Disclosed are various embodiments for providing access to a recovery key of a managed device and rotating the recovery key after it has been accessed. In one example, among others, a system includes a computing device and program instructions. The program instructions can cause the computing device to store a first recovery key for a first managed computing device. The first recovery key is configured to access an encrypted data store of the first managed computing device. A request is received for the first recovery key from a second managed computing device. The first recovery key is transmitted for display on the second managed computing device. A key rotation command is generated for a command queue of the first managed computing device to rotate the first recovery key after transmitting the first recovery key. The second recovery key is received from the second computing device.

There is herein provided a method of performing Quantum Key Distribution, the method comprising, transmitting, in a first basis state, a first photon from a quantum transmitter to a quantum receiver; transmitting, in a second basis state, a second photon from the quantum transmitter to the quantum receiver, the second basis state being non-orthogonal to the first basis state and the transmitter and receiver being optically connected by both a first optical channel and a second optical channel, wherein the step of transmitting the first photon from the quantum transmitter to the quantum receiver in the first basis state comprises: transmitting the first photon from the quantum transmitter to the quantum receiver along either the first optical channel or the second optical channel, wherein the step of transmitting the second photon from the quantum transmitter to the quantum receiver in the second basis state comprises: transmitting a first portion of the probability distribution of the second photon from the transmitter to the receiver along the first optical channel; and transmitting a second portion of the probability distribution of the second photon from the transmitter to the receiver along the second optical channel.

A user equipment for a mobile telecommunications system, including circuitry configured to: communicate with a non-public network authentication-authorization-accounting server and initiate a registration procedure with the mobile telecommunications system; and provide an authentication interface between the non-public network authentication-authorization-accounting server and an authentication server function entity in the mobile tele-communications system.

Media, method, and system for providing encryption key management for international data residency. Organizations using a group-based communication system can designate a particular geopolitical area where that organization's data can be stored and another geopolitical area (which may be the same or different) where encryption keys used to encrypt and decrypt that data should be stored. Users of that organization can post message or access messages previously posted on the group-based communication system from any geopolitical area, causing the system to automatically store and retrieve messages and encryption keys from the appropriate regions to allow the users to transparently access the group-based communication system while maintaining security and data residency requirements.

This disclosure generally relates to encrypted communication between terminal devices and service applications via a communication network. Such encrypted communication may be based on various hierarchical levels of encryption keys that are generated and managed by the communication network. Such encrypted communication and key management may be provided by the communication network to the terminal devices as a service that can be subscribed to. The various levels of encryption keys may be managed to improve flexibility of the communication network and to reduce potential security breaches.

A method and system for automatically connecting one customer device with another over a Bluetooth or similar connection. The automatic connection may be made by generating a unique identifier to store on a new customer device and a backend system associated with an existing customer device and connecting the new customer device with the existing customer device using the unique identifier.

Systems, methods, and non-transitory computer readable medium use external databases for biometric authentication. A server receives a request for authentication of a user from a requestor. A notification is sent to a user device associated with the user from the server. A biometric image is received within the server in response to the notification. A biometric ID of the user is sent from the server to an external database for identifying a biometric template stored with the external database. An authentication result indicative of a match between the biometric image and the biometric template is determined and the authentication result is sent to the requestor. The external databases are owned by a third party, and the biometric template of the user was previously generated and stored within the external database in association with the biometric ID.

This application provides a key distribution method, an apparatus, and a system, includes: determining, by an identity management server based on AAA authentication information, whether AAA authentication on the terminal succeeds; if the AAA authentication succeeds, sending the ID of the terminal to a key management server; and generating, by the key management server, a private key of the terminal and returning the private key to the management server. After negotiating with the terminal to generate a first key, the identity management server encrypts the ID and the private key of the terminal, and sends an encrypted ID and an encrypted private key to the terminal. The terminal obtains the ID and the private key of the terminal. According to the key distribution method, apparatus, and system provided in this application, communication security performance of the terminal during ID-based registration authentication is improved.

Various techniques for facilitating communication with and across a clinical environment and a cloud environment are described. For example, a method for authenticating a network device residing in the clinical environment using a token is described. An authentication proxy in the cloud environment can receive a request from a connectivity adapter in the clinical environment and retrieve a security token from an authentication system in the cloud. The connectivity adapter can use the security token to send signed requests to the authentication system.

A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.