined secure environment, the key can be generated with a property indicating not to log any of the usage.

Executable code, placed into a plurality of computing resources forming a distributed ledger, (e.g., smart contracts) are provided to enable communicating between parties without requiring trust or an intermediary, such as a broker or escrow service. Data may be deposited in a secure data storage for access by a party who satisfies the condition of the smart contract. A resource holding the deposited data then activates a link upon receiving an access token, as produced as a result of satisfying the smart contract. The distributed ledger is then updated to enable other parties to see a description of the data and the terms.

A host machine operated for a specific purpose can have restricted access to other components in a multi-tenant environment in order to provide for the security of the host machine. The access restriction can prevent the host machine from obtaining updates to critical system-level configurations, but such information can be obtained through a signed command received to an API for the host machine. The command can be signed by a quorum of operators, and the host machine can be configured to verify the signatures and the quorum before processing the command. The host machine can store the updates to ephemeral storage as well as persistent storage, such that upon a reboot or power cycle the host machine can operate with current configuration data.

Disclosed is an electronic device. The electronic device comprising: a display including a touch screen; a biometric sensor; a communication circuit; a memory; and at least one processor electrically connected to the display, the biometric sensor, the memory, and the communication circuit, wherein the memory stores a plurality of instructions that, when executed, causes the processor to: receive an electronic document from at least one server using the communication circuit; obtain biometric information associated with a user using the biometric sensor; transmit the biometric information associated with the user to the at least one server through the communication circuit; obtain a signature of the user associated with the electronic document using the display; encrypt the obtained signature with specified data associated with the biometric information; and transmit the encrypted signature and at least one of the electronic document and identification information of the electronic document by using the communication circuit.