Your search keyword '"Access Control"' showing total 48,606 results

51. Contribution Measurement in Privacy-Preserving Federated Learning.

Author

RUEI-HAU HSU, YI-AN YU, and HSUAN-CHENG SU

Subjects

FEDERATED learning, COOPERATIVE game theory, MACHINE learning, UPLOADING of data, WORK measurement, ACCESS control

Abstract

Federated learning (FL) is a novel decentralized machine learning framework that differs from traditional centralized machine learning. It enables multiple participants to collaborate on training models without sharing raw data directly. Participants train the local model with their data and only upload the model parameters. To achieve a fair allocation of benefits by the common global model, a standard is needed to evaluate each model providers' contribution to federated learning. Shapley value is a classic concept from cooperative game theory and is often used in data evaluation for machine learning. This study introduces the Shapley value in privacy-preserving federated learning (PPFL) to construct a contribution measuring module for measuring the contribution of each model provider to the learning task and propose a verification mechanism for the contribution results. Compared to the other related works for contribution measurement by Shapley value, this work achieves higher privacy protection, where local participants' data sets, local model parameters, and global model parameters are concealed. In addition, the verification of the fairness of contribution measurement is also supported. Moreover, this work achieves the access control of aggregated global models through the concept of threshold identity-based encryption, where model consumers can only gain access to the specific aggregated global model if they are authorized by sufficient model providers. [ABSTRACT FROM AUTHOR]

Published

2024

52. Specifying and Verifying Information Flow Control in SELinux Configurations.

Author

Ceragioli, Lorenzo, Galletta, Letterio, Degano, Pierpaolo, and Basin, David

Subjects

ACCESS control, SEMANTICS, INFORMATION resources management, LANGUAGE policy, INFORMATION policy

Abstract

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing Mandatory Access Control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. However, its application is challenging as SELinux security policies are difficult to write, understand, and maintain. Recently, the intermediate language CIL was introduced to foster the development of high-level policy languages and to write structured configurations. Despite CIL's high level features, CIL configurations are hard to understand as different constructs interact in non-trivial ways. Moreover, there is no mechanism to ensure that a given configuration obeys desired information flow policies. To remedy this, we enrich CIL with a formal semantics, and we propose IFCIL, a backward compatible extension of CIL for specifying fine-grained information flow requirements. Using IFCIL, administrators can express confidentiality, integrity, and non-interference properties. We also provide a tool to statically verify these requirements and we experimentally assess it on ten real-world policies. [ABSTRACT FROM AUTHOR]

Published

2024

53. Exploring the interplay between intellectual property models and sustainability transitions: A multi‐level analysis.

Author

Jain, Akriti, Gurtoo, Anjula, Eppinger, Elizabeth, Vimalnath, Pratheeba, and Tietze, Frank

Subjects

TECHNOLOGY transfer, DIFFUSION of innovations, INTELLECTUAL property, PARTNERSHIP agreements, ACCESS control

Abstract

Research on international technology transfer and partnership agreements provides a comprehensive understanding of country‐level impacts of intellectual property (IP) rights on sustainability transitions. However, firm‐level studies on how firms use and share their IP to support sustainability practices remains limited. The paper disentangles the relationship between firm‐level IP models and sustainability practices drawing from a cross‐case analysis of 28 firms offering sustainable innovations across four sectors. Analysis of firms' year‐wise data collected from 854 documents (typically 1996–2021) and 58 in‐depth interviews exploring linkage between IP models and sustainability practices of firms engaged in sustainable innovation provide six key findings: (a) emphasis on safeguarding registered and unregistered IP assets among firms with sustainable innovations; (b) widespread adoption of selectively open inbound IP models coupled with diverse IP sharing mechanisms; (c) a preference for collaborative (joint) IP ownership among internally driven firms, contrasting with a tendency for exclusive in‐licensing among those reacting to external pressures; (d) a divergence in outbound IP models, with internally motivated firms favouring selectively open approaches and externally driven firms favouring closed IP models; (e) the adoption of fully open outbound IP models democratize sustainable innovation diffusion; and (f) leveraging broadly open outbound IP models alongside closed or selectively open models balances widespread use with access control and achieves significant social sustainability. A framework is hence developed to guide technology‐sharing policies and procedures. Therefore, the paper creates a platform for prescribing sustainable IP incentives for encouraging firms to share IP for wider diffusion of sustainable innovations. [ABSTRACT FROM AUTHOR]

Published

2024

54. APPLICATION OF BLOCKCHAIN IN IT INFRASTRUCTURE MANAGEMENT: NEW OPPORTUNITIES FOR SECURITY ASSURANCE.

Author

Aleksei, Dudak and Anar, Israfilov

Subjects

INFORMATION technology, DATA protection, DATA security failures, BLOCKCHAINS, ACCESS control

Abstract

This article explores the application of blockchain technologies (BT) in managing IT infrastructure projects with the aim of enhancing security levels. It examines the potential of blockchain to ensure data protection, access control, and process automation through decentralized structures and immutable records. It is noted that the use of smart contracts and cryptographic methods can minimize the risks of cyberattacks and data leaks, while ensuring transparency and network resilience. The successful integration of blockchain solutions to optimize processes and improve IT system security is demonstrated through examples from companies like IBM, Walmart, and JP Morgan. The article discusses the advantages and challenges of implementing blockchain in existing systems, highlighting the necessity of a comprehensive approach and strategic planning for successful integration. [ABSTRACT FROM AUTHOR]

Published

2024

55. DeepSLM: Speckle‐Licensed Modulation via Deep Adversarial Learning for Authorized Optical Encryption and Decryption.

Author

Huang, Haofan, Zhao, Qi, Li, Huanhao, Zheng, Yuandong, Yu, Zhipeng, Zhong, Tianting, Cheng, Shengfu, Woo, Chi Man, Gao, Yi, Liu, Honglin, Zheng, Yuanjin, Tian, Jie, and Lai, Puxiang

Subjects

DISTRIBUTION (Probability theory), INFORMATION technology security, SPECKLE interference, PEARSON correlation (Statistics), ACCESS control

Abstract

Optical encryption is pivotal in information security, offering parallel processing, speed, and robust security. The simplicity and compatibility of speckle‐based cryptosystems have garnered considerable attention. Yet, the predictable statistical distribution of speckle optical fields' characteristics can invite statistical attacks, undermining these encryption methods. The proposed solution, a deep adversarial learning‐based speckle modulation network (DeepSLM), disrupts the strong intercorrelation of speckle grains. Utilizing the unique encoding properties of speckle patterns, DeepSLM facilitates license editing within the modulation phase, pioneering a layered authentication encryption system. Our empirical studies confirm DeepSLM's superior performance on key metrics. Notably, the testing dataset reveals an average Pearson correlation coefficient above 0.97 between decrypted images and their original counterparts for intricate subjects like human faces, attesting to the method's high fidelity. This innovation marries adjustable modification, optical encryption, and deep learning to enforce tiered data access control, charting new paths for creating user‐specific access protocols. [ABSTRACT FROM AUTHOR]

Published

2024

56. B-ERAC: BLOCKCHAIN-ENABLED ROLE-BASED ACCESS CONTROL FOR SECURE IOT DEVICE COMMUNICATION.

Author

KHAN, NEELAM SALEEM, MIR, ROOHIE NAAZ, CHISHTI, MOHAMMAD AHSAN, and SALEEM, MAHREEN

Subjects

ELLIPTIC curve cryptography, ACCESS control, ENCRYPTION protocols, DATA integrity, INTERNET of things

Abstract

Security risks are increasingly concerning as the Internet of Things (IoT) expands. Authentication, access control, and authorization present significant challenges for resource-constrained IoT devices. Traditional authentication methods often require enhancements for these devices, but Blockchain technology presents a potential solution. Decentralized and distributed, Blockchain eliminates a single point of failure and relies on Elliptic Curve Cryptography (ECC) for robust security. We have introduced a cutting-edge solution to fortify communication security within IoT devices across supply chain ecosystems. By harnessing the power of Blockchain technology, our framework incorporates smart contracts, adheres to ES256 encryption standards, and seamlessly integrates with Infura API. These components establish stringent access controls, ensure data integrity, and enhance transparency throughout supply chain processes. The framework's robust architecture facilitates swift and secure transactions, bolsters traceability efforts, and effectively mitigates potential security risks. With its scalable design and reliable functionality, this framework emerges as a pivotal asset for optimizing IoT device communication within dynamic supply chain environments. The use of ProVerif in our analysis provides a formal guarantee of the correctness of our access control mechanisms. [ABSTRACT FROM AUTHOR]

Published

2024

57. REVOLUTIONIZING CLOUD SECURITY: A NOVEL FRAMEWORK FOR ENHANCED DATA PROTECTION IN TRANSMISSION AND MIGRATION.

Author

DASARI, RAKESH NAG and BABU, G. RAMA MOHAN

Subjects

CLOUD computing security measures, DATA security, DATA protection, DATA transmission systems, DATA encryption, ACCESS control

Abstract

This research introduces a novel security framework specifically tailored to enhance data protection during cloud transmission and migration. Our study addresses critical gaps in existing security models by proposing a multi-dimensional system that incorporates advanced encryption techniques, dynamic access control, and continuous security auditing. Notably, this framework excels in ensuring cloud data integrity, confidentiality, and availability--core aspects often compromised under conventional methods. Comparative analysis with existing models in simulated cloud environments reveals that our framework significantly enhances threat detection accuracy, response speed, and resource management efficiency. The findings highlight the system's capability to reduce security vulnerabilities while optimizing operational overhead, presenting a substantial improvement over traditional security solutions. This innovative approach, marked by improved scalability and flexibility, is poised to revolutionize cloud data security practices across various industries, prompting further research into robust cloud computing security methodologies. [ABSTRACT FROM AUTHOR]

