A computing system can associate a customer device of a customer with a financial transaction record and the merchant, the financial transaction record indicative of a first purchase from the merchant by the customer, transmit a first query to the customer device prompting the customer to input information regarding an aspect of the first purchase, the first query including a description of a predetermined product parameter of the financial transaction record indicative of the first purchase from the merchant by the customer, authenticating, by the computing system, the first request by determining that the customer-input response to the first query corresponds to the established aspect of the first purchase in accordance with a predetermined accuracy threshold, and authorizing, by the computing system, connection of the customer device to the network provided by the merchant based at least in part on the first request being authenticated.

Embodiments of the present disclosure provide a method and a device for cross-domain strong logically isolation and secure access control in the Internet of Things (IoT). The method includes the following. When one IoT gateway receives the identity authentication request, the IoT gateway sends the identity authentication request to all IoT gateways in the domain excluding that IoT gateway. When all IoT gateways in the domain receive the identity authentication request, all IoT gateways verify separately whether the identity authentication request is legal. After a certain IoT gateway obtains the identity authentication result, a distributed consensus procedure is initiated. The IoT gateways in the domain reach a consensus on the identity authentication result through a distributed consensus mechanism, and the identity authentication result is written and stored to a block of a blockchain.

Disclosed is a method, a device, and/or a system of rapid and secure off-ledger cryptocurrency transactions through cryptographic binding of a private key to a possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a quantity of cryptocurrency includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the quantity of cryptocurrency with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Embodiments provide methods, and systems for facilitating microservices for cryptographic operations. A method includes receiving, by a server system, a cryptographic service request from at least one application of a plurality of applications over a network communication channel. The cryptographic service request comprises a cryptographic operation to be performed and a cryptographic keys index being an identifier of the at least one application. The method includes generating, by the server system, a cryptographic operation command for the cryptographic operation. The method includes sending, by the server system, the cryptographic operation command to a Hardware Security Module (HSM) communicatively connected to the server system to perform the cryptographic operation. The method includes receiving, by the server system, a response from the HSM for the performed cryptographic operation. The method includes sending, by the server system, the response for the performed cryptographic operation to the at least one application.

A mobility surrogate includes a humanoid form supporting at least one camera that captures image data from a first physical location in which the first mobility surrogate is disposed to produce an image signal and a mobility base. The mobility base includes a support mechanism, with the humanoid form affixed to the support on the mobility base and a transport module that includes mechanical drive mechanism and a transport control module including a processor and memory that are configured to receive control messages from a network and process the control messages to control the transport module according to the control messages received from the network.

Aspects of the invention include receiving a request from an initiator channel on an initiator node to initiate a secure communication with a responder channel on a responder node. The receiving is at a local key manager (LKM) executing on the initiator node. A security association is created at the LKM between the initiator node and the responder node. An identifier of a shared key assigned for communication between the initiator node and the responder node is obtained, and a message requesting initialization of the secure communication between the initiator channel and the responder channel is built. The message includes the identifier of the shared key. The message is sent to the initiator channel.

The present disclosure relates to method of enabling key re-usage for an electronic device. The method comprising: receiving a request message from the electronic device, wherein the request message comprises a first information being indicative of a preference for one of a first key associated with a first network node in a first network or a second key associated with a second network node in a second network; processing the request message to determine the preference indicated in the first information; and transmitting a response message to the electronic device for reusing the first key or second key, the electronic device is configured to derive a third key based on the first key or the second key as indicated in the determined preference, and the second network is able to access to the first key and the second key whereas the first network cannot access the second key.

The present invention relates to systems for cryptographic protection of information which use keys derived from quantum keys from an associated quantum key distribution (QKD) system, in order to improve security of transmitted information. A system comprises a transmitting node and a receiving node of a single-pass QKD system, and two encryptors connected by a classical communication channel. The one encryptor is further connected to the transmitting node of the QKD system by a 1st local communication link, and the other encryptor is connected to the receiving node of the QKD system by a 2nd local communication link.

A method comprises: generating encryption keys and authentication keys based on quantum keys of a size not less than the one specified in operation of the system; exchanging service data in course of execution of the quantum protocol using the encryption keys and authentication keys, and providing identity of the encryption keys and the authentication keys. The technical result refers to: 1) enhanced security of user data being transmitted; 2) enhanced robustness of the system; 3) reduced cost of manufacturing, deploying, and operating the system by reducing the number of classic communication links; 4) improved strength of quantum keys.

Embodiments of this application provide a key update method and a related apparatus. One example method includes: sending a first key update request to a second node, where the first key update request includes a first key negotiation parameter and first identity authentication information, and the first identity authentication information is generated by using a first shared key; receiving a first response message from the second node, where the first response message includes second identity authentication information; performing verification on the second identity authentication information by using the first shared key; and if the verification on the second identity authentication information succeeds, determining a first target key based on the first key negotiation parameter.

Disclosed is an electronic device comprising: a memory in which instructions are stored; and a processor electrically connected to the memory. The processor, when the instructions stored in the memory are executed: acquires a command for installation of a first application signed with a first key; checks information relating to the first key in a key storage of the electronic device; if the first key is determined to be valid, installs the first application; and if the first key is determined to have been revoked, controls to prohibit installation of the first application.