Your search keyword '"Access Control"' showing total 19,412 results

1. Age Verification Systems Will Be a Personal Identifiable Information Nightmare.

Author

Scheffler, Sarah

Subjects

*AGE verification systems, *ELECTRONIC authentication, *ACCESS control, *INTERNET privacy, *INTERNET privacy laws, *PERSONALLY identifiable information, *RIGHT of privacy, *INTERNET & children

Abstract

The article focuses on how online age verification systems will be a problem for internet privacy. The author discusses new laws that attempt to improve online child safety with an age verification system, the lawsuits that have challenged these laws in Arkansas, Texas, California, Louisiana, and Utah, and how the laws go beyond checking ID, but collecting personally identifiable information (PII).

Published

2024

2. Guide to Attribute Based Access Control (ABAC) definition and considerations

Author

Hu, V. C.

Subjects

Access control, Access control mechanism, Access control model, Access control policy, Attribute based access control (ABAC), Authorization, Privilege

Abstract

Abstract: This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This document also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.

Published

2014

3. A secure VM live migration technique in a cloud computing environment using blowfish and blockchain technology.

Author

Gupta, Ambika, Namasudra, Suyel, and Kumar, Prabhat

Subjects

*VIRTUAL machine systems, *DATA privacy, *ACCESS control, *QUALITY of service, *COMMUNICATION infrastructure

Abstract

Data centres have become the backbone of infrastructure for delivering cloud services. In the emerging cloud computing paradigm, virtual machine (VM) live migration involves moving a running VM across hosts without visible interruption to the client. Security vulnerabilities, resource optimization, and maintaining the quality of service are key issues in live VM migration. Maintaining security in VM live migration is one of the critical concerns. To create a secure environment, this paper proposes a live migration technique using the blowfish cryptographic algorithm for encryption and decryption, along with blockchain technology, to address challenges such as decentralization, data privacy, and VM security. The algorithms, namely key management blowfish encryption (KMBE), access control searchable encryption (ACSE), protected searchable destination server (PSDS), and key expansion blowfish decryption (KEBD), improve security in VM live migration in terms of various parameters such as data centre request servicing time, response time, and data transfer cost. The proposed technique KMBE improves migration cost ($) by 60–70%, ACSE reduces overall energy consumption (w) by 70–80%, PSDS reduces makespan (ms) by 40–50%, and KEBD improves the security in live VM migration by 30–40%. [ABSTRACT FROM AUTHOR]

Published

2024

4. Examining nurses' awareness level and compliance between defined and required access levels to core functionalities of hospital information system : an observational and survey study.

Author

Salmanizadeh, Farzad, Ameri, Arefeh, Khajouei, Reza, and Ahmadian, Leila

Subjects

*INFORMATION technology, *ACCESS control, *HOSPITALS, *HOSPITAL administrators, *INFORMATION storage & retrieval systems

Abstract

Background: Nurses constitute the largest number of hospital information system (HIS) users. Therefore, their awareness level and access to HIS functions based on their needs are particularly important. The present study aims to determine nurses' access levels to HIS functions and examine the compliance between defined and required access levels to core functionalities of a comprehensive HIS. Methods: This observational and survey study was conducted on nurses using the census method (n = 110) in two phases. In the first phase, nurses' current access levels to core functionalities of the hospitalization management subsystem were identified in HIS. In the second phase, nurses' awareness of defined access levels to HIS functions and compliance with their needs were investigated using a valid and reliable questionnaire (α = 0.90). The data were analyzed by descriptive and analytical statistics (t-test and one-way ANOVA). Results: The hospitalization management subsystem had 57 functions in 6 task groups. The information technology (IT) department enabled nurses to access 35 functions but did not allow them to access 22. 58.0% of the nurses were aware of those 35 functions they had access to, and 35.9% were aware of those 22 functions they needed access to. There was a significant correlation between nurses' awareness of current and defined access levels (p < 0.0001), so the mean defined access levels were 23.42, greater than the mean level of nurses' awareness of their current access to core functionalities. Conclusion: Users' lack of awareness and access to HIS functions more or less than required could reduce user satisfaction, acceptance, and efficiency of optimal use of these systems. Therefore, hospital administrators and policymakers should determine users' access levels based on their needs in accordance with the actual workflow and periodic evaluations. The method used in our study could help policymakers, managers, and staff at the hospital IT department accurately identify users' needs for HIS functions. [ABSTRACT FROM AUTHOR]

Published

2024

5. Blockchain‐IoT: A revolutionary model for secure data storage and fine‐grained access control in internet of things.

Author

Ullah, Zia, Husnain, Ghassan, Mohmand, Muhammad Ismail, Qadir, Mansoor, Alzahrani, Khalid J., Ghadi, Yazeed Yasin, and Alkahtani, Hend Khalid

Abstract

With the rapid expansion of the Internet of Things (IoT), cloud storage has emerged as one of the cornerstones of data management, facilitating ubiquitous access and seamless sharing of information. However, with the involvement of a third party, traditional cloud‐based storage systems are plagued by security and availability concerns, stemming from centralized control and management architectures. A novel blockchain‐IoT model that leverages blockchain technology and decentralized storage mechanisms to address these challenges is presented. The model combines the Ethereum blockchain, interplanetary file system, and attribute‐based encryption to ensure secure and resilient storage and sharing of IoT data. Through an in‐depth exploration of the system architecture and underlying mechanisms, it is demonstrated how the framework decouples storage functionality from resource‐constrained IoT devices, mitigating security risks associated with on‐device storage. In addition, data owners and users can easily exchange data with one another through the use of Ethereum smart contracts, fostering a collaborative environment and providing incentives for data sharing. Moreover, an incentive mechanism powered by the FileCoin cryptocurrency is introduced, which motivates and ensures data sharing transparency and integrity between stakeholders. Furthermore, in the proposed blockchain‐IoT model, the proof‐of‐authority system consensus algorithm has been replaced by a delegated proof‐of‐capacity system, which reduces transaction costs and energy consumption. Using the Rinkby Ethereum official testing network, the proposed model has been demonstrated to be feasible and economical, emphasizing its potential to redefine IoT data management. [ABSTRACT FROM AUTHOR]

Published

2024

6. Rethinking Regulation beyond the Normative Threshold: Mechanisms of Control and Access to the Central Market of Kinshasa.

Author

Mesa, Héritier

Subjects

EQUALITY, ACCESS control, STATE regulation, ECONOMIC activity, MULTIPLICITY (Mathematics)

Abstract

Copyright of Africa Spectrum is the property of Sage Publications Inc. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

7. ESPRESSO: A Framework to Empower Search on the Decentralized Web: ESPRESSO: A Framework to Empower...: M. Ragab et al.

Author

Ragab, Mohamed, Savateev, Yury, Oliver, Helen, Tiropanis, Thanassis, Poulovassilis, Alexandra, Chapman, Adriane, and Roussos, George

Abstract

The increasing centralization of the Web raises serious concerns regarding privacy, security, and user autonomy. In response, there has been a renewed interest in the development of secure personal information management systems and a movement towards decentralization. Decentralized personal online data stores (pods) represent a revolutionary example within this movement, built on the W3C's existing guidelines – an approach exemplified by initiatives such as Solid (https://solidproject.org). In the Solid paradigm, individuals store their personal data in pods and have absolute discretion when choosing to grant access to different users and applications. A barrier to the adoption of the pod approach is the predominant reliance on centralized indexes for search functionality in current Web and Web-based systems. This paper introduces the ESPRESSO framework, which is designed to facilitate this new paradigm of large-scale searches within personal data stores while respecting the individual pod owners' data access governance. The current ESPRESSO prototype integrates access control within pod indexes to enhance distributed keyword-based search. ESPRESSO's unique contribution not only enhances search capabilities on the decentralized Web but also paves the way for future explorations in decentralized search technologies. [ABSTRACT FROM AUTHOR]

Published

2024

8. Enhancing Security in Smart Renewable Energy Grids Through Proxy Signcryption Approach.

Author

Patil, Rachana Y., Patil, Yogesh H., Louzazni, Mohamed, Patil, Rajkumar Bhimgonda, Al-Dahidi, Sameer, and Sana Ullah, Jan

Subjects

INTERNET protocols, INTERNET security, RENEWABLE energy sources, ALGORITHMS, CONFIDENTIAL communications

Abstract

The rapid development of smart renewable energy grids (SREGs) has resulted in a vast amount of data that requires efficient access control and secure mechanisms for sharing energy records among stakeholders. This paper proposes a novel approach called the identity‐based proxy signcryption‐based scheme for SREGs (ID‐PSC‐SREGs), which ensures the secure sharing of energy records in SREGs. The ID‐PSC‐SREG scheme integrates the benefits of signature and encryption techniques, merging them into a unified algorithm and providing a comprehensive solution for the confidentiality and authenticity of energy records. Extensive security analysis demonstrates that the scheme achieves provable security against adaptive chosen ciphertext attacks (IND‐ID‐PSC‐SREG‐CCA2) and existential unforgeability against adaptive chosen message attacks (EUF‐ID‐PSC‐SREG‐CMAs) under the decisional Diffie–Hellman problem. In order to further ascertain the security of the ID‐PSC‐SREG scheme, formal verification utilizing the automated validation of internet security protocols and applications (AVISPAs) is performed. The results confirm the scheme's safety under the On‐the‐Fly Model‐Checker (OFMC) and Constraint Logic‐based Attack Searcher (CL‐AtSe). [ABSTRACT FROM AUTHOR]

