Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and th...Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.展开更多
The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and...The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and access information.Among the many smartphones available,those operating on the Android platform dominate,being the most widely used type.This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years.Therefore,there is an urgent need to develop new methods for detecting Android malware.The literature contains numerous works related to Android malware detection.As far as our understanding extends,we are the first ones to identify dangerous combinations of permissions and system calls to uncover malicious behavior in Android applications.We introduce a novel methodology that pairs permissions and system calls to distinguish between benign and malicious samples.This approach combines the advantages of static and dynamic analysis,offering a more comprehensive understanding of an application’s behavior.We establish covalent bonds between permissions and system calls to assess their combined impact.We introduce a novel technique to determine these pairs’Covalent Bond Strength Score.Each pair is assigned two scores,one for malicious behavior and another for benign behavior.These scores serve as the basis for classifying applications as benign or malicious.By correlating permissions with system calls,the study enables a detailed examination of how an app utilizes its requested permissions,aiding in differentiating legitimate and potentially harmful actions.This comprehensive analysis provides a robust framework for Android malware detection,marking a significant contribution to the field.The results of our experiments demonstrate a remarkable overall accuracy of 97.5%,surpassing various state-of-the-art detection techniques proposed in the current literature.展开更多
As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations,related stakeholders need a means to assess the trustworthiness of the applications involved within.It...As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations,related stakeholders need a means to assess the trustworthiness of the applications involved within.It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy.Therefore,this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications.The framework divides itself into different implementation domains,i.e.,organization security,application security,consensus mechanism security,node management and network security,host security and perimeter security,and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains.In addition,a case study,including a security testing and risk evaluation on each stack of a specific organization,is demonstrated as an implementation instruction of our proposed risk management framework.According to the best of our knowledge,this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view.If users can trust the applications that adopted this framework,this study can contribute to the adoption of permissioned blockchain-enabled technologies.Furthermore,application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.展开更多
In the age of smartphones, people do most of their daily work using their smartphones due to significant improvement in smartphone technology. When comparing different platforms such as Windows, iOS, Android, and Blac...In the age of smartphones, people do most of their daily work using their smartphones due to significant improvement in smartphone technology. When comparing different platforms such as Windows, iOS, Android, and Blackberry, Android has captured the highest percentage of total market share [1]. Due to this tremendous growth, cybercriminals are encouraged to penetrate various mobile marketplaces with malicious applications. Most of these applications require device information permissions aiming to collect sensitive data without user’s consent. This paper investigates each element of system information permissions and illustrates how cybercriminals can harm users’ privacy. It presents some attack scenarios using READ_PHONE_STATE permission and the risks behind it. In addition, this paper refers to possible attacks that can be performed when additional permissions are combined with READ_PHONE_STATE permission. It also discusses a proposed solution to defeat these types of attacks.展开更多
Mobile applications affect user’s privacy based on the granted application’s permissions as attackers exploit mobile application permissions in Android and other mobile operating systems. This research divides permi...Mobile applications affect user’s privacy based on the granted application’s permissions as attackers exploit mobile application permissions in Android and other mobile operating systems. This research divides permissions based on Google’s classification of dangerous permissions into three groups. The first group contains the permissions that can access user’s private data such as reading call log. The second group contains the permissions that can modify user’s data such as modifying the numbers in contacts. The third group contains the remaining permissions which can track the location, and use the microphone and other sensitive issues that can spy on the user. This research is supported by a study that was conducted on 100 participants in Saudi Arabia to show the level of users’ awareness of associated risks in mobile applications permissions. Associations among the collected data are also analyzed. This research fills the gap in user’s awareness by providing best practices in addition to developing a new mobile application to help users decide whether an application is safe to be installed and used or not. This application is called “Sparrow” and is available in Google Play Store.展开更多
