A data provider encrypts source data to obtain a ciphertext of the source data, and uploads the ciphertext of the source data to a data storage platform for storage. Subsequently, in response to a data application request of a data consumer, the data provider encrypts a storage address of the ciphertext of the source data by using a public key of the data consumer, and uploads the encrypted storage address to a blockchain network. The data consumer obtains the ciphertext of the source data from the data storage platform. In the process, a blockchain decentralization capability is used to implement secure and trusted data exchange by using a smart contract that is public and commonly visible to a plurality of parties.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for transmitting/processing requests to control information stored at multiple content platforms/servers. In one aspect, a client device can send a request to verify the device's trustworthiness to a device trustworthiness server. The client device can receive, from the device trustworthiness server, data indicating that the client device is trustworthy, in response to which, the client device can send, to a relay server, a request to control user data stored at a plurality of servers. The client device can receive, via the relay server, a response from each of the plurality of servers. Based on the responses, the client device can determine that at least a subset of the plurality of servers that included the user data has performed the action specified in the request to control the user data.

Systems and methods for authentication may include an authentication server. The authentication server may include a processor and a memory. The processor may be configured to transmit an authentication request. The processor may be configured to receive a first response that is responsive to the authentication request, the first response comprising a first cryptogram. The processor may be configured to generate a first challenge based on the first response. The processor may be configured to encrypt the first challenge with a symmetric key. The processor may be configured to transmit the first challenge receive a second response that is responsive to the first challenge, the second response comprising a second cryptogram. The processor may be configured to authenticate the second response.

The present disclosure describes method and system for generating and distributing a web form for securely collecting data. The system provides an interactive and visualized tool to add, edit, distribute web form and collect and analyze one or more response to the web form. Users of the system may edit the forms in a way that what you see is what you get. The system also automatically generates the data structure that can be easily transferred to and stored in the database, which only require minimal input from the user in terms of the data structure. The stored web form and the received responses are encrypted so as to be only available to the user. In some aspects, the system manages all the projects and workflow and allows for real time monitoring of this process through dashboard.

An authentication method and system for mutual authentication between a first entity and a third entity via a second entity, based on an authentication protocol used by the first entity and the third entity. The second entity forwards mutual authentication messages between the first entity and the third entity. An apparatus is configured to perform an authentication method for a mutual authentication between a first entity and a third entity via a second entity, based on an authentication protocol used by the first entity and the third entity, the second entity forwards mutual authentication messages between the first entity and the third entity.

Method, device and computer program product for managing a plurality of encryption keys using a keystore seed that defines a seed bit set. A key management process defines a key mapping between the seed bit set and the plurality of encryption keys. The key management process enables each encryption key to be generated from the seed bit set using a corresponding keying material value and the key mapping. The key mapping specifies that an encryption key is generated by partitioning the seed bit set into a plurality of seed bit partitions, determining a keying value from the keying material value, determining a key sequence using the plurality of seed bit partitions and the keying value, and determining the encryption key from the key sequence. Management of a large number of encryption keys can be simplified through indirect management via the keystore seed and the key management process.

Per CFR 1.121, Applicant hereby amends the abstract of the application by substitute abstract, by submitting: (i) instruction for the cancellation of the previous version of the abstract; and (ii) a substitute abstract in compliance with 37 CFR § 1.121(b)(2)(ii). RE i)

Please cancel the previous version of the abstract. RE ii)

A clean version of the substitute Abstract is set forth on the following page. No new matter has been added.

A blockchain anonymizing system and method is provided for side-channel-secure blockchain anonymity using the Invisible Internet Project (I2P). Instead of merely preventing the revelation of a user's IP address, embodiments are directed to inhibiting any correlation of the user's transactions over time.

A communication system and a communication method for reporting a compromised state in one-way transmission are provided. The communication method includes: receiving a packet by a first port; coupling an error checking circuit to the first port, wherein the error checking circuit checks a header of the packet; coupling a first unidirectional coupler to the first port and the error checking circuit, and coupling a second unidirectional coupler to the first port and the error checking circuit; in response to an error being in the header, disabling the first unidirectional coupler and the data inspection circuit and enabling the second unidirectional coupler by the error checking circuit; receiving the packet from the communication device by a receiving server; and in response to determining the received packet is incomplete by the receiving server, outputting the compromised state by the receiving server.

In one embodiment, a method comprises: generating and maintaining, by a replicator device in a secure peer-to-peer data network, a secure private key and secure public key; establishing a two-way trusted relationship with a second replicator device for a pairwise topology of two-way trusted replicator devices; establishing a two-way trusted relationship with a first endpoint device based on validating a secure attachment request using the secure private key, and obtaining a second secure public key of the first endpoint device; validating, using the second secure public key, a secure data packet from the first endpoint device and destined for the second endpoint device, and obtaining information for reaching the second endpoint device via the second replicator device; and securely signing the secure data packet, received from the first endpoint device and destined for the second endpoint device, into a secure forwarded packet for secure transmission to the second replicator device.