Published

2024

58. A DYNAMIC SANDBOX DETECTION TECHNIQUE IN A PRIVATE CLOUD ENVIRONMENT.

Author

ZHANGWEI YANG and JUNYU XIAO

Subjects

KNOWLEDGE graphs, MALWARE, DATA security, TRUST, ACCESS control

Abstract

In specific private cloud scenarios, how to defend against malicious software and ensure data security is one of the current research hotspots, and sandbox is an important detection method. This paper proposes a dynamic behavior detection technique based on sandboxing, which real-time monitors and analyzes malicious software behavior. By improving the sandbox behavior weight, integrating virtual resources, and designing fine-grained access control, the detection accuracy and efficiency are enhanced based on zero trust access control system. The simulated attacks are identified on the testing platform, drawing knowledge graphs, achieving effective discovery and tracing. Meanwhile, this paper verified through experiments that the system consumption of the detection method is within an acceptable range, expanding the detection range and reducing the missed detection rate. [ABSTRACT FROM AUTHOR]

Published

2024

59. Hybrid Duplex Medium Access Control Protocol for Tsunami Early Warning Systems in Underwater Networks.

Author

Park, Sung Hyun, Choi, Ye Je, and Im, Tae Ho

Subjects

UNDERWATER acoustic communication, ACCESS control, TSUNAMI warning systems, DATA transmission systems, EARTHQUAKES, TSUNAMIS

Abstract

Tsunamis are devastating natural phenomena that cause extensive damage to both human life and infrastructure. To mitigate such impacts, tsunami early warning systems have been deployed globally. South Korea has also initiated a project to install a tsunami warning system to monitor its surrounding seas. To ensure reliable warning decisions, various types of data must be combined, but efficiently transmitting heterogeneous data poses a challenge due to the unique characteristics of underwater acoustic communication. Therefore, this paper proposes a Hybrid Duplex Medium Access Control (HDMAC) protocol designed for a tsunami warning system, with a specific focus on heterogeneous data transmission. HDMAC efficiently handles both seismic and environmental data by utilizing hybrid duplexing, which combines frequency duplex for seismic data with time duplex for environmental data. The protocol addresses the distinct transmission requirements for each data type by optimizing channel utilization through a group Automatic Repeat request (ARQ) scheme and packet size adjustment. Theoretical analysis predicts that HDMAC can achieve a channel utilization of up to 0.91 in smaller networks and 0.64 in larger networks. HDMAC is validated through simulations, and the simulation results closely match these predictions. The simulation results demonstrate the efficiency of HDMAC in supporting real-time submarine earthquake monitoring systems. [ABSTRACT FROM AUTHOR]

Published

2024

60. A Real-Time System Status Evaluation Method for Passive UHF RFID Robots in Dynamic Scenarios.

Author

Wang, Honggang, Du, Weibing, Qin, Bo, Pan, Ruoyu, and Pang, Shengli

Subjects

K-means clustering, REGRESSION trees, TOPSIS method, ACCESS control, DYNAMICAL systems

Abstract

In dynamic scenarios, the status of a Radio Frequency Identification (RFID) system fluctuates with environmental changes. The key to improving system efficiency lies in the real-time monitoring and evaluation of the system status, along with adaptive adjustments to the system parameters and read algorithms. This paper focuses on the status changes in RFID systems in dynamic scenarios, aiming to enhance system robustness and reading performance, ensuring high link quality, reasonable resource scheduling, and real-time status evaluation under varying conditions. This paper comprehensively considers the system parameter settings in dynamic scenarios, integrating the interaction model between readers and tags. The system's real-time status is evaluated from both the physical layer and the Medium Access Control (MAC) layer perspectives. For the physical layer, a link quality evaluation model based on Uniform Manifold Approximation and Projection (UMAP) and K-Means clustering is proposed from the link quality. For the MAC layer, a multi-criteria decision-making evaluation model based on combined weighting and the Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) is proposed, which comprehensively considers both subjective and objective factors, utilizing the TOPSIS algorithm for an accurate evaluation of the MAC layer system status. For the RFID system, this paper proposes a real-time status evaluation model based on the Classification and Regression Tree (CART), which synthesizes the evaluation results of the physical layer and MAC layer. Finally, engineering tests and verification were conducted on the RFID robot system in mobile scenarios. The results showed that the clustering average silhouette coefficient of the physical layer link quality evaluation model based on K-Means was 0.70184, indicating a relatively good clustering effect. The system status evaluation model of the MAC layer, based on the combined weighting-TOPSIS method, demonstrated good flexibility and generalization. The real-time status evaluation model of the RFID system, based on CART, achieved a classification accuracy of 98.3%, with an algorithm runtime of 0.003 s. Compared with other algorithms, it had a higher classification accuracy and shorter runtime, making it well suited for the real-time evaluation of the RFID robot system's status in dynamic scenarios. [ABSTRACT FROM AUTHOR]

Published

2024

61. Securing IoT data: Fog computing, blockchain, and tailored privacy-enhancing technologies in action.

Author

Reshi, Iraq Ahmad and Sholla, Sahil

Subjects

CYBERTERRORISM, INTERNET privacy, ELECTRONIC data processing, ACCESS control, INTERNET of things

Abstract

The inherent challenges associated with the Internet of Things (IoT), such as vulnerability to cyber threats and privacy issues, need the development of novel solutions to ensure secure and efficient handling of data. Fog computing resolves these concerns by facilitating data processing in proximity to edge devices, minimising latency, and improving real-time decision-making. Blockchain boosts security in fog-based systems by providing a tamper-proof and transparent ledger. However, exclusively prioritising privacy in fog-based blockchains may impede the practical execution. This article presents the FogBlock Connect paradigm, which combines Fog computing and Blockchain through the implementation of a tailored Proxy Re-encryption (PRE) algorithm inspired by BBS98. This strategy guarantees enhanced data confidentiality while simultaneously upholding operational effectiveness in fog-based blockchains for Internet of Things applications. The efficiency and effectiveness of the suggested PRE algorithm over typical encryption methods are confirmed by comprehensive simulations utilising the Fobsim simulator. The FogBlock Connect paradigm entails the transmission of updates from nearby IoT devices to Fog servers for the purpose of creating and securely storing global updates, hence improving efficiency and performance. The paradigm ensures robust privacy measures, mitigates risks of single-point failures, and facilitates precise access control, establishing a basis for secure and resilient IoT applications. The CCA resistant formal security proof provides further validation for the strength and effectiveness of the suggested approach. [ABSTRACT FROM AUTHOR]

Published

2024

62. BPPKS: A blockchain-based privacy preserving and keyword-searchable scheme for medical data sharing.

Author

Yang, Xiaohui and Li, Liangshun

Subjects

INFORMATION technology, INFORMATION retrieval, ACCESS control, INFORMATION sharing, MEDICAL technology, BLOCKCHAINS

Abstract

With the rapid development of medical information technology, the widespread adoption and application of electronic medical data have prompted more and more healthcare institutions to choose to store medical data in cloud servers to facilitate easier sharing. Attribute-based encryption is utilized for sharing electronic medical data to achieve fine-grained access control. However, storing access policies in plaintext can easily expose user privacy. Additionally, during the data sharing process, placing data retrieval in the cloud prevents secure and reliable searches. To address these issues, this paper proposes a blockchain-based privacy preserving and keyword-searchable scheme for medical data sharing(BPPKS). Access policies are transformed into vector-matrix form, concealing attributes within access policies to prevent the leakage of authorized user privacy information. Leveraging blockchain's transparency, tamper-resistance, and integrity verification features, smart contracts are used for retrieval and verification, enabling secure and reliable data searches while ensuring the integrity of medical data. Simultaneously, some complex decryption operations are delegated to the cloud servers, reducing the decryption load for users to a constant level. Finally, security analysis demonstrates that this scheme can withstand adaptive chosen keyword attacks (IND-CKA), and performance evaluations show higher efficiency in computation and storage aspects. [ABSTRACT FROM AUTHOR]

Published

2024

63. BeLAS: Blockchain-envisioned lightweight authentication scheme for securing eHealth records.

Author

Patruni, Muralidhara Rao and Humayun, Abdul Gaffar

Subjects

WEARABLE technology, INFORMATION technology security, ELECTRONIC health records, VIRTUAL machine systems, ACCESS control

Abstract

With the rapid emergence of smart wearable devices and sensor-enabled medical equipment, patient-related Internet of Things (IoT) data must be handled securely in the smart healthcare sector. Electronic Health Records (EHR) provide the digital version of patient health information that needs to be handled securely while meeting access control, immutability and identity management paradigms. Information is sent to the eHealth systems via a dedicated network that leverages several application domains and is built on a centralized architecture. Regrettably, peer-to-peer (P2P) communications performance suffers substantially from computing complexity. Aiming for information security in EHR, Blockchain technology has remarkable solutions that were made possible to minimize third-party dependencies and increase security. Realizing the nature of IoT sensory equipment deployed in eHealth systems, we intended to design a Blockchain-envisioned lightweight authentication scheme using Ethereum Blockchain (BeLAS). The informal and formal security research demonstrates that BeLAS has a promising security level to withstand password guessing, replay, privileged insider, and forgery attacks and is computationally efficient. The decentralized application and interaction with Ethereum Virtual Machine (EVM) were considered to design smart contracts. Our experimental results prove that implementing a Blockchain-based EHR system is secure and efficient by enabling smart contracts to minimize third-party functionalities. The testbed analysis proves the BeLAS achieves minimal GAS per Ether consumption [1 Gas(gwei) = 10 - 9 ETH] for storing the successful EHR transactions. [ABSTRACT FROM AUTHOR]