Consensus protocols are used for the distributed management of large databases in an environment without trust among participants.The choice of a specific protocol depends on the purpose and characteristics of the sys...Consensus protocols are used for the distributed management of large databases in an environment without trust among participants.The choice of a specific protocol depends on the purpose and characteristics of the system itself.The subjects of the paper are consensus protocols in permissioned blockchains.The objective of this paper is to identify functional advantages and disadvantages of observed protocol.The analysis covers a total of six consensus protocols for permissioned blockchains.The following characteristics were compared:security,trust among participants,throughput and scalability.The results show that no protocol shows absolute dominance in all aspects of the comparison.Paxos and Raft are intended for systems in which there is no suspicion of unreliable users,but only the problem of a temporary shutdown.Practical Byzantine Fault Tolerance is intended for systems with a small number of nodes.Federated Byzantine Fault Tolerance shows better scalability and is more suitable for large systems,but can withstand a smaller number of malicious nodes.Proof-of-authority can withstand the largest number of malicious nodes without interfering with the functioning of the system.When choosing a consensus protocol for a blockchain application,one should take into account priority characteristics.展开更多
Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected again...Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected against unintended access.User permissions often evolve over time,and changes are often made in an ad hoc manner and do not follow any rigorous process.This is largely due to the fact that the structure of the implemented permissions are often determined by experts during initial system configuration and documentation is rarely created.Furthermore,permissions are often not audited due to the volume of information,the requirement of expert knowledge,and the time required to perform manual analysis.This paper presents a novel,unsupervised technique whereby a statistical analysis technique is developed and applied to detect instances of permission creep.The system(herein refereed to as Creeper)has initially been developed for Microsoft systems;however,it is easily extensible and can be applied to other access control systems.Experimental analysis has demonstrated good performance and applicability on synthetic file system permissions with an average accuracy of 96%.Empirical analysis is subsequently performed on five real-world systems where an average accuracy of 98%is established.展开更多
Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected again...Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected against unintended access.User permissions often evolve over time,and changes are often made in an ad hoc manner and do not follow any rigorous process.This is largely due to the fact that the structure of the implemented permissions are often determined by experts during initial system configuration and documentation is rarely created.Furthermore,permissions are often not audited due to the volume of information,the requirement of expert knowledge,and the time required to perform manual analysis.This paper presents a novel,unsupervised technique whereby a statistical analysis technique is developed and applied to detect instances of permission creep.The system(herein refereed to as Creeper)has initially been developed for Microsoft systems;however,it is easily extensible and can be applied to other access control systems.Experimental analysis has demonstrated good performance and applicability on synthetic file system permissions with an average accuracy of 96%.Empirical analysis is subsequently performed on five real-world systems where an average accuracy of 98% is established.展开更多
Permission delegation has become a new way for data sharing by delegating the authorized permission to other users.A flexible authorization model with strict access control policies is promising for electronic health ...Permission delegation has become a new way for data sharing by delegating the authorized permission to other users.A flexible authorization model with strict access control policies is promising for electronic health record(EHR)sharing with security.In this paper,a blockchain-based multi-hop permission delegation scheme with controllable delegation depth for EHR sharing has been presented.We use the interplanetary file system(IPFS)for storing the original EHRs.Smart contracts and proxy re-encryption technology are implemented for permission delegation.In order to ensure data security,we use attribute-based encryption to provide fine-grained access control.Additionally,blockchain is used to achieve traceability and immutability.We deploy smart contracts so that the delegation depth can be set by delegators.Security analysis of the proposed protocol shows that our solution meets the designed goals.Finally,we evaluate the proposed algorithm and implement the scheme on the Ethereum test chain.Our scheme outperforms the competition in terms of performance,according to the results of our experiments.展开更多
Each of us fails from time to time. If we are wise, we accept these failures as a necessary part of the learning process.Daniel, my youngest third-grader, was a shy, nervous kid. His fear of failure kept him from clas...Each of us fails from time to time. If we are wise, we accept these failures as a necessary part of the learning process.Daniel, my youngest third-grader, was a shy, nervous kid. His fear of failure kept him from class games that other children played. He seldom answered questions for fear of being wrong.展开更多
