An information management system includes a reception device including a camera that images a face of a participant, and an information management apparatus. The information management apparatus issues a digital key assigned for each participant independently of personal information of the participant and transmits the digital key to the reception device. In a case where the reception device outputs an ID image of the participant, the information management apparatus acquires a face image from the reception device and stores the face image and the digital key in a database in association with each other. In a case where information including the digital key is received from a reading device installed in an event venue, the information management apparatus stores the received information in the database in association with the digital key as behavior information representing a behavior of the participant in the event venue.

An apparatus for providing services, includes: circuitry that: receive, from a communication terminal of a user, a request for obtaining a particular item of one or more items provided by one or more service providers, information on the one or more items being managed on a blockchain system; transmits, to the blockchain system, a request for changing information on a use right of the particular item to indicate transfer of the use right to the user; and provides the particular item to the communication terminal of the user having the use right of the particular item.

A key management method serves as an electronic control unit (ECU) in an onboard network system having a plurality of ECUs that perform communication by frames via a network. The method includes storing a shared key and executing encryption processing based on the shared key. The method further includes executing inspection of a security state of the shared key stored in a case where a vehicle is in at least one of the following particular states: the vehicle is not driving and is an accessory-on state; a fuel cap of the vehicle is open, and the vehicle is not driving and is fueling; the vehicle is parked, which is indicated by the gearshift; the vehicle is in a stopped state before driving, which is indicated by the gearshift; and a charging plug is connected to the vehicle, and the vehicle is electrically charging.

A method is provided for remotely and securely accessing a modem is provided that uses an encrypted authentication token with a modem password. The method includes receiving an encrypted authentication token from the modem, the authentication token having a modem password stored in secure memory and being encrypted according to a public key, transmitting the encrypted authentication token to an authentication server. receiving a decrypted authentication token from the authentication server, the decrypted authentication token comprising the modem password, generating an authentication key and a privacy key from the modem password, configuring modem interfaces at least in part using the authentication token, the modem interfaces including a network management protocol interface and communicating with the modem using the network management protocol interface according to at least one of the generated authentication key and the privacy key.

A cryptographic key management service receives a request, associated with a principal, to use a cryptographic key to perform a cryptographic operation. In response to the request, the service determines whether a rate limit specific to the principal is associated with the cryptographic key. If the rate limit is associated with the cryptographic key, the service generates a response to the request that conforms to the rate limit. The service provides the response in response to the request.

Methods are described for a data creator to securely send a data payload to another device in a transient symmetric key technology (TSKT) system, and for the other device to securely receive the payload data. One method includes receiving a first seed and a formula from a command and control server. A second seed is generated, and the first seed and the second seed are combined using the formula to create a data seed. A first key is generated using the first seed, and the second seed is encrypted using the first key to form an encrypted second seed. A second key is generated using the data seed, and the data payload is encrypted using the second key to form an encrypted data payload. The encrypted data payload and the encrypted second seed are combined in a secure container, and subsequently all keys and seeds and the formula are destroyed.

A key fob, comprising an electronic communication circuit, a processor, and a battery configured to power the electronic communication circuit and the processor, further comprises: a communication module for exchanging data with an external electronic communication device, an access control module for exchanging access control data with an external electronic access control device, and a user activatable operating element which activates the communication module, or the access control module, depending on actuation of the operating element by a user.

An example operation may include one or more of determining, by a supply-chain node, a plurality of assets of a supply-chain node, and executing, by the supply-chain node, a smart contract to: assign aliases to the plurality of the assets; and match the plurality of the assets with a plurality of assets of a different supply-chain node based on the aliases.

Described are various embodiments of a secure cloud-based system. In one such embodiment, the secure cloud-based system includes a distribution of digital network processing resources and a central digital processing environment. The central processing environment includes a secure network interface to each of said digital processing resources; a digital hardware processor; and a deployment engine operable to serially deploy a unique ephemeral machine executable code instance, via said secure network interface, to a given one of said digital processing resources to be executed thereon for a predetermined runtime period, wherein execution of each said unique ephemeral machine executable code instance is automatically terminated after said predetermined runtime period to be operatively replaced by a subsequent unique ephemeral machine executable code instance.

The disclosure provides an approach for cryptographic agility. Embodiments include establishing, by a proxy component associated with a cryptographic agility system, a first secure connection with an application. Embodiments include receiving, by the proxy component, via the first secure connection, a communication from the application directed to an endpoint. Embodiments include selecting, by the cryptographic agility system, a cryptographic technique based on contextual information related to the communication. Embodiments include establishing, by the proxy component, a second secure connection with the endpoint based on the cryptographic technique. Embodiments include transmitting, by the proxy component, a secure communication to the endpoint via the second secure connection based on the communication.