An optimization of device-to-device(D2D) security rate algorithm based on power control is provided to enhance the physical layer security underlaying D2D communication and guarantee the data rate requirement of the c...An optimization of device-to-device(D2D) security rate algorithm based on power control is provided to enhance the physical layer security underlaying D2D communication and guarantee the data rate requirement of the cellular user(CU) at the same time.First,a scenario model is set up,in which an eavesdropper is considered to wiretap the information of D2D transmitters.Then,a secure region of D2D communication is proposed.When D2D communication users reside outside the secure region,the spectrum of CU's is not allowed to share with the D2D communication so as to avoid eavesdropper tapping useful information of D2D communication.When D2D communication users reside inside the secure region,the security rate of D2D is maximized by optimization of the transmitting power of D2D and CU.The simulation results showthat the achieved D2D security rate of the proposed algorithm increases 2.8 bps/Hz when the signal to noise ratio(SNR) is 15 d B,compared with that when the random access algorithm is used.展开更多
A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single po...A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.展开更多
In order to improve the physical layer security of the device-to-device(D2D)cellular network,we propose a collaborative scheme for the transmit antenna selection and the optimal D2D pair establishment based on deep le...In order to improve the physical layer security of the device-to-device(D2D)cellular network,we propose a collaborative scheme for the transmit antenna selection and the optimal D2D pair establishment based on deep learning.Due to the mobility of users,using the current channel state information to select a transmit antenna or establish a D2D pair for the next time slot cannot ensure secure communication.Therefore,in this paper,we utilize the Echo State Network(ESN)to select the transmit antenna and the Long Short-Term Memory(LSTM)to establish the D2D pair.The simulation results show that the LSTMbased and ESN-based collaboration scheme can effectively improve the security capacity of the cellular network with D2D and increase the life of the base station.展开更多
The blockchain trilemma—balancing decentralization,security,and scalability—remains a critical challenge in distributed ledger technology.Despite significant advancements,achieving all three attributes simultaneousl...The blockchain trilemma—balancing decentralization,security,and scalability—remains a critical challenge in distributed ledger technology.Despite significant advancements,achieving all three attributes simultaneously continues to elude most blockchain systems,often forcing trade-offs that limit their real-world applicability.This review paper synthesizes current research efforts aimed at resolving the trilemma,focusing on innovative consensus mechanisms,sharding techniques,layer-2 protocols,and hybrid architectural models.We critically analyze recent breakthroughs,including Directed Acyclic Graph(DAG)-based structures,cross-chain interoperability frameworks,and zero-knowledge proof(ZKP)enhancements,which aimto reconcile scalability with robust security and decentralization.Furthermore,we evaluate the trade-offs inherent in these approaches,highlighting their practical implications for enterprise adoption,decentralized finance(DeFi),and Web3 ecosystems.By mapping the evolving landscape of solutions,this review identifies gaps in currentmethodologies and proposes future research directions,such as adaptive consensus algorithms and artificial intelligence-driven(AI-driven)governance models.Our analysis underscores that while no universal solution exists,interdisciplinary innovations are progressively narrowing the trilemma’s constraints,paving the way for next-generation blockchain infrastructures.展开更多
Energy security is a crucial aspect of modern societies,as it directly impacts the availability,accessibility,and reliability of energy sources.The reliance on natural resources and geopolitical factors in shaping ene...Energy security is a crucial aspect of modern societies,as it directly impacts the availability,accessibility,and reliability of energy sources.The reliance on natural resources and geopolitical factors in shaping energy security has gained significant attention in recent years.Natural resources and geopolitical risk are examined in 38 countries at risk of geopolitical conflict between 1990 and 2021 by examining CO_(2) emissions,renewable energy consumption,and foreign direct investment as controlling variables.The long-run analysis conducted in this study focused on slope heterogeneity,Westerlund cointegration,and dynamic panel data estimation.The findings indicated that the energy security index is positively associated with various determinants,including natural resources,geopolitical risk,CO_(2) emissions,and renewable energy consumption.However,foreign direct investment was found to be negatively associated with the energy security index among the selected 38 geopolitical risk countries.The role of natural resources and geopolitical risk in energy security cannot be overlooked.Natural resources provide the raw materials for generating electricity and powering our societies,while geopolitical risks can disrupt energy supply chains and threaten stability.Achieving sustainable energy security requires a comprehensive approach that addresses both aspects of energy provision.Transitioning to renewable energy sources,improving energy efficiency,diversifying energy supplies,promoting international cooperation,and conserving natural resources are essential steps towards a more sustainable and resilient energy future.展开更多