China Nitrogenous Fertilizer Industry Association(CNFIA) disclosed on March 12th thatthe drafted permission conditions for the syntheticammonia will soon be submitted to theMinistry of Industry and Information Technol...China Nitrogenous Fertilizer Industry Association(CNFIA) disclosed on March 12th thatthe drafted permission conditions for the syntheticammonia will soon be submitted to theMinistry of Industry and Information Technologyof China for approval.The draftedpermissions, drawn by CFNIA, proposedprimarily the minimum capacity for new syntheticammonia project is 300 000 t/a, mean-展开更多
The Ministry of Industry and InformationTechnology (MⅡT) released a proposed PermitConditions for Manufacturing Pesticidesand expected to implement it all over the countryas soon as it is nodded by the public.The pro...The Ministry of Industry and InformationTechnology (MⅡT) released a proposed PermitConditions for Manufacturing Pesticidesand expected to implement it all over the countryas soon as it is nodded by the public.The proposed permission defines the minimumregistered capital for three categories ofpesticide manufacturers, and the requirementsof location, factory layout, pollutants treatmentfacilities, production installations, qual-展开更多
The editors regret that the following statements were missing in the published version for the following articles that appeared in previous issues of Data Science and Management:1.“Audiovisual speech recognition base...The editors regret that the following statements were missing in the published version for the following articles that appeared in previous issues of Data Science and Management:1.“Audiovisual speech recognition based on a deep convolutional neural network”(Data Science and Management,2024,7(1):25–34).https://doi.org/10.1016/j.dsm.2023.10.002.Ethics statement:The authors declare the Institutional Ethics Committee confirmed that no ethical review was required for this study.The authors have taken the participants’permission and consent to participate in this study.展开更多
1Legal requirements.The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and t...1Legal requirements.The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and that the publisher will not be held legally responsible should there be any claims for compensation.Authors wishing to include figures or text passages that have already been published elsewhere are required to obtain permission from the copyright holder(s)and to include evidence that such permission has been granted when submitting their papers.Any material received without such evidence will be assumed to originate from the authors.展开更多
1Legal requirements The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and t...1Legal requirements The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and that the publisher will not be held legally responsible should there be any claims for compensation.Authors wishing to include figures or text passages that have already been published elsewhere are required to obtain permission from the copyright holder(s)and to include evidence that such permission has been granted when submitting their papers.Any material received without such evidence will be assumed to originate from the authors.展开更多
Vertical Federated Learning(VFL),which draws attention because of its ability to evaluate individuals based on features spread across multiple institutions,encounters numerous privacy and security threats.Existing sol...Vertical Federated Learning(VFL),which draws attention because of its ability to evaluate individuals based on features spread across multiple institutions,encounters numerous privacy and security threats.Existing solutions often suffer from centralized architectures,and exorbitant costs.To mitigate these issues,in this paper,we propose SecureVFL,a decentralized multi-party VFL scheme designed to enhance efficiency and trustworthiness while guaranteeing privacy.SecureVFL uses a permissioned blockchain and introduces a novel consensus algorithm,Proof of Feature Sharing(PoFS),to facilitate decentralized,trustworthy,and high-throughput federated training.SecureVFL introduces a verifiable and lightweight three-party Replicated Secret Sharing(RSS)protocol for feature intersection summation among overlapping users.Furthermore,we propose a(_(2)^(4))-sharing protocol to achieve federated training in a four-party VFL setting.This protocol involves only addition operations and exhibits robustness.SecureVFL not only enables anonymous interactions among participants but also safeguards their real identities,and provides mechanisms to unmask these identities when malicious activities are performed.We illustrate the proposed mechanism through a case study on VFL across four banks.Finally,our theoretical analysis proves the security of SecureVFL.Experiments demonstrated that SecureVFL outperformed existing multi-party VFL privacy-preserving schemes,such as MP-FedXGB,in terms of both overhead and model performance.展开更多
BACKGROUND An investigation is undertaken to assess the effects of permissive hypercapnia(PH)combined with goal-directed fluid therapy(GDFT)on postoperative recovery and psychological well-being among elderly patients...BACKGROUND An investigation is undertaken to assess the effects of permissive hypercapnia(PH)combined with goal-directed fluid therapy(GDFT)on postoperative recovery and psychological well-being among elderly patients undergoing laparoscopic surgical procedures.AIM To ascertain whether the combination of PH and GDFT improves clinical recovery indicators,reduces postoperative complications,and alleviates anxiety,depression,and inflammatory responses in this specific patient population.METHODS A total of 120 elderly patients who underwent laparoscopic surgery in our hospital from July 2023 to June 2024 were randomly allocated into two groups:A control group(n=60)and a study group(n=60).In the control group,conventional anesthesia ventilation and fluid management protocols were administered,while in the study group,PH(with intraoperative PaCO_(2) maintained between 45-55 mmHg)was combined