Published

2024

64. A Systematic Review and Comparative Analysis Approach to Boom Gate Access Using Plate Number Recognition.

Author

Bukola, Asaju Christine, Owolawi, Pius Adewale, Du, Chuling, and Van Wyk, Etienne

Subjects

OBJECT recognition (Computer vision), MACHINE learning, COMPUTER vision, ACCESS control, AUTOMOBILE license plates

Abstract

Security has been paramount to many organizations for many years, with access control being one of the critical measures to ensure security. Among various approaches to access control, vehicle plate number recognition has received wide attention. However, its application to boom gate access has not been adequately explored. This study proposes a method to access the boom gate by optimizing vehicle plate number recognition. Given the speed and accuracy of the YOLO (You Only Look Once) object detection algorithm, this study proposes using the YOLO deep learning algorithm for plate number detection to access a boom gate. To identify the gap and the most suitable YOLO variant, the study systematically surveyed the publication database to identify peer-reviewed articles published between 2020 and 2024 on plate number recognition using different YOLO versions. In addition, experiments are performed on four YOLO versions: YOLOv5, YOLOv7, YOLOv8, and YOLOv9, focusing on vehicle plate number recognition. The experiments, using an open-source dataset with 699 samples in total, reported accuracies of 81%, 82%, 83%, and 73% for YOLO V5, V7, V8, and V9, respectively. This comparative analysis aims to determine the most appropriate YOLO version for the task, optimizing both security and efficiency in boom gate access control systems. By optimizing the capabilities of advanced YOLO algorithms, the proposed method seeks to improve the reliability and effectiveness of access control through precise and rapid plate number recognition. The result of the analysis reveals that each YOLO version has distinct advantages depending on the application's specific requirements. In complex detection conditions with changing lighting and shadows, it was revealed that YOLOv8 performed better in terms of reduced loss rates and increased precision and recall metrics. [ABSTRACT FROM AUTHOR]

Published

2024

65. Access Control Verification in Smart Contracts Using Colored Petri Nets.

Author

Al-Azzoni, Issam and Iqbal, Saqib

Subjects

MODELING languages (Computer science), PETRI nets, ACCESS control, EXCLUSIVE contracts, BLOCKCHAINS

Abstract

This paper presents an approach for the verification of access control in smart contracts written in the Digital Asset Modeling Language (DAML). The approach utilizes Colored Petri Nets (CPNs) and their analysis tool CPN Tools. It is a model-driven-based approach that employs a new meta-model for capturing access control requirements in DAML contracts. The approach is supported by a suite of tools that fully automates all of the steps: parsing DAML code, generating DAML model instances, transforming the DAML models into CPN models, and model checking the generated CPN models. The approach is tested using several DAML scripts involving access control extracted from different domains of blockchain applications. [ABSTRACT FROM AUTHOR]

Published

2024

66. 基于主从多链的科学数据共享方法构建与实证研究.

Author

陈俊, 杨锐, 李岚春, and 周子健

Abstract

Copyright of Cyber Security & Data Governance is the property of Editorial Office of Information Technology & Network Security and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

67. An optimized dynamic attribute-based searchable encryption scheme.

Author

Khan, Shahzad, Khan, Shawal, Waheed, Abdul, Mehmood, Gulzar, Zareei, Mahdi, and Alanazi, Faisal

Subjects

*KEYWORD searching, *ACCESS control, *TRUST, *INTERPOLATION, *POPULARITY, *SERVER farms (Computer network management)

Abstract

Cloud computing liberates enterprises and organizations from expensive data centers and complex IT infrastructures by offering the on-demand availability of vast storage and computing power over the internet. Among the many service models in practice, the public cloud for its operation cost saving, flexibility, and better customer support popularity in individuals and organizations. Nonetheless, this shift in the trusted domain from the concerned users to the third-party service providers pops up many privacy and security concerns. These concerns hindrance the wide adaptation for many of its potential applications. Furthermore, classical encryption techniques render the encrypted data useless for many of its valuable operations. The combined concept of attribute-based encryption (ABE) and searchable encryption (SE), commonly known as attribute-based keyword searching (ABKS), emerges as a promising technology for these concerns. However, most of the contemporary ABE-based keyword searching schemes incorporate costly pairing and computationally heavy secret sharing mechanisms for its realization. Our proposed scheme avoids the expensive bilinear pairing operation during the searching operation and costly Lagrange interpolation for secret reconstruction. Besides, our proposed scheme enables the updation of access control policy without entirely re-encrypting the ciphertext. The security of our scheme in the selective-set model is proved under the Decisional Bilinear Diffie-Hellmen (DBDH) assumption and collision-free. Finally, the experimental results and performance evaluation demonstrate its communication and overall efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

68. Nonmedical cannabis legalization policy in Canada: Has commercialization been a pivotal mistake for public health?

Author

Fischer, Benedikt, Hall, Wayne, Jutras‐Aswad, Didier, and Myran, Daniel

Subjects

*LEGALIZATION, *MARIJUANA industry, *ACCESS control, *PUBLIC spending, *HEALTH status indicators

Abstract

Canada implemented the legalization of nonmedical cannabis use and supply in 2018. Initial blueprints for the legalization policy framework emphasized public health protection as a priority principle and objective, including related policy design parameters and regulatory restrictions (e.g., strict access and distribution control, advertisement/promotion ban, etc.) also as informed by adverse experiences from alcohol/tobacco control. Conversely, Canada's present legalization ecology is characterized by increasingly far‐reaching commercialization; this includes an extensive for‐profit cannabis production and retail industry producing large sales volumes that centrally include high‐risk cannabis products, with many public health‐oriented provisions hollowed out or circumvented in practice. While key cannabis‐related health problem indicators have increased through legalization, mounting evidence suggests that these adverse outcome dynamics, to a crucial extent, have been accelerated by commercialization aspects of legalization. Meanwhile, since legalization the cannabis industry has pushed for further rollbacks of public health‐oriented restrictions for benefits of increased competitiveness. Using the Canadian case study, we focus on the possible pitfalls and adverse effects of commercialization dynamics for public health‐oriented cannabis legalization. Also since commercialization‐related developments and outcomes are hard to reverse, we urge jurisdictions planning cannabis legalization reforms to carefully take consider related evidence and dynamics when assembling their legalization policy frameworks. [ABSTRACT FROM AUTHOR]

Published

2024

69. IPv6 addressing strategy with improved secure duplicate address detection to overcome denial of service and reconnaissance attacks.

Author

Kumar, Gyanendra, Gankotiya, Anil, Rawat, Sur Singh, Balusamy, Balamurugan, and Selvarajan, Shitharth

Subjects

*DENIAL of service attacks, *ACCESS control, *ENERGY consumption, *RANDOM numbers, *RECONNAISSANCE operations, *INTERNET protocol version 6

Abstract

With technology development, the growing self-communicating devices in IoT networks require specific naming and identification, mainly provided by IPv6 addresses. The IPv6 address in the IoT network is generated by using the stateless auto address configuration (SLAAC) mechanism, and its uniqueness is ensured by the DAD protocol. Recent research suggests that IPv6 deployment can be a risky decision due to the existing SLAAC-based addressing scheme and the DAD protocol being prone to reconnaissance and denial of service (DoS) attacks. This research paper proposes a new IPv6 generation scheme with an improved secure DAD mechanism to address these problems. The proposed addressing scheme generates IPv6 addresses by taking a hybrid approach based on vendor id of medium access control (MAC) address, physical location, and arbitrary random numbers, which mitigates reconnaissance attacks by malicious nodes. To prevent the DAD process from DoS attacks, hybrid values of interface identifier (IID) are multicast instead of actual values. The proposed scheme is evaluated under reconnaissance and DoS attacks in the presence of malicious nodes. The evaluation results demonstrate that the proposed method effectively mitigates reconnaissance and DoS attacks, outperforming the EUI-64 and SEUI-64 schemes in terms of address success rate (ASR), energy consumption, and communication overhead. Specifically, the proposed method significantly reduces the average probing rate for scanning the existence of an IPv6 address, with only a 1% probing rate compared to SEUI-64's 5% and EUI-64's 100%. Furthermore, the additional communication overhead introduced by the proposed method is less than 13% and 11% compared to EUI-64 and SEUI-64, respectively. Additionally, the energy consumption required to assign an IPv6 address using the proposed method is lower by 12% and 5% when compared to EUI-64 and SEUI-64, respectively. These findings highlight the effectiveness of the proposed method in enhancing security and optimizing resource utilization in IPv6 addressing. [ABSTRACT FROM AUTHOR]

Published

2024

70. A Fair MAC Protocol Based on Dual Bandwidth Allocation Iterations in Underwater Acoustic Sensor Networks.

Author

Feng, Libin, Liu, Jingke, Chen, Yanxia, and Yao, Jiangyuan

Subjects

*DATA packeting, *ACCESS control, *BANDWIDTH allocation, *BANDWIDTHS, *FAIRNESS, *SCHEDULING

