Method and Systems for configuring, monitoring, updating and validating Internet of Things (IoT) software code and configuration using blockchain smart contract technology. The use of smart contracts for delivering software code and or configuration scripts to IoT devices is an enhanced cybersecurity solution meant to ensure the security and integrity of IoT devices. The use of smart contracts is also shown how it can be used for verifying the integrity of the IoT devices software code and or configuration is a proactive method of cybersecurity. The proactive cybersecurity method will prevent man in the middle attacks as well as preventing rogue devices from impacting other IoT devices or networks.

The techniques described herein provide for authentication of a reader device over a wireless protocol (e.g., NFC or Bluetooth, BLE). The mobile device can receive and store the static public key of the reader device and one or more credentials, each credential specifying access to an electronic lock. The mobile device can receive an ephemeral reader public key, a reader identifier, and a transaction identifier. The mobile device can generate session key using the ephemeral mobile private key and the ephemeral reader public key and send the ephemeral mobile public key to the reader device. The reader device can receive the ephemeral mobile public key and sign and transmit a signature message to the mobile device. The mobile device can validate a reader signature and generate an encrypted credential that the reader can use to access an electronic lock. The reader device can authenticate the mobile device for mutual authentication.

Techniques for generating and maintaining an identifier (112) of a user equipment (UE) (102) are presented. For instance, the disclosure presents an example method (200) executed by a radio access network (RAN) node for providing a UE (102) with an identifier (112). This example method (200) can include, for example, generating the identifier (112) for the UE (102), where the identifier (112) includes RAN node identity information, a timestamp indicating a time at which the identifier is generated by the RAN node (106), and/or integrity information from which the identifier (112) is verifiable. In addition, the example method (200) can include adding the identifier (112) to an information container (110) corresponding to the UE (102) and forwarding the information container (110) including the identifier (112) to a core network node (108). Related RAN node (106) and core network node (108) devices are also presented, as well as example computer programs, systems, and techniques for generating and maintaining an identifier (112) for a UE (102).

This disclosure describes system on a chip (SOC) communications that prevent direct memory access (DMA) attacks. An example SoC includes an encryption engine and a security processor. The encryption engine is configured to encrypt raw input data using a cipher key to form an encrypted payload. The security processor is configured to select the cipher key from a key store holding a plurality of cipher keys based on a channel ID describing a {source subsystem, destination subsystem} tuple for the encrypted payload, to form an encryption header that includes the channel ID, to encapsulate the encrypted payload with the encryption header that includes the channel ID to form a crypto packet, and to transmit the crypto packet to a destination SoC that is external to the SoC.

A mobile device management method includes: a first electronic device sends a request message including an identifier of at least one second electronic device to a first server. The first electronic device receives a DM service APP from the first server and installs the DM service APP. After the DM service APP is installed, the first electronic device can provide the MDM service. The first electronic device provides the MDM service for the second electronic device, to implement management and device system upgrade of the second electronic device.

Technologies are shown for secure management of evaluation data that involves receiving an evaluation value signal from a source, the evaluation value signal relating to an evaluation entity having an evaluation score secured on an evaluation data blockchain and verifying whether the source is identified in trusted source data. If the source is trusted, then the technology involves obtaining a weight associated with the source, obtaining the evaluation score for the evaluation entity from a first evaluation data block in the evaluation data blockchain, where the first evaluation data block is a most recent evaluation data block in the evaluation data blockchain, calculating a new evaluation score based on the evaluation score obtained from the first evaluation data block and the received valuation signal weighted according to the weight associated with the source, and securely committing the new evaluation score to the evaluation data blockchain in another evaluation data block.

Methods, systems, and devices for communications are described. A device or a group of devices may generate data. The group of devices may receive a group profile from a node that identifies the devices to be included, and the group profile may include a function to be evaluated at each of the devices. The node may also provision evaluation parameters which may allow the device to provide authenticated aggregate data to a requesting third party, without sharing the data between the devices and without sharing the data with the node, thus concurrently maintaining individual data privacy and data provenance.

Disclosed herein are an in-vehicle network apparatus and method. The in-vehicle network apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to verify the integrity of software stored in advance in the executable memory, to generate a key table by sharing authentication information with a communication target, and to exchange an encrypted message with the communication target using the key table.

An electronic device and a method for performing a peer to peer (P2P) service in the electronic device are provided. The electronic device includes a communication module, a processor, a memory, and a security module, wherein the memory may be configured to store instructions that, when executed, enable the processor to receive a public key from an external electronic device as a P2P service is requested, transmit, to the external electronic device, an authentication certificate chain generated on the basis of the received public key via the security module, verify an authentication certificate chain received from the external electronic device by using a root authentication certificate stored in the security module, receive encrypted information of the external electronic device from the external electronic device, decrypt the encrypted information of the external electronic device by using a shared key generated according to a result of the verifying of the received authentication certificate chain, and perform the P2P service with the external electronic device via the communication module, on the basis of the decoded information of the external electronic device.

A method includes identifying a plurality of local tracklets from a plurality of targets, creating a plurality of global tracklets from the plurality of local tracklets, wherein each global tracklet comprises a set of local tracklet of the plurality of local tracklets, wherein the set of local tracklet corresponds to a target of the plurality of targets; extracting motion features of the target from the each global tracklet of the plurality of global tracklets, wherein the motion features of each target of the plurality of targets from each global tracklet of the plurality of global tracklets are distinguishable from the motion features of remaining targets of the plurality of targets from remaining global tracklets; transforming the motion features into an address code by using a hashing process; and transmitting a plurality of address codes and a transformation parameter of the hashing process to a communication device.