A workflow management system can be used to determine whether a set of transaction events have been properly processed according to a business process rule. A business process rule includes a set of transaction events setup in accordance with a government regulation or an internal company process. An event data may include information associated with a transaction event. A workflow management system includes a workflow management server that receives cryptographically signed transaction event data from one or more additional servers so that the workflow management server can determine whether the received transaction event data comprises a complete or an incomplete transaction.

Methods and systems for network communication are disclosed. Proxy information may be received. The proxy information may facilitate a gateway device communicating as a proxy for a user device.

Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a first user equipment (UE) may receive, from a base station or a roadside unit (RSU), information associated with one or more security keys for sidelink communications, wherein the information includes at least one of a base key, the one or more security keys, or one or more parameters for deriving the one or more security keys. The UE may transmit, to a second UE, a sidelink communication that is scrambled using a security key of the one or more security keys. Numerous other aspects are described.

A medical pump includes a cuboid pump housing and a front lid that is pivotably hinged to the pump housing. The front lid includes a display, in particular a touch display, and/or operating elements. The front lid is attached to the pump housing with at least one first hinge element and at least one second hinge element. The at least one first hinge element and/or the at least one second hinge element includes or forms at least one electrical connection between the pump housing and the front lid for electrical linking and exchange of data.

A method and system for in-field encoding of credentials to a credential device. An example method comprises receiving a request to at least one of add or update credentials to a credential device; providing an invitation code for an in-field device, the in-field device being separate from the credential device; receiving, from the in-field device, the invitation code along with information from the credential device for establishing a secure communication channel with the credential device; establishing a secure communication channel with the credential device using the in-field device as an intermediate; generating one or more commands for encoding credentials to the credential device based on the request; and sending the one or more commands, via the secure communication channel using the in-field device as an intermediate, to the credential device.

A system and process for onboarding client devices to a key management server. In operation, a device generates an asymmetric key pair including a public key and a private key. The device obtains an access token from an identity management server after successfully authenticating with the identity management server. The device transmits a request including the access token and the public key to the key management server to onboard the client device. The device receives a response including encrypted bootstrap information from the key management server. The bootstrap information included in the response is encrypted using the public key of the asymmetric key pair. The device decrypts the encrypted bootstrap information using the private key of the asymmetric key pair to obtain the bootstrap information and then uses the bootstrap information for encrypting communications transmitted to the key management server or for decrypting communications received from the key management server.

A method is provided for secure provisioning of a device. In the method, a plurality of integrated circuit (IC) devices is manufactured by a first entity for use in the device. The first entity provides signed provisioning software and stores in at least one provisioning IC device one or more keys used for provisioning the plurality of ICs. The provisioning device with the signed provisioning software is provided to a second entity. The second entity verifies the provisioning software using a stored key. The provisioning software encrypts provisioning assets provided by the second entity and provides the encrypted provisioning assets to the third entity. The signed provisioning software is provided to a third entity by the first entity. During manufacturing of the manufactured products by the third entity, the provisioning software verifies and decrypts the encrypted provisioning assets of the second entity to provision all the plurality of IC devices.

Techniques involving migrating authenticated content on a network towards the consumer of the content. One representative technique includes a network node receiving an encrypted seed having at least a location of the user data at a network service that stores the user data, and a cryptographic key to access the user data. The seed is received in response to a user login attempt to the network service. The user data is requested from the location using at least the received cryptographic key. The method further includes receiving and storing the user data at the network node, where the network node is physically closer to a location of the user than is the location of the network service. If the user is successfully authenticated, user access is provided to the stored user data at the network node rather than from the network service.

A method for distributing multiple cryptographic keys used to access data includes: receiving a data signal superimposed with an access key request, wherein the access key request includes at least a number, n, greater than 1, of requested keys; generating n key pairs using a key pair generation algorithm, wherein each key pair includes a private key and a public key; deriving an access private key by applying the private key included in each of the n key pairs to a key derivation algorithm; generating an access public key corresponding to the derived access private key using the key pair generation algorithm; and electronically transmitting a data signal superimposed with a private key included in one of the n key pairs for each of the n key pairs.

Embodiments are directed to monitoring communication between computers using network monitoring computers (NMCs). NMCs identify a secure communication session established between two of the computers based on an exchange of handshake information associated with the secure communication session. Key information that corresponds to the secure communication session may be obtained from a key provider such that the key information may be encrypted by the key provider. NMCs may decrypt the key information. NMCs may derive the session key based on the decrypted key information and the handshake information. NMCs may decrypt network packets included in the secure communication session. NMCs may be employed to inspect the one or more decrypted network packets to execute one or more rule-based policies.