A system for implementing Machine-to-Machine (M2M) validation receives a request from a unrecognized computing device to establish a communication with a first trusted computing device. The first trusted computing device sends a query message to a second trusted computing device to determine whether the unrecognized computing device is in a list of trusted devices associated with the second trusted computing device. The first trusted computing device receives a response message from the second trusted computing device indicating that the unrecognized computing device is in the list of trusted devices. In response, to receiving the response message, the first trusted computing device approves the request of the unrecognized computing device.

Secure pairing is key to trustworthy deployment and application of Internet of Things (IoT) devices. However, IoT devices lack conventional user interfaces, such as keyboards and displays, which make many traditional pairing approaches inapplicable. Proximity-based pairing approaches are very usable, but can be exploited by co-located malicious devices. Approaches based on a user's physical operations on IoT devices are more secure, but typically require inertial sensors, while many devices do not satisfy this requirement. A secure and usable pairing approach that can be applied to heterogeneous IoT devices still does not exist. We develop a technique, Universal Operation Sensing, which allows an IoT device to sense the user's physical operations on it without requiring inertial sensors. With this technique, a user holding a smartphone or wearing a wristband can finish pairing in seconds through some very simple operations, e.g., pressing a button or twisting a knob. Moreover, we reveal an inaccuracy issue in original fuzzy commitment and propose faithful fuzzy commitment to resolve it. We design a pairing protocol using faithful fuzzy commitment, and build a prototype system named Touch-to-Pair (T2Pair, for short). The comprehensive evaluation shows that it is secure and usable.

This invention presents a non-volatile data storage apparatus that is securely worn by a user like a bracelet that stores the users sensitive information and a wirelessly coupled separate display and input device functioning as the sole or main display and input device functioning together like a single personal mobile device, wherein the non-volatile data storage apparatus authenticates the separate display and input device that it doesn't risk the security or privacy of the sensitive information transmitted to it by the non-volatile data storage apparatus.

This invention presents a non-volatile data storage apparatus that is securely worn by a user like a bracelet that stores the users sensitive information and a wirelessly coupled separate display and input device functioning as the sole or main display and input device functioning together like a single personal mobile device, wherein the non-volatile data storage apparatus authenticates the separate display and input device that it doesn't risk the security or privacy of the sensitive information transmitted to it by the non-volatile data storage apparatus.

The present systems, devices, and methods generally relate to controlling wearable displays during vehicle operation, and particularly to detecting when a user is operating a vehicle and restricting operation of a wearable display to prevent the user from being distracted. At least one processor of a wearable display system receives user context data from at least one user context sensor, and determines whether the user is operating a vehicle based on the user context data. If the user is operating a vehicle, presentation of at least one user interface is restricted. Unrestricted access can be restored by inputting an unlock input to override the restriction, or by analysis of additional user context data at a later time.

The present systems, devices, and methods generally relate to controlling wearable displays during vehicle operation, and particularly to detecting when a user is operating a vehicle and restricting operation of a wearable display to prevent the user from being distracted. At least one processor of a wearable display system receives user context data from at least one user context sensor, and determines whether the user is operating a vehicle based on the user context data. If the user is operating a vehicle, presentation of at least one user interface is restricted. Unrestricted access can be restored by inputting an unlock input to override the restriction, or by analysis of additional user context data at a later time.

This disclosure describes system on a chip (SOC) communications that prevent direct memory access (DMA) attacks. An example SoC includes an encryption engine and a security processor. The encryption engine is configured to encrypt raw input data using a cipher key to form an encrypted payload. The security processor is configured to select the cipher key from a key store holding a plurality of cipher keys based on a channel ID describing a {source subsystem, destination subsystem} tuple for the encrypted payload, to form an encryption header that includes the channel ID, to encapsulate the encrypted payload with the encryption header that includes the channel ID to form a crypto packet, and to transmit the crypto packet to a destination SoC that is external to the SoC.

A wireless transmit/receive unit (WTRU) may be configured to support UAV authentication and/or authorization. A WTRU may obtain a UAV profile (e.g., UAV id) via registration with a network. UAV authentication and authorization may be performed with a UAS server/UTM based on the UAV profile. UAV authentication and authorization procedures may be UAS-based (e.g., via a UTM over a user plane) and/or EAP-based (e.g., via a UTM with an AMF or SMF authenticator). A WTRU may setup a PDU session, for example, for UAV authentication with a UAS server/UTM over a user plane. A WTRU may perform UAV authentication with a UAS server/UTM via AMF (e.g., EAP over NAS/MM) or via SMF (e.g., EAP over NAS/MM during PDU session establishment). A UAS id and/or UAV-C id may be received, for example, via a UCU procedure or a PDU session establishment accept message.

The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.

The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.