Abstract

ABSTRACT Most existing passive allocation‐based media access control (MAC) protocols for underwater acoustic sensor networks (UASNs) overlook the fairness issue in channel bandwidth allocation, resulting in certain nodes occupying channel resources for extended periods, thereby leading to low channel utilization. To address this issue, this paper proposes a fair MAC protocol based on dual bandwidth allocation iterations (FBA‐MAC). Firstly, by limiting the maximum number of packets and the maximum number of available time slots that the host node can receive in each communication cycle, the protocol reduces collisions and collisions more effectively, thus controlling the communication delay. Secondly, in the process of channel bandwidth allocation, a dual bandwidth allocation iterative method was used to allocate appropriate channel bandwidth for each member node according to its communication requirements and the generation time of its generated data packets. Finally, in order to minimize the time interval of each packet arriving at the host node to reduce the communication delay, the transmission scheduling scheme was adaptively adjusted by combining the results of channel bandwidth allocation to maximize the channel utilization. Simulation results indicate that compared to the other four MAC protocols, FBA‐MAC demonstrates significant advantages in terms of fairness (10% higher), achieving higher network throughput (10% higher) and shorter end‐to‐end delay. Therefore, FBA‐MAC exhibits superior adaptability and efficiency in dynamic network environments. [ABSTRACT FROM AUTHOR]

Published

2024

71. Key-homomorphic and revocable ciphertext-policy attribute based key encapsulation mechanism for multimedia applications.

Author

Belel, Anushree, Dutta, Ratna, and Mukhopadhyay, Sourav

Subjects

DATA privacy, MULTIMEDIA communications, DATA security, SOCIAL networks, SOCIAL services, ACCESS control

Abstract

With the advancement of technology, Multimedia Social Networks (MSN) have become one of the most promising platforms for managing and sharing multimedia content. The user outsources sensitive content to the Multimedia Social Networks Service Provider (MSNSP). The MSNSP accumulates data in the network, and the user can process and share content like files, audios, and videos with other users through MSN such as YouTube, Vimeo, Flicker, Google Video, Cloud Drive, and so on. Despite receiving wide attention, two main drawbacks regarding MSN platforms are user privacy and data security. Ciphertext-policy attribute-based encryption (CP-ABE) is an appealing cryptographic primitive that plays the principal role for fine-grained access control on encrypted content, thus resolving security and privacy issues smoothly. Recently, there has been a trend to design ABE schemes incorporating a variety of additional properties. In this paper, we have assimilated revocability and key-homomorphic property in ciphertext-policy attribute-based key encapsulation mechanism (CP-ABKEM). Our designs are the first to achieve these additional two properties concurrently in an attribute-based setting. We have provided two instantiations of key-homomorphic revocableCP-ABKEM - one is selective secure against chosen-plaintext attack (CPA) in the standard model under the hardness of the q-decisional bilinear Diffie-Hellman exponent (q-DBDHE) problem, while the other achieves selective CPA security in the random oracle model under the hardness of the n-multilinear decisional Diffie-Hellman (n-MDDH) problem. Furthermore, our first scheme performs better than existing similar schemes in terms of communication overhead and master secret key size. As an advanced version of CP-ABKEM, our proposal is significant and may be utilized for various privacy-preserving protocols. [ABSTRACT FROM AUTHOR]

Published

2024

72. We need to aim at the top: Factors associated with cybersecurity awareness of cyber and information security decision-makers.

Author

Vrhovec, Simon and Markelj, Blaž

Subjects

*INFORMATION technology security, *ACCESS control, *INTERNET security, *MULTI-factor authentication, *COMPUTER software management, *BOTNETS

Abstract

Cyberattacks pose a significant business risk to organizations. Although there is ample literature focusing on why people pose a major risk to organizational cybersecurity and how to deal with it, there is surprisingly little we know about cyber and information security decision-makers who are essentially the people in charge of setting up and maintaining organizational cybersecurity. In this paper, we study cybersecurity awareness of cyber and information security decision-makers, and investigate factors associated with it. We conducted an online survey among Slovenian cyber and information security decision-makers (N = 283) to (1) determine whether their cybersecurity awareness is associated with adoption of antimalware solutions in their organizations, and (2) explore which organizational factors and personal characteristics are associated with their cybersecurity awareness. Our findings indicate that awareness of well-known threats and solutions seems to be quite low for individuals in decision-making roles. They also provide insights into which threats (e.g., distributed denial-of-service (DDoS) attacks, botnets, industrial espionage, and phishing) and solutions (e.g., security operation center (SOC), advanced antimalware solutions with endpoint detection and response (EDR)/extended detection and response (XDR) capabilities, organizational critical infrastructure access control, centralized device management, multi-factor authentication, centralized management of software updates, and remote data deletion on lost or stolen devices) are cyber and information security decision-makers the least aware of. We uncovered that awareness of certain threats and solutions is positively associated with either adoption of advanced antimalware solutions with EDR/XDR capabilities or adoption of SOC. Additionally, we identified significant organizational factors (organizational role type) and personal characteristics (gender, age, experience with information security and experience with information technology (IT)) related to cybersecurity awareness of cyber and information security decision-makers. Organization size and formal education were not significant. These results offer insights that can be leveraged in targeted cybersecurity training tailored to the needs of groups of cyber and information security decision-makers based on these key factors. [ABSTRACT FROM AUTHOR]

Published

2024

73. Dynamic Twitter friend grouping based on similarity, interaction, and trust to account for ever‐evolving relationships.

Author

Shetty, Nisha P., Muniyal, Balachandra, Maben, Leander Melroy, Jayaraj, Rithika, and Saxena, Sameer

Subjects

*ONLINE social networks, *DATA privacy, *DIGITAL technology, *RELATIONSHIP status, *SOCIAL networks, *VIRTUAL communities

Abstract

Online social networks have become ubiquitous, allowing users to share opinions on various topics. However, oversharing can compromise privacy, leading to potential blackmail or fraud. Current platforms lack friend categorization based on trust levels. This study proposes simulating real‐world friendships by grouping users into three categories: acquaintances, friends, and close friends, based on trust and engagement. It also introduces a dynamic method to adjust relationship status over time, considering users' past and present offenses against peers. The proposed system automatically updates friend lists, eliminating manual grouping. It calculates relationship strength by considering all components of online social networks and trust variations caused by user attacks. This method can be integrated with clustering algorithms on popular platforms like Facebook, Twitter, and Instagram to enable constrained sharing. By implementing this system, users can better control their information sharing based on trust levels, reducing privacy risks. The dynamic nature of the relationship status adjustment ensures that the system remains relevant as user interactions evolve over time. This approach offers a more nuanced and secure social networking experience, reflecting real‐world relationship dynamics in the digital sphere. [ABSTRACT FROM AUTHOR]

Published

2024

74. An improved smart contract-based bring your own device (BYOD) security control framework.

Author

Almarhabi, Khalid A.

Subjects

ACCESS control, SECURITY systems, DATA security failures, BLOCKCHAINS, CONTRACTS

Abstract

The evolution of mobile technology has produced new methods and policies for organisations to process data and communicate. Bring your own device (BYOD), which allows employees to bring their own personal devices to work and access organisational resources for work purposes, is one such new policy. However, as this practice poses significant risks, organisations must implement commensurate security measures to protect their integrity. This paper aimed to mitigate these risks by proposing a decentralized and unassailable security control solution tailored to the BYOD environment. The proposed architecture leveraged business blockchain with smart contracts (SCs) to automate policy compliance and strictly adhere to organisational rules and regulations. The research demonstrated that this approach effectively reduces access control (AC) threats and enhances security policies and management. The findings highlighted that the implementation of SCs within a blockchain framework significantly improves the security of the BYOD environment by minimising the risks of unauthorised access, data breaches, and insider threats. Additionally, SCs enable organisations to establish decentralised and tamper-proof security control systems, reducing the dependence on centralised authorities and bolstering overall system integrity. [ABSTRACT FROM AUTHOR]

Published

2024

75. A New Hybrid MAC Protocol for UAV-based Data Gathering in Dense IoT Network Applications.

Author

Atmaca, Sedat

Subjects

WIRELESS sensor nodes, SENSOR networks, DRONE aircraft, ACCESS control, NETWORK performance

Abstract

The Internet of Things (IoT) is globally distributed network systems consisting of small low-cost physical sensor nodes that can sense their environment and communicate with other nodes and computers. They are particularly used for key solutions to monitoring systems such as healthcare monitoring, environmental monitoring, and remote patient monitoring and are also preferred for their vast benefits for precision agriculture, smart building, and smart home applications. Medium Access Control (MAC) schemes are vital part of IoT systems, as the network performance metrics such as throughput, end-to-end packet delay, and energy consumption mostly depend upon the MAC scheme utilized. In this paper, a new hybrid MAC protocol called as Low-Delay Hybrid Medium Access Control (LD-HMAC) for data-gathering purposes in high-density IoT networks is presented with its models and detailed performance evaluation. In the networking application area, an unmanned aerial vehicle is considered as an access point for arranging and scheduling channel access, whereas wireless sensor nodes (IoT nodes) are considered as data-gathering elements from a dense IoT networking environment. The proposed LD-HMAC combines the strengths of both TDMA and CSMA, targeting primarily dense IoT network applications. In the development stages, first the proposed LD-HMAC protocol is designed, modeled, and evaluated analytically by using Discrete-Time Markov Chain. Second, in order to validate the analytical results of the proposed model, a simulation model was developed by using the Riverbed network simulation tool. Finally, the performance results obtained are compared to those of the corresponding MDCA and CCS models referenced in Shrestha (IEEE Trans Wirel Commun 13: 4050–4065, 2014). With respect to the end-to-end delay, the proposed LD-HMAC achieves better results than those of the MDCA and CCS models for time-critical dense IoT network applications. [ABSTRACT FROM AUTHOR]

Published

2024

76. The Political Economy of Shock‑Responsive Social Protection: Analysis from Malaw.

Author

Archibald, Edward M.

