Computer implemented biometric methods and systems incorporate sensing biophysical phenomena, translating the phenomena into digital data and transmitting the data to a series of servers operating in an open feedback loop to generate a module. A biometric networking system can include a biometric monitoring cloud computing platform with AI/machine learning augmented models are generated to make user assessments, programs and confidence scores to the healthcare provider systems. The AI/machine learning models can be used by the biometric monitoring network to generate health-related AI processes that analyze relationships treatment techniques and outcomes. AI techniques can be used to calculate movement modeling and confidence scoring including support vector machines, neural networks, and decision trees. The biophysical phenomena may include biometric parameters based on data, such as medical history, exertion, sleep, temperature, cardiovascular events, respiratory events, and muscle and blood pH.

A system and method for geolocation-aware, cyber-enabled infrastructure inventory and asset management with state prediction capability. The system tracks tangible and intangible assets, including states associated with each asset such as the location, condition, and value of each asset. Physical assets may be cyber-enabled by attaching wireless computing devices to some or all of the physical assets to provide data about the physical assets using sensors of the computing devices, including but not limited to, such data as location, conditions of storage, and hours of operation or use. Data for each item is stored in a multi-dimensional time series database, which keeps a historical record of the states of each item. Unknown or future states can be predicted by applying predictive models to the time series data. Parametric evaluations of current and predicted future states can be used to optimize the assets against an objective.

A secure programming system and method for provisioning and programming a target payload into a programmable device mounted in a programmer. The programmable device can be authenticated before programming to verify the device is a valid device produced by a silicon vendor. The authentication process can include a challenge-response validation. The target payload can be programmed into the programmable device and linked with an authorized manufacturer. The programmable device can be verified after programming the target payload by verifying the silicon vendor and the authorized manufacturer. The secure programming system can provision different content into different programmable devices simultaneously to create multiple final device types in a single pass.

A method and system for group-oriented encryption and decryption that supports the implementation of the designation and revocation functions of decryption users in a large-scale group. During the encryption, the system acquires a corresponding aggregate function according to an encryption mode; acquires any selected subset S and public parameters, and outputs an aggregate value of the subset S; generates a ciphertext of to-be-transmitted information according to the public parameters, a to-be-transmitted message and the aggregate value; acquires the encryption mode and the subset S comprised in the received ciphertext, operates the subset S and an identity of a current decryptor according to the encryption mode, and outputs a new subset S′; acquires an aggregate function corresponding to the encryption mode during the decryption; outputs an aggregate value of the new subset S′; and decrypts the received ciphertext according to the public parameters and the aggregate value, so as to obtain the to-be-transmitted information.

In one implementation, a system for a session key repository includes a monitor engine to monitor communication between a first computing device and a second computing device that is encrypted with a private key, an identification engine to determine a number of session keys and session IDs that correspond to the encrypted communication, a rules engine to determine a number of rules for storing and sharing the number of corresponding session keys and session IDs, a repository engine to send a portion of the number of session keys and session IDs to a network tool based on the number of rules and identification of the network tool.

Virtual smart card system includes a virtual smart card server (VSS) which controls access to content respectively associated with a plurality of virtual smart cards. A remote client computer system includes a system level agent which establishes the client computer machine to the VSS as a trusted computer system. A user level agent at the client computer system responds to a request for a virtual smart card operation by causing the client computer system to obtain user authentication information, negotiate with the system level agent to obtain a cookie, and initiate a request to the VSS for the virtual smart card operation. The VSS will perform the virtual smart card operation provided that a security policy is satisfied and will communicate the results to the user level agent.

It is provided an information sharing system, comprising a server, and an in-vehicle system. The server includes: a first storage part; a first key generation part configured to generate a first private key and a first public key, if keys can be exchanged with the in-vehicle system; and a signature generation part configured to generate a signature value of the first public key using a server private key. The in-vehicle system includes: a second storage part configured to store a public key certificate including a server public key; a signature verification part configured to verify the first public key and a signature value received from the server, using a public key certificate; and a second key generation part configured to generate a second private key and a second public key, if a combination of the first public key and the signature value is correct as a result of the verification.

The techniques and systems described herein are directed to providing targeted, secure software deployment in a computing system. An identity of the computing device can be determined and verified using a trusted platform module (TPM) of the computing device, and a software update can be expressly configured to operate solely on the computing device. Further, a configuration of the computing device can be ascertained using platform configuration registers (PCRs) of the TPM to determine that the computing device has not been modified from a trusted configuration. For example, if malware or unauthorized software is operating on the computing device, the software update may be prevented from being installed. Further, the software update can be targeted for a particular computing device, such that when the software update is received at the computing device, the software update may not be duplicated and provided to an additional, unauthorized device.

A method for users of devices including mobile phones and computers to engage in encrypted communications with other devices using asymmetrical key exchange technology, involving the user of a device first creating a password and then at a later time re-entering that password on the device, with the result that when the password is re-entered the device is able to decrypt a set of software components that are required for a fresh session of encrypted communications.

Methods, systems, storage media for authentication are described. On the methods includes receiving, at a smart contract on a distributed ledger, a signed authentication challenge. The method includes verifying the identity of the user who signed authentication challenge. The method includes raising an event that indicates that the user has been authenticated; wherein a server listens for events from the smart contract, and associates a session between the browser and the server with the user based on the event.