with GDFT.Postoperative recovery indicators,including the time to first flatus,time to ambulation,and length of hospital stay,were compared between the groups.Additionally,complication rates,anxietydepression scores assessed via the Hospital Anxiety and Depression scale,and levels of inflammatory factors were analyzed to evaluate the outcomes.RESULTS When compared with the control group,the study group demonstrated significantly shorter time to first flatus[(48.3±6.2)hours vs(62.5±7.8)hours],time to ambulation[(28.4±4.2)hours vs(38.6±5.1)hours],and length of hospital stay[(5.2±1.1)days vs(7.4±1.3)days](P<0.05).A significantly lower postoperative complication rate was observed in the study group(8.3%vs 21.7%,P<0.05).Additionally,at 3 days postoperatively,significantly lower anxiety scores[(5.2±1.4)vs(7.8±1.6)]and depression scores[(4.8±1.2)vs(7.1±1.5)]were recorded in the study group compared to the control group(P<0.05);Furthermore,at 24 hours postoperatively,serum levels of interleukin-6,tumor necrosis factorα,and C-reactive protein were found to be significantly lower in the study group than in the control group(P<0.05).CONCLUSION Postoperative recovery is significantly expedited,postoperative complications are markedly reduced,anxietydepression status is substantially improved,and inflammatory response is notably diminished in elderly patients undergoing laparoscopic surgery when PH is combined with GDFT,thereby making it worthy of clinical application.展开更多
基金Project(61003140) supported by the National Natural Science Foundation of ChinaProject(013/2010/A) supported by Macao Science and Technology Development FundProject(10YJC630236) supported by Social Science Foundation for the Youth Scholars of Ministry of Education of China
文摘Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.
文摘The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and access information.Among the many smartphones available,those operating on the Android platform dominate,being the most widely used type.This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years.Therefore,there is an urgent need to develop new methods for detecting Android malware.The literature contains numerous works related to Android malware detection.As far as our understanding extends,we are the first ones to identify dangerous combinations of permissions and system calls to uncover malicious behavior in Android applications.We introduce a novel methodology that pairs permissions and system calls to distinguish between benign and malicious samples.This approach combines the advantages of static and dynamic analysis,offering a more comprehensive understanding of an application’s behavior.We establish covalent bonds between permissions and system calls to assess their combined impact.We introduce a novel technique to determine these pairs’Covalent Bond Strength Score.Each pair is assigned two scores,one for malicious behavior and another for benign behavior.These scores serve as the basis for classifying applications as benign or malicious.By correlating permissions with system calls,the study enables a detailed examination of how an app utilizes its requested permissions,aiding in differentiating legitimate and potentially harmful actions.This comprehensive analysis provides a robust framework for Android malware detection,marking a significant contribution to the field.The results of our experiments demonstrate a remarkable overall accuracy of 97.5%,surpassing various state-of-the-art detection techniques proposed in the current literature.
基金This work was supported by the Ministry of Science and Technology,Taiwan,under grants MOST 110-2218-E-011-007-MBK,MOST 111-2218-E-011-012-MBK,MOST 109-2221-E-011-110-MY2,MOST 109-2221-E-259-011-MY2,MOST 110-2629-E-259-001,MOST 110-2926-I-259-501,and MOST 110-2634-F-A49-004.
文摘As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations,related stakeholders need a means to assess the trustworthiness of the applications involved within.It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy.Therefore,this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications.The framework divides itself into different implementation domains,i.e.,organization security,application security,consensus mechanism security,node management and network security,host security and perimeter security,and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains.In addition,a case study,including a security testing and risk evaluation on each stack of a specific organization,is demonstrated as an implementation instruction of our proposed risk management framework.According to the best of our knowledge,this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view.If users can trust the applications that adopted this framework,this study can contribute to the adoption of permissioned blockchain-enabled technologies.Furthermore,application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.
文摘In the age of smartphones, people do most of their daily work using their smartphones due to significant improvement in smartphone technology. When comparing different platforms such as Windows, iOS, Android, and Blackberry, Android has captured the highest percentage of total market share [1]. Due to this tremendous growth, cybercriminals are encouraged to penetrate various mobile marketplaces with malicious applications. Most of these applications require device information permissions aiming to collect sensitive data without user’s consent. This paper investigates each element of system information permissions and illustrates how cybercriminals can harm users’ privacy. It presents some attack scenarios using READ_PHONE_STATE permission and the risks behind it. In addition, this paper refers to possible attacks that can be performed when additional permissions are combined with READ_PHONE_STATE permission. It also discusses a proposed solution to defeat these types of attacks.