Subjects

*SOCIAL settlements, *ACCESS control, *NONPROFIT sector, *SOCIAL systems, *ACTORS

Abstract

Using social assistance systems to address acute needs arising from wide-scale shocks – commonly known as ‘shock-responsive social protection’ (SRSP) – raises significant political economy questions. Previously, acute needs caused by disasters across sub-Saharan Africa have primarily been met by humanitarian actors alone. SRSP disrupts the status quo by reducing humanitarian actors’ access to and control over humanitarian funding. This raises significant political questions; likewise, the introduction by SRSP of greater accountability and transparency into the implementation of humanitarian responses. This article addresses a current gap in the literature: the politics of SRSP. Referencing the concept of political settlements, the article asks what explains the evolution of SRSP in Malawi by examining the actions of domestic and international actors. It finds that there is scant evidence of national ownership of SRSP and that lack of consensus among international actors is a key obstacle to the concept becoming embedded within the political settlement. [ABSTRACT FROM AUTHOR]

Published

2024

77. طراحی مدل حفاظت از حریم خصوصی مشتریان اینترنتی حوزه سلامت.

Author

زهرا شریفی, محمد علی کرامتی, and مهرزاد مینویی

Subjects

*INFORMATION technology security, *INTERNET privacy, *ACCESS control, *TRUST, *SAMPLING (Process)

Abstract

Introduction: Protecting the privacy of internet customers is crucial in the field of health. In this area, there is sensitive and personal information, and privacy can increase customers’ trust in companies and create a stronger relationship between them. Methods: The target sample was chosen using a criterion-oriented purposeful sampling method. The sampling procedure was continued until the theoretical saturation of data was reached. Accordingly, 12 professors and administrators participated in the study. The data collection tool was a semi- structured interview. Nvivo software was used for theme analysis. Results: Based on the theme analysis method, two constructive themes of level one and 14 themes of level two were identified. Constructive themes of level one were technological infrastructure and obligations of the seller to the consumer. The themes of technological infrastructure were personalization services, social interaction performance, access control, information technology security, security enforcement measures, safety algorithm and data-based planning, and decision making. The constructive themes of the seller’s obligations to the consumer were awareness, user and seller education, safety, maintenance and support of information, responsibility, framework and principles, and trust. Conclusion: The proposed model showed that privacy protection was essential. Medical device businesses should implement a robust privacy policy, closely monitoring access, training employees on privacy protection, and upgrading security systems. [ABSTRACT FROM AUTHOR]

Published

2024

78. Advancing database security: a comprehensive systematic mapping study of potential challenges.

Author

Iqbal, Asif, Khan, Siffat Ullah, Niazi, Mahmood, Humayun, Mamoona, Sama, Najm Us, Khan, Arif Ali, and Ahmad, Aakash

Subjects

*DATABASES, *DATABASE security, *DIGITAL libraries, *ACCESS control, *DATABASE management software

Abstract

The value of data to a company means that it must be protected. When it comes to safeguarding their local and worldwide databases, businesses face a number of challenges. To systematically review the literature to highlight the difficulties in establishing, implementing, and maintaining secure databases. In order to better understand database system problems, we did a systematic mapping study (SMS). We've analyzed 100 research publications from different digital libraries and found 20 issues after adopting inclusion and exclusion criteria. This SMS study aimed to identify the most up-to-date research in database security and the different challenges faced by users/clients using various databases from a software engineering perspective. In total, 20 challenges were identified related to database security. Our results show that "weak authorization system", "weak access control", "privacy issues/data leakage", "lack of NOP security", and "database attacks" as the most frequently cited critical challenges. Further analyses were performed to show different challenges with respect to different phases of the software development lifecycle, venue of publications, types of database attacks, and active research institutes/universities researching database security. The organizations should implement adequate mitigation strategies to address the identified database challenges. This research will also provide a direction for new research in this area. [ABSTRACT FROM AUTHOR]

Published

2024

79. Federated finger vein presentation attack detection for various clients.

Author

Mu, Hengyu, Guo, Jian, Liu, Xingli, Han, Chong, and Sun, Lijuan

Subjects

*FEDERATED learning, *COMPUTER vision, *ACCESS control, *BLOOD vessels, *VEINS

Abstract

Recently, the application of finger vein recognition has become popular. Studies have shown finger vein presentation attacks increasingly threaten these recognition devices. As a result, research on finger vein presentation attack detection (fvPAD) methods has received much attention. However, the current fvPAD methods have two limitations. (1) Most terminal devices cannot train fvPAD models independently due to a lack of data. (2) Several research institutes can train fvPAD models; however, these models perform poorly when applied to terminal devices due to inadequate generalisation. Consequently, it is difficult for threatened terminal devices to obtain an effective fvPAD model. To address this problem, the method of federated finger vein presentation attack detection for various clients is proposed, which is the first study that introduces federated learning (FL) to fvPAD. In the proposed method, the differences in data volume and computing power between clients are considered. Traditional FL clients are expanded into two categories: institutional and terminal clients. For institutional clients, an improved triplet training mode with FL is designed to enhance model generalisation. For terminal clients, their inability is solved to obtain effective fvPAD models. Finally, extensive experiments are conducted on three datasets, which demonstrate the superiority of our method. [ABSTRACT FROM AUTHOR]

Published

2024

80. Value of Dual Arterial Access for Improved Angiographic Control for Double-Lumen Arterial Balloon Onyx Embolization of Multifeeder Complex Cranial Dural Arteriovenous Fistulas: A Technical Nuance.

Author

Jee, Elizabeth, Folse, Michael, Shah, Rahul, Lange, Lauren, Kandregula, Sandeep, Chokhawala, Himanshu, Guthikonda, Bharat, Cuellar, Hugo, and Savardekar, Amey

Subjects

*ARTERIOVENOUS fistula, *ANGIOGRAPHY, *ENDOVASCULAR surgery, *ACCESS control, *FISTULA

Abstract

Here we describe our experience managing intracranial dural arteriovenous fistulas (DAVFs) via endovascular embolization using a transarterial embolization (TAE) technique with liquid embolic agents. We illustrate the technical nuance of using dual arterial access for angiographic control runs in complex DAVFs supplied by multiple feeders from 2 distinct arterial systems. Retrospective analysis of intracranial DAVF embolization as a single treatment technique at our institution from 2013 to 2023. Twenty-three patients with intracranial DAVF who underwent endovascular treatment as their initial treatment were included. All embolizations were approached transarterially with Onyx (n = 19), n-butyl cyanoacrylate (n = 2), or a combination (n = 2). Twenty-two patients (96%) had angiographic evidence of complete fistula obliteration after initial embolization. Six DAVF TAEs were performed with dual arterial access for simultaneous embolic delivery and angiographic control intraoperatively. Two patients recanalized twice postprocedure, 1 of whom was found to have incidental new DAVF at follow-up. Median patient follow-up was 12 months (interquartile range, 6–36 months), with a median modified Rankin Scale score on discharge of 1 and a Glasgow Outcome Scale score at 3 months of 5. In this initial series of patients with DAVF managed by endovascular embolization, dual arterial access was feasible, safe, and effective in achieving fistula obliteration. Dual-arterial access conveniently provides simultaneous access for control angiography and embosylate delivery intraoperatively. [ABSTRACT FROM AUTHOR]

Published

2024

81. Attribute-Based Designated Combiner Transitive Signature Scheme.

Author

Hou, Shaonan, Yang, Shaojun, and Lin, Chengjun

Subjects

*ACCESS control, *POLICY discourse, *ALGORITHMS, *DEFINITIONS

Abstract

Transitive signatures allow any entity to obtain a valid signature of (i , k) by combining signatures of (i , j) and (j , k) . However, the traditional transitive signature scheme does not offer fine-grained control over the combiner. To address this issue, we propose a formal definition of the attribute-based designated combiner transitive signature (ABDCTS) and its security model, where only entities whose inherent attributes meet the access policy can combine signatures. By introducing the fine-grained access control structure, control over the combiner is achieved. To demonstrate the feasibility of our primitive, this paper presents the first attribute-based designated combiner transitive signature scheme. Under an adaptive chosen-message attack, we prove its security based on the one-more CDH problem and the co-CDH problem, and that its algorithms have robustness. [ABSTRACT FROM AUTHOR]

Published

2024

82. Analyzing supply chain technology trends through network analysis and clustering techniques: a patent-based study.

Author

Shokouhyar, Sajjad, Maghsoudi, Mehrdad, Khanizadeh, Shahrzad, and Jorfi, Saeid

Subjects

*SOCIAL network analysis, *TECHNOLOGICAL forecasting, *SUPPLY chains, *ACCESS control, *TEXT mining, *SUPPLY chain management, *INDUSTRIAL clusters

