The present disclosure discloses a device binding method and device, used to resolve the issue of the prior art in which the operation of controlling a smart device in a certain position is cumbersome. The method of embodiments of the present disclosure comprises: a user terminal sending target address information to a server, the server encrypting the target address information, generating a verification password, and sending the verification password to the user terminal; the user terminal sending, by means of a transmission device, the verification password to a device to be bound; the device sending the received verification password and a device identifier of the device to the server; and if the verification password sent by the device is the same as the verification password generated by the server, the server binding the target address information corresponding to the received verification password to the device identifier.

This disclosure describes techniques for controlling group access to a collaboration technology. The techniques include generating a shared encryption key among authorized producers of content associated with a collaboration technology. The techniques include receiving, by the authorized producers and from authenticated consumers, requests to access the content. The requests may be received in a partitioned manner, such that individual producers are serving a particular subset of the authenticated consumers. In response to receiving the requests, the techniques include sending the shared encryption key from the individual producers to the corresponding subset of authenticated consumers. The techniques include using the shared encryption key to encrypt content by the authorized producers, which may then be decrypted by the authenticated consumers using the shared encryption key, achieving end-to-end encryption of event content.

Methods, systems, and storage media for protecting real-time audio/visual (A/V) communications are disclosed. Exemplary implementations may: capture, at a sensor of a first A/V communication device, A/V data; transmit the captured data to a secure hardware module of a System-on-a-Chip (SoC) associated with the first A/V communication device, the secure hardware module having a first trusted execution environment (TEE) that is inaccessible by an Operating System (OS) of the SoC associated with the first A/V communication device; encrypt, in the first TEE, the captured data; transmit the encrypted data from the first A/V communication device to a second A/V communication device; receive, at a secure hardware module of a SoC associated with the second A/V communication device, the encrypted data, the secure hardware module of the SoC associated with the second A/V communication device having a second TEE that is inaccessible by an OS of the SoC associated with the second A/V communication device; decrypt, in the second TEE, the encrypted data; and cause presentation of the decrypted data at the second A/V communication device.

A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i); transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i); receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).

The present disclosure provides in various aspects an encryption device (100), a communication system and a method of exchanging encrypted data in such a network. In accordance with some illustrative embodiments of an aspect, the encryption device (100) comprises a communication interface (110), a variable key generator (120) configured to generate at least two keys, a memory (130) configured to store keys that are either generated by the variable key generator (120) and/or received at the communication interface (110), and an encryption/decryption component (140) configured to successively use keys stored in the memory (130) for encrypting a plaintext received at the communication interface (110) and for decrypting a ciphertext received at the communication interface (110), wherein the communication interface (110) is configured to communicate with an associated separate communication device which is used by a user of the encryption device (100) for communicating in a communication network.

Systems, methods, and computer-readable storage media for enabling secure transfer of Internet domains between registrars. An example method can include receiving, at a registry, a request from a first registrar for information associated with an object recorded in the registry and registered by the first registrar, then generating, at the registry, an authorization code, the authorization code having an expiration. The registry can then transmit, to the first registrar, the authorization code, which in turn can be given to the registrant. The registrant can forward the authorization code to the second registrar, and the registry can receive, from a second registrar before the expiration has been reached: the authorization code and a transfer request for the object, the transfer request identifying a transfer of the object from the first registrar to the second registrar. At that point the registry can verify the authorization code authorize the transfer request of the object from the first registrar to the second registrar.

A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; place an MKA protocol of the MKA session in a pause state until the first packet processing engine detects a rekey event; determine that a key for the MKA session is to be regenerated based on detection of the rekey event; and perform an action based on the rekey event for the MKA session.

A system for generating and applying a secure token in a resource distribution network is provided. For example, a headend system generates a time-based token based on a time duration specified for a meter. The time-based token indicates the time duration for the meter. The time-based token is further generated based on an identifier of the meter. The headend system transmits the time-based token to the meter via at least a mesh network. After receiving the time-based token, the meter validates the time-based token to determine that the time-based token is generated for the meter based on information related to the identifier of the meter. If the meter determines that the time-based token is valid, the meter connects premises associated with the meter to a resource distribution network for at least the time duration specified in the time-based token.

A system for generating and applying a secure token in a resource distribution network is provided. For example, a headend system generates a global token based on a time duration specified for multiple meters that are in communication with the headend system through at least a mesh network in a normal condition. The global token is associated with the time duration and is applicable to the multiple meters. The headend system causes the global token to be broadcast via a broadcast network. After receiving the global token, the meter verifies the global token and determines the time duration associated with the global token. The meter further connects premises associated with the meter to a resource distribution network for at least the time duration associated with the global token.

A CAN device is provided with an encryption function and a decryption function. The encryption function allows messages to be encrypted and put onto a CAN bus. The decryption function allows the messages on the CAN bus to be decrypted. The encryption and decryption functions share keys which change over the course of time.