文摘Mobile applications affect user’s privacy based on the granted application’s permissions as attackers exploit mobile application permissions in Android and other mobile operating systems. This research divides permissions based on Google’s classification of dangerous permissions into three groups. The first group contains the permissions that can access user’s private data such as reading call log. The second group contains the permissions that can modify user’s data such as modifying the numbers in contacts. The third group contains the remaining permissions which can track the location, and use the microphone and other sensitive issues that can spy on the user. This research is supported by a study that was conducted on 100 participants in Saudi Arabia to show the level of users’ awareness of associated risks in mobile applications permissions. Associations among the collected data are also analyzed. This research fills the gap in user’s awareness by providing best practices in addition to developing a new mobile application to help users decide whether an application is safe to be installed and used or not. This application is called “Sparrow” and is available in Google Play Store.
文摘Consensus protocols are used for the distributed management of large databases in an environment without trust among participants.The choice of a specific protocol depends on the purpose and characteristics of the system itself.The subjects of the paper are consensus protocols in permissioned blockchains.The objective of this paper is to identify functional advantages and disadvantages of observed protocol.The analysis covers a total of six consensus protocols for permissioned blockchains.The following characteristics were compared:security,trust among participants,throughput and scalability.The results show that no protocol shows absolute dominance in all aspects of the comparison.Paxos and Raft are intended for systems in which there is no suspicion of unreliable users,but only the problem of a temporary shutdown.Practical Byzantine Fault Tolerance is intended for systems with a small number of nodes.Federated Byzantine Fault Tolerance shows better scalability and is more suitable for large systems,but can withstand a smaller number of malicious nodes.Proof-of-authority can withstand the largest number of malicious nodes without interfering with the functioning of the system.When choosing a consensus protocol for a blockchain application,one should take into account priority characteristics.
基金This work was undertaken during a project funded by the UK’s Digital Catapult Researcher in Residency Fellowship programme(Grant Ref:EP/M029263/1).The funding supported the research,development,and empirical testing presented in this paper.
文摘Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected against unintended access.User permissions often evolve over time,and changes are often made in an ad hoc manner and do not follow any rigorous process.This is largely due to the fact that the structure of the implemented permissions are often determined by experts during initial system configuration and documentation is rarely created.Furthermore,permissions are often not audited due to the volume of information,the requirement of expert knowledge,and the time required to perform manual analysis.This paper presents a novel,unsupervised technique whereby a statistical analysis technique is developed and applied to detect instances of permission creep.The system(herein refereed to as Creeper)has initially been developed for Microsoft systems;however,it is easily extensible and can be applied to other access control systems.Experimental analysis has demonstrated good performance and applicability on synthetic file system permissions with an average accuracy of 96%.Empirical analysis is subsequently performed on five real-world systems where an average accuracy of 98%is established.
基金undertaken during a project funded by the UK’s Digital Catapult Researcher in Residency Fellowship programme(Grant Ref:EP/M029263/1).
文摘Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources.This is certainly true of file systems whereby information needs to be protected against unintended access.User permissions often evolve over time,and changes are often made in an ad hoc manner and do not follow any rigorous process.This is largely due to the fact that the structure of the implemented permissions are often determined by experts during initial system configuration and documentation is rarely created.Furthermore,permissions are often not audited due to the volume of information,the requirement of expert knowledge,and the time required to perform manual analysis.This paper presents a novel,unsupervised technique whereby a statistical analysis technique is developed and applied to detect instances of permission creep.The system(herein refereed to as Creeper)has initially been developed for Microsoft systems;however,it is easily extensible and can be applied to other access control systems.Experimental analysis has demonstrated good performance and applicability on synthetic file system permissions with an average accuracy of 96%.Empirical analysis is subsequently performed on five real-world systems where an average accuracy of 98% is established.
基金supported by the National Natural Science Foundation of China(No.62072005)Natural Science Foundation of Anhui Province,China(No.2108085Y22)Anhui Provincial Engineering Laboratory on Information Fusion and Control of Intelligent Rabot,China(No.IFCIR2020008).