Abstract

The supply chain forms the backbone of the modern consumer economy, weaving an intricate network of stakeholders across geographical and socioeconomic divides. While new technologies have enhanced supply chain management, the market dynamism and network complexities continue to challenge decision-makers. This study employs social network analysis and text mining to unravel technological patterns within the patent landscape of supply chain management. The analysis draws on a dataset of over 32,000 supply chain patents from Lens.org spanning 2000–2022. Network analysis reveals cooperation patterns and key players, while text mining and clustering identify five technology clusters: secure access control, manufacturing, logistics, data management, and RFID. Technology life cycle analysis indicates that secure access control, data management, and RFID have reached maturity, while logistics is still growing and manufacturing faces saturation. The findings highlight that despite maturity, these technologies warrant continued investment to resolve persistent challenges. The technology trends and maturity insights uncovered can help enterprises make informed strategic decisions by aligning R&D initiatives with technology lifecycles. This pioneering study bridges innovation research and technology management, offering a nuanced understanding of supply chain technologies. The framework presented can be extended to analyze other domains, opening avenues for further research. Overall, this study decodes the patent landscape to decode the future. [ABSTRACT FROM AUTHOR]

Published

2024

83. Using the ACE framework to enforce access and usage control with notifications of revoked access rights.

Author

Rasori, Marco, Saracino, Andrea, Mori, Paolo, and Tiloca, Marco

Subjects

*INTERNET access control, *ACCESS control, *INTERNET of things, *REVOCATION

Abstract

The standard ACE framework provides authentication and authorization mechanisms similar to those of the standard OAuth 2.0 framework, but it is intended for use in Internet-of-Things environments. In particular, ACE relies on OAuth 2.0, CoAP, CBOR, and COSE as its core building blocks. In ACE, a non-constrained entity called Authorization Server issues Access Tokens to Clients according to some access control and policy evaluation mechanism. An Access Token is then consumed by a Resource Server, which verifies the Access Token and lets the Client accordingly access a protected resource it hosts. Access Tokens have a validity which is limited over time, but they can also be revoked by the Authorization Server before they expire. In this work, we propose the Usage Control framework as an underlying access control means for the ACE Authorization Server, and we assess its performance in terms of time required to issue and revoke Access Tokens. Moreover, we implement and evaluate a method relying on the Observe extension for CoAP, which allows to notify Clients and Resource Servers about revoked Access Tokens. Through results obtained in a real testbed, we show how this method reduces the duration of illegitimate access to protected resources following the revocation of an Access Token, as well as the time spent by Clients and Resource Servers to learn about their Access Tokens being revoked. [ABSTRACT FROM AUTHOR]

Published

2024

84. Efficient access control scheme for heterogeneous signcryption based on blockchain in VANETs.

Author

Khalafalla, Wael, Zhu, Wen-Xing, Elkhalil, Ahmed, and Elfadul, Issameldeen

Subjects

*ACCESS control, *ACCESS to information, *VEHICULAR ad hoc networks, *ENERGY consumption, *ROADSIDE improvement

Abstract

Access control refers to the mechanisms and policies determining which vehicles or entities can access certain network resources, services, or information. Nevertheless, the dynamic nature of a VANET, the necessity to support a wide range of services, and the importance of protecting users' personal information make access control a challenging issue in vehicle contexts. This study presents an efficient access control scheme based on a blockchain to enhance efficiency and security in heterogeneous signcryption (AC-HSC). Additionally, the AC-HSC protocol incorporates blockchain technology for revocation transparency, allowing roadside units to efficiently verify revoked pseudo-identities without relying on a central unit. The AC-HSC effectively fulfills various security criteria, including integrity, privacy preservation, authentication, traceability, unlinkability, non-repudiation, and resistance against replay attacks. Moreover, the formal analysis carried out in a random oracle model (ROM) proves that the proposed protocol is secure against indistinguishability under chosen-ciphertext attack (IND-CCA2) under the Computational Diffie-Hellman (CDH) assumption and existential unforgeability under chosen message attack (EUF-CMA) under the Discret-Logarithm (DL) assumption. In addition, the proposed protocol effectively addresses the issue of key escrow and successfully eliminates the challenges associated with certification management. Finally, the AC-HSC protocol implemented with a free pairing demonstrates reduced computational costs by 3.57%, 50%, 53.53%, 72.22%, 32.66%, 50.90%, 3.57%, and 57.14%, respectively, and the total energy consumption of the VANET nodes in our protocol reduced by about 4.16%, 45.03%, 50.04%, 68.37%, 31.52%, 49.67%, 4.16%, and 53.68%, respectively, as compared with the existing signcryption schemes. [ABSTRACT FROM AUTHOR]

Published

2024

85. Lightweight, verifiable and revocable EHRs sharing with fine-grained bilateral access control.

Author

Zhang, Kai, Chen, Tao, Chen, Siyuan, Wei, Lifei, and Ning, Jianting

Subjects

*ACCESS control, *CLOUD storage, *DATA warehousing, *INFORMATION sharing, *REVOCATION

Abstract

EHRs sharing systems provide a secure and efficient way for patients and doctors to share information in smart healthcare. Due to the concern about data confidentiality and authorized access, the exploitation of attribute-based encryption (ABE) is widely adopted for EHRs sharing in cloud storage. However, most ABE-based EHRs sharing system only considered unilateral access control or supported non-flexible bilateral access control. Hence, we propose a lightwight and flexible healthcare data sharing system, LiVeRe, which enables fine-grained bilateral access control and moreover supports efficient user revocation and ciphertext integrity verification for the access control property. Technically, we employ the dual-policy framework to specify the access policy and pre-decryption techniques to alleviate the computational burden, and efficient revocation of user access rights by the KUNode algorithm. We also provide formal security models and correspondingly prove its security. Moreover, we conduct experiments on the cloud to demonstrate the practicality of our LiVeRe scheme. [ABSTRACT FROM AUTHOR]

Published

2024

86. StreamFilter: a framework for distributed processing of range queries over streaming data with fine-grained access control.

Author

Safaee, Shahab, Mirabi, Meghdad, and Safaei, Ali Asghar

Subjects

*DISTRIBUTED computing, *DATA management, *DATA distribution, *ACCESS control, *INDEXING, *TREES

Abstract

Access control is a fundamental component of any data management system, ensuring the prevention of unauthorized data access. Within the realm of data streams, it plays a crucial role in query processing by facilitating authorized access to them. This paper introduces the StreamFilter framework, which focuses on securely processing queries with range filters over streaming data. Leveraging the Role-Based Access Control model, the StreamFilter framework enables the specification of fine-grained access policies at various levels of granularity, such as tuples and attributes, through the utilization of a bit string structure. To enhance the search operation during data stream query processing, the framework employs a distributed indexing method, constructing a set of smaller B + Tree indices rather than a single large B + Tree index. Furthermore, it seamlessly integrates access authorization evaluation with query processing, efficiently filtering unauthorized parts from the query results. The experimental results demonstrate an approximately 50% increase in efficiency for processing queries with range filters compared to the post-filtering strategy. This improvement is observed across all types of data distribution, including uniform, skew, and hyper skew. [ABSTRACT FROM AUTHOR]

Published

2024

87. Assessing women's empowerment, participation, and engagement in aquaculture in Bangladesh.

Author

Njogu, Lucy, Adam, Rahma, and Farnworth, Cathy Rozel

Subjects

*WOMEN'S empowerment, *FISH farming, *WOMEN'S programs, *ACCESS control, *GENDER inequality

Abstract

Women's empowerment and gender equality are key goals for development and human rights. However, a significant gap still exists in achieving these twin goals. Formulating appropriate strategies for women's empowerment requires first understanding context-specific patterns and sources of disempowerment. We use data collected using a questionnaire survey from 1653 households in Rangpur and Rajshahi districts in Bangladesh. Guided by an analytic tool that measures women's empowerment, inclusion and agency (the project level Women's Empowerment in Fisheries and aquaculture Index (pro-WEFI)), and using seven empowerment indicators, we provide findings on the status of women's empowerment, participation, and engagement in aquaculture in Bangladesh. Results show that women were highly involved in making household decisions, mainly jointly with their husbands. However, data suggest a substantial gap in women's access to financial services, in participation in aquaculture activities, and in access to and control over productive capital and remuneration for aquaculture labor. Finally, despite some women achieving adequacy on some indicators, most women in fish farming households in Bangladesh lack adequacy on many of the selected indicators. [ABSTRACT FROM AUTHOR]

Published

2024

88. 面向物联网的基于智能合约与CP-ABE的访问控制方案.

