Metering automation controller functionality includes accessing a project code that defines one or more operations of an industrial automation controller, analyzing the project code to identify one or more capabilities of the industrial automation controller that are utilized by the one or more operations, generating a file indicative of the one or more capabilities of the industrial automation controller, transmitting the file to a server that generates a certificate for authorizing the industrial automation controller to execute the project code, receiving the certificate from the server that identifies the file and an authorization for the industrial automation controller to execute the project code to perform the one or more operations, and transmitting the project code, the file, and the certificate to the industrial automation controller for execution.

Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.

A method of sharing encrypted data includes, by an electronic device, receiving a password from a user to perform an action, receiving a salt value, generating a user key using the password and salt value, receiving an encrypted key location identifier value, decrypting the encrypted key location identifier value to obtain a key location identifier, receiving an encrypted read token value, decrypting the encrypted read token value using the user key to obtain a read token value, and transmitting the read token value and the key location identifier to a server electronic device.

Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Embodiments of the present invention are directed to methods and resulting structures for integrated circuits having metal-insulator-metal (MIM) capacitors that serve as both decoupling capacitors and crack stops. In a non-limiting embodiment, an interconnect is formed on a first portion of a substrate in an interior region of the integrated circuit. A second portion of the substrate is exposed in an edge region of the integrated circuit. A MIM capacitor is formed over the second portion of the substrate in the edge region. The MIM capacitor includes two or more plates and one or more dielectric layers. Each dielectric layer is positioned between an adjacent pair of the two or more plates and a portion of the two or more plates extends over the interconnect in the interior region. A plate of the two or more plates is electrically coupled to a last metal wiring level of the interconnect.

Methods, apparatus and computer program product for protecting a confidential integrated circuit design process. The computer-implemented method includes receiving a design specification dataset from a first untrusted computing device; extracting confidential design specification data from the design specification dataset; encrypting the confidential design specification data to produce encrypted confidential design specification data; generate a first encryption key to be associated with the encrypted confidential design specification data; retrieving a confidential design specification data subset for replacing a design element subset with a security hard macro (SHM) placeholder design element set; generating a security hard macro (SHM) placeholder feature set comprising those security hard macro (SHM) placeholder features representing mappings from the confidential design specification data subset to the SHM placeholder design element set; and transmitting, to the first untrusted computing device, the encrypted confidential design specification data, the first encryption key, and the SHM placeholder feature set.

A key negotiation method and an electronic device are provided, and relate to the field of communications technologies. Specifically, the method includes: An IoT control device multicasts, in a first local area network, a discovery message that carries a first public key, and sends a second ciphertext to a first IoT device after receiving a first ciphertext and a second public key. After receiving a third ciphertext from the first IoT device, the IoT control device decrypts the third ciphertext based on a first session key, to obtain a second signature and second session information; verifies the second signature based on a long-term public key of the first IoT device; and performs encrypted communication with the first IoT device based on the first session key after the second signature is successfully verified.

An ABE method with multiple tracing attribute authorities: performing, by a central authority, system initialization to generate a public parameter and disclosing the public parameter; performing, by each of attribute authorities, initialization to generate a key pair, and disclosing a public key in the key pair; performing, by a data owner, symmetric encryption on plaintext data, performing ABE on a symmetric key based on a hidden access structure, and generating an integrity verification value; requesting, by a data user, a decryption key to the attribute authority according to an own attribute; restoring, by the data user in response to decryption, an access structure, generating an outsourcing decryption key, sending the outsourcing decryption key to a cloud storage center for semi-decryption; generating, by the cloud storage center, a semi-decrypted ciphertext, and feeding the semi-decrypted ciphertext back to the data user; fully decrypting the semi-decrypted ciphertext according to a private decryption key.

Aspects and embodiments of the present invention relate to a method and system for generating a private cryptographic key for use in a secure cryptogram for transmission between a first entity and a second entity. The method may comprise: selecting a random vector defined in an n-dimensional vector space shared between the first entity and the second entity, the vector comprising one or more component coordinates defined in the n-dimensional vector space, each component coordinate being associated with one or more bits; determining the one or more bits associated with each component coordinate comprised in the random vector; and generating the private key in dependence on the one or more bits associated with each component coordinate comprised in the random vector.

This application provides a communication system, method, and apparatus. The system is applied to implement AKMA service-based data transmission between a terminal device and an application function network element, and the system includes an AKMA anchor function network element and a network exposure function network element. The network exposure function network element obtains first identification information from a unified data management network element, where the first identification information is used to determine an authentication server function network element corresponding to the terminal device, and sends the first identification information to the AKMA anchor function network element. The AKMA anchor function network element obtains, from the unified data management network element based on the first identification information, identification information of the authentication server function network element corresponding to the terminal device.