Techniques are disclosed to obtain device posture of a third party managed device. In various embodiments, a unique identifier of the third party managed device is embedded in a registration communication sent from a third party managed device to an access node associated with a first party management entity. The registration communication is sent from the third party managed device to the access node. The access node is configured to store data associating the unique identifier with the third party managed device, and to use the unique identifier to obtain from the third party management entity device posture information for the third party managed device.

A method includes, for respective queues of a plurality of queues stored in a storage: generating, using a processor, a private key—public key pair; and storing the private key—public key pair to a back of the queue. The private key—public key pair may include a private key and a public key. The method also includes receiving a request from a certificate user to utilize a private key—public key pair. The method further includes retrieving a first private key—public key pair from a front of a first queue of the plurality of queues. The method also includes using the first private key—public key pair and generating a new private key—public key pair to replace the first private key—public key pair. The method also includes storing the new private key—public key pair to a back of the first queue.

A method and a server for providing transaction keys for a transaction system includes transaction units which use pre-delivered transaction keys, and are provided by a key provisioning server and wherein the transaction key usage is checked by a transaction checking server. A transaction key is derived from a master key of a transaction unit, wherein a varying derivation parameter is used in the step of deriving. The step of deriving comprises a first sub step of deriving a key from the master key and a second sub step of deriving the transaction key from the derived key. The first sub step or the second sub step of deriving is performed dependent on a security level of the transaction unit.

An entertainment and connectivity system includes a processor for transferring information between a vehicle based user device and a server to validate a user's government identity before granting the user device access to the internet. The vehicle based server has an internet protocol address and communicates with user devices. The user devices each have an onboard internet protocol address mapped to the internet protocol address of the vehicle based server. A processor associated with the vehicle based server receives requests for internet service originating from the user devices. The requests include travel information or internet subscription plan information for a user of each of the user devices. The vehicle based server, or a ground based server that receives the request, generates an internet connection authorization decision based on validation of the user's government identity or the user's internet subscription plan information. The connection authorization decisions are then used to control whether the internet connections are established to the user devices. If the internet connections are established, internet session information for the user devices, including for each user device the onboard internet protocol address mapped to the internet protocol address of the vehicle based server, is stored in a ground based server and can be retrieved to identify the government identity of a user or a user's internet subscription plan information for each of the user devices.

The invention provides systems and method for securely inputting user data from a user into a mobile device and also for generating user data to be input by a user into a mobile device. For example, there is provided a mobile device case for securely inputting user data from a user into a mobile device, the case comprising: a microcontroller, a communication module for communicating with the mobile device and a user interface to enable the user to input the user data. The microcontroller is preferably configured to receive the user data which is input by a user via the user interface, process said user data to create processed data and communicate said processed data to said mobile device. Alternatively, the microcontroller is configured to receive a request to generate the user data; generate said user data and display said user data on the user interface.

A method of generating random and pseudo-random material which is incorporated in devices located at each end of a communications network for secure communications through a channel of the network. The material is used to generate time based one-time pads, one-time keys, and the keys themselves. The one-time pads, one-time keys, and the keys support a key-based or pad based cryptographic technique employed to produce secure communications of messages transmitted through the channel with a one-time pad, one-time key, or a key generated at one interval of time being different and unique from a one-time pad, one-time key, or a key generated at any other interval of time.

In one arrangement, a method for using symmetric keys between two entities comprising a device and a host include initiating, by the device, a transaction involving original data, wherein the original data needs to be verified by the host. The method further includes deriving, by the device, a first key based on a previously generated key and a first number, wherein the first key is unique to the transaction, and the first number is randomly generated. The method further includes sending, by the device, the first key to the host for verification.

A device or space existed in a physical space is registered in the form of a digital object in a virtual space, a digital twin service is provided through connection between an offline device or space and the digital object in the virtual space.

Embodiments extend protocols for secure communication between two parties to allow a party to securely communicate with multiple parties using a single message. For example, the sending party can determine a unique shared secret for each recipient and encrypt data for a recipient using a session key generated from the corresponding shared secret. The encrypted data can be combined into a single message, and each recipient can decrypt only the subset of the message that it is authorized to.

In a method for the encryption communication in a process plant, one or more keys for coding of electronic signals regarding the process plant, such as actuation signals, measurement signals, state signals, warning signals or such, are provided. The one or more keys are transmitted as acoustic signal via a ductwork guiding plant fluid, particularly a process fluid or an auxiliary fluid, from the first communication partner to the second communication partner. The process plant can be a chemical plant, a power plant, or a food-processing plant. The communication can be between a first and a second communication partner, which can include at least one field device, such as an actuator for adjusting a process fluid and/or a control electronics for supervising, controlling and/or regulating processes of the process plant.