A system manages security policy data used to provide access by a user to third-party applications without revealing sign-on credentials to the user. The system includes an access management server that hosts an administration portal for configuring the security policy data. The security policy data includes, for each user, a list of applications to which the user may request access and the corresponding sign-on credentials for accessing each of the applications. In response to inputs provided at the administration portal, the system associates applications with credentials and subsequently associates the credentials with a user. Before these associations are used to update the security policy data. A request for confirmation of user permission is sent to a permission server, which stores current permission data for users. If permission for the user is confirmed, security policy data is updated according to the associations provided via the administration portal.

This application provides a communication system, method, and apparatus. The system is applied to implement AKMA service-based data transmission between a terminal device and an application function network element, and the system includes an AKMA anchor function network element and a network exposure function network element. The network exposure function network element obtains first identification information from a unified data management network element, where the first identification information is used to determine an authentication server function network element corresponding to the terminal device, and sends the first identification information to the AKMA anchor function network element. The AKMA anchor function network element obtains, from the unified data management network element based on the first identification information, identification information of the authentication server function network element corresponding to the terminal device.

A network element and a method for execution by such network element. The method comprises processing a plurality of information streams transiting the network element to identify a particular data stream as a suspected bearer of encrypted media, the particular data stream established between a first node and a second node. The method also comprises establishing a first control stream with the first node and a second control stream with the second node, wherein the first control stream is established using credentials associated with the second node. The method further comprises obtaining a cryptographic key sent by the first node over the first control stream and destined for the second node, sending the cryptographic key to the second node over the second control stream, obtaining encrypted media sent by the second node and destined for the first node and decrypting the encrypted media based on the cryptographic key.

Systems and applications are described that use group signature technology to allow for anonymous and/or semi-anonymous feedback while allowing for the application of rules and parameters. The use of group signature technology may serve to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback. Feedback may range from constructive feedback all the way to the ‘whistleblower’ variety. It may be desirable to identify the individuals as belonging to a particular group or having a particular status or position while maintaining the anonymity of the individuals within the particular group.

A system for credential storing and verifying includes an interface and a processor. The interface is configured to receive an indication to register a credential. The processor is configured to indicate to store in a distributed ledger a DID document associated with a holder identifier using a smart contract. Storing using the smart contract employs a dual signature authentication scheme to authorize storing based at least in part on an individual signature and a ledger writer signature. The processor is further configured to indicate to store in the distributed ledger a schema associated with an issuer of the credential using the smart contract and indicate to store in the distributed ledger a credential definition associated with the schema using the smart contract.

A security event management system for an electronic connected network includes a public key infrastructure subsystem configured to generate a security ID for a connected device accessing the network, a digital ledger, a trigger list in operable communication with the digital ledger, and an event manager configured to (i) subscribe to the trigger list by defining at least one reportable event of which the trigger list is to advise the event manager, and (ii) receive a notification from the trigger list upon validation of the at least one reportable event behind the digital ledger.

There is provided a system for creating a cryptographic non-fungible identity unique token (IUT), comprising code for: obtaining a private key linked to a public address of an electronic wallet, associated with a wallet address, obtaining a digital representation of a hashed genetic sequence of a user and an associated wallet address of the electronic wallet, storing in the cryptographic non-fungible IUT, an IUT identifier, the IUT identifier is an outcome of hashing a subset of the hashed digital representation and a unique password, storing the IUT in a genetic sequence record stored in a block of a blockchain dataset, wherein the genetic sequence record is associated with the IUT, the IUT is associated to the wallet address, wherein the user is authenticated by a match between a computed value of a password and the wallet address provided by the user, and the IUT identifier stored on the blockchain.

A system is disclosed for pre-registering authentication devices. A security key provider system may receive a request to pre-register a security key with identified applications from an enterprise. Responsive to receiving the request, the security key provider system instructs the security key to generate a unique authentication code for each of the applications. The security key provider system may generate pre-registration information based on the authentication codes and pre-register the authentication codes of the security key to the applications by providing the pre-registration information to the applications on behalf of the enterprise. The security key provider system may instead provide the pre-registration information to the enterprise to allow the enterprise to pre-register the authentication codes.

A system and a method of data communication between a first computing device, associated with a first user, and at least one second computing device associated with a second user may include: receiving, by the first computing device, one or more data elements pertaining to details of a transaction request from the second computing device, via a voice channel; extracting said transaction request details by the first computing device; transmitting, by the first computing device, one or more authentication data elements of an electronic wallet module, comprised in the first computing device, to the second computing device, via the voice channel; and carrying out the requested transaction by the first computing device, based on the extracted transaction request details and the electronic wallet authentication data.

As part of a factory provisioning of an Information Handling System (IHS), a signed replaceable hardware certificate is stored that identifies any replaceable hardware components coupled to the IHS during the factory provisioning. Upon a transfer of control or ownership of the IHS, replaceable hardware components that are coupled to the IHS are detected, and the replaceable hardware certificate is utilized to validate that the identified replaceable hardware components detected as coupled to the IHS are the same replaceable hardware components coupled to the IHS during the factory provisioning. A security processor of the IHS may support boot code operations for generating additional replaceable hardware certificates that can be used to validate the integrity of any changes the replaceable hardware of the IHS, such as upon its next power cycle.