Published

2024

9. Secure and Lightweight Cluster-Based User Authentication Protocol for IoMT Deployment †.

Author

Su, Xinzhong and Xu, Youyun

Subjects

*ACCESS control, *INTERNET of things, *DETECTORS, *PRIVACY, *SECURITY management

Abstract

Authentication is considered one of the most critical technologies for the next generation of the Internet of Medical Things (IoMT) due to its ability to significantly improve the security of sensors. However, higher frequency cyber-attacks and more intrusion methods significantly increase the security risks of IoMT sensor devices, resulting in more and more patients' privacy being threatened. Different from traditional IoT devices, sensors are generally considered to be based on low-cost hardware designs with limited storage resources; thus, authentication techniques for IoMT scenarios might not be applicable anymore. In this paper, we propose an efficient three-factor cluster-based user authentication protocol (3ECAP). Specifically, we establish the security association between the user and the sensor cluster through fine-grained access control based on Merkle, which perfectly achieves the segmentation of permission. We then demonstrate that 3ECAP can address the privilege escalation attack caused by permission segmentation. Moreover, we further analyze the security performance and communication cost using formal and non-formal security analysis, Proverif, and NS3. Simulation results demonstrated the robustness of 3ECAP against various cyber-attacks and its applicability in an IoMT environment with limited storage resources. [ABSTRACT FROM AUTHOR]

Published

2024

10. Enhancing Iris Authentication for Managing Multiple Cancellations: Leveraging Quotient Filters.

Author

Arepalli, Gopi Suresh and Boobalan, Pakkiri

Subjects

*BIOMETRIC identification, *DATA structures, *DATA security, *MAP design, *ACCESS control

Abstract

Biometric authentication methods have become increasingly popular for their ability to offer secure and convenient access control. However, concerns about the privacy and security of biometric data have arisen. In this study, we present a novel approach to address these concerns by proposing a cancellable biometric encryption technique for secure and format-preserving iris authentication. Our method leverages the Quotient Filter data structure to transform encrypted iris templates into cancellable templates while preserving their original format. We carefully select an appropriate format-preserving encryption algorithm for iris templates and design a mapping scheme to achieve cancellability. To assess the effectiveness and performance of our approach, extensive experiments are conducted. The quantitative results indicate the efficiency and efficacy of our cancellable biometric encryption technique using the Quotient Filter. Our innovation, the Iris Authentication for Multiple Cancelled Instances Using a Quotient Filter (IAMCIQF), demonstrates competitive performance across several key metrics. IAMCIQF achieves a high level of security strength and strikes a balance between security and efficiency in terms of key size, encryption and decryption speeds and storage efficiency when compared to other existing techniques. The quantitative outcomes underscore IAMCIQF's potential as a promising solution for attaining secure and format-preserving iris authentication, addressing critical concerns about biometric data security. [ABSTRACT FROM AUTHOR]

Published

2024

11. An efficient texture descriptor based on local patterns and particle swarm optimization algorithm for face recognition.

Author

Fadaei, Sadegh, Dehghani, Abbas, RahimiZadeh, Keyvan, and Beheshti, Amin

Subjects

*PARTICLE swarm optimization, *HUMAN facial recognition software, *FEATURE extraction, *RECEIVER operating characteristic curves, *ACCESS control

Abstract

Face recognition is used in many applications such as access control, automobile security, criminal identification, immigration, healthcare, cyber security, and so on. Each person has his/her own unique face, so the face can help distinguish people from each other. Feature extraction process plays a fundamental role in accuracy of face recognition, and many algorithms have been presented to extract more informative features from the face image. In this paper, an efficient texture descriptor is proposed based on local information of the face image. In the proposed method, at first, face image is split into several sub-images in such a way that each sub-image includes one of the facial parts such as eyes, nose, and lips. Second, texture features are extracted from each sub-image using a new local pattern descriptor, and then features of sub-images are concatenated to construct feature vector. Finally, the face image is compared to images in a dataset based on a similarity measure. In addition, particle swarm optimization algorithm is used to assign weight to the features of different parts of the face image. To evaluate the proposed algorithm, four face datasets, Yale, ORL, GT and KDEF, are used. Implementation results show that the proposed method outperforms recent methods in terms of accuracy, receiver operating characteristic (ROC) curve, and area under ROC curve. [ABSTRACT FROM AUTHOR]

Published

2024

12. TL-ABKS: Traceable and lightweight attribute-based keyword search in edge–cloud assisted IoT environment.

Author

Varri, Uma Sankararao, Mallick, Debjani, Das, Ashok Kumar, Hossain, M. Shamim, Park, Youngho, and Rodrigues, Joel J.P.C.

Subjects

KEYWORD searching, EDGE computing, INTERNET of things, ACCESS control, CLOUD computing

Abstract

Edge–cloud coordination offers the chance to mitigate the enormous storage and processing load brought on by a massive increase in traffic at the network's edge. Though this paradigm has benefits on a large scale, outsourcing the sensitive data from the smart devices deployed in an Internet of Things (IoT) application may lead to privacy leakage. With an attribute-based keyword search (ABKS), the search over ciphertext can be achieved; this reduces the risk of sensitive data explosion. However, ABKS has several issues, like huge computational overhead to perform multi-keyword searches and tracing malicious users. To address these issues and enhance the performance of ABKS, we propose a novel traceable and lightweight attribute-based keyword search technique in an Edge–cloud-assisted IoT, named TL-ABKS, using edge–cloud coordination. With TL-ABKS, it is possible to do effective multi-keyword searches and implement fine-grained access control. Further, TL-ABKS outsources the encryption and decryption computation to edge nodes to enable its usage to resource-limited IoT smart devices. In addition, TL-ABKS achieves tracing user identity who misuse their secret keys. TL-ABKS is secure against modified secret keys, chosen plaintext, and chosen keyword attacks. By comparing the proposed TL-ABKS with the current state-of-the-art schemes, and conducting a theoretical and experimental evaluation of its performance and credibility, TL-ABKS is efficient. [ABSTRACT FROM AUTHOR]

Published

2024

13. Person Identification Using Temporal Analysis of Facial Blood Flow.

Author

Raia, Maria, Stogiannopoulos, Thomas, Mitianoudis, Nikolaos, and Boulgouris, Nikolaos V.

Subjects

BIOMETRIC identification, BLOOD flow, ACCESS control, BLOOD testing, SECURITY systems, DEEP learning

Abstract

Biometrics play an important role in modern access control and security systems. The need of novel biometrics to complement traditional biometrics has been at the forefront of research. The Facial Blood Flow (FBF) biometric trait, recently proposed by our team, is a spatio-temporal representation of facial blood flow, constructed using motion magnification from facial areas where skin is visible. Due to its design and construction, the FBF does not need information from the eyes, nose, or mouth, and, therefore, it yields a versatile biometric of great potential. In this work, we evaluate the effectiveness of novel temporal partitioning and Fast Fourier Transform-based features that capture the temporal evolution of facial blood flow. These new features, along with a "time-distributed" Convolutional Neural Network-based deep learning architecture, are experimentally shown to increase the performance of FBF-based person identification compared to our previous efforts. This study provides further evidence of FBF's potential for use in biometric identification. [ABSTRACT FROM AUTHOR]

Published

2024

14. Only you can check my data: certificateless and designed-verifier auditing of multi-cloud storage with faults localization.

Author

Miao, Ying, Miao, Yapeng, and Miao, Xuexue

Subjects

FAULT location (Engineering), ACCESS control, DATA integrity, POWER resources, DATA security

Abstract

To improve the data security and integrity of the outsourced data, storing multiple copies of data on multiple cloud servers is a good way. Many public Provable Data Possession (PDP) schemes in multiple cloud servers have been proposed in recent years. However, in some scenarios, the Data Owner (DO) may not want anyone (e.g. a stranger) to check the integrity of their data. Nevertheless, few schemes consider the fault's location function when the data auditing fails. Another problem is that anyone can make a challenge for the Cloud Server (CS) in the PDP schemes. Some access control strategies are necessary to reduce the waste of computation power resources of the CS. To solve these problems, we propose a certificateless and designed-verifier auditing scheme in multi-cloud storage environments. In our scheme, we utilize certificateless signature combined with a delegation key to achieve designed-verifier auditing. We design a secret Merkle Hash Tree (MHT) to locate the faults of CSs and data blocks. We utilize Zero-Knowledge Proof (ZKP) to achieve access control. Theoretical and experimental evaluation show that the proposed scheme is efficient and practical. [ABSTRACT FROM AUTHOR]

Published

2024

15. Stalk-eyed flies carrying a driving X chromosome compensate by increasing fight intensity.

Author

Paczolt, Kimberly A., Pritchard, Macy E., Welsh, Gabrielle T., Wilkinson, Gerald S., and Reinhardt, Josephine A.

