A system and method for encrypting communication for networked heating, ventilation, and air conditioning (HVAC) devices. A method includes obtaining a list of network devices of a network, requesting a certificate for each network device in the list of network devices of the network, and generating a shared symmetric key for encrypting communication in the network. A method may also include encrypting the shared symmetric key with a public key for each network device in the list of network devices having a valid certificate, transmitting the encrypted shared symmetric key with each network device having a valid certificate, each network device includes a different certificate, and communicating between the master device and the network device using the shared symmetric key.

In Secure-Asynchronous Signing, when a record is inserted into a collection of records by a user, the user specifies a registered digital certificate to associate with the record. The digital certificate was previously registered by the user. To subsequently sign a record, the user provides a digital signature. The digital signature is validated using data in the record and a public key of the digital certificate that was associated with the row. Invalid digital signatures are detected and rejected regardless of how long afterward the attempt to sign the row occurs after inserting the row.

Technology is shown for establishing a chain of trust for an unknown root certificate in an isolated network that is verified using a chain of trust external to the network. A bootstrap executable and a leaf certificate rooted in the external chain of trust are configured with an OID. The leaf certificate is received in the isolated network and used to sign a new root certificate created in the isolated network to create a blob that is stored in a pre-determined location. The bootstrap executable is executed to instantiate a client machine, which retrieves the blob and verifies its signature using the leaf certificate. The client machine verifies that the OID values from the blob and bootstrap executable match. If the signature and OID checks are successful, then the new root certificate is distributed within the isolated network and installed in a PM certificate chain of trust.

Disclosed is a computer-implemented method for establishing a secure connection between two electronic computing devices which are located in a network environment, the two electronic computing devices being a first computing device offering the connection and a second computing device designated to accept the connection, the method comprising executing, by at least one processor of at least one computer, a connection-establishing application for exchanging an information packet between the first computing device and the second computing device comprising a secret usable for establishing the connection, and evaluating a response from the second computing device for establishing the secure connection.

Systems and methods for controlling and tracking computer devices using a secure communication path between a central server and a machine control-file watchdog program. One or more machine control-files can be generated to control, limit and track a computer device using a machine control-file watchdog program. The system sets limits on the computer device to ensure the user operating the computer device stays within a restricted set of usage limitations. The machine control-file watchdog program protects the one or more machine control-files and additionally can report on all activities performed by the computer device to the central server.

This application discloses a method for Internet key exchange protocol (IKE) authentication using a certificate. The method includes: A first device parses a certificate to obtain signature information in the certificate. The first device fills an AUTH payload field in an IKE identity authentication (AUTH) message based on the signature information in the certificate, where signature information indicated by the AUTH payload field matches the signature information in the certificate. The first device sends the IKE AUTH message to a second device. In the method for Internet key exchange protocol IKE authentication using a certificate provided in this application, the first device may automatically parse the signature information in the certificate, and fill the related field of the IKE AUTH message based on the signature information. Therefore, user configuration is simplified and product usability is improved.

Systems, methods, and other embodiments for decentralized identity with user biometrics are presented herein. In one embodiment, a method includes, in response to a request to access resources of a cloud service provider by a computing device, transmitting a request for a biometric private key to a mobile device associated with a user; in response to receiving the biometric private key, submitting the biometric private key for validation against a blockchain associated with the user and the mobile device; adding a record of the results of the validation to the blockchain; and controlling access to the resources of the cloud service provider based on the record in the blockchain by (i) denying access where the record indicates that validation has failed (ii) granting access where the record indicates that validation has succeeded.

Disclosed herein are apparatuses and methods for verifying a level of trust in a zone having multiple persons. One or more persons of the multiple persons within the zone can be identified and, based on identifying the one or more persons, it can be determined whether the one or more persons are associated with a level of trust. An observable indicator can be set to specify whether the multiple persons in the zone, including the one or more persons, are associated with the level of trust.

An electronic device includes a first communication device operable across a first medium of communication and a second communication device operable across a second medium of communication that is different from the first medium of communication. One or more processors operable with the first communication device and the second communication device obtain a client certificate digest from a prospective client device using the first communication device. Thereafter, the one or more processors receive a client certificate from a remote electronic device using the second communication device. The one or more processors then verifying that the prospective client device and the remote electronic device are the same device prior to establishing a secure communication session.

The present invention is related to systems and methods for creating, validating, updating, and certifying fan status. The present invention is directed to creating a platform for fan communications and engagement. The present invention also includes a marketplace for transacting digital collectibles of interest to fans. Fan status in the present invention is a metric of social interaction, engagement, time spent, money spent, events attended, and/or other ways of measuring support and interest. Both quantitative and qualitative measures of fan status are compatible with the present invention. Preferably, the fan status is used for fans of sports teams.