Author

孙昌, 张传虎, 刘冰杰迅, Yingjie Yang, BAQAO, Fernando, and 刘倩佔

Abstract

Copyright of Telecommunications Science is the property of Beijing Xintong Media Co., Ltd. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

89. Voluntary self-exclusion from gambling: Expert opinions on gaps and needs for improvement.

Author

Kraus, Ludwig, Bickl, Andreas M., Hellman, Matilda, Kankainen, Veera E., Loy, Johanna K., Neyer, Marieke, Norman, Thomas, Rolando, Sara, Room, Robin, Rossow, Ingeborg, Volberg, Rachel, and Cisneros Örnberg, Jenny

Subjects

COMPULSIVE gambling, GAMBLING, GAMBLING industry, ACCESS control, GOVERNMENT agencies

Abstract

Aims: Voluntary self-exclusion (VSE) programmes are intended to minimise gambling-related harm. They are considered effective for the individual but several weaknesses have been reported that deter individuals from enrolment. The present paper summarises opinions about and experiences with VSE strategies and assesses gaps and needs with regard to the current self-exclusion regulations and programmes in seven jurisdictions. Methods: A total of 102 representatives from various sectors (research community; addiction help and care services; prevention; regulatory bodies; gambling providers) in Finland, Germany, Italy, Massachusetts (USA), Norway, Sweden, and Victoria (Australia) were surveyed about their experiences with and opinions about VSE strategies, as well as gaps and needs of the current VSE regulations in their jurisdiction. Results: The respondents agreed on the need for and importance of VSE programmes. However, in all participating jurisdictions, VSE regulations at the time of the survey were considered insufficient, and the respondents suggested potential improvements to facilitate the exclusion process, increase utilisation and reduce gamblers' breaching VSE. Representatives of the gambling industry also emphasised the individual's responsibility. Conclusions: Individuals with gambling disorder require effective VSE programmes to cope with their addictive behaviour. To effectively reduce breaches, technical and legal solutions are necessary. This includes access controls based on complete nationwide registries, strict enforcement and preventing excluded gamblers from accessing unlicensed online operators. [ABSTRACT FROM AUTHOR]

Published

2024

90. Access Control Models and Frameworks for the IoT Environment: Review, Challenges, and Future Direction.

Author

Mishra, Rajiv Kumar, Yadav, Rajesh K., and Nath, Prem

Subjects

INTERNET access control, ACCESS control, INTERNET privacy, SECURITY systems, INTERNET of things

Abstract

The rapid growth of the Internet of Things and the massive growth of sensitive data created by user equipment have headed to resilient demand for additional security and privacy measures. The data produced by the IoT devices are often sensitive & personal, which raises new concerns about security measurement. The development & adoption of IoT and the security aspects of the IoT are not going at the same pace. The future IoT architecture must emphasize enough security concerns and provides adequate measures to prevent devices/data from being accessed by unauthorized means. This work encompasses a comprehensive analysis of frameworks & models of access control for the IoT environment. In this review paper, the analysis of access control solutions is done in four parts: the first part compares various existing review articles with our work, the second part encompasses architecture-based access control mechanisms, the third part comprises access control models, and the fourth part contains few emergent solutions including blockchain-based solutions. Subsequently, prevalent solutions are mapped to vital requirements of the IoT environment. Eventually, security obligations for the IoT environment, probable challenges, and forthcoming research directions are highlighted. This research explores the growing literature on access control for IoT, emphasizing its security requirements. [ABSTRACT FROM AUTHOR]

Published

2024

91. Enhanced Visual Cryptographic Schemes with Essential Access Structures and Pixel-Wise Operations.

Author

Revathi, M., D., Devi, Menaha, R., Dineshkumar, R., and Mohan, S.

Subjects

VISUAL cryptography, INFORMATION technology security, ACCESS control, SIGNAL-to-noise ratio, DATA protection

Abstract

By splitting a picture into many parts, which, when reassembled, disclose the original image without requiring complicated math, visual cryptography is a strong method for protecting visual information. Problems with pixel enlargement, decreased picture quality, and restricted access structures are common with traditional visual cryptography techniques. Our proposed improved visual cryptography approach incorporates pixel-wise operations and critical access structures to solve these challenges and increase flexibility, picture quality, and security. To reconstruct a picture, our technique calls for building visual cryptographic shares based on critical access structures that specify the exact combinations of shares needed. In order to maintain the image's resolution and reduce pixel expansion, we use pixel-wise processes. By improving the peak signal-to-noise ratio (PSNR) by up to 20% compared to conventional approaches, experimental data show that our strategy greatly improves picture quality. In addition, the suggested approach guarantees that individual shares do not disclose any information on the original picture, thereby maintaining high security requirements. Finally, it is clear that the enhanced visual cryptographic system is well-suited for a wide range of uses in safe communications and data security due to its strong solution for secure picture sharing, increased picture quality, and adjustable access control. [ABSTRACT FROM AUTHOR]

Published

2024

92. Multi-Fusion Biometric Authentication using Minutiae-Driven Fixed-Size Template Matching (MFTM).

Author

Sathishkumar, B. R., Monica, K. M., Sasikala, D., and Sudha, M. N.

Subjects

BIOMETRIC identification, IRIS recognition, DIGITAL technology, ACCESS control, BIOMETRY

Abstract

In today's digital era, ensuring robust and secure authentication mechanisms is crucial. Multi-fusion biometric authentication systems have emerged as a powerful solution to enhance security and reliability by integrating multiple biometric traits. This paper presents a novel Multi-Fusion Biometric Authentication approach using Minutiae-Driven Fixed-Size Template Matching (MFTM). The proposed method leverages the unique features of minutiae points in fingerprints and combines them with other biometric modalities, such as iris and facial recognition, to create a fixed-size template for matching. The fusion process involves extracting and normalizing minutiae points from the fingerprint, followed by their integration with iris and facial features using a robust feature fusion algorithm. The fixed-size template ensures consistency and efficiency in the matching process, addressing challenges related to template size variability and computational overhead. Extensive experiments conducted on standard biometric datasets demonstrate that the proposed MFTM approach significantly enhances authentication accuracy, reduces false acceptance and rejection rates, and provides a highly secure and scalable authentication solution suitable for various applications, including access control and identity verification. The results show an authentication accuracy of 98.7%, a false acceptance rate (FAR) of 0.2%, and a false rejection rate (FRR) of 0.5%. Additionally, the computational time for matching is reduced by 25% compared to traditional methods, highlighting the efficiency and practicality of the proposed approach. [ABSTRACT FROM AUTHOR]

Published

2024

93. Modelling a Request and Response-Based Cryptographic Model For Executing Data Deduplication in the Cloud.

Author

Kumar, Doddi Suresh and Srinivasu, Nulaka

Subjects

DATA privacy, ELLIPTIC curve cryptography, INTERSTELLAR communication, ACCESS control, DATA warehousing, CLOUD storage

Abstract

Cloud storage is one of the most crucial components of cloud computing because it makes it simpler for users to share and manage their data on the cloud with authorized users. Secure deduplication has attracted much attention in cloud storage because it may remove redundancy from encrypted data to save storage space and communication overhead. Many current safe deduplication systems usually focus on accomplishing the following characteristics regarding security and privacy: Access control, tag consistency, data privacy and defence against various attacks. But as far as we know, none can simultaneously fulfil all four conditions. In this research, we offer a safe deduplication method that is effective and provides user-defined access control to address this flaw. Because it only allows the cloud service provider to grant data access on behalf of data owners, our proposed solution (Request-response-based Elliptic Curve Cryptography) may effectively delete duplicates without compromising the security and privacy of cloud users. A thorough security investigation reveals that our approved safe deduplication solution successfully thwarts brute-force attacks while dependably maintaining tag consistency and data confidentiality. Comprehensive simulations show that our solution surpasses the evaluation in computing, communication, storage overheads, and deduplication efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

94. Measuring Enterprise Resource Planning (ERP) Software Risk Management for Digital SMEs.

Author

Prihandono, Dorojatun, Wijaya, Angga Pandu, Abiprayu, Kris Brantas, Prananta, Widya, and Widia, Syam

Subjects

INFORMATION technology, ENTERPRISE resource planning, ENCRYPTION protocols, DIGITAL transformation, SERVICE level agreements, SYSTEM downtime, ACCESS control

Abstract

The research aims to analyze risk management in the adoption of Enterprise Resource Planning (ERP). ERP currently widely used, however limited research focus on risk management adoption regarding technological and information system. Digital transformation encourages SMEs to adopt information technology to streamline business processes, especially ERP. Through a comprehensive investigation involving 85 SME owners, the study focuses on ERP risk management. The analysis is conducted by identifying, mapping, and assessing severity. Additionally, data is analyzed using a neural network to explain the satisfaction level of ERP adoption. The research identifies several key risk factors, including vendor stability, data security, system downtime, and inadequate support. Based on research result, risk management underscores the need for robust encryption protocols, access controls, and regular security audits to mitigate the risks of data breaches, unauthorized access, and the compromise of critical business data. The research is reliable in illustrating ERP adoption risks, with a 98.3% correct prediction rate. The novelty of this research lies in its identification and mapping of risk factors in ERP adoption for SMEs, serving as an alternative reference for determining information technology improvements. The research suggests prioritizing thorough due diligence when selecting an ERP vendor and establishing clear and comprehensive Service Level Agreements. [ABSTRACT FROM AUTHOR]

Published

2024

95. BIoT Smart Switch-Embedded System Based on STM32 and Modbus RTU—Concept, Theory of Operation and Implementation.

Author

Zagan, Ionel and Găitan, Vasile Gheorghiță

Subjects

SMART cities, INTERNET of things, ACCESS control, ELECTRIC power consumption, SMART homes

Abstract

Considering human influence and its negative impact on the environment, the world will have to transform the current energy system into a cleaner and more sustainable one. In residential as well as office buildings, there is a demand to minimize electricity consumption, improve the automation of electrical appliances and optimize electricity utilization. This paper describes the implementation of a smart switch with extended facilities compared to traditional switches, such as visual indication of evacuation routes in case of fire and acoustic alerts for emergencies. The proposed embedded system implements Modbus RTU serial communication to receive information from a fire alarm-control panel. An extension to the Modbus communication protocol, called Modbus Extended (ModbusE), is also proposed for smart switches and emergency switchboards. The embedded smart switch described in this paper as a scientific and practical contribution in this field, based on a performant microcontroller system, is integrated into the Building Internet of Things (BIoT) concept and uses the innovative ModbusE protocol. The proposed smart lighting system integrates building lighting access control for smart switches and sockets and can be extended to incorporate functionality for smart thermostats, access control and smart sensor-based information acquisition. [ABSTRACT FROM AUTHOR]

Published

2024

96. Intelligent and Secure Cloud–Edge Collaborative Industrial Information Encryption Strategy Based on Credibility Assessment.