More and more modern group oriented collaborativeapplications use the peer-to-peer(P2P)paradigm tobe independent of expensive infrastructures as theyare,for instance,provided for audio and video conferencesby H.323 sy...More and more modern group oriented collaborativeapplications use the peer-to-peer(P2P)paradigm tobe independent of expensive infrastructures as theyare,for instance,provided for audio and video conferencesby H.323 systems.Decentralized collaborativeP2P solutions require appropriate mechanismsto protect group privacy and data integrity.A centralizedclient/server based video conference system canbe well shielded in a standard manner,whilst thereare no off-the-shelf approaches to secure a P2P videoconference up to now.The paper addresses this issueand presents a flexible security architecture.Usingthe BRAVIS system[4]as an example it shows howthe architecture can be embedded into a P2P videoconferencing system.展开更多
The recent and unprecedented surge of public interest in peer-to-peer (P2P) file-sharing systems has led to a variety of interesting research questions. How to minimize threats in such an open community is an impor-ta...The recent and unprecedented surge of public interest in peer-to-peer (P2P) file-sharing systems has led to a variety of interesting research questions. How to minimize threats in such an open community is an impor-tant research topic. Trust models have been widely used in estimating the trustworthiness of peers in P2P file-sharing systems where peers can transact with each other without prior experience. However, current P2P trust models almost take no consideration for the nature of trust, fuzzy, complex and dynamic, which results in low efficiency in resisting the attacks of malicious nodes. In this paper, a new trust model named NatureTrust that can alleviate the shortage brought by the nature of trust is proposed. In order to cope with the fuzzy characteristic of trust, linguistic terms are used to express trust. Additionally, fuzzy inference rules are employed to evaluate trust of each transaction so as to handle the complex characteristic of trust. Fur-thermore, risk factor is deployed into NatureTrust to represent and reason with the dynamic characteristic of trust. Both risk and trust factors are considered in evaluating the trustworthiness of each peer. Experimental results show that the trust model analyzed here thus stands against malicious act effectively.展开更多
In device-to-device(D2D) communications, device terminal relaying makes it possible for devices in a network to function as transmission relays for each other to enhance the spectral efficiency. In this paper we consi...In device-to-device(D2D) communications, device terminal relaying makes it possible for devices in a network to function as transmission relays for each other to enhance the spectral efficiency. In this paper we consider a cooperative D2D communication system with simultaneous wireless information and power transfer(SWIPT). The cooperative D2D communication scheme allows two nearby devices to communicate with each other in the licensed cellular bandwidth by assigning D2D transmitters as half-duplex(HD) relay to assists cellular downlink transmissions. In particular, we focus on secure information transmission for the cellular users when the idle D2D users are the potential eavesdroppers. We aim to design secure beamforming schemes to maximize the D2D users data rate while guaranteeing the secrecy rate requirements of the cellular users and the minimum required amounts of power transferred to the idle D2D users. To solve this non-convex problem, a semi-definite programming relaxation(SDR) approach is adopted to obtain the optimal solution. Furthermore, we propose two suboptimal secure beamforming schemes with low computational complexity for providing secure communication and efficient energy transfer. Simulation results demonstrate the superiority of our proposed scheme.展开更多
The speed and pace of the transmission of severe acute respiratory syndrome coronavirus 2(SARS-CoV-2;also referred to as novel Coronavirus 2019 and COVID-19)have resulted in a global pandemic,with significant health,f...The speed and pace of the transmission of severe acute respiratory syndrome coronavirus 2(SARS-CoV-2;also referred to as novel Coronavirus 2019 and COVID-19)have resulted in a global pandemic,with significant health,financial,political,and other implications.There have been various attempts to manage COVID-19 and other pandemics using technologies such as Internet of Things(IoT)and 5G/6G communications.However,we also need to ensure that IoT devices used to facilitate COVID-19 monitoring and treatment(e.g.,medical IoT devices)are secured,as the compromise of such devices can have significant consequences(e.g.,life-threatening risks to COVID-19 patients).Hence,in this paper we comprehensively survey existing IoT-related solutions,potential security and privacy risks and their requirements.For example,we classify existing security and privacy solutions into five categories,namely:authentication and access control solutions,key management and cryptography solutions,blockchain-based solutions,intrusion detection systems,and privacy-preserving solutions.In each category,we identify the associated challenges.We also identify a number of recommendations to inform future research.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via vario...Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.展开更多
Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic s...Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.展开更多
