A system including a server and a first publisher node device is provided. The first publisher node device transmits a request including an authentication credential associated with the first publisher node device to the server and receives a response including authentication of the first publisher node device as a ticket processing client for a first transportation service. The first publisher node device captures, as the ticket processing client, an event associated with the first transportation service based on the received response and transmits, based on the captured event, a transaction request to a broker node device. The transaction request includes a transaction message and an authorization request to route the transaction message to a first subscriber node device of the MaaS network. The server receives the authorization request from the broker node device and authorizes the broker node device to route the transaction message based on the received authorization request.

A system for transmitting and receiving data based on a vehicle network and a method therefor are provided. The method includes generating, by a first hardware security module (HSM), a first session key using a first random number and a first fixed key and, encrypting, by a first electric control unit (ECU), a message using the first session. The method also includes generating, by a second HSM, a second session key using a second random number and a second fixed key, and decrypting, by a second ECU, the message using the second session key.

Embodiments herein relate to system and method for secure authentication and authorization between a user device and an Internet of Things (IoT) device that is associated with an asset. The method includes onboarding, using a centralized computing device having one or more processors that are operatively associated with a distributed ledger, the user device with a user at least based on a public key identity of the user device; onboarding the user of the user device with the user device; onboarding an identity of the IoT device and the asset such that association between the asset and the IoT device is endorsed on the distributed ledger; and facilitating, through the centralized computing device, the user device to retrieve a first set of data packets representative of any of a relevant electronic authoritative document(s), associated consensus proof(s), and block header(s) from the distributed ledger.

Provided are a key generation device and an in-vehicle computer which is installed in a vehicle. The key generation device includes a vehicle interface, a key generation unit that generates first and second keys, a cryptographic processing unit that encrypts the first key with an initial key to generate first encrypted data and encrypts the second key with the first key to generate second encrypted data, an expected value calculation unit that calculates an expected value of stored data using the second key, and a verification unit that verifies a received measured value on the basis of the expected value, and the key generation device transmits the first and second encrypted data to the vehicle. The in-vehicle computer includes an interface unit, a cryptographic processing unit that decrypts the received first encrypted data, and decrypts the received second encrypted data, and a measured value calculation unit.

A system includes a plurality of nodes, an individual one of which transmits data to which a group signature is attached, and a plurality of management servers that are directly connected to each other. An individual one of the plurality of management servers includes a ledger for managing data received from the nodes. Addition of data to the ledger of at least one of the plurality of management servers is reflected on the ledgers of the other management servers.

A data provision system includes a data provision device and a data security device installed in a vehicle. The data provision device includes a vehicle interface configured to transmit data to and receive data from the vehicle; and an cryptographic processing unit configured to generate an electronic signature of application data to be applied to an in-vehicle computer installed in the vehicle by using a secret key of the data provision device, wherein application data with the electronic signature, which is obtained by attaching the electronic signature to the application data, is transmitted to the vehicle through the vehicle interface. The data security device includes an interface unit configured to transmit data to and receive data from a device outside the data security device; and an cryptographic processing unit configured to verify the electronic signature of the application data with the electronic signature received from the data provision device.

System and techniques for a secure wireless lock-actuation exchange are described herein. After receiving a request to actuate a lock from a device, a controller can calculate a challenge counter and then perform verification iterations until an end condition is met—which is a failure of a verification iterations or the number of iterations reaches the challenge count. If the verification iterations reach the challenge count (e.g., there are no failed iterations), then the controller actuates the lock. Each iteration includes an exchange between the device and the controller that the device validates by signing a message with a private key shared by the device and the controller. The exchange also includes a freshness value integrated into the device validation to prevent replay attacks.

An authentication system is provided with: a first input unit and a second input unit into which authentication information can be input; a first computing unit which performs computation on the basis of the authentication information input into the first input unit and a communication counterpart-side authentication parameter registered in a communication counterpart; a second computing unit which performs computation on the basis of the authentication information input into the second input unit and a portable terminal-side authentication parameter registered in a portable terminal; and authentication units which, if the authentication information has been input into the first or the second input unit, perform authentication on the basis of the result of computation by corresponding computing unit and the portable terminal-side authentication parameter.

An example operation includes one or more of receiving a software update at a first component in a target transport, parsing the software update by a second component in the target transport into a first portion of critical updates and a second portion of non-critical updates, verifying the first portion, by the second component, based on a source of the software update, running, by the second component, the verified first portion with a dedicated process on the target transport for a pre-set period of time, and responsive to positive results over the period of time, running the verified first portion with other processes on the target transport.

Disclosed herein are system, method, and computer program product embodiments for scrubbing anomalies from an expanding dataset. In an embodiment, a data sanitization system may determine whether data is anomalous to a set of data stored on a first blockchain. The data sanitization system may perform this determination using a first machine learning algorithm trained using the set of data. Upon determining that data is anomalous, the data sanitization system may publish the data in a second blockchain different from the first blockchain. The data sanitization system may monitor data of the second blockchain and apply a second machine learning algorithm to this data to identify a pattern of anomalous data. In response to identifying the pattern, the data sanitization system may publish the anomalous data of the second blockchain to the first blockchain.