A method includes generating an encoded and secured message comprising at least two parts, and transmitting the at least two parts of the encoded and secured message over at least two beam pair links (BPLs) associated with the first device and the second device, each part of the at least two parts being transmitted over a single BPL.

In one aspect the present invention disclose system for recording and handling media for use as evidence in legal proceeding. In one other aspect the present invention discloses a device for recording media for use as evidence in legal proceedings. In another aspect the present disclosure provides a server also referred to herein as an evidence vault or vault for handling media from a media recording device for use as evidence in legal proceedings. The all three aspects the invention benefit from a double layer symmetrical and asymmetrical encryption method to protect the media recordings of the device, the server and the system as a whole as well as the transmission of media between different components.

A satellite communication system that combines the benefits of Medium Earth Orbit (MEO) and Low Earth Orbit (LEO) satellite systems into an MEO-LEO satellite system. The MEO-LEO system includes an LEO constellation combined with a MEO constellation where the LEO constellation may provide global coverage with broad average capacity and may support ‘hot spot’ coverage where desired. The MEO constellation may provide unique advantages including backhaul to ground in remote areas, higher traffic density for key locations, and a secure global backhaul for key customers. Data may be routed over optical inter-satellite links using Software Defined Networking concepts to provide MEO-LEO (backhaul and ground access), LEO-LEO (upstream & downstream); and (3) MEO-MEO (crosslinks & downlinks). Further, implementations described herein include secure user terminal (UT) to UT IP routing in the constellation for direct UT to UT communication.

In one embodiment, a method comprises: first determining, by a secure executable container executed by a network device, whether an input string entered by a user of the network device starts with a valid user access password for access via the secure executable container to one or more secure services; second determining, by the secure executable container, whether the input string further includes a prescribed delimiter contiguously following the valid user access password; third determining, by the secure executable container, whether the user has input a valid command password contiguously following the prescribed delimiter; and selectively executing, by the secure executable container, a prescribed command associated with the valid command password based on determining the user has input the valid command password contiguously following the prescribed delimiter.

Disclosed are some implementations of systems, apparatus, methods and computer program products for tracking inbound email messages in association with database records. A first electronic mail message received via a network from a first client device is processed, where the first electronic mail message has a header including a message identifier. The message identifier is obtained from the header and parsed such that an encrypted portion and one or more unencrypted portions are obtained, where a first unencrypted portion of the unencrypted portions includes an entity identifier associated with a first database record of a database. A secret key associated with the first electronic mail message is obtained and the first electronic mail message is authenticated using the secret key, the encrypted portion of the message identifier, and at least one unencrypted portion of the unencrypted portions of the message identifier. The first electronic mail message is stored in association with the first database record according to a result of authenticating the first electronic mail message.

Described are techniques including a computer-implemented method of aggregating a number of authentication failures from a plurality of connection attempts for an application or a service that services a plurality of clients, where respective authentication failures are detected by evaluating encrypted packets of the plurality of connection attempts. The method further comprises determining that the number of authentication failures is greater than a upper bound number of authentication failures, where the upper bound number of authentication failures is determined by an anomalous function using the plurality of connection attempts as input, where the anomalous function is defined, at least in part, by a Chebyshev's bound and a Chernoff bound. The method further comprises generating an alert indicating a potential credential attack against the application or the service.

Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key K.sub.FB or trusted asymmetric fallback public key PK.sub.FB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCI.sub.FB for communication of messages with the unauthenticated network entity.

Disclosed is an electronic apparatus. The electronic apparatus includes: a non-volatile memory having no internal controller; and a controller configured to: control the non-volatile memory, and transmit, to the non-volatile memory, first data and a generated first message authentication code (MAC). Accordingly, it is possible to efficiently defend against a replay attack in a non-volatile memory having no internal controller.

According to one embodiment, a host communicates with a data processing (DP) accelerator using an obfuscation scheme. The DP accelerator receives an obfuscation kernel algorithm (or obfuscation algorithm), where the obfuscation kernel algorithm is used to obfuscate and de-obfuscate data in communication with a host. The DP accelerator de-obfuscates, using the obfuscation kernel algorithm, obfuscated data received from the host for a prediction request to obtain one or more AI models. The DP accelerator generates prediction results by applying the one or more AI models to a prediction input. The DP accelerator obfuscates, using the obfuscation kernel algorithm, the prediction results. The DP accelerator sends the obfuscated prediction results to the host, where the host retrieves the prediction results by de-obfuscating the obfuscated prediction results.

Aspects of the subject technology provide for shared experience sessions within a group communications session such as a video call. The shared experience session may be, as one example, a co-watching session in which the participants in the call watch a video together while in the call. Encrypted shared state data may be exchanged between the participant devices, with which the participant devices can provide synchronized and coordinated output of shared experience data for the shared experience session of the group communications session.