A receiver node receives, over a communication fabric, a transaction packet that includes an identifier of a sender node and an identifier of a process at the sender node, the transaction packet sent by the process for a transaction. The receiver node performs authentication for the transaction based on the identifier of the process and the identifier of the sender node.

Embodiments are disclosed for a quantum key distribution (QKD) enabled intra-datacenter network. An example system includes a first QKD device and a second QKD device. The first QKD device includes a first quantum-enabled port and a first network port. The second QKD device includes a second quantum-enabled port and a second network port. The first quantum-enabled port of the first QKD device is communicatively coupled to the second quantum-enabled port of the second QKD device via a QKD link associated with quantum communication. Furthermore, the first network port of the first QKD device is communicatively coupled to a first network switch via a first classical link associated with classical network communication. The second network port of the second QKD device is communicatively coupled to a second network switch via a second classical link associated with classical network communication.

Various embodiments described herein are directed towards authenticating calls by using one or more keys associated with a specific user. In examples, the user is the sender of a call. In various embodiments, when a call is made, an identifying payload is encrypted using a private key associated with the user. The encrypted identifying payload is appended to the call data stream. The identifying payload may be decrypted with a public key. In embodiments, the identifying payload may be verified. In various embodiments, further authentication methods may be performed by using an object such as a contactless card to provide one or more components of the identifying payload and/or keys. In embodiments, a connection may be made between the sender and the intended recipient of a call based on the verification of the identifying payload.

Various embodiments described herein are directed towards authenticating calls by using one or more keys associated with a specific user. In examples, the user is the sender of a call. In various embodiments, when a call is made, an identifying payload is encrypted using a private key associated with the user. The encrypted identifying payload is appended to the call data stream. The identifying payload may be decrypted with a public key. In embodiments, the identifying payload may be verified. In various embodiments, further authentication methods may be performed by using an object such as a contactless card to provide one or more components of the identifying payload and/or keys. In embodiments, a connection may be made between the sender and the intended recipient of a call based on the verification of the identifying payload.

Various embodiments described herein are directed towards authenticating calls by using one or more keys associated with a specific user. In examples, the user is the sender of a call. In various embodiments, when a call is made, an identifying payload is encrypted using a private key associated with the user. The encrypted identifying payload is appended to the call data stream. The identifying payload may be decrypted with a public key. In embodiments, the identifying payload may be verified. In various embodiments, further authentication methods may be performed by using an object such as a contactless card to provide one or more components of the identifying payload and/or keys. In embodiments, a connection may be made between the sender and the intended recipient of a call based on the verification of the identifying payload.

A data communication network includes a plurality of network nodes coupled together via optical links and a network controller. Each network node includes a reflectometry analyzer that provides a characterization of physical properties of the optical links coupled to the associated network node. The characterization for each particular optical link provides a unique fingerprint of the physical properties of the particular optical link. The network controller determines a network path between a first network node and a second network node, wherein the network path traverses a first optical link, receives a first fingerprint for the first optical link from a first reflectometry analyzer, defines a signature for the path, the signature including the first fingerprint, receives a second fingerprint for the first optical link from the first reflectometry analyzer, the second fingerprint being different from the first fingerprint, and determines that the network path is not secure based upon the difference between the first fingerprint and the second fingerprint.

A data communication network includes a plurality of network nodes coupled together via optical links and a network controller. Each network node includes a reflectometry analyzer that provides a characterization of physical properties of the optical links coupled to the associated network node. The characterization for each particular optical link provides a unique fingerprint of the physical properties of the particular optical link. The network controller determines a network path between a first network node and a second network node, wherein the network path traverses a first optical link, receives a first fingerprint for the first optical link from a first reflectometry analyzer, defines a signature for the path, the signature including the first fingerprint, receives a second fingerprint for the first optical link from the first reflectometry analyzer, the second fingerprint being different from the first fingerprint, and determines that the network path is not secure based upon the difference between the first fingerprint and the second fingerprint.

Methods and systems for secure autonomic optical transport networks are disclosed, including a method of adding a network element in an optical network, comprising: verifying, with a new network element, a first identifier certificate from a proxy network element; verifying, with the proxy network element, a second identifier certificate from the new network element; using a registrar for verifying the second identifier certificate from the proxy network element and sending domain specific parameters to the proxy network element for forwarding to the new network element; generating, on the new network element, a local certificate derived from a secure module and sending it to the proxy network element for forwarding to the registrar; enrolling, with the registrar, the new network element in the autonomic domain; and signing, with the registrar, the local certificate and sending the signed local certificate to the new network element.

Various embodiments described herein are directed towards authenticating calls by using one or more keys associated with a specific user. In examples, the user is the sender of a call. In various embodiments, when a call is made, an identifying payload is encrypted using a private key associated with the user. The encrypted identifying payload is appended to the call data stream. The identifying payload may be decrypted with a public key. In embodiments, the identifying payload may be verified. In various embodiments, further authentication methods may be performed by using an object such as a contactless card to provide one or more components of the identifying payload and/or keys. In embodiments, a connection may be made between the sender and the intended recipient of a call based on the verification of the identifying payload.

Various embodiments described herein are directed towards authenticating calls by using one or more keys associated with a specific user. In examples, the user is the sender of a call. In various embodiments, when a call is made, an identifying payload is encrypted using a private key associated with the user. The encrypted identifying payload is appended to the call data stream. The identifying payload may be decrypted with a public key. In embodiments, the identifying payload may be verified. In various embodiments, further authentication methods may be performed by using an object such as a contactless card to provide one or more components of the identifying payload and/or keys. In embodiments, a connection may be made between the sender and the intended recipient of a call based on the verification of the identifying payload.