Author

Tan, Aiping, Dong, Chenglong, Wang, Yan, Wang, Chang, and Xia, Changqing

Subjects

INFORMATION technology security, COMPUTER network traffic, CYBERTERRORISM, ACCESS control, SECURITY systems

Abstract

As industries develop and informatization accelerates, enterprise collaboration is increasing. However, current architectures face malicious attacks, data tampering, privacy issues, and security and efficiency problems in information exchange and enterprise credibility. Additionally, the complexity of cyber threats requires integrating intelligent security measures to proactively defend against sophisticated attacks. To address these challenges, this paper introduces an intelligent and secure cloud–edge collaborative industrial information encryption strategy based on credibility assessment. The proposed strategy incorporates adaptive encryption specifically designed for cloud–edge and edge–edge architectures and utilizes attribute encryption to control access to user-downloaded data, ensuring secure information exchange. A mechanism for assessing enterprise credibility over a defined period helps maintain a trusted collaborative environment, crucial for identifying and mitigating risks from potentially malicious or unreliable entities. Furthermore, integrating intelligent threat detection and response systems enhances overall security by continuously monitoring and analyzing network traffic for anomalies. Experimental analysis evaluates the security of communication paths and examines how enterprise integrity influences collaboration outcomes. Simulation results show that this approach enhances enterprise integrity, reduces losses caused by harmful actors, and promotes efficient collaboration without compromising security. This intelligent and secure strategy not only safeguards sensitive data but also ensures the resilience and trustworthiness of the collaborative network. [ABSTRACT FROM AUTHOR]

Published

2024

97. Adaptive MAC Scheme for Interference Management in Ad Hoc IoT Networks.

Author

Ali, Ehsan, Fazil, Adnan, Ryu, Jihyoung, Ashraf, Muhammad, and Zakwan, Muhammad

Subjects

CARRIER sense multiple access, RAYLEIGH fading channels, TECHNOLOGICAL innovations, ACCESS control, NETWORK performance

Abstract

The field of wireless communication has undergone revolutionary changes driven by technological advancements in recent years. Central to this evolution is wireless ad hoc networks, which are characterized by their decentralized nature and have introduced numerous possibilities and challenges for researchers. Moreover, most of the existing Internet of Things (IoT) networks are based on ad hoc networks. This study focuses on the exploration of interference management and Medium Access Control (MAC) schemes. Through statistical derivations and systematic simulations, we evaluate the efficacy of guard zone-based MAC protocols under Rayleigh fading channel conditions. By establishing a link between network parameters, interference patterns, and MAC effectiveness, this work contributes to optimizing network performance. A key aspect of this study is the investigation of optimal guard zone parameters, which are crucial for interference mitigation. The adaptive guard zone scheme demonstrates superior performance compared to the widely recognized Carrier Sense Multiple Access (CSMA) and the system-wide fixed guard zone protocol under fading channel conditions that mimic real-world scenarios. Additionally, simulations reveal the interactions between network variables such as node density, path loss exponent, outage probability, and spreading gain, providing insights into their impact on aggregated interference and guard zone effectiveness. [ABSTRACT FROM AUTHOR]

Published

2024

98. Comparative Assessment of Expected Safety Performance of Freeway Automated Vehicle Managed Lanes.

Author

Sarran, Jana McLean and Hassan, Yasser

Subjects

LANE changing, AUTONOMOUS vehicles, ACCESS control, TRAFFIC lanes, SAFETY, TRAFFIC safety

Abstract

The use of dedicated lanes, known as managed lanes (MLs), on freeways is an established traffic management strategy to reduce congestion. Allowing automated vehicles (AVs) in existing MLs or dedicating MLs for AVs, referred to as AVMLs, has been suggested in the literature as a tool to improve traffic operation and safety performance as AVs and driver-operated vehicles (DVs) coexist in a mixed-vehicle environment. This paper focuses on investigating the safety impacts of deploying AVMLs on freeways by repurposing general-purpose lanes (GPLs). Four ML strategies considering different lane positions and access controls were implemented in a traffic microsimulation under different AV market adoption rates (MARs) and traffic demand levels, and trajectories were used to extract rear-end and lane change conflicts. The time-to-collision (TTC) surrogate safety measure was used to identify critical conflicts using a time threshold dependent on the type of following vehicle. Rates of conflicts involving different vehicle types for all ML strategies were compared to the case of heterogeneous traffic. The results indicated that the rates of rear-end conflicts involving the same vehicle type as the lead and following vehicle, namely DV-DV and AV-AV conflicts, increased with ML implementation as more vehicles of the same type traveled in the same lane(s). By comparing the aggregated conflict rates, the design options that were deemed to negatively impact traffic efficiency and capacity were also found to negatively impact traffic safety. However, other ML options were found to be feasible in terms of traffic operation and safety performance, especially at traffic demand levels below capacity. Specifically, one left-side AVML with continuous access was found to have lower or comparable aggregated conflict rates compared to heterogenous traffic at 25% and 50% MARs, and, thus, it is expected to have positive or neutral safety impacts. [ABSTRACT FROM AUTHOR]

Published

2024

99. Cross-Domain Bilateral Access Control on Blockchain-Cloud Based Data Trading System.

Author

Park, Youngho, Shin, Su Jin, and Shin, Sang Uk

Subjects

BLOCKCHAINS, CLOUD computing, POLICY discourse, INFORMATION sharing, MARKETPLACES, ACCESS control

Abstract

Data trading enables data owners and data requesters to sell and purchase data. With the emergence of blockchain technology, research on blockchain-based data trading systems is receiving a lot of attention. Particularly, to reduce the on-chain storage cost, a novel paradigm of blockchain and cloud fusion has been widely considered as a promising data trading platform. Moreover, the fact that data can be used for commercial purposes will encourage users and organizations from various fields to participate in the data marketplace. In the data marketplace, it is a challenge how to trade the data securely outsourced to the external cloud in a way that restricts access to the data only to authorized users across multiple domains. In this paper, we propose a cross-domain bilateral access control protocol for blockchain-cloud based data trading systems. We consider a system model that consists of domain authorities, data senders, data receivers, a blockchain layer, and a cloud provider. The proposed protocol enables access control and source identification of the outsourced data by leveraging identity-based cryptographic techniques. In the proposed protocol, the outsourced data of the sender is encrypted under the target receiver's identity, and the cloud provider performs policy-match verification on the authorization tags of the sender and receiver generated by the identity-based signature scheme. Therefore, data trading can be achieved only if the identities of the data sender and receiver simultaneously meet the policies specified by each other. To demonstrate efficiency, we evaluate the performance of the proposed protocol and compare it with existing studies. [ABSTRACT FROM AUTHOR]

Published

2024

100. Reversible Data Hiding Algorithm in Encrypted Images Based on Adaptive Median Edge Detection and Ciphertext-Policy Attribute-Based Encryption.

Author

Zongbao Jiang, Minqing Zhang, Weina Dong, Chao Jiang, and Fuqiang Di

Subjects

REVERSIBLE data hiding (Computer science), DATA encryption, ACCESS control, ENTROPY (Information theory), ALGORITHMS, IMAGE encryption

Abstract

With the rapid advancement of cloud computing technology, reversible data hiding algorithms in encrypted images (RDH-EI) have developed into an important field of study concentrated on safeguarding privacy in distributed cloud environments. However, existing algorithms often suffer from low embedding capacities and are inadequate for complex data access scenarios. To address these challenges, this paper proposes a novel reversible data hiding algorithm in encrypted images based on adaptive median edge detection (AMED) and ciphertext-policy attribute-based encryption (CP-ABE). This proposed algorithm enhances the conventional median edge detection (MED) by incorporating dynamic variables to improve pixel prediction accuracy. The carrier image is subsequently reconstructed using the Huffman coding technique. Encrypted image generation is then achieved by encrypting the image based on system user attributes and data access rights, with the hierarchical embedding of the group’s secret data seamlessly integrated during the encryption process using the CP-ABE scheme. Ultimately, the encrypted image is transmitted to the data hider, enabling independent embedding of the secret data and resulting in the creation of the marked encrypted image. This approach allows only the receiver to extract the authorized group’s secret data, thereby enabling fine-grained, controlled access. Test results indicate that, in contrast to current algorithms, the method introduced here considerably improves the embedding rate while preserving lossless image recovery. Specifically, the average maximum embedding rates for the (3, 4)-threshold and (6, 6)-threshold schemes reach 5.7853 bits per pixel (bpp) and 7.7781 bpp, respectively, across the BOSSbase, BOW-2, and USD databases. Furthermore, the algorithm facilitates permission-granting and joint-decryption capabilities. Additionally, this paper conducts a comprehensive examination of the algorithm’s robustness using metrics such as image correlation, information entropy, and number of pixel change rate (NPCR), confirming its high level of security. Overall, the algorithm can be applied in a multi-user and multi-level cloud service environment to realize the secure storage of carrier images and secret data. [ABSTRACT FROM AUTHOR]

Published

2024