Subjects

X chromosome, MEIOTIC drive, FLY control, ACCESS control, GENETIC variation, DECORATION & ornament

Abstract

Exaggerated ornaments provide opportunities to understand how selection can operate at different levels to shape the evolution of a trait. While these features aid their bearer in attracting mates or fending off competitors, they can also be costly and influenced by the environment and genetic variation. The eyestalks of the stalk-eyed fly, Teleopsis dalmanni, are of interest because eyestalk length is the target of both intra- and intersexual selection and is also reduced by loci on a highly-divergent sex ratio X chromosome (XSR), a meiotic driver accounting for up to 30% of wild X chromosomes. Male stalk-eyed flies fight to control access to females and over food using a combination of low-intensity displays and highintensity physical fights. We staged, filmed, and scored contests between pairs of eyespan-matched males to evaluate whether X chromosome type impacts the behavior and outcome of aggressive interactions. While our results broadly match expectations from previous studies, we found that XSR males used more high-intensity behaviors than males carrying a non-driving, standard X chromosome (XST), particularly when their eyestalks were of similar size or smaller than their opponents. Additionally, we found that when XSR males use high-intensity behaviors, they win more bouts than when they use low-intensity behaviors. Taken together, these results suggest that XSR impacts male aggressive behavior to compensate for the shorter eyestalks of XSR males and may help to explain how this selfish chromosome is maintained. [ABSTRACT FROM AUTHOR]

Published

2024

16. Data-Sharing System with Attribute-Based Encryption in Blockchain and Privacy Computing †.

Author

Wu, Hao, Liu, Yu, Zhu, Konglin, and Zhang, Lin

Subjects

*DATA privacy, *DATABASES, *COMPUTER systems, *BOOLEAN searching, *DISCLOSURE, *ACCESS control, *BLOCKCHAINS

Abstract

With the development of the data-sharing system in recent years, financial management systems and their privacy have sparked great interest. Existing financial data-sharing systems store metadata, which include a hash value and database index on the blockchain, and store high-capacity actual data in the center database. However, current data-sharing systems largely depend on centralized systems, which are susceptible to distributed denial-of-service (DDoS) attacks and present a centralized attack vector. Furthermore, storing data in a local center database has a high risk of information disclosure and tampering. In this paper, we propose the ChainMaker Privacy Computing (CPC) system, a new decentralized data-sharing system for secure financial data, to solve this problem. It provides a series of financial data information and a data structure rather than actual data on the blockchain to protect the privacy of data. We utilize a smart contract to establish a trusted platform for the local database to obtain encrypted data. We design a resource catalog to provide a trusted environment of data usage in the privacy computing system that is visible for members on the blockchain. Based on cipher-policy attribute-based encryption (CP-ABE), We design a CPC-CP-ABE algorithm to enable fine-grained access control through attribute based encryption. Finally, We propose an efficient scheme that allows authenticated data-sharing systems to perform Boolean searches on encrypted data information. The results of experiment show that the CPC system can finish trusted data sharing to all organizations on the blockchain. [ABSTRACT FROM AUTHOR]

Published

2024

17. Privacy-Preserving ConvMixer Without Any Accuracy Degradation Using Compressible Encrypted Images.

Author

Lin, Haiwei, Imaizumi, Shoko, and Kiya, Hitoshi

Subjects

*IMAGE recognition (Computer vision), *TRANSFORMER models, *ACCESS control, *JIGSAW puzzles, *PRIVACY

Abstract

We propose an enhanced privacy-preserving method for image classification using ConvMixer, which is an extremely simple model that is similar in spirit to the Vision Transformer (ViT). Most privacy-preserving methods using encrypted images cause the performance of models to degrade due to the influence of encryption, but a state-of-the-art method was demonstrated to have the same classification accuracy as that of models without any encryption under the use of ViT. However, the method, in which a common secret key is assigned to each patch, is not robust enough against ciphertext-only attacks (COAs) including jigsaw puzzle solver attacks if compressible encrypted images are used. In addition, ConvMixer is less robust than ViT because there is no position embedding. To overcome this issue, we propose a novel block-wise encryption method that allows us to assign an independent key to each patch to enhance robustness against attacks. In experiments, the effectiveness of the method is verified in terms of image classification accuracy and robustness, and it is compared with conventional privacy-preserving methods using image encryption. [ABSTRACT FROM AUTHOR]

Published

2024

18. An Efficient Pairing-Free Ciphertext-Policy Attribute-Based Encryption Scheme for Internet of Things.

Author

Guo, Chong, Gong, Bei, Waqas, Muhammad, Alasmary, Hisham, Tu, Shanshan, and Chen, Sheng

Subjects

*INTERNET access control, *ELLIPTIC curves, *DATA security, *INTERNET of things, *CRYPTOGRAPHY

Abstract

The Internet of Things (IoT) is a heterogeneous network composed of numerous dynamically connected devices. While it brings convenience, the IoT also faces serious challenges in data security. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptography method that supports fine-grained access control, offering a solution to the IoT's security issues. However, existing CP-ABE schemes are inefficient and unsuitable for IoT devices with limited computing resources. To address this problem, this paper proposes an efficient pairing-free CP-ABE scheme for the IoT. The scheme is based on lightweight elliptic curve scalar multiplication and supports multi-authority and verifiable outsourced decryption. The proposed scheme satisfies indistinguishability against chosen-plaintext attacks (CPA) under the elliptic curve decisional Diffie–Hellman (ECDDH) problem. Performance analysis shows that our proposed scheme is more efficient and better suited to the IoT environment compared to existing schemes. [ABSTRACT FROM AUTHOR]

Published

2024

19. Research on Network Security Protection Technology Based on P2AEDR in New Low-Voltage Control Scenarios for Power IoT and Other Blockchain-Based IoT Architectures.

Author

Miao, Weiwei, Zhao, Xinjian, Li, Nianzhe, Zhang, Song, Li, Qianmu, and Li, Xiaochao

Subjects

*COMPUTER network security, *ACCESS control, *ELECTRIC power distribution grids, *TRUST, *INTERNET of things, *DEEP learning

Abstract

In the construction of new power systems, the traditional network security protection mainly based on boundary protection belongs to static defense and still relies mainly on manual processing in vulnerability repair, threat response, etc. It is difficult to adapt to the security protection needs in large-scale distributed new energy, third-party aggregation platforms, and flexible interaction scenarios with power grid enterprise systems. It is necessary to conduct research on dynamic security protection models for IoT and other Blockchain-based IoT architectures. This article proposes a network security comprehensive protection model P2AEDR based on different interaction modes of cloud–edge interaction and cloud–cloud interaction. Through continuous trust evaluation, dynamic access control, and other technologies, it strengthens the internal defense capabilities of power grid business, shifting from static protection as the core mode to a real-time intelligent perception and automated response mode, and ultimately achieving the goal of dynamic defense, meeting the security protection needs of large-scale controlled terminal access and third-party aggregation platforms. Meanwhile, this article proposes a dynamic trust evaluation algorithm based on deep learning, which protects the secure access and use of various resources in a more refined learning approach based on the interaction information monitored in the system. Through experimental verification of the dynamic trust evaluation algorithm, it is shown that the proposed model has good trust evaluation performance. Therefore, this research is beneficial for trustworthy Power IoT and other Blockchain-based IoT architectures. [ABSTRACT FROM AUTHOR]

Published

2024

20. Unraveling the multiple facilitative effects of consumers on marine primary producers.

Author

Bracken, Matthew E. S., Bernatchez, Genevieve, Badten, Alexander J., and Chatfield, Rachel A.

