The present disclosure is directed to systems and methods associated with a communication infrastructure. The communication infrastructure includes a vehicle integration platform that includes a plurality of application programming interfaces configured to facilitate message communication among clients. The communication infrastructure includes a registration authority system configured to receive certificate signing requests from the clients and to generate client-specific credentials for establishing a predetermined time period of ability for client authentication within the vehicle integration platform. The communication infrastructure includes a certificate authority system configured to normalize requests received from the clients via the registration authority system such that the client-specific credentials are established according to an approved hierarchy of licensing certificates. The communication infrastructure includes a security library accessible by each of the clients and by components of the vehicle integration platform. The security library is configured to provide implementation logic for signing messages and implementation logic for validating messages.

A method is provided for automating management of automatic renewal of a public key infrastructure (PKI) certificate issued by a certificate authority (CA) for a subscriber. The method includes steps of causing the subscriber to (i) transmit a first alert to a management entity for initiating renewal of the PKI certificate, and (ii) transmit a certificate signing request (CSR) to a registration authority (RA) for issuance of a renewal certificate. The method further includes steps of (iii) transmitting, from the RA to the CA, the CSR signed by the RA, (iv) receiving, at the RA from the CA, an issued renewal certificate signed by the CA, (v) sending, from the RA to the subscriber, the issued renewal certificate signed by the CA, and (vi) causing the subscriber to transmit a second alert to a management entity indicating renewal of the PKI certificate.

Systems, methods and devices are provided for provisioning a computerized device. The system may include a distributor computer that is connected to the computerized device and is operable to receive a first digital asset and transmit it to the computerized device, and a server that is connected to the distributor computer, and that transmits the first digital asset to the distributor computer when a first authorizing condition is met, the first digital asset being configured to cause the computerized device to become partially provisioned, wherein the server transmits a second digital asset to the computerized device, and the computerized device is functional after the second digital asset is transmitted to the computerized device.

A method of multi-factor authentication includes receiving, by a first electronic device, a partial digital certificate including partial certificate information omitting at least one authentication factor from complete certificate information, and a signature encrypting a first hash of the complete certificate information with a certificate authority private key. The method also includes obtaining the first hash by decrypting, by the first electronic device, the signature with a certificate authority public key corresponding to the certificate authority private key; generating, by the first electronic device, a second hash based on the partial certificate information in the partial digital certificate and the at least one authentication factor; and comparing, by the first electronic device, the second hash to the first hash.

Disclosed is a data sharing method, including: building a trust alliance block chain, the trust alliance block chain comprising a main chain and at least one slave chain; each slave chain corresponding to a domain; and each domain comprising a leader node; establishing a virtual slave chain on the trust alliance block chain; designating, by the leader node in each domain, a node as a federated learning node; assigning, by the leader node in each domain, a virtual identity to the federated learning node to join the federated learning node to the virtual slave chain; and performing, by each federated learning node, a joint training on a local federated learning model using data generated in its own domain to establish a public federated learning model, through which data are shared among the domains. The present disclosure further provides a data sharing system, an electronic device and a storage medium.

A computer implemented method includes generating, by a processor associated with a first client computer, a request message; generating, by the processor, a first public token based on a first private token; augmenting, by the processor, the electronic data transaction request message with the first public token; transmitting, by the processor, the augmented electronic data transaction request message to a second client computer; generating, by the processor, a second public token based on the first public token; identifying, by the processor, from a database of result messages, a result message labeled with the second public token, the identified result message including encrypted confidential information; generating, by the processor, a second private token corresponding to the second public token used to identify the result message; and decrypting, by the processor, the encrypted confidential information with the second private token.

A method for creating a hierarchical threshold signature digital asset wallet using a hierarchical distributed key generator (DKG) and a signature protocol includes steps of generating a public key by users and the digital asset wallet service platform, securing and controlling a portion of shares, sending a transaction signing request, validating the transaction signing request, creating a signature of the signed transaction, and uploading the signed transaction to the corresponding digital asset blockchain network and monitoring the execution of the signed transaction.

A public key architecture (160) includes a dual certificate hierarchy which facilitates two independent authentication functions. One of the authentication functions authenticates an authentication device (164) to a verification device (166). The other authentication function authenticates a configuration device (162) to the authentication device (164). In some embodiments, the authentication process uses a lightweight certificate formed in conjunction with a lightweight signature scheme (370).

A computer implemented method includes generating, by a processor associated with a first client computer, a request message; generating, by the processor, a first public token based on a first private token; augmenting, by the processor, the electronic data transaction request message with the first public token; transmitting, by the processor, the augmented electronic data transaction request message to a second client computer; generating, by the processor, a second public token based on the first public token; identifying, by the processor, from a database of result messages, a result message labeled with the second public token, the identified result message including encrypted confidential information; generating, by the processor, a second private token corresponding to the second public token used to identify the result message; and decrypting, by the processor, the encrypted confidential information with the second private token.

A method is provided for automating management of automatic renewal of a public key infrastructure (PKI) certificate issued by a certificate authority (CA) for a subscriber. The method includes steps of causing the subscriber to (i) transmit a first alert to a management entity for initiating renewal of the PKI certificate, and (ii) transmit a certificate signing request (CSR) to a registration authority (RA) for issuance of a renewal certificate. The method further includes steps of (iii) transmitting, from the RA to the CA, the CSR signed by the RA, (iv) receiving, at the RA from the CA, an issued renewal certificate signed by the CA, (v) sending, from the RA to the subscriber, the issued renewal certificate signed by the CA, and (vi) causing the subscriber to transmit a second alert to a management entity indicating renewal of the PKI certificate.