Systems and methods for end to end encryption are provided. In example embodiments, a computer accesses an image including a geometric shape. The computer determines that the accessed image includes a candidate shape inside the geometric shape. The computer determines, using the candidate shape, an orientation of the geometric shape. The computer determines a public key of a communication partner device by decoding, based on the determined orientation, data encoded within the geometric shape. The computer receives a message. The computer verifies, based on the public key of the communication partner device, whether the message is from the communication partner device. The computer provides an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device. The computer provides an output indicating an error if the message is not verified to be from the communication partner device.

Disclosed are a method and system for implementing a platform for providing offline information to smart glass. A computer device for implementing an information platform may include an information manager configured to manage service information to be exposed on smart glass based on service configuration information to be broadcasted through an information broadcasting device (IBD) registered by an information owner, and a content manager configured to distribute content, generated based on the managed service information, in a format configured in the smart glass.

A distributed database encrypts tables using table encryption keys protected by a client master encryption key. The client may revoke authorization to access the client master encryption key. Subsequent to a revocation of authority to access the client master encryption key, the distributed database generates interim snapshots of the table using the table encryption key. Also subsequent to the revocation, the distributed database generates a backup of the table using a backup encryption key protected by the client master encryption key.

A key server network device may install, on the key server network device, a new decryption key based on a timer-based key rollover setting and may provide, to peer network devices, messages identifying the new decryption key. The key server network device may utilize an original encryption key, to encrypt traffic, until all of the peer network devices provide acknowledgements of installation of the new decryption key. The key server network device may be configured to utilize the original encryption key based on the timer-based key rollover setting. The key server network device may generate an alarm. The alarm may include information indicating that the key server network device is waiting for the acknowledgements from one or more peer network devices and information identifying the one or more peer network devices.

A system and method for encrypting communication for networked heating, ventilation, and air conditioning (HVAC) devices. A method includes obtaining a list of network devices of a network, requesting a certificate for each network device in the list of network devices of the network, and generating a shared symmetric key for encrypting communication in the network. A method may also include encrypting the shared symmetric key with a public key for each network device in the list of network devices having a valid certificate, transmitting the encrypted shared symmetric key with each network device having a valid certificate, each network device includes a different certificate, and communicating between the master device and the network device using the shared symmetric key.

A method uses private information with a shared single source of truth. A message is received responsive to adding a first shared block to a shared object ledger of a shared object. The message includes message data. A private block is added to a private object ledger to update a private object. The private block includes private data from the message data. A second shared block is added to the shared object ledger to update the shared object. The second shared block includes shared data from the message data.

Systems and methods for determining consumer eligibility for a gated offer using verification data from a verification source, while reducing exposure of the verification data, are herein disclosed. In one example, a method for a verification source comprises, generating a seed hash from a pre-determined data specification, aggregating verification data based on one or more data fields indicated by the data specification to produce aggregated verification data, hashing the aggregated verification data using the seed hash to produce hashed verification data, receiving hashed customer data from a verification platform, receiving a comparison request from the verification platform, comparing the hashed customer data with the hashed verification data; and returning a result to the verification platform indicating if the hashed customer data matches the verification data.

Technology for setting a first password based on a password precursor or setting a second password (in a multi-factor authentication system). The password precursor (for example, a number or alphanumeric string) can be converted to the first password by a set of operation(s). Similarly, the first password can be converted into a second password by a set of operations. The set of operations may include mathematical operations and/or alphanumeric string operations.

A system and method for implementing and managing a distributed data flow model is disclosed. The method includes obtaining a flow configuration file and identifying one or more socket roles and a unique identification number. The method includes establishing a TCP connection of one or more runtime nodes with the one or more flow neighbors, establishing a publisher-subscriber relationship of the one or more runtime nodes with the one or more flow neighbors, and implementing one or more bridge wires with the one or more runtime nodes and the one or more flow neighbors. Furthermore, the method includes detecting a loss of connectivity of one or more networks, determining one or more root causes of the loss of connectivity, and perform one or more operations to attain a predefined level of resiliency of the distributed data flow model.

A method at a first domain for obtaining at least one insight from a second domain, the method including registering an application with an anchor in the first domain; providing, from the anchor to the application, a first message signed by the anchor; sending, from the first domain to a network domain, the signed message; receiving, from the network domain, at least one signed token, each of the at least one signed token being for a synthetic sensor on the second domain, where the synthetic sensor provides an insight; sending a request message to the second domain, the request message requesting the insight and including the at least one token; and receiving the insight from a synthetic sensor associated with the at least one token.