Subjects

*ECOLOGICAL integrity, *ECOSYSTEMS, *CONSUMERS, *ACCESS control, *BIOMASS

Abstract

The loss of consumers threatens the integrity of ecological systems, but the mechanisms underlying the effects on communities and ecosystems remain difficult to predict. This is, in part, due to the complex roles that consumers play in those systems. Here, we highlight this complexity by quantifying two mechanisms by which molluscan grazers—typically thought of as consumers of their algal resources—facilitate algae on rocky shores. Initial observations in high‐zone tide pools revealed that both water‐column ammonium concentrations and photosynthetic biomass were higher in pools containing higher densities of grazers, suggesting that local‐scale nutrient recycling by the grazers could be enhancing algal biomass. We assessed this possibility by experimentally manipulating grazer abundances at the level of whole tide pools but controlling access of those grazers to experimental plots within each pool. Contrary to predictions that algal biomass inside grazer exclusions would increase as grazer abundances in the pools increased, we found that algal biomass inside grazer‐exclusion fences was unaffected by grazer abundances. Instead, the consumptive effects of grazers that were evident at low grazer abundances transitioned to facilitative effects as experimentally manipulated grazer abundances increased. This finding suggested that these positive interactions were associated with the physical presence of grazers and not just grazers' effects on nutrient availability. Subsequent experiments highlighted the potential role of "slime"—the pedal mucous trails left behind as the mollusks crawl on the substratum—in promoting the recruitment of algae and thereby mediating a spatial subsidy of new organic matter into the system. Furthermore, different grazer groups contributed disproportionately to ammonium excretion (i.e., turban snails) versus slime production (i.e., littorine snails), suggesting a potential role for grazer diversity. Our work highlights the complex ways in which consumers affect their resources, including multiple, complementary mechanisms by which these grazers facilitate the algae they consume. [ABSTRACT FROM AUTHOR]

Published

2024

21. Energy Efficiency Optimization for D2D Communication with Statistical Channel State Information and QoS Awareness.

Author

Hui Dun, Yifan Zhao, Qiuyue Shi, Weihua Liu, and Eryang Huan

Subjects

CONSTRAINT algorithms, FRACTIONAL programming, ACCESS control, QUALITY of service, TELECOMMUNICATION systems

Abstract

Since the energy efficiency (EE) optimization of communication systems brings extremely significant economic benefits in mobile communication networks, this study conducts the device-to-device (D2D) communication EE optimization considering statistical channel state information (CSI) and quality of service (QoS) awareness. First of all, a D2D access control strategy is implemented to determine the set of cellular users that can all be feasible for each pair of D2D users. However, as the instantaneous channel state information is often unavailable, a modified access control strategy based on statistical channels is proposed. Subsequently, in the power control issue, an iterative power control algorithm with the constraint of users' QoS awareness is put forward to obtain the optimal transmit power combination based on partial fractional programming. Finally, a rapid channel allocation algorithm is provided to solve the channel assignment problem, resulting in an enhancement of the access rate and a reduction of complexity. Simulation results show that: i) Our proposed algorithm has advantages in enhancing the EE for D2D communication with statistical CSI; ii) In the case of increasing EE, the user's QoS awareness is guaranteed; iii) The algorithm increases the access rate of D2D users while achieving resource allocation fairness. [ABSTRACT FROM AUTHOR]

Published

2024

22. Securing IoMT Applications: An Approach for Enhancing the Reliability of Security Policies within Cloud Databases.

Author

KSIBI, SONDES, JAIDI, FAOUZI, and BOUHOULA, ADEL

Subjects

DATABASES, ACCESS control, DATA warehousing, ELECTRONIC data processing, DATA security failures

Abstract

Applications of the Internet-of-Things (IoT) in healthcare have a great potential since they bring, in a cost effective manner, supreme solutions to large scale medical-care. The Internet-of-Medical-Things (IoMT) connects patients to caregivers and facilitates remote healthcare capabilities. Regardless of their expansion, especially during the COVID19 pandemic, IoMT applications encounter critical types of security risks. Many research efforts were conducted to help designing reliable E-Health Systems (EHS), but compliance and privacy-preserving solutions for EHS still require a lot of work. To address this requirement, we focus on reliability enhancement of security policies in the context of EHS. We especially deal with risk management within the data processing and storage area, in IoMT systems, composed mainly of cloud/private databases that store confidential medical data. Malicious users and attackers can discover and leak unauthorized data via exploiting authorized information and may expand their rights by using advanced features such as database functional dependencies. In such critical systems, identifying and evaluating risks associated to non authorized accesses and policies misconfigurations is highly required. We address, in this paper, the analysis and the management of the compliance of concrete security policies based on appropriate risk metrics. Our solution enhances a well-established formal verification and validation approach that allows identifying non-compliance anomalies in concrete policies with a quantified risk-assessment approach for evaluating risks. A case of application is presented as an example to illustrate the relevance of our proposal. [ABSTRACT FROM AUTHOR]

Published

2024

23. Contribution Measurement in Privacy-Preserving Federated Learning.

Author

RUEI-HAU HSU, YI-AN YU, and HSUAN-CHENG SU

Subjects

FEDERATED learning, COOPERATIVE game theory, MACHINE learning, UPLOADING of data, WORK measurement, ACCESS control

Abstract

Federated learning (FL) is a novel decentralized machine learning framework that differs from traditional centralized machine learning. It enables multiple participants to collaborate on training models without sharing raw data directly. Participants train the local model with their data and only upload the model parameters. To achieve a fair allocation of benefits by the common global model, a standard is needed to evaluate each model providers' contribution to federated learning. Shapley value is a classic concept from cooperative game theory and is often used in data evaluation for machine learning. This study introduces the Shapley value in privacy-preserving federated learning (PPFL) to construct a contribution measuring module for measuring the contribution of each model provider to the learning task and propose a verification mechanism for the contribution results. Compared to the other related works for contribution measurement by Shapley value, this work achieves higher privacy protection, where local participants' data sets, local model parameters, and global model parameters are concealed. In addition, the verification of the fairness of contribution measurement is also supported. Moreover, this work achieves the access control of aggregated global models through the concept of threshold identity-based encryption, where model consumers can only gain access to the specific aggregated global model if they are authorized by sufficient model providers. [ABSTRACT FROM AUTHOR]

Published

2024

24. Exploring the interplay between intellectual property models and sustainability transitions: A multi‐level analysis.

Author

Jain, Akriti, Gurtoo, Anjula, Eppinger, Elizabeth, Vimalnath, Pratheeba, and Tietze, Frank

Subjects

TECHNOLOGY transfer, DIFFUSION of innovations, INTELLECTUAL property, PARTNERSHIP agreements, ACCESS control

Abstract

Research on international technology transfer and partnership agreements provides a comprehensive understanding of country‐level impacts of intellectual property (IP) rights on sustainability transitions. However, firm‐level studies on how firms use and share their IP to support sustainability practices remains limited. The paper disentangles the relationship between firm‐level IP models and sustainability practices drawing from a cross‐case analysis of 28 firms offering sustainable innovations across four sectors. Analysis of firms' year‐wise data collected from 854 documents (typically 1996–2021) and 58 in‐depth interviews exploring linkage between IP models and sustainability practices of firms engaged in sustainable innovation provide six key findings: (a) emphasis on safeguarding registered and unregistered IP assets among firms with sustainable innovations; (b) widespread adoption of selectively open inbound IP models coupled with diverse IP sharing mechanisms; (c) a preference for collaborative (joint) IP ownership among internally driven firms, contrasting with a tendency for exclusive in‐licensing among those reacting to external pressures; (d) a divergence in outbound IP models, with internally motivated firms favouring selectively open approaches and externally driven firms favouring closed IP models; (e) the adoption of fully open outbound IP models democratize sustainable innovation diffusion; and (f) leveraging broadly open outbound IP models alongside closed or selectively open models balances widespread use with access control and achieves significant social sustainability. A framework is hence developed to guide technology‐sharing policies and procedures. Therefore, the paper creates a platform for prescribing sustainable IP incentives for encouraging firms to share IP for wider diffusion of sustainable innovations. [ABSTRACT FROM AUTHOR]

Published

2024

25. DeepSLM: Speckle‐Licensed Modulation via Deep Adversarial Learning for Authorized Optical Encryption and Decryption.

Author

Huang, Haofan, Zhao, Qi, Li, Huanhao, Zheng, Yuandong, Yu, Zhipeng, Zhong, Tianting, Cheng, Shengfu, Woo, Chi Man, Gao, Yi, Liu, Honglin, Zheng, Yuanjin, Tian, Jie, and Lai, Puxiang

Subjects

DISTRIBUTION (Probability theory), INFORMATION technology security, SPECKLE interference, PEARSON correlation (Statistics), ACCESS control

Abstract

Optical encryption is pivotal in information security, offering parallel processing, speed, and robust security. The simplicity and compatibility of speckle‐based cryptosystems have garnered considerable attention. Yet, the predictable statistical distribution of speckle optical fields' characteristics can invite statistical attacks, undermining these encryption methods. The proposed solution, a deep adversarial learning‐based speckle modulation network (DeepSLM), disrupts the strong intercorrelation of speckle grains. Utilizing the unique encoding properties of speckle patterns, DeepSLM facilitates license editing within the modulation phase, pioneering a layered authentication encryption system. Our empirical studies confirm DeepSLM's superior performance on key metrics. Notably, the testing dataset reveals an average Pearson correlation coefficient above 0.97 between decrypted images and their original counterparts for intricate subjects like human faces, attesting to the method's high fidelity. This innovation marries adjustable modification, optical encryption, and deep learning to enforce tiered data access control, charting new paths for creating user‐specific access protocols. [ABSTRACT FROM AUTHOR]

Published

2024

26. B-ERAC: BLOCKCHAIN-ENABLED ROLE-BASED ACCESS CONTROL FOR SECURE IOT DEVICE COMMUNICATION.

Author

KHAN, NEELAM SALEEM, MIR, ROOHIE NAAZ, CHISHTI, MOHAMMAD AHSAN, and SALEEM, MAHREEN

Subjects

ELLIPTIC curve cryptography, ACCESS control, ENCRYPTION protocols, DATA integrity, INTERNET of things