Nowadays,there is tremendous growth in biometric authentication and cybersecurity applications.Thus,the efficient way of storing and securing personal biometric patterns is mandatory in most governmental and private s...Nowadays,there is tremendous growth in biometric authentication and cybersecurity applications.Thus,the efficient way of storing and securing personal biometric patterns is mandatory in most governmental and private sectors.Therefore,designing and implementing robust security algorithms for users’biometrics is still a hot research area to be investigated.This work presents a powerful biometric security system(BSS)to protect different biometric modalities such as faces,iris,and fingerprints.The proposed BSSmodel is based on hybridizing auto-encoder(AE)network and a chaos-based ciphering algorithm to cipher the details of the stored biometric patterns and ensures their secrecy.The employed AE network is unsupervised deep learning(DL)structure used in the proposed BSS model to extract main biometric features.These obtained features are utilized to generate two random chaos matrices.The first random chaos matrix is used to permute the pixels of biometric images.In contrast,the second random matrix is used to further cipher and confuse the resulting permuted biometric pixels using a two-dimensional(2D)chaotic logisticmap(CLM)algorithm.To assess the efficiency of the proposed BSS,(1)different standardized color and grayscale images of the examined fingerprint,faces,and iris biometrics were used(2)comprehensive security and recognition evaluation metrics were measured.The assessment results have proven the authentication and robustness superiority of the proposed BSSmodel compared to other existing BSSmodels.For example,the proposed BSS succeeds in getting a high area under the receiver operating characteristic(AROC)value that reached 99.97%and low rates of 0.00137,0.00148,and 3516 CMC,2023,vol.74,no.20.00157 for equal error rate(EER),false reject rate(FRR),and a false accept rate(FAR),respectively.展开更多
基金National Natural Science Foundation of China(No.61503251)Natural Science Foundation of Shanghai,China(No.16ZR1424500)
文摘An optimization of device-to-device(D2D) security rate algorithm based on power control is provided to enhance the physical layer security underlaying D2D communication and guarantee the data rate requirement of the cellular user(CU) at the same time.First,a scenario model is set up,in which an eavesdropper is considered to wiretap the information of D2D transmitters.Then,a secure region of D2D communication is proposed.When D2D communication users reside outside the secure region,the spectrum of CU's is not allowed to share with the D2D communication so as to avoid eavesdropper tapping useful information of D2D communication.When D2D communication users reside inside the secure region,the security rate of D2D is maximized by optimization of the transmitting power of D2D and CU.The simulation results showthat the achieved D2D security rate of the proposed algorithm increases 2.8 bps/Hz when the signal to noise ratio(SNR) is 15 d B,compared with that when the random access algorithm is used.
基金Supported by the National Natural Science Foundation of China(61370212)the Research Fund for the Doctoral Program of Higher Education of China(20122304130002)+1 种基金the Natural Science Foundation of Heilongjiang Province(ZD 201102)the Fundamental Research Fund for the Central Universities(HEUCFZ1213,HEUCF100601)
文摘A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.
基金supported in part by the Aerospace Science and Technology Innovation Fund of China Aerospace Science and Technology Corporationin part by the Shanghai Aerospace Science and Technology Innovation Fund (No. SAST2018045, SAST2016034, SAST2017049)+1 种基金in part by the China Fundamental Research Fund for the Central Universities (No. 3102018QD096)in part by the Seed Foundation of Innovation and Creation for Graduate Students in Northwestern Polytechnical University (No. ZZ2019024)
文摘In order to improve the physical layer security of the device-to-device(D2D)cellular network,we propose a collaborative scheme for the transmit antenna selection and the optimal D2D pair establishment based on deep learning.Due to the mobility of users,using the current channel state information to select a transmit antenna or establish a D2D pair for the next time slot cannot ensure secure communication.Therefore,in this paper,we utilize the Echo State Network(ESN)to select the transmit antenna and the Long Short-Term Memory(LSTM)to establish the D2D pair.The simulation results show that the LSTMbased and ESN-based collaboration scheme can effectively improve the security capacity of the cellular network with D2D and increase the life of the base station.
文摘The blockchain trilemma—balancing decentralization,security,and scalability—remains a critical challenge in distributed ledger technology.Despite significant advancements,achieving all three attributes simultaneously continues to elude most blockchain systems,often forcing trade-offs that limit their real-world applicability.This review paper synthesizes current research efforts aimed at resolving the trilemma,focusing on innovative consensus mechanisms,sharding techniques,layer-2 protocols,and hybrid architectural models.We critically analyze recent breakthroughs,including Directed Acyclic Graph(DAG)-based structures,cross-chain interoperability frameworks,and zero-knowledge proof(ZKP)enhancements,which aimto reconcile scalability with robust security and decentralization.Furthermore,we evaluate the trade-offs inherent in these approaches,highlighting their practical implications for enterprise adoption,decentralized finance(DeFi),and Web3 ecosystems.By mapping the evolving landscape of solutions,this review identifies gaps in currentmethodologies and proposes future research directions,such as adaptive consensus algorithms and artificial intelligence-driven(AI-driven)governance models.Our analysis underscores that while no universal solution exists,interdisciplinary innovations are progressively narrowing the trilemma’s constraints,paving the way for next-generation blockchain infrastructures.
