The present disclosure discloses an authentication method performed at a server, including: generating, based on a first account that is possessed by a user of a first device and that corresponds to a first application, corresponding token information; sending the token information to the first device to be shared by the first device with devices in a device group in a replication restriction manner; performing, based on the token information, authentication on a second device that is in the device group; granting permission of accessing the first account to the second device when the authentication succeeds; and triggering the first device to switch from a state of first account-based login to the first application to a state of suspending the login to the first application when it is determined that the second device logs in to the first application based on the permission of accessing the first account.

Systems and methods for token processing are disclosed. An access device can provide access device data to a mobile communication device. The communication device generates a token request including the access device data and communication device data and sends the token request to a server computer. The server computer returns a token and a token cryptogram to the mobile communication device. The token and the cryptogram may be used in a transaction.

Encryption keys for an enterprise are stored at a perimeter device such as a gateway, and rules are applied at the network perimeter to control whether and how these keys are used for cryptographic processing of communications passing through the perimeter device. The encrypted status of communications, e.g. whether and how files are encrypted with the encryption keys, may also be used to assist in selecting appropriate security handling and routing of the communications.

A method of generating a trusted chain code (“TCC”) message, comprising: receiving a smart contract whose execution causes a transfer of value in response to at least one of an occurrence of an event or a fulfillment of a condition, wherein the smart contract is digitally signed by a first entity private key and a second entity private key; generating a chain code comprising a hash of a chain code of the smart contract, the chain code corresponding to at least one of an occurrence of an event or a fulfillment of a condition of the smart contract; and posting the TCC message to a distributed ledger, wherein an execution of a portion of the chain code in response to at least one of the occurrence of the event or the fulfillment of the condition is validated against corresponding chain code in the chain code manifest.

Methods and apparatus to execute a workload in an edge environment are disclosed. An example apparatus includes a node scheduler to accept a task from a workload scheduler, the task including a description of a workload and tokens, a workload executor to execute the workload, the node scheduler to access a result of execution of the workload and provide the result to the workload scheduler, and a controller to access the tokens and distribute at least one of the tokens to at least one provider, the provider to provide a resource to the apparatus to execute the workload.

A Data Protection Server (DPS) configured to authenticate, encrypt and decrypt blocks of data by using dynamic tokens. Instances of a DPS may be deployed in association with a host server and with multiple client devices to protect data exchanged between them. Since each DPS instance typically requires minimal device storage and computational resources, use of a DPS may be particularly advantageous in connection with the protection of data generated by limited resources devices.

Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

A method includes receiving, in a data storage device, a request from a client computer for a portion of ciphertext stored in the data storage device, and providing, by a controller of the data storage device, the portion of the ciphertext to the client computer. The method also includes receiving, in the data storage device, an update token generated by the client computer from the portion of the ciphertext. The method further includes performing, by the controller of the data storage device, re-encryption of the ciphertext using the update token.

A method includes providing an initial communication, by an access device to a user device. The access device can receive the user identifier and the access token and receive a secret associated with the user. The access device can determine, using the user identifier and/or the access token, if the transaction is authorized by an authorizing entity computer associated with the access device or by an authorizing entity not associated with the access device. If the transaction is authorized by the authorizing entity computer associated with the access device, the access device can transmit an authorization request message comprising the user identifier, the secret, and the access token to the authorizing entity computer. The authorizing entity computer validates the secret, retrieves a real credential of the user using the user identifier, and authorizes the transaction.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, that protect analytics for resources of a publisher from traffic directed to such resources by malicious entities. An analytics server receives a first message that includes an encrypted token and analytics data for a publisher-provided resource. The token includes a portion of the analytics data and a trust score indicating a likelihood that activity on the resource is attributed to a human (rather than an automated process). The analytics server decrypts the token. The analytics server determines a trustworthiness measure for the analytics data included in the first message based on the trust score (in the decrypted token) and a comparison of the analytics data in the first message and the portion of the analytics data (in the decrypted token). Based on the measure of trustworthiness, the analytics server performs analytics operations using the analytics data.