Abstract

Security risks are increasingly concerning as the Internet of Things (IoT) expands. Authentication, access control, and authorization present significant challenges for resource-constrained IoT devices. Traditional authentication methods often require enhancements for these devices, but Blockchain technology presents a potential solution. Decentralized and distributed, Blockchain eliminates a single point of failure and relies on Elliptic Curve Cryptography (ECC) for robust security. We have introduced a cutting-edge solution to fortify communication security within IoT devices across supply chain ecosystems. By harnessing the power of Blockchain technology, our framework incorporates smart contracts, adheres to ES256 encryption standards, and seamlessly integrates with Infura API. These components establish stringent access controls, ensure data integrity, and enhance transparency throughout supply chain processes. The framework's robust architecture facilitates swift and secure transactions, bolsters traceability efforts, and effectively mitigates potential security risks. With its scalable design and reliable functionality, this framework emerges as a pivotal asset for optimizing IoT device communication within dynamic supply chain environments. The use of ProVerif in our analysis provides a formal guarantee of the correctness of our access control mechanisms. [ABSTRACT FROM AUTHOR]

Published

2024

27. REVOLUTIONIZING CLOUD SECURITY: A NOVEL FRAMEWORK FOR ENHANCED DATA PROTECTION IN TRANSMISSION AND MIGRATION.

Author

DASARI, RAKESH NAG and BABU, G. RAMA MOHAN

Subjects

CLOUD computing security measures, DATA security, DATA protection, DATA transmission systems, DATA encryption, ACCESS control

Abstract

This research introduces a novel security framework specifically tailored to enhance data protection during cloud transmission and migration. Our study addresses critical gaps in existing security models by proposing a multi-dimensional system that incorporates advanced encryption techniques, dynamic access control, and continuous security auditing. Notably, this framework excels in ensuring cloud data integrity, confidentiality, and availability--core aspects often compromised under conventional methods. Comparative analysis with existing models in simulated cloud environments reveals that our framework significantly enhances threat detection accuracy, response speed, and resource management efficiency. The findings highlight the system's capability to reduce security vulnerabilities while optimizing operational overhead, presenting a substantial improvement over traditional security solutions. This innovative approach, marked by improved scalability and flexibility, is poised to revolutionize cloud data security practices across various industries, prompting further research into robust cloud computing security methodologies. [ABSTRACT FROM AUTHOR]

Published

2024

28. A DYNAMIC SANDBOX DETECTION TECHNIQUE IN A PRIVATE CLOUD ENVIRONMENT.

Author

ZHANGWEI YANG and JUNYU XIAO

Subjects

KNOWLEDGE graphs, MALWARE, DATA security, TRUST, ACCESS control

Abstract

In specific private cloud scenarios, how to defend against malicious software and ensure data security is one of the current research hotspots, and sandbox is an important detection method. This paper proposes a dynamic behavior detection technique based on sandboxing, which real-time monitors and analyzes malicious software behavior. By improving the sandbox behavior weight, integrating virtual resources, and designing fine-grained access control, the detection accuracy and efficiency are enhanced based on zero trust access control system. The simulated attacks are identified on the testing platform, drawing knowledge graphs, achieving effective discovery and tracing. Meanwhile, this paper verified through experiments that the system consumption of the detection method is within an acceptable range, expanding the detection range and reducing the missed detection rate. [ABSTRACT FROM AUTHOR]

Published

2024

29. Hybrid Duplex Medium Access Control Protocol for Tsunami Early Warning Systems in Underwater Networks.

Author

Park, Sung Hyun, Choi, Ye Je, and Im, Tae Ho

Subjects

UNDERWATER acoustic communication, ACCESS control, TSUNAMI warning systems, DATA transmission systems, EARTHQUAKES, TSUNAMIS

Abstract

Tsunamis are devastating natural phenomena that cause extensive damage to both human life and infrastructure. To mitigate such impacts, tsunami early warning systems have been deployed globally. South Korea has also initiated a project to install a tsunami warning system to monitor its surrounding seas. To ensure reliable warning decisions, various types of data must be combined, but efficiently transmitting heterogeneous data poses a challenge due to the unique characteristics of underwater acoustic communication. Therefore, this paper proposes a Hybrid Duplex Medium Access Control (HDMAC) protocol designed for a tsunami warning system, with a specific focus on heterogeneous data transmission. HDMAC efficiently handles both seismic and environmental data by utilizing hybrid duplexing, which combines frequency duplex for seismic data with time duplex for environmental data. The protocol addresses the distinct transmission requirements for each data type by optimizing channel utilization through a group Automatic Repeat request (ARQ) scheme and packet size adjustment. Theoretical analysis predicts that HDMAC can achieve a channel utilization of up to 0.91 in smaller networks and 0.64 in larger networks. HDMAC is validated through simulations, and the simulation results closely match these predictions. The simulation results demonstrate the efficiency of HDMAC in supporting real-time submarine earthquake monitoring systems. [ABSTRACT FROM AUTHOR]

Published

2024

30. A Real-Time System Status Evaluation Method for Passive UHF RFID Robots in Dynamic Scenarios.

Author

Wang, Honggang, Du, Weibing, Qin, Bo, Pan, Ruoyu, and Pang, Shengli

Subjects

K-means clustering, REGRESSION trees, TOPSIS method, ACCESS control, DYNAMICAL systems

Abstract

In dynamic scenarios, the status of a Radio Frequency Identification (RFID) system fluctuates with environmental changes. The key to improving system efficiency lies in the real-time monitoring and evaluation of the system status, along with adaptive adjustments to the system parameters and read algorithms. This paper focuses on the status changes in RFID systems in dynamic scenarios, aiming to enhance system robustness and reading performance, ensuring high link quality, reasonable resource scheduling, and real-time status evaluation under varying conditions. This paper comprehensively considers the system parameter settings in dynamic scenarios, integrating the interaction model between readers and tags. The system's real-time status is evaluated from both the physical layer and the Medium Access Control (MAC) layer perspectives. For the physical layer, a link quality evaluation model based on Uniform Manifold Approximation and Projection (UMAP) and K-Means clustering is proposed from the link quality. For the MAC layer, a multi-criteria decision-making evaluation model based on combined weighting and the Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) is proposed, which comprehensively considers both subjective and objective factors, utilizing the TOPSIS algorithm for an accurate evaluation of the MAC layer system status. For the RFID system, this paper proposes a real-time status evaluation model based on the Classification and Regression Tree (CART), which synthesizes the evaluation results of the physical layer and MAC layer. Finally, engineering tests and verification were conducted on the RFID robot system in mobile scenarios. The results showed that the clustering average silhouette coefficient of the physical layer link quality evaluation model based on K-Means was 0.70184, indicating a relatively good clustering effect. The system status evaluation model of the MAC layer, based on the combined weighting-TOPSIS method, demonstrated good flexibility and generalization. The real-time status evaluation model of the RFID system, based on CART, achieved a classification accuracy of 98.3%, with an algorithm runtime of 0.003 s. Compared with other algorithms, it had a higher classification accuracy and shorter runtime, making it well suited for the real-time evaluation of the RFID robot system's status in dynamic scenarios. [ABSTRACT FROM AUTHOR]

Published

2024

31. A Systematic Review and Comparative Analysis Approach to Boom Gate Access Using Plate Number Recognition.

Author

Bukola, Asaju Christine, Owolawi, Pius Adewale, Du, Chuling, and Van Wyk, Etienne

Subjects

OBJECT recognition (Computer vision), MACHINE learning, COMPUTER vision, ACCESS control, AUTOMOBILE license plates

Abstract

Security has been paramount to many organizations for many years, with access control being one of the critical measures to ensure security. Among various approaches to access control, vehicle plate number recognition has received wide attention. However, its application to boom gate access has not been adequately explored. This study proposes a method to access the boom gate by optimizing vehicle plate number recognition. Given the speed and accuracy of the YOLO (You Only Look Once) object detection algorithm, this study proposes using the YOLO deep learning algorithm for plate number detection to access a boom gate. To identify the gap and the most suitable YOLO variant, the study systematically surveyed the publication database to identify peer-reviewed articles published between 2020 and 2024 on plate number recognition using different YOLO versions. In addition, experiments are performed on four YOLO versions: YOLOv5, YOLOv7, YOLOv8, and YOLOv9, focusing on vehicle plate number recognition. The experiments, using an open-source dataset with 699 samples in total, reported accuracies of 81%, 82%, 83%, and 73% for YOLO V5, V7, V8, and V9, respectively. This comparative analysis aims to determine the most appropriate YOLO version for the task, optimizing both security and efficiency in boom gate access control systems. By optimizing the capabilities of advanced YOLO algorithms, the proposed method seeks to improve the reliability and effectiveness of access control through precise and rapid plate number recognition. The result of the analysis reveals that each YOLO version has distinct advantages depending on the application's specific requirements. In complex detection conditions with changing lighting and shadows, it was revealed that YOLOv8 performed better in terms of reduced loss rates and increased precision and recall metrics. [ABSTRACT FROM AUTHOR]

Published

2024

32. Access Control Verification in Smart Contracts Using Colored Petri Nets.

Author

Al-Azzoni, Issam and Iqbal, Saqib

Subjects

MODELING languages (Computer science), PETRI nets, ACCESS control, EXCLUSIVE contracts, BLOCKCHAINS

