Method and system for training a neural network. The neural network is split into first and second portions. A k-layer first portion is sent to a client training/inference engine and the second portion is retained by a server training/inference engine. At the splitting point, the kth layer is a one-way function in output computation has a number of nodes that are less than any other layer of the first portion. The client training/inference engine trains the first portion with input data in a set of training data. The server training/inference engine receives a batch of outputs from the client training and applies them to the second portion to train the entire neural network.

A method and an apparatus for controlling a data access right are disclosed. The method includes: receiving, by a first proxy node, a first request message from a request node, where the first request message includes an identity of the request node and an identifier of to-be-accessed data; determining a first encrypted ciphertext on a blockchain based on the identifier; determining, based on the identity, whether the request node has a right to read the first encrypted ciphertext; and if yes, initiating a right verification request for the request node to at least one second proxy node, and determining, based on a feedback result of the at least one second proxy node, provisioning of the first encrypted ciphertext. A proxy node is added to the blockchain network, so that a data source can freely grant or revoke the right of the request node without modifying a ciphertext, ensuring information security.

Disclosed is a zero-knowledge distributed application configured to securely share information among groups of users having various roles, such as doctors and patients. Confidential information may be encrypted client-side, with private keys that reside solely client side. Encrypted collections of data may be uploaded to, and hosted by, a server that does not have access to keys suitable to decrypt the data. Other users may retrieve encrypted data from the server and decrypt some or all of the data with keys suitable to gain access to at least part of the encrypted data. The system includes a key hierarchy with multiple entry points to a top layer by which access is selectively granted to various users and keys may be recovered.

The method, system and a computer program and a computer product for managing workers and documents is provided. The method includes storing industry representations and a list of workers with data related to the workers, linking the industry representations to the workers and selecting at least one worker from based on the industry representations for that worker. The method also includes scheduling workers to a job based on whether they have all of the required industry representations. In addition, the method includes uploading industry representations and bar code scanning industry representations into the database. The method further includes dispatching said industry representations to other users and automatically mapping fields of the dispatched data in the destination database. In addition, the method includes selectively encrypting only sensitive fields in data transmission between two entities.

The present disclosure involves systems, software, and computer implemented methods for user-controlled access control for user information. One example method includes sending an authentication request to authenticate as a requesting entity to a first decentralized resource directory of a providing entity. An authentication challenge is received, via the connection, from the providing entity, and in response to the authentication request, to store an authentication challenge value for an authentication challenge key in a second decentralized resource directory of the requesting entity. The authentication challenge value for the authentication challenge key is stored in the second decentralized resource directory. An authentication challenge response is sent to the providing entity requesting the providing entity to verify the authentication challenge. An indication is received from the providing entity indicating that the requesting entity is authenticated to the first decentralized resource directory as the requesting entity.

One disclosed example method includes obtaining a meeting cryptographic key; transmitting, from a client device to a video conference provider, a request to initiate an encrypted video conference, the encrypted video conference including a plurality of participants; distributing the meeting cryptographic key to each participant of the plurality of participants; obtaining a public cryptographic key of a key pair, the key pair including the public cryptographic key and a private cryptographic key; encrypting the meeting cryptographic key using the public cryptographic key; transmitting, from the client device to the video conference provider, a request to record the video conference; encrypting audio and video from a microphone and image sensor of the client device using the meeting cryptographic key; transmitting the encrypted audio and video to the video conference provider; and providing the encrypted meeting cryptographic key to the video conference provider.

In one embodiment, a method comprises: establishing, by a first executable resource in a network device having joined a secure peer-to-peer data network, a registry providing a mapping between one or more network entities associated with a tag object by an identified user entity, each network entity represented by a federation identifier of a user entity or a corresponding data object; receiving a search request for one or more identified network entities having been tagged with the tag object, and in response generating a search result based on identifying the network entities having been mapped relative to tag object, the search result identifying one or more of an identified federation identifier or an identified unique identifier for the identified network entities; and providing the search result by the first executable resource, the search result causing an endpoint device to attract the identified network entities for presentation by the endpoint device.

A system is described for authenticating a user on a client device using the user's mobile device and utilizing the audio channel. An authentication server receives a request from the client to initiate a session for the user, creates the session, and sends a session token back to the client along with a request for authentication. The client broadcasts an audio transmission containing the token to the mobile device over an audio channel using data-over-sound transmission. The mobile device receives the transmission via a microphone, obtains the token and the server identity from the transmission, and sends user credentials that are stored on the mobile device along with the token identifying the session directly to the authentication server. The server verifies the received credentials, confirms the token, and logs the user into the session.

Systems and methods for PKI certificate and key allocations to wireless base station radio units are provided. In one embodiment, a system for obtaining PKI credentials for a remote unit for a wireless base station, the system comprises: a remote unit, the remote unit configured to implement a radio frequency (RF) interface; a gateway coupled to the remote unit, the gateway communicatively coupled to an online provision service (OPS) certificate authority (CA); wherein the gateway is configured to generate an AuthToken unique to the remote unit, wherein the remote unit is configured to request a RU digital certificate and private key from an OPS CA based on the AuthToken.

A mechanism for building decentralized computer applications that execute on a distributed computing system. The present technology works within a web browser, client application, or other software and provides access to decentralized computer applications through the browser. The present technology is non-custodial, wherein a public-private key pair, which represents user identity, is created on a client machine and then directly encrypted by a third-party platform without relying on one centralized computing system.