基金funded by a grant from the Interdisciplinary Research Institute in New Finance and Economics,Hubei University of Economics(No.JXZD202403).
文摘Energy security is a crucial aspect of modern societies,as it directly impacts the availability,accessibility,and reliability of energy sources.The reliance on natural resources and geopolitical factors in shaping energy security has gained significant attention in recent years.Natural resources and geopolitical risk are examined in 38 countries at risk of geopolitical conflict between 1990 and 2021 by examining CO_(2) emissions,renewable energy consumption,and foreign direct investment as controlling variables.The long-run analysis conducted in this study focused on slope heterogeneity,Westerlund cointegration,and dynamic panel data estimation.The findings indicated that the energy security index is positively associated with various determinants,including natural resources,geopolitical risk,CO_(2) emissions,and renewable energy consumption.However,foreign direct investment was found to be negatively associated with the energy security index among the selected 38 geopolitical risk countries.The role of natural resources and geopolitical risk in energy security cannot be overlooked.Natural resources provide the raw materials for generating electricity and powering our societies,while geopolitical risks can disrupt energy supply chains and threaten stability.Achieving sustainable energy security requires a comprehensive approach that addresses both aspects of energy provision.Transitioning to renewable energy sources,improving energy efficiency,diversifying energy supplies,promoting international cooperation,and conserving natural resources are essential steps towards a more sustainable and resilient energy future.
文摘More and more modern group oriented collaborativeapplications use the peer-to-peer(P2P)paradigm tobe independent of expensive infrastructures as theyare,for instance,provided for audio and video conferencesby H.323 systems.Decentralized collaborativeP2P solutions require appropriate mechanismsto protect group privacy and data integrity.A centralizedclient/server based video conference system canbe well shielded in a standard manner,whilst thereare no off-the-shelf approaches to secure a P2P videoconference up to now.The paper addresses this issueand presents a flexible security architecture.Usingthe BRAVIS system[4]as an example it shows howthe architecture can be embedded into a P2P videoconferencing system.
文摘The recent and unprecedented surge of public interest in peer-to-peer (P2P) file-sharing systems has led to a variety of interesting research questions. How to minimize threats in such an open community is an impor-tant research topic. Trust models have been widely used in estimating the trustworthiness of peers in P2P file-sharing systems where peers can transact with each other without prior experience. However, current P2P trust models almost take no consideration for the nature of trust, fuzzy, complex and dynamic, which results in low efficiency in resisting the attacks of malicious nodes. In this paper, a new trust model named NatureTrust that can alleviate the shortage brought by the nature of trust is proposed. In order to cope with the fuzzy characteristic of trust, linguistic terms are used to express trust. Additionally, fuzzy inference rules are employed to evaluate trust of each transaction so as to handle the complex characteristic of trust. Fur-thermore, risk factor is deployed into NatureTrust to represent and reason with the dynamic characteristic of trust. Both risk and trust factors are considered in evaluating the trustworthiness of each peer. Experimental results show that the trust model analyzed here thus stands against malicious act effectively.
基金supported in part by National Natural Science Foundation of China under Grants 61602048National Natural Science Foundation of China under Grants 61471060+1 种基金Creative Research Groups of China under Grants 61421061National Science and Technology Major Project of the Ministry of Science and Technology of China under Grants 2015ZX03001025-002
文摘In device-to-device(D2D) communications, device terminal relaying makes it possible for devices in a network to function as transmission relays for each other to enhance the spectral efficiency. In this paper we consider a cooperative D2D communication system with simultaneous wireless information and power transfer(SWIPT). The cooperative D2D communication scheme allows two nearby devices to communicate with each other in the licensed cellular bandwidth by assigning D2D transmitters as half-duplex(HD) relay to assists cellular downlink transmissions. In particular, we focus on secure information transmission for the cellular users when the idle D2D users are the potential eavesdroppers. We aim to design secure beamforming schemes to maximize the D2D users data rate while guaranteeing the secrecy rate requirements of the cellular users and the minimum required amounts of power transferred to the idle D2D users. To solve this non-convex problem, a semi-definite programming relaxation(SDR) approach is adopted to obtain the optimal solution. Furthermore, we propose two suboptimal secure beamforming schemes with low computational complexity for providing secure communication and efficient energy transfer. Simulation results demonstrate the superiority of our proposed scheme.