Abstract

This paper presents an approach for the verification of access control in smart contracts written in the Digital Asset Modeling Language (DAML). The approach utilizes Colored Petri Nets (CPNs) and their analysis tool CPN Tools. It is a model-driven-based approach that employs a new meta-model for capturing access control requirements in DAML contracts. The approach is supported by a suite of tools that fully automates all of the steps: parsing DAML code, generating DAML model instances, transforming the DAML models into CPN models, and model checking the generated CPN models. The approach is tested using several DAML scripts involving access control extracted from different domains of blockchain applications. [ABSTRACT FROM AUTHOR]

Published

2024

33. An optimized dynamic attribute-based searchable encryption scheme.

Author

Khan, Shahzad, Khan, Shawal, Waheed, Abdul, Mehmood, Gulzar, Zareei, Mahdi, and Alanazi, Faisal

Subjects

*KEYWORD searching, *ACCESS control, *TRUST, *INTERPOLATION, *POPULARITY, *SERVER farms (Computer network management)

Abstract

Cloud computing liberates enterprises and organizations from expensive data centers and complex IT infrastructures by offering the on-demand availability of vast storage and computing power over the internet. Among the many service models in practice, the public cloud for its operation cost saving, flexibility, and better customer support popularity in individuals and organizations. Nonetheless, this shift in the trusted domain from the concerned users to the third-party service providers pops up many privacy and security concerns. These concerns hindrance the wide adaptation for many of its potential applications. Furthermore, classical encryption techniques render the encrypted data useless for many of its valuable operations. The combined concept of attribute-based encryption (ABE) and searchable encryption (SE), commonly known as attribute-based keyword searching (ABKS), emerges as a promising technology for these concerns. However, most of the contemporary ABE-based keyword searching schemes incorporate costly pairing and computationally heavy secret sharing mechanisms for its realization. Our proposed scheme avoids the expensive bilinear pairing operation during the searching operation and costly Lagrange interpolation for secret reconstruction. Besides, our proposed scheme enables the updation of access control policy without entirely re-encrypting the ciphertext. The security of our scheme in the selective-set model is proved under the Decisional Bilinear Diffie-Hellmen (DBDH) assumption and collision-free. Finally, the experimental results and performance evaluation demonstrate its communication and overall efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

34. IPv6 addressing strategy with improved secure duplicate address detection to overcome denial of service and reconnaissance attacks.

Author

Kumar, Gyanendra, Gankotiya, Anil, Rawat, Sur Singh, Balusamy, Balamurugan, and Selvarajan, Shitharth

Subjects

*DENIAL of service attacks, *ACCESS control, *ENERGY consumption, *RANDOM numbers, *RECONNAISSANCE operations, *INTERNET protocol version 6

Abstract

With technology development, the growing self-communicating devices in IoT networks require specific naming and identification, mainly provided by IPv6 addresses. The IPv6 address in the IoT network is generated by using the stateless auto address configuration (SLAAC) mechanism, and its uniqueness is ensured by the DAD protocol. Recent research suggests that IPv6 deployment can be a risky decision due to the existing SLAAC-based addressing scheme and the DAD protocol being prone to reconnaissance and denial of service (DoS) attacks. This research paper proposes a new IPv6 generation scheme with an improved secure DAD mechanism to address these problems. The proposed addressing scheme generates IPv6 addresses by taking a hybrid approach based on vendor id of medium access control (MAC) address, physical location, and arbitrary random numbers, which mitigates reconnaissance attacks by malicious nodes. To prevent the DAD process from DoS attacks, hybrid values of interface identifier (IID) are multicast instead of actual values. The proposed scheme is evaluated under reconnaissance and DoS attacks in the presence of malicious nodes. The evaluation results demonstrate that the proposed method effectively mitigates reconnaissance and DoS attacks, outperforming the EUI-64 and SEUI-64 schemes in terms of address success rate (ASR), energy consumption, and communication overhead. Specifically, the proposed method significantly reduces the average probing rate for scanning the existence of an IPv6 address, with only a 1% probing rate compared to SEUI-64's 5% and EUI-64's 100%. Furthermore, the additional communication overhead introduced by the proposed method is less than 13% and 11% compared to EUI-64 and SEUI-64, respectively. Additionally, the energy consumption required to assign an IPv6 address using the proposed method is lower by 12% and 5% when compared to EUI-64 and SEUI-64, respectively. These findings highlight the effectiveness of the proposed method in enhancing security and optimizing resource utilization in IPv6 addressing. [ABSTRACT FROM AUTHOR]

Published

2024

35. We need to aim at the top: Factors associated with cybersecurity awareness of cyber and information security decision-makers.

Author

Vrhovec, Simon and Markelj, Blaž

Subjects

*INFORMATION technology security, *ACCESS control, *INTERNET security, *MULTI-factor authentication, *COMPUTER software management, *BOTNETS

Abstract

Cyberattacks pose a significant business risk to organizations. Although there is ample literature focusing on why people pose a major risk to organizational cybersecurity and how to deal with it, there is surprisingly little we know about cyber and information security decision-makers who are essentially the people in charge of setting up and maintaining organizational cybersecurity. In this paper, we study cybersecurity awareness of cyber and information security decision-makers, and investigate factors associated with it. We conducted an online survey among Slovenian cyber and information security decision-makers (N = 283) to (1) determine whether their cybersecurity awareness is associated with adoption of antimalware solutions in their organizations, and (2) explore which organizational factors and personal characteristics are associated with their cybersecurity awareness. Our findings indicate that awareness of well-known threats and solutions seems to be quite low for individuals in decision-making roles. They also provide insights into which threats (e.g., distributed denial-of-service (DDoS) attacks, botnets, industrial espionage, and phishing) and solutions (e.g., security operation center (SOC), advanced antimalware solutions with endpoint detection and response (EDR)/extended detection and response (XDR) capabilities, organizational critical infrastructure access control, centralized device management, multi-factor authentication, centralized management of software updates, and remote data deletion on lost or stolen devices) are cyber and information security decision-makers the least aware of. We uncovered that awareness of certain threats and solutions is positively associated with either adoption of advanced antimalware solutions with EDR/XDR capabilities or adoption of SOC. Additionally, we identified significant organizational factors (organizational role type) and personal characteristics (gender, age, experience with information security and experience with information technology (IT)) related to cybersecurity awareness of cyber and information security decision-makers. Organization size and formal education were not significant. These results offer insights that can be leveraged in targeted cybersecurity training tailored to the needs of groups of cyber and information security decision-makers based on these key factors. [ABSTRACT FROM AUTHOR]

Published

2024

36. Dynamic Twitter friend grouping based on similarity, interaction, and trust to account for ever‐evolving relationships.

Author

Shetty, Nisha P., Muniyal, Balachandra, Maben, Leander Melroy, Jayaraj, Rithika, and Saxena, Sameer

Subjects

*ONLINE social networks, *DATA privacy, *DIGITAL technology, *RELATIONSHIP status, *SOCIAL networks, *VIRTUAL communities

Abstract

Online social networks have become ubiquitous, allowing users to share opinions on various topics. However, oversharing can compromise privacy, leading to potential blackmail or fraud. Current platforms lack friend categorization based on trust levels. This study proposes simulating real‐world friendships by grouping users into three categories: acquaintances, friends, and close friends, based on trust and engagement. It also introduces a dynamic method to adjust relationship status over time, considering users' past and present offenses against peers. The proposed system automatically updates friend lists, eliminating manual grouping. It calculates relationship strength by considering all components of online social networks and trust variations caused by user attacks. This method can be integrated with clustering algorithms on popular platforms like Facebook, Twitter, and Instagram to enable constrained sharing. By implementing this system, users can better control their information sharing based on trust levels, reducing privacy risks. The dynamic nature of the relationship status adjustment ensures that the system remains relevant as user interactions evolve over time. This approach offers a more nuanced and secure social networking experience, reflecting real‐world relationship dynamics in the digital sphere. [ABSTRACT FROM AUTHOR]

Published

2024

37. An improved smart contract-based bring your own device (BYOD) security control framework.

Author

Almarhabi, Khalid A.

Subjects

ACCESS control, SECURITY systems, DATA security failures, BLOCKCHAINS, CONTRACTS

Abstract

The evolution of mobile technology has produced new methods and policies for organisations to process data and communicate. Bring your own device (BYOD), which allows employees to bring their own personal devices to work and access organisational resources for work purposes, is one such new policy. However, as this practice poses significant risks, organisations must implement commensurate security measures to protect their integrity. This paper aimed to mitigate these risks by proposing a decentralized and unassailable security control solution tailored to the BYOD environment. The proposed architecture leveraged business blockchain with smart contracts (SCs) to automate policy compliance and strictly adhere to organisational rules and regulations. The research demonstrated that this approach effectively reduces access control (AC) threats and enhances security policies and management. The findings highlighted that the implementation of SCs within a blockchain framework significantly improves the security of the BYOD environment by minimising the risks of unauthorised access, data breaches, and insider threats. Additionally, SCs enable organisations to establish decentralised and tamper-proof security control systems, reducing the dependence on centralised authorities and bolstering overall system integrity. [ABSTRACT FROM AUTHOR]

Published

2024

38. The Political Economy of Shock‑Responsive Social Protection: Analysis from Malaw.

Author

Archibald, Edward M.

