A method of communication between nodes in a telecommunications network. Each node maintains a copy of a shared digital ledger, is identified by a respective identification code and implements a software application configured to manage the transmission of data packets and maintain the shared digital ledger. The method includes: memorizing a list of identification codes, each code identifying a respective node included in a subset of nodes of the network, identifying a receiver node to transmit the data packet, generating a data packet to be delivered to a recipient node, transmitting to the first node of the minimum sequence of nodes the data packet, issuing a request to the network nodes to record the data packet transmission in the distributed ledger, and when a data packet is received, the method requires that each receiver node, other than the recipient node of the data packet, repeats at least some steps.

Examples described herein include systems and methods for performing distributed encryption across multiple devices. An example method can include a first device discovering a second device that shares a network. The device can identify data to be sent to a server and calculate a checksum for that data. The device can then split the data into multiple portions and send a portion to the second device, along with a certificate associated with the server for encrypting the data. The first device can encrypt the portion of data it retained. The first device can receive an encrypted version of the second portion of the data sent to the second device. The first device can merge these two portions and send the merged encrypted data to the server, along with the checksum value. The server can decrypt the data and confirm that it reflects the original set of data.

A network device may receive, from an application on a user device, a first network packet associated with a packet flow. The network device may identify an application identifier of the first network packet, wherein the application identifier identifies the application on the user device. The network device may select, based on the application identifier, a security protocol, wherein the security protocol is associated with at least one of an authentication header (AH) or an encryption algorithm. The network device may selectively apply, to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm, associated with the security protocol, to generate a protected network packet. The network device may transmit the protected network packet.

A network system is provided between at least a first client site and a second client site. A client site network component is implemented at least at the first client site, the client site network component aggregating one or more diverse network connections so as to configure an aggregated connection that has increased throughput. At least one network server component may be configured to connect to the client site network component using the aggregated connection. A cloud network controller may be configured to manage the data traffic and a virtual edge providing transparent lower-link encryption for the aggregated connection between the client site network component and the network server component. The network server component includes a virtual control plane interface configured to establish a unicast path between the network server component and each of a plurality of remote network server components.

Automated processes, computing systems, computing devices and other aspects of a data processing system provide improved reliability in delivering digital media content over the Internet or a similar wide area network without sacrificing data security. Content is initially placed into a secure format (e.g., secure hypertext transport protocol (HTTPS) via transport control protocol (TCP) or the like). Prior to transmission on the network, the secure data packets are encapsulated within connectionless frames, such as user datagram protocol (UDP) frames. The client device that receives the encapsulated packets extracts the underlying secure content from the connectionless frames for further processing. The encapsulation into connectionless data frames permits client and server devices to establish effective streaming sessions while preserving the security of the underlying data.

An apparatus and a method capable of effectively providing services in a mobile communication system, and a data processing method of a data reception apparatus are provided. The apparatus and method includes obtaining, by a first lower packet data convergence protocol (PDCP) layer and a second lower PDCP layer, a plurality of PDCP packet data units (PDUs) based on data received from a first base station (BS) and a second BS, parallel deciphering, by the first and second lower PDCP layers, the plurality of PDCP PDUs, transmitting, from the first and second lower PDCP layers to an upper PDCP layer, the plurality of deciphered PDCP PDUs, and reordering, by the upper PDCP layer, the plurality of deciphered PDCP PDUs.

Technologies for bi-directional encryption and decryption for underlay and overlay operations are described. One network device includes multiple ports, a network processing element, a programmable path-selection circuit, and a security IC. The programmable path-selection circuit is configured to operate in a first mode in which first outgoing packets are routed to the security integrated circuit to be encrypted before sending on one of the ports, and first incoming packets, received on one of the ports, are routed to the security integrated circuit to be decrypted. The programmable path-selection circuit is configured to operate in a second mode in which second incoming packets are routed to the security integrated circuit to be encrypted before processing by the network processing element and route second outgoing packets to the security integrated circuit to be decrypted after processing by the network processing element.

The disclosure is directed to a method and system including a first node that stores a first multipoint mesh VPN database including a plurality of underlay addresses in an underlay network for a plurality of nodes, respectively, and a plurality of VPN addresses in a multipoint mesh VPN for the plurality of nodes, respectively. The first node also receives a second multipoint mesh VPN database from a second node, the second multipoint mesh VPN database including underlay and VPN addresses for the third node. The first node further receives a third multipoint mesh VPN database from the third node, the third multipoint mesh VPN database including underlay and VPN addresses for the second node. The first node additionally compares the databases to determine if underlay addresses and VPN addresses are missing from the first multipoint mesh VPN database.

Various example embodiments for supporting security in a communication system are presented. Various example embodiments for supporting security in a communication system may be configured to support stateful security redundancy in the communication system. Various example embodiments for supporting stateful security redundancy in a communication system may be configured to support stateful security redundancy for a set of client devices based on a set of security nodes arranged in a security redundancy architecture. Various example embodiments for supporting stateful security redundancy for a set of client devices based on a set of security nodes arranged in a security redundancy architecture may be configured to support stateful security redundancy for a client device based on a security redundancy domain including an active security node and one or more standby security nodes.

Methods and systems for securing data using random bits and encoded key data. A plurality of true random number generator (TRNG) disks and a plurality of key data sets are provided. A key data set from the plurality of key data sets is associated with each of the plurality of TRNG disks, respectively. The key data set comprises at least a block of random bits of an associated TRNG disk. An encoded key data set is formed by encoding at least two of the key data sets together. The source data can be encrypted with the encoded key data set to produce a quantity of encrypted data. The encrypted data can be decrypted with the encoded key data set or the at least two of the key data sets retrieved from the associated TRNG disks.