基金supported in part by the Research Start-Up Fund for Talent Researcher of Nanjing Agricultural University(77H0603)。
文摘The speed and pace of the transmission of severe acute respiratory syndrome coronavirus 2(SARS-CoV-2;also referred to as novel Coronavirus 2019 and COVID-19)have resulted in a global pandemic,with significant health,financial,political,and other implications.There have been various attempts to manage COVID-19 and other pandemics using technologies such as Internet of Things(IoT)and 5G/6G communications.However,we also need to ensure that IoT devices used to facilitate COVID-19 monitoring and treatment(e.g.,medical IoT devices)are secured,as the compromise of such devices can have significant consequences(e.g.,life-threatening risks to COVID-19 patients).Hence,in this paper we comprehensively survey existing IoT-related solutions,potential security and privacy risks and their requirements.For example,we classify existing security and privacy solutions into five categories,namely:authentication and access control solutions,key management and cryptography solutions,blockchain-based solutions,intrusion detection systems,and privacy-preserving solutions.In each category,we identify the associated challenges.We also identify a number of recommendations to inform future research.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
文摘目的:探讨点阵CO_(2)激光联合短波治疗仪导入重组牛碱性成纤维细胞生长因子(Recombinant bovine basic fibroblast growth factor,rb-bFGF)凝胶修复痤疮凹陷性瘢痕的美学效果及安全性。方法:纳入2023年1月-2024年1月就诊于笔者医院的134例痤疮凹陷性瘢痕患者,根据随机数字表法将其分为对照组和观察组,各67例;对照组接受点阵CO_(2)激光治疗,观察组接受点阵CO_(2)激光联合短波治疗仪导入rb-bFGF凝胶治疗。比较两组临床疗效、皮肤生理指标、美学效果评分及不良事件。结果:观察组临床疗效率(94.03%)显著高于对照组(76.12%)(P<0.05)。在调整治疗前各皮肤生理指标后,观察组治疗后经皮水分丢失量(Transdermal water loss,TEWL)、蛋白质含量均低于对照组,皮肤角质层含水量(Water content of cuticle of skin,WCSC)高于对照组(P<0.05)。在调整治疗前美观评分量表各条目后,观察组治疗后舒适度、心理影响、社交影响、自我观感、可接受性、色素沉着、柔软度、平整度和瑕疵范围得分均高于对照组(P<0.05)。两组痤疮凹陷性瘢痕患者水肿、红斑、色素沉着等不良事件发生率比较,差异无统计学意义(11.94%vs.5.97%,P>0.05)。结论:点阵CO_(2)激光联合短波治疗仪导入rb-bFGF用于痤疮凹陷性瘢痕患者的临床疗效确切,可改善皮肤生理指标,显著提升美学效果,且安全性良好。
文摘Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.
文摘Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.
文摘Nowadays,there is tremendous growth in biometric authentication and cybersecurity applications.Thus,the efficient way of storing and securing personal biometric patterns is mandatory in most governmental and private sectors.Therefore,designing and implementing robust security algorithms for users’biometrics is still a hot research area to be investigated.This work presents a powerful biometric security system(BSS)to protect different biometric modalities such as faces,iris,and fingerprints.The proposed BSSmodel is based on hybridizing auto-encoder(AE)network and a chaos-based ciphering algorithm to cipher the details of the stored biometric patterns and ensures their secrecy.The employed AE network is unsupervised deep learning(DL)structure used in the proposed BSS model to extract main biometric features.These obtained features are utilized to generate two random chaos matrices.The first random chaos matrix is used to permute the pixels of biometric images.In contrast,the second random matrix is used to further cipher and confuse the resulting permuted biometric pixels using a two-dimensional(2D)chaotic logisticmap(CLM)algorithm.To assess the efficiency of the proposed BSS,(1)different standardized color and grayscale images of the examined fingerprint,faces,and iris biometrics were used(2)comprehensive security and recognition evaluation metrics were measured.The assessment results have proven the authentication and robustness superiority of the proposed BSSmodel compared to other existing BSSmodels.For example,the proposed BSS succeeds in getting a high area under the receiver operating characteristic(AROC)value that reached 99.97%and low rates of 0.00137,0.00148,and 3516 CMC,2023,vol.74,no.20.00157 for equal error rate(EER),false reject rate(FRR),and a false accept rate(FAR),respectively.