Subjects

*SOCIAL settlements, *ACCESS control, *NONPROFIT sector, *SOCIAL systems, *ACTORS

Abstract

Using social assistance systems to address acute needs arising from wide-scale shocks – commonly known as ‘shock-responsive social protection’ (SRSP) – raises significant political economy questions. Previously, acute needs caused by disasters across sub-Saharan Africa have primarily been met by humanitarian actors alone. SRSP disrupts the status quo by reducing humanitarian actors’ access to and control over humanitarian funding. This raises significant political questions; likewise, the introduction by SRSP of greater accountability and transparency into the implementation of humanitarian responses. This article addresses a current gap in the literature: the politics of SRSP. Referencing the concept of political settlements, the article asks what explains the evolution of SRSP in Malawi by examining the actions of domestic and international actors. It finds that there is scant evidence of national ownership of SRSP and that lack of consensus among international actors is a key obstacle to the concept becoming embedded within the political settlement. [ABSTRACT FROM AUTHOR]

Published

2024

39. طراحی مدل حفاظت از حریم خصوصی مشتریان اینترنتی حوزه سلامت.

Author

زهرا شریفی, محمد علی کرامتی, and مهرزاد مینویی

Subjects

*INFORMATION technology security, *INTERNET privacy, *ACCESS control, *TRUST, *SAMPLING (Process)

Abstract

Introduction: Protecting the privacy of internet customers is crucial in the field of health. In this area, there is sensitive and personal information, and privacy can increase customers’ trust in companies and create a stronger relationship between them. Methods: The target sample was chosen using a criterion-oriented purposeful sampling method. The sampling procedure was continued until the theoretical saturation of data was reached. Accordingly, 12 professors and administrators participated in the study. The data collection tool was a semi- structured interview. Nvivo software was used for theme analysis. Results: Based on the theme analysis method, two constructive themes of level one and 14 themes of level two were identified. Constructive themes of level one were technological infrastructure and obligations of the seller to the consumer. The themes of technological infrastructure were personalization services, social interaction performance, access control, information technology security, security enforcement measures, safety algorithm and data-based planning, and decision making. The constructive themes of the seller’s obligations to the consumer were awareness, user and seller education, safety, maintenance and support of information, responsibility, framework and principles, and trust. Conclusion: The proposed model showed that privacy protection was essential. Medical device businesses should implement a robust privacy policy, closely monitoring access, training employees on privacy protection, and upgrading security systems. [ABSTRACT FROM AUTHOR]

Published

2024

40. Federated finger vein presentation attack detection for various clients.

Author

Mu, Hengyu, Guo, Jian, Liu, Xingli, Han, Chong, and Sun, Lijuan

Subjects

*FEDERATED learning, *COMPUTER vision, *ACCESS control, *BLOOD vessels, *VEINS

Abstract

Recently, the application of finger vein recognition has become popular. Studies have shown finger vein presentation attacks increasingly threaten these recognition devices. As a result, research on finger vein presentation attack detection (fvPAD) methods has received much attention. However, the current fvPAD methods have two limitations. (1) Most terminal devices cannot train fvPAD models independently due to a lack of data. (2) Several research institutes can train fvPAD models; however, these models perform poorly when applied to terminal devices due to inadequate generalisation. Consequently, it is difficult for threatened terminal devices to obtain an effective fvPAD model. To address this problem, the method of federated finger vein presentation attack detection for various clients is proposed, which is the first study that introduces federated learning (FL) to fvPAD. In the proposed method, the differences in data volume and computing power between clients are considered. Traditional FL clients are expanded into two categories: institutional and terminal clients. For institutional clients, an improved triplet training mode with FL is designed to enhance model generalisation. For terminal clients, their inability is solved to obtain effective fvPAD models. Finally, extensive experiments are conducted on three datasets, which demonstrate the superiority of our method. [ABSTRACT FROM AUTHOR]

Published

2024

41. Attribute-Based Designated Combiner Transitive Signature Scheme.

Author

Hou, Shaonan, Yang, Shaojun, and Lin, Chengjun

Subjects

*ACCESS control, *POLICY discourse, *ALGORITHMS, *DEFINITIONS

Abstract

Transitive signatures allow any entity to obtain a valid signature of (i , k) by combining signatures of (i , j) and (j , k) . However, the traditional transitive signature scheme does not offer fine-grained control over the combiner. To address this issue, we propose a formal definition of the attribute-based designated combiner transitive signature (ABDCTS) and its security model, where only entities whose inherent attributes meet the access policy can combine signatures. By introducing the fine-grained access control structure, control over the combiner is achieved. To demonstrate the feasibility of our primitive, this paper presents the first attribute-based designated combiner transitive signature scheme. Under an adaptive chosen-message attack, we prove its security based on the one-more CDH problem and the co-CDH problem, and that its algorithms have robustness. [ABSTRACT FROM AUTHOR]

Published

2024

42. Analyzing supply chain technology trends through network analysis and clustering techniques: a patent-based study.

Author

Shokouhyar, Sajjad, Maghsoudi, Mehrdad, Khanizadeh, Shahrzad, and Jorfi, Saeid

Subjects

*SOCIAL network analysis, *TECHNOLOGICAL forecasting, *SUPPLY chains, *ACCESS control, *TEXT mining, *SUPPLY chain management, *INDUSTRIAL clusters

Abstract

The supply chain forms the backbone of the modern consumer economy, weaving an intricate network of stakeholders across geographical and socioeconomic divides. While new technologies have enhanced supply chain management, the market dynamism and network complexities continue to challenge decision-makers. This study employs social network analysis and text mining to unravel technological patterns within the patent landscape of supply chain management. The analysis draws on a dataset of over 32,000 supply chain patents from Lens.org spanning 2000–2022. Network analysis reveals cooperation patterns and key players, while text mining and clustering identify five technology clusters: secure access control, manufacturing, logistics, data management, and RFID. Technology life cycle analysis indicates that secure access control, data management, and RFID have reached maturity, while logistics is still growing and manufacturing faces saturation. The findings highlight that despite maturity, these technologies warrant continued investment to resolve persistent challenges. The technology trends and maturity insights uncovered can help enterprises make informed strategic decisions by aligning R&D initiatives with technology lifecycles. This pioneering study bridges innovation research and technology management, offering a nuanced understanding of supply chain technologies. The framework presented can be extended to analyze other domains, opening avenues for further research. Overall, this study decodes the patent landscape to decode the future. [ABSTRACT FROM AUTHOR]

Published

2024

43. 面向物联网的基于智能合约与CP-ABE的访问控制方案.

Author

孙昌, 张传虎, 刘冰杰迅, Yingjie Yang, BAQAO, Fernando, and 刘倩佔

Abstract

Copyright of Telecommunications Science is the property of Beijing Xintong Media Co., Ltd. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

44. Voluntary self-exclusion from gambling: Expert opinions on gaps and needs for improvement.

Author

Kraus, Ludwig, Bickl, Andreas M., Hellman, Matilda, Kankainen, Veera E., Loy, Johanna K., Neyer, Marieke, Norman, Thomas, Rolando, Sara, Room, Robin, Rossow, Ingeborg, Volberg, Rachel, and Cisneros Örnberg, Jenny

Subjects

COMPULSIVE gambling, GAMBLING, GAMBLING industry, ACCESS control, GOVERNMENT agencies

Abstract

Aims: Voluntary self-exclusion (VSE) programmes are intended to minimise gambling-related harm. They are considered effective for the individual but several weaknesses have been reported that deter individuals from enrolment. The present paper summarises opinions about and experiences with VSE strategies and assesses gaps and needs with regard to the current self-exclusion regulations and programmes in seven jurisdictions. Methods: A total of 102 representatives from various sectors (research community; addiction help and care services; prevention; regulatory bodies; gambling providers) in Finland, Germany, Italy, Massachusetts (USA), Norway, Sweden, and Victoria (Australia) were surveyed about their experiences with and opinions about VSE strategies, as well as gaps and needs of the current VSE regulations in their jurisdiction. Results: The respondents agreed on the need for and importance of VSE programmes. However, in all participating jurisdictions, VSE regulations at the time of the survey were considered insufficient, and the respondents suggested potential improvements to facilitate the exclusion process, increase utilisation and reduce gamblers' breaching VSE. Representatives of the gambling industry also emphasised the individual's responsibility. Conclusions: Individuals with gambling disorder require effective VSE programmes to cope with their addictive behaviour. To effectively reduce breaches, technical and legal solutions are necessary. This includes access controls based on complete nationwide registries, strict enforcement and preventing excluded gamblers from accessing unlicensed online operators. [ABSTRACT FROM AUTHOR]

