A system for a remote support according an embodiment includes a web viewer configured to receive a request for execution of a remote support service from a logged-in administrator, a web application server configured to receive a request for generation of a connection space for the remote support service from the web viewer and generate a first connection space and a first connection code for identifying the first connection space based on the request for generation, a relay server configured to receive the first connection code, generate a second connection space in which the first connection code is stored, and receive a request for provision of the remote support service from a mobile terminal, and a message broker configured to mediate a plurality of message queues between the first connection space and the second connection space for the remote support service between the web viewer and the mobile terminal.

A monitoring system comprises a first device comprising a computer code (110) that when executed by the first device (100) causes the first device (100) to: receive a first security code (602) unique to a second device (2), the first security code (602) retrieved from a label (30) provided in association with the second device (2); receive a packet (705) broadcast by the second device (2), the packet (705) having a second security code (604) unique to the second device (2) and an encrypted payload including a dose record; generate a cryptographic key (605) unique to the second device (2), based on the first security code (602) and the second security code (604); and store the cryptographic key.

A system for switching between communication platforms using a secure healthcare communication system the system comprising: a healthcare provider server device. Transmitting a communication switch request to a first communication platform and establish a first communication channel between the user device and the healthcare provider server device to communicate one or more messages to the first communication platform. Transmit an encoded message over the first communication channel to the first communication platform in response to receiving the communication switch initiation request, the encoded message including an identifier associated with a second communication platform. Switch to an encrypted second communication channel from the first communication channel in response to receiving an encrypted communication initiation request. Encrypted communication initiation request is generated based on the identifier.

A computing appliance may include a memory and a processor configured to cooperate with the memory to establish a first virtual session for an endpoint device over a first network connection. The endpoint device may have an endpoint public/private key pair associated therewith and configured to store a plurality of connection leases generated based upon the endpoint public key, and the first virtual session may be established responsive to a first one of the connection leases and authentication based upon the endpoint private key. The processor may further establish a second virtual session for the endpoint device to access through the first virtual session with another computing appliance over a second network connection responsive to a second one of the connection leases and authentication based upon the endpoint private key.

A method for detecting relay attacks between two communication platforms, the method including: receiving, at a first communication platform, a first signal sent via a first communication channel from a second communication platform, the first signal including information about a challenge; receiving, at the first communication platform, a second signal sent via a second communication channel from the second communication platform, the second signal being a start clock; receiving, at the first communication platform, a third signal sent via the second communication channel from the second communication platform, the third signal including the challenge; outputting, from the first communication platform, a response to the challenge via the first communication channel to the second communication platform; and determining, at the second communication platform, whether a relay attack has occurred based on a time elapsed from when the start clock began to when the response is received at the second communication platform.

A payment processing server generates an asymmetric cryptographic key pair, over one secure communications channel providing a mobile device with one cryptographic key of the cryptographic key pair, and saves another cryptographic key of the cryptographic key pair in a pending transaction database in unique association with a single-use payment number and a financial account. The server encrypts the payment number, which does not identify the financial account, with the another cryptographic key and provides the mobile device with the encrypted payment number over another secure communications channel distinct from the one secure communications channel. The server receives from a payment terminal a payment completion request that includes the encrypted payment number decrypted with the one cryptographic key. The payment processing server queries the pending transaction database with the decrypted payment number to identify the associated financial account, and effects completion of the transaction using the identified financial account.

A system and method for establishing a secure communication connection between at least one medical device and a network. The system includes a first communication channel and at least one second communication channel out of a plurality of second communication channels. The method includes the steps of sending a connection request by the at least one medical device to a control unit, registering the at least one medical device via the first communication channel in the network, and encoding and establishing the communication connection via the at least one second communication channel from the plurality of second communication channels. The at least one second communication channel is selected depending on the data type and/or prioritization of data.

A first user device can transmit an interaction request to a remote computer via a long range communication channel. The first user device can receive an authentication request message from the remote computer and can then transmit the authentication request message to a second user device via a short range communication channel. The first user device can then receive an authentication response message comprising a response value from the second user device via the short range communication channel. The first user device can then transmit the authentication response message to the remote computer causing the remote computer to verify the response value and perform further processing if the response value is verified.

A data diode provides a flexible device for collecting data from a data source and transmitting the data to a data destination using one-way data transmission across a main channel. On-board processing elements allow the data diode to identify automatically the type of connectivity provided to the data diode and configure the data diode to handle the identified type of connectivity. Either or both of the inbound and outbound side of the data diode may comprise one or both of wired and wireless communication interfaces. A secure reverse channel, separate from the main channel, allows carefully predetermined communications from the data destination to the data source.

Techniques for utilizing a Software-Defined-Networking (SDN) controller and/or a Data Center Network Manager (DCNM) and network border gateway switches associated with a multi-site cloud computing network to provide reachability data indicating physical links between the border gateways disposed in different sites of the multi-site network to establish secure connection tunnels utilizing the physical links and unique encryption keys. The SDN controller and/or DCNM may be configured to generate a physical underlay model representing the physical underlay, or network transport capabilities, and/or a logical overlay model representing a logical overlay, or overlay control-plane, of the multi-site network. The SDN controller may also generate an encryption key model representing the associations between the encryption keys and the physical links between the associated network border gateway switches. The SDN controller may utilize the models to determine route paths for transmitting network traffic spanning over different sites of the multi-site network at line speed.