An electronic device in a device-to-device network of a user of the electronic device communicates with a group of one or more other instances of the electronic via dynamic connections that are based on pre-established and maintained (i.e., long-lived) associations in the device-to-device network. Moreover, a given dynamic connection between the electronic device and a given instance of the electronic device in the group is setup by the electronic device without assistance of a computer in another network, which conveys the communication within the group. During operation, after receiving a response accepting an invitation to a second user of a second instance of the electronic device in the group to join the device-to-device network, the electronic device verifies the second user based on an encryption key associated with the second user; and establishes a new maintained association with the second instance of the electronic device in the device-to-device network.

An electronic device in a device-to-device network of a user of the electronic device communicates with a group of one or more other instances of the electronic via dynamic connections that are based on pre-established and maintained (i.e., long-lived) associations in the device-to-device network. Moreover, a given dynamic connection between the electronic device and a given instance of the electronic device in the group is setup by the electronic device without assistance of a computer in another network, which conveys the communication within the group. During operation, after receiving a response accepting an invitation to a second user of a second instance of the electronic device in the group to join the device-to-device network, the electronic device verifies the second user based on an encryption key associated with the second user; and establishes a new maintained association with the second instance of the electronic device in the device-to-device network.

Examples of techniques for authenticating mobile applications are described herein. A method includes receiving, at a first server, a key pair and a policy file associated with a mobile service on a second server, the policy file includes a plurality of security objects to be authenticated, a plurality of computing devices to authenticate the security objects, and an order of authentication. The method includes distributing the key pair and the policy file to a security device. The method also includes receiving, at the first server, an authentication request from a mobile application. The method further includes creating an authenticity challenge as specified in the policy file and sending the authenticity challenge with a response to the mobile application.

Described herein are systems and methods for hardware enforcement of hardware functionality in a client television receiver. An activation message containing an activation code for a specific hardware component within the client television receiver can be transmitted from a television service provider system to a host television receiver having an associated smart card. The smart card can decrypt the activation message, identify the client television receiver as the destination of the activation message, security check the activation message, encrypt the activation message with a local key, and transmit the activation message to a security processor on the client television receiver. The security processor can decrypt the activation message, security check the activation message to ensure it is from the smart card and has not been tampered with, and enable the hardware component within the client television receiver based on the activation code within the activation message.

A writing application on a computing device can reference a tail pointer to write messages to message buffers that a peer-to-peer data link replicates in memory of another computing device. The message buffers are divided into at least two queue segments, where each segment has several buffers. Messages are read from the buffers by a reading application on one of the computing devices using an advancing head pointer by reading a message from a next message buffer when determining that the next message buffer has been newly written. The tail pointer is advanced from one message buffer to another within a same queue segment after writing messages. The tail pointer is advanced from a message buffer of a current queue segment to a message buffer of a next queue segment when determining that the head pointer does not indicate any of the buffers of the next queue segment.

A writing application on a computing device can reference a tail pointer to write messages to message buffers that a peer-to-peer data link replicates in memory of another computing device. The message buffers are divided into at least two queue segments, where each segment has several buffers. Messages are read from the buffers by a reading application on one of the computing devices using an advancing head pointer by reading a message from a next message buffer when determining that the next message buffer has been newly written. The tail pointer is advanced from one message buffer to another within a same queue segment after writing messages. The tail pointer is advanced from a message buffer of a current queue segment to a message buffer of a next queue segment when determining that the head pointer does not indicate any of the buffers of the next queue segment.

A first solid state drive (SSD) includes a first built-in network interface device configured to communicate via a network fabric, and a second SSD includes a second built-in network interface device configured to communicate via the network fabric. A connection is opened between the first SSD and the second SSD over the network fabric. Based on a non-volatile memory over fabric (NVMe-oF) communication protocol, an NVMe command to transfer data between the first SSD and the second SSD over the connection is encapsulated in a capsule. The capsule is sent from the first SSD to the second SSD over the connection via the network fabric. The second SSD executes the NVMe command in the capsule to transfer the data between the first SSD and the second SSD over the connection.

A first solid state drive (SSD) includes a first built-in network interface device configured to communicate via a network fabric, and a second SSD includes a second built-in network interface device configured to communicate via the network fabric. A connection is opened between the first SSD and the second SSD over the network fabric. Based on a non-volatile memory over fabric (NVMe-oF) communication protocol, an NVMe command to transfer data between the first SSD and the second SSD over the connection is encapsulated in a capsule. The capsule is sent from the first SSD to the second SSD over the connection via the network fabric. The second SSD executes the NVMe command in the capsule to transfer the data between the first SSD and the second SSD over the connection.

A method for operating a system hosted on a mobile entity is disclosed, wherein the system is operable to connect to a communication network. The method, performed by a controller of the system, comprises seeking to establish a trust relationship with a cooperating system hosted on a mobile entity, and, if a trust relationship with the cooperating system is established, performing at least one of: initiating use of a resource provided by the cooperating system, or initiating provision of a resource for use by the cooperating system. Also disclosed is a method for operating a function comprising a digital representative of a system hosted on a mobile entity, wherein the system is operable to connect to a communication network. The method, performed by the function, comprises negotiating, with a digital representative of a cooperating system hosted on a mobile entity, at least one of provision of a resource to the system by the cooperating system, or provision of a resource to the cooperating system by the system.

A method for operating a system hosted on a mobile entity is disclosed, wherein the system is operable to connect to a communication network. The method, performed by a controller of the system, comprises seeking to establish a trust relationship with a cooperating system hosted on a mobile entity, and, if a trust relationship with the cooperating system is established, performing at least one of: initiating use of a resource provided by the cooperating system, or initiating provision of a resource for use by the cooperating system. Also disclosed is a method for operating a function comprising a digital representative of a system hosted on a mobile entity, wherein the system is operable to connect to a communication network. The method, performed by the function, comprises negotiating, with a digital representative of a cooperating system hosted on a mobile entity, at least one of provision of a resource to the system by the cooperating system, or provision of a resource to the cooperating system by the system.