Published

2024

45. BIoT Smart Switch-Embedded System Based on STM32 and Modbus RTU—Concept, Theory of Operation and Implementation.

Author

Zagan, Ionel and Găitan, Vasile Gheorghiță

Subjects

SMART cities, INTERNET of things, ACCESS control, ELECTRIC power consumption, SMART homes

Abstract

Considering human influence and its negative impact on the environment, the world will have to transform the current energy system into a cleaner and more sustainable one. In residential as well as office buildings, there is a demand to minimize electricity consumption, improve the automation of electrical appliances and optimize electricity utilization. This paper describes the implementation of a smart switch with extended facilities compared to traditional switches, such as visual indication of evacuation routes in case of fire and acoustic alerts for emergencies. The proposed embedded system implements Modbus RTU serial communication to receive information from a fire alarm-control panel. An extension to the Modbus communication protocol, called Modbus Extended (ModbusE), is also proposed for smart switches and emergency switchboards. The embedded smart switch described in this paper as a scientific and practical contribution in this field, based on a performant microcontroller system, is integrated into the Building Internet of Things (BIoT) concept and uses the innovative ModbusE protocol. The proposed smart lighting system integrates building lighting access control for smart switches and sockets and can be extended to incorporate functionality for smart thermostats, access control and smart sensor-based information acquisition. [ABSTRACT FROM AUTHOR]

Published

2024

46. Intelligent and Secure Cloud–Edge Collaborative Industrial Information Encryption Strategy Based on Credibility Assessment.

Author

Tan, Aiping, Dong, Chenglong, Wang, Yan, Wang, Chang, and Xia, Changqing

Subjects

INFORMATION technology security, COMPUTER network traffic, CYBERTERRORISM, ACCESS control, SECURITY systems

Abstract

As industries develop and informatization accelerates, enterprise collaboration is increasing. However, current architectures face malicious attacks, data tampering, privacy issues, and security and efficiency problems in information exchange and enterprise credibility. Additionally, the complexity of cyber threats requires integrating intelligent security measures to proactively defend against sophisticated attacks. To address these challenges, this paper introduces an intelligent and secure cloud–edge collaborative industrial information encryption strategy based on credibility assessment. The proposed strategy incorporates adaptive encryption specifically designed for cloud–edge and edge–edge architectures and utilizes attribute encryption to control access to user-downloaded data, ensuring secure information exchange. A mechanism for assessing enterprise credibility over a defined period helps maintain a trusted collaborative environment, crucial for identifying and mitigating risks from potentially malicious or unreliable entities. Furthermore, integrating intelligent threat detection and response systems enhances overall security by continuously monitoring and analyzing network traffic for anomalies. Experimental analysis evaluates the security of communication paths and examines how enterprise integrity influences collaboration outcomes. Simulation results show that this approach enhances enterprise integrity, reduces losses caused by harmful actors, and promotes efficient collaboration without compromising security. This intelligent and secure strategy not only safeguards sensitive data but also ensures the resilience and trustworthiness of the collaborative network. [ABSTRACT FROM AUTHOR]

Published

2024

47. Adaptive MAC Scheme for Interference Management in Ad Hoc IoT Networks.

Author

Ali, Ehsan, Fazil, Adnan, Ryu, Jihyoung, Ashraf, Muhammad, and Zakwan, Muhammad

Subjects

CARRIER sense multiple access, RAYLEIGH fading channels, TECHNOLOGICAL innovations, ACCESS control, NETWORK performance

Abstract

The field of wireless communication has undergone revolutionary changes driven by technological advancements in recent years. Central to this evolution is wireless ad hoc networks, which are characterized by their decentralized nature and have introduced numerous possibilities and challenges for researchers. Moreover, most of the existing Internet of Things (IoT) networks are based on ad hoc networks. This study focuses on the exploration of interference management and Medium Access Control (MAC) schemes. Through statistical derivations and systematic simulations, we evaluate the efficacy of guard zone-based MAC protocols under Rayleigh fading channel conditions. By establishing a link between network parameters, interference patterns, and MAC effectiveness, this work contributes to optimizing network performance. A key aspect of this study is the investigation of optimal guard zone parameters, which are crucial for interference mitigation. The adaptive guard zone scheme demonstrates superior performance compared to the widely recognized Carrier Sense Multiple Access (CSMA) and the system-wide fixed guard zone protocol under fading channel conditions that mimic real-world scenarios. Additionally, simulations reveal the interactions between network variables such as node density, path loss exponent, outage probability, and spreading gain, providing insights into their impact on aggregated interference and guard zone effectiveness. [ABSTRACT FROM AUTHOR]

Published

2024

48. Comparative Assessment of Expected Safety Performance of Freeway Automated Vehicle Managed Lanes.

Author

Sarran, Jana McLean and Hassan, Yasser

Subjects

LANE changing, AUTONOMOUS vehicles, ACCESS control, TRAFFIC lanes, SAFETY, TRAFFIC safety

Abstract

The use of dedicated lanes, known as managed lanes (MLs), on freeways is an established traffic management strategy to reduce congestion. Allowing automated vehicles (AVs) in existing MLs or dedicating MLs for AVs, referred to as AVMLs, has been suggested in the literature as a tool to improve traffic operation and safety performance as AVs and driver-operated vehicles (DVs) coexist in a mixed-vehicle environment. This paper focuses on investigating the safety impacts of deploying AVMLs on freeways by repurposing general-purpose lanes (GPLs). Four ML strategies considering different lane positions and access controls were implemented in a traffic microsimulation under different AV market adoption rates (MARs) and traffic demand levels, and trajectories were used to extract rear-end and lane change conflicts. The time-to-collision (TTC) surrogate safety measure was used to identify critical conflicts using a time threshold dependent on the type of following vehicle. Rates of conflicts involving different vehicle types for all ML strategies were compared to the case of heterogeneous traffic. The results indicated that the rates of rear-end conflicts involving the same vehicle type as the lead and following vehicle, namely DV-DV and AV-AV conflicts, increased with ML implementation as more vehicles of the same type traveled in the same lane(s). By comparing the aggregated conflict rates, the design options that were deemed to negatively impact traffic efficiency and capacity were also found to negatively impact traffic safety. However, other ML options were found to be feasible in terms of traffic operation and safety performance, especially at traffic demand levels below capacity. Specifically, one left-side AVML with continuous access was found to have lower or comparable aggregated conflict rates compared to heterogenous traffic at 25% and 50% MARs, and, thus, it is expected to have positive or neutral safety impacts. [ABSTRACT FROM AUTHOR]

Published

2024

49. Deploying artificial intelligence in services to AID vulnerable consumers.

Author

Hermann, Erik, Williams, Gizem Yalcin, and Puntoni, Stefano

Subjects

CONSUMER behavior, ARTIFICIAL intelligence, ACCESS control, CONSUMERS, INTELLIGENCE service

Abstract

Despite offering substantial opportunities to tailor services to consumers' wants and needs, artificial intelligence (AI) technologies often come with ethical and operational challenges. One salient instance of such challenges emerges when vulnerable consumers, consumers who temporarily or permanently lack resource access or control, are unknowingly discriminated against, or excluded from the marketplace. By integrating the literature on consumer vulnerability, AI for social good, and the calls for rethinking marketing for a better world, the current work builds a framework on how to leverage AI technologies to detect, better serve, and empower vulnerable consumers. Specifically, our AID framework advocates for designing AI technologies that make services more accessible, optimize customer experiences and journeys interactively, and to dynamically improve consumer decision-making. Adopting a multi-stakeholder perspective, we also discuss the respective implications for researchers, managers, consumers, and public policy makers. [ABSTRACT FROM AUTHOR]

Published

2024

50. Examining nurses’ awareness level and compliance between defined and required access levels to core functionalities of hospital information system : an observational and survey study

Author

Farzad Salmanizadeh, Arefeh Ameri, Reza Khajouei, and Leila Ahmadian

Subjects

Nurses, Hospital Information System (HIS), Access Level, Access Control, Awareness, Functionality, Public aspects of medicine, RA1-1270

Abstract

Abstract Background Nurses constitute the largest number of hospital information system (HIS) users. Therefore, their awareness level and access to HIS functions based on their needs are particularly important. The present study aims to determine nurses’ access levels to HIS functions and examine the compliance between defined and required access levels to core functionalities of a comprehensive HIS. Methods This observational and survey study was conducted on nurses using the census method (n = 110) in two phases. In the first phase, nurses’ current access levels to core functionalities of the hospitalization management subsystem were identified in HIS. In the second phase, nurses’ awareness of defined access levels to HIS functions and compliance with their needs were investigated using a valid and reliable questionnaire (α = 0.90). The data were analyzed by descriptive and analytical statistics (t-test and one-way ANOVA). Results The hospitalization management subsystem had 57 functions in 6 task groups. The information technology (IT) department enabled nurses to access 35 functions but did not allow them to access 22. 58.0% of the nurses were aware of those 35 functions they had access to, and 35.9% were aware of those 22 functions they needed access to. There was a significant correlation between nurses’ awareness of current and defined access levels (p

Published

2024