An apparatus and system for remote attestation of a power delivery network is disclosed. Embodiments of the disclosure enable remote attestation of the power delivery network by storing a trusted golden reference waveform in secure memory. The trusted golden reference waveform characterizes a power delivery network in response to a load generated on the power delivery network. A remote cloud server generates a server-generated remote attestation of the power delivery network by receiving an attestation packet from the power delivery network and verifying whether the attestation packet is consistent with an expected power delivery network identity.

A trust management system is provided for a network communication ecosystem having a plurality of participating entities. The trust management system includes a trust specification engine configured to define and manage trust relationships between a first entity and a second entity of the plurality of participating entities, a trust analysis engine configured to process the results of a trust query from the first entity to the second entity, a trust evaluation engine configured to evaluate the trust relationships managed by the trust specification engine, and a trust monitor configured to (i) monitor one or more trust triggers occurring relevant to at least one of the first and second entities, and (2) update a trust relationship between the first and second entities based on one or more monitored trust triggers.

A blockchain network control system and method is disclosed. The system includes a processor coupled to a storage comprising a plurality of network entity definitions each defining a different network entity that make up a target network architecture for a permissioned blockchain network. The system also includes a control object communicatively coupled to an ordering service and a plurality of organizations. The plurality of organizations was established by the blockchain network control system by instantiating the organizational membership service provider, registering and enrolling each peer node within each organization, storing the cryptographic identity generated for the peer node, and then instantiating the plurality of peer nodes. The ordering service was established by the blockchain network control system by instantiating the ordering membership service provider, registering and enrolling each orderer node belonging to the ordering service, storing the cryptographic identity generated for the orderer node, and then instantiating the orderer nodes.

A network interface controller includes processing circuitry configured to pair with a local root of trust of a host device connected to the network interface controller and provide a key to an encryption device of the host device that enables the encryption device to encrypt data of one or more host device applications using the key. The encrypted data are stored in host device memory. The processing circuitry is configured to share the key with a remote endpoint and forward the encrypted data from the host device memory to the remote endpoint.

A network interface controller includes processing circuitry configured to pair with a local root of trust of a host device connected to the network interface controller and provide a key to an encryption device of the host device that enables the encryption device to encrypt data of one or more host device applications using the key. The encrypted data are stored in host device memory. The processing circuitry is configured to share the key with a remote endpoint and forward the encrypted data from the host device memory to the remote endpoint.

Methods and systems for establishing a chain of relationships are disclosed. An identity verification platform receives a first request for registration comprising an identification of a first user, identification of an entity, and a relationship between the first user and the entity; verifies the identity of the first user and the relationship between the first user and the entity; and verifies that the entity is legitimate. Once a relationship between a first individual, invited by the first user, and the entity is confirmed, the platform creates a custom badge representing the relationship between the first individual and the entity for display on the entity's website. The platform receives an identification of a selection by an end user of the custom badge and, responsive to receiving the identification of the selection, renders, on a domain controlled by the identity verification platform, a verification that the relationship between the first individual and the entity is valid.

A device for wireless terminal authentication may include at least one processor configured to receive, from a wireless terminal device, a request for user information, the request comprising a certificate corresponding to the wireless terminal device. The at least one processor may be further configured to verify the certificate based at least in part on a public key stored on the electronic device. The at least one processor may be further configured to, when the certificate is verified, determine whether the certificate indicates that the wireless terminal device is authorized to receive the requested user information. The at least one processor may be further configured to transmit, to the wireless terminal device, the requested user information when the certificate indicates that the wireless terminal device is authorized to receive the requested user information.

Described herein is a method and network-security monitoring platform, also identified as Security Network Monitoring Platform (SNMP), for detecting anomalies in SSL and/or TLS communications set up in a communications network. The SNMP analyses data packets (DP) for detecting anomalous SSL and/or TLS handshake procedures in a monitoring interval, wherein each SSL and/or TLS handshake procedure comprises a first message sent by a respective client to a respective server for starting the respective SSL or TLS communication, and a corresponding second message sent by the respective server to the respective client. Next, the SNMP determines for each handshake procedure a first signature as a function of the data sent with the first message and a second signature as a function of the data of one or more certificates of the chain of certificates (CERT) sent with the second message. The SNMP then analyses the first and the second signatures to determine the respective popularity values. Moreover, the SNMP analyses each chain of certificates (CERT) to extract the information that indicates the fact that at least one of the certificates (CERT) of the chain is self-signed, and/or at least one of the certificates (CERT) has expired.

During a training step, the SNMP trains a classifier using the popularity values and the information extracted from the certificates (CERT), so that the classifier supplies as output a value that indicates whether a given handshake procedure corresponds to a usual or to an anomalous handshake procedure. Consequently, during operation in steady-state conditions, the SNMP can use the classifier to supply, for each handshake procedure, a respective value that indicates whether the respective handshake procedure corresponds to a usual handshake procedure or to an anomalous handshake procedure and, in the case where at least one handshake procedure has been classified as anomalous, generate a notification that indicates the fact that the respective SSL or TLS communication presents an anomaly.

A system and method includes mobile device, a SIM associated with mobile device, an MNO computer, a computer associated with an owner of the mobile device, a first set of keys stored in the SIM for securely communicating with the MNO computer, and a second set of keys for securely communicating with the computer associated with the owner of the mobile device, to exchange application information. The SIM can be configured to determine when updated information related to the second set of keys is required, securely send a request to the MNO computer for updated information related to the second set of keys using the first set of keys, and responsively receive the updated information related to the second set of keys from the MNO computer, the updated information being provisioned by the computer associated with the owner of the mobile device. The mobile device is configured to utilize the updated information related to the second set of keys to establish data communication between an application running on the mobile device and the computer associated with the owner of the mobile device.

A system, includes a device and a payload warehouse. The device receives a user request to initiate a feature of the device. In response to receiving the request, device information is provided to a payload warehouse. The payload warehouse stores an inventory which includes a digital payload. The digital payload includes data, such as a digital certificate, which may be used by the device to implement the user-requested feature. The payload warehouse receives the device information provided by the device and determines an encryption vector based at least in part on the received device information. Using the encryption vector, the digital payload is encrypted. The encrypted digital payload is provided to the device.