A first cryptographic communication system is disclosed. The first cryptographic communication system includes a common hardware module configured to receive local cryptographic signals and coalition cryptographic signals that includes a transmitter, a receiver, a common router, a trusted router, and a data loader. The first cryptographic communication system further includes a local cryptographic assembly and a coalition cryptographic assembly each including and end cryptographic unit communicatively coupled to the trusted router, a cross domain guard communicatively coupled to the end cryptographic unit and the trusted router, and a general purpose security module communicatively coupled to the cross domain guard. The first cryptographic communication system further includes a data recoding module communicatively coupled to the data loader that includes local and coalition data recording devices. A cryptographic communication networking is also disclosed that includes the first cryptographic communication system and a second cryptographic communication system.

The present invention relates to authorising access to data (132) associated with a user. Aspects of the invention provide a computer-implemented method, computer software, a system and a computing device. The method comprises receiving, at an application server (120) from a first device (110), a request to access the data (132) associated with the user. The data (132) is hosted at a data server (130) external to the application server (120). The application server (120) provides an authorisation request (510) to an authorisation server (140); and the authorisation request is transmitted from the authorisation server (140) to an authorisation application (310) executed on a second device (150) associated with the user. The authorisation application (310) executed on the second device (150) sends, in response to receiving the authorisation request, a redirect authorisation request (520) to a second application (320) executed on the second device (150), the second application (320) being associated with the data server (130). The request is authorised at the second device (150) by the second application (320), in dependence on an authorisation input from the user at the second device (150). In response to the authorisation of the request the second application (320) provides an access token to the application server (120) via the authorisation server (140), the access token being configured to enable access by the application server (120) to the data associated with the user.

Embodiments of the present invention provide a system for utilizing one or more decentralized applications to allow entities to interface with a blockchain for the purposes of conducting a resource transfer. Typically, the blockchain is a permissioned blockchain which may be accessed only by the entities involved in the resource transfer. The decentralized applications may communicate with the legacy systems within each entity through an application programming interface (API) such that the data stored on the legacy systems may be governed by the blockchain. This ensures the authenticity of the data stored on the legacy systems while preventing the possibility of disparate versions of data being created over time.

A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication via a backchannel to reduce the potential for malicious third-party impersonation of the client prior to transfer of the call to the customer call center. Pre-authorized customer support calls may be intelligently and efficiently routed directly to call center agents, without incurring further delay. During call handling, call center agents may initiate further client authentication processes, including contactless card authentication requests, over one or more different communication channels for authorizing access to sensitive information or to allay suspicion.

Techniques are disclosed for securely distributing entropy in a distributed environment. The entropy that is distributed may be quantum entropy that is generated by a quantum entropy generator or source. The true random entropy generated by a trusted entropy generator can be communicated securely among computer systems or hosts using secure communication channels that are set up using a portion of the entropy. The distribution techniques enable computer systems and hosts, which would otherwise not have access to such entropy generated by the trusted entropy source, to have access to the entropy.

A computer-implemented method to participate in a token transfer process for transferring a first quantity of token from a sender node to a recipient node using a blockchain is disclosed. The token transfer process includes a plurality of participating nodes and execution of a set of indirect token transactions between multiple pairs of the participating nodes. The method is implemented at a participating node and includes: obtaining a subset of the set of indirect token transactions, the subset including only those transactions for which the participating node is either an input node or an output node, wherein the set of indirect token transactions is generated based on the first quantity of tokens and a predefined number of transaction rounds in the token transfer process; for each indirect token transaction in the subset, collaborating with a respective second participating node included in the indirect token transaction to generate a commitment channel for the indirect token transaction between the participating node and the second participating node; and collaborating with all other participating nodes in executing the indirect token transactions of the subset using the generated commitment channels.

Technologies for secure I/O data transfer include a computing device having a processor and an accelerator. Each of the processor and the accelerator includes a memory encryption engine. The computing device configures both memory encryption engines with a shared encryption key and transfers encrypted data from a source component to a destination component via an I/O link. The source may be processor and the destination may be the accelerator or vice versa. The computing device may perform a cryptographic operation with one of the memory encryption engines and bypass the other memory encryption engine. The computing device may read encrypted data from a memory of the source, bypass the source memory encryption engine, and transfer the encrypted data to the destination. The destination may receive encrypted data, bypass the destination memory encryption engine, and store the encrypted data in a memory of the destination. Other embodiments are described and claimed.

Disclosed herein is a data storage device comprising a data path and an access controller. The access controller generates a recovery private key, generates encrypted authorization data based on the recovery private key, stores the encrypted authorization data, and sends the recovery private key to a manager device. When recovery is desired, access controller receives a recovery public key, calculated based on the recovery private key, from a recovery manager device, decrypts the encrypted authorization data based on the recovery public key, generates a challenge for the recovery manager device based on the decrypted authorization data, sends the challenge to the recovery manager device over the communication channel that is different from the data path, receives a response to the challenge from the recovery manager device over the communication channel, and based at least partly on the response, enables decryption of the encrypted user content data.

The processor may collect, from a first peer, a first data set associated with a channel. The channel may include one or more assets associated with a first peer. The channel may link the first peer to a second peer. The processor may analyze the first data set to determine a first status for the one or more assets. The processor may provide the first status of the one or more assets in a viewable channel to the blockchain network.

Methods and systems for performing wireless communication are presented. In one example, a wireless peripheral device comprises a wireless transceiver configured to receive and transmit data over a primary channel, an optical sensor configured to receive data over an out-of-band channel, and one or more processors configured to: receive, via the wireless transceiver and over the primary channel, wireless signals including first key data from a second device; receive, via the optical sensor, optical signals including verification data from the second device; verify the first key data based on the verification data; and responsive to verifying the first key data based on the verification data, generate a digital security key based on the first key data, the digital security key used for following data transmission between the wireless peripheral device and the second device via the wireless transceiver.