文摘Permission delegation has become a new way for data sharing by delegating the authorized permission to other users.A flexible authorization model with strict access control policies is promising for electronic health record(EHR)sharing with security.In this paper,a blockchain-based multi-hop permission delegation scheme with controllable delegation depth for EHR sharing has been presented.We use the interplanetary file system(IPFS)for storing the original EHRs.Smart contracts and proxy re-encryption technology are implemented for permission delegation.In order to ensure data security,we use attribute-based encryption to provide fine-grained access control.Additionally,blockchain is used to achieve traceability and immutability.We deploy smart contracts so that the delegation depth can be set by delegators.Security analysis of the proposed protocol shows that our solution meets the designed goals.Finally,we evaluate the proposed algorithm and implement the scheme on the Ethereum test chain.Our scheme outperforms the competition in terms of performance,according to the results of our experiments.
文摘Each of us fails from time to time. If we are wise, we accept these failures as a necessary part of the learning process.Daniel, my youngest third-grader, was a shy, nervous kid. His fear of failure kept him from class games that other children played. He seldom answered questions for fear of being wrong.
文摘China Nitrogenous Fertilizer Industry Association(CNFIA) disclosed on March 12th thatthe drafted permission conditions for the syntheticammonia will soon be submitted to theMinistry of Industry and Information Technologyof China for approval.The draftedpermissions, drawn by CFNIA, proposedprimarily the minimum capacity for new syntheticammonia project is 300 000 t/a, mean-
文摘The Ministry of Industry and InformationTechnology (MⅡT) released a proposed PermitConditions for Manufacturing Pesticidesand expected to implement it all over the countryas soon as it is nodded by the public.The proposed permission defines the minimumregistered capital for three categories ofpesticide manufacturers, and the requirementsof location, factory layout, pollutants treatmentfacilities, production installations, qual-
文摘The editors regret that the following statements were missing in the published version for the following articles that appeared in previous issues of Data Science and Management:1.“Audiovisual speech recognition based on a deep convolutional neural network”(Data Science and Management,2024,7(1):25–34).https://doi.org/10.1016/j.dsm.2023.10.002.Ethics statement:The authors declare the Institutional Ethics Committee confirmed that no ethical review was required for this study.The authors have taken the participants’permission and consent to participate in this study.
文摘1Legal requirements.The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and that the publisher will not be held legally responsible should there be any claims for compensation.Authors wishing to include figures or text passages that have already been published elsewhere are required to obtain permission from the copyright holder(s)and to include evidence that such permission has been granted when submitting their papers.Any material received without such evidence will be assumed to originate from the authors.
文摘1Legal requirements The author(s)guarantee(s)that the manuscript will not be published elsewhere in any language without the consent of the copyright holders,that the rights of third parties will not be violated,and that the publisher will not be held legally responsible should there be any claims for compensation.Authors wishing to include figures or text passages that have already been published elsewhere are required to obtain permission from the copyright holder(s)and to include evidence that such permission has been granted when submitting their papers.Any material received without such evidence will be assumed to originate from the authors.
基金supported by Open Research Projects of Zhejiang Lab(No.2022QA0AB02)Natural Science Foundation of Sichuan Province(2022NSFSC0913)Sichuan Province Selected Funding for Postdoctoral Research Projects(TB2022032).
文摘Vertical Federated Learning(VFL),which draws attention because of its ability to evaluate individuals based on features spread across multiple institutions,encounters numerous privacy and security threats.Existing solutions often suffer from centralized architectures,and exorbitant costs.To mitigate these issues,in this paper,we propose SecureVFL,a decentralized multi-party VFL scheme designed to enhance efficiency and trustworthiness while guaranteeing privacy.SecureVFL uses a permissioned blockchain and introduces a novel consensus algorithm,Proof of Feature Sharing(PoFS),to facilitate decentralized,trustworthy,and high-throughput federated training.SecureVFL introduces a verifiable and lightweight three-party Replicated Secret Sharing(RSS)protocol for feature intersection summation among overlapping users.Furthermore,we propose a(_(2)^(4))-sharing protocol to achieve federated training in a four-party VFL setting.This protocol involves only addition operations and exhibits robustness.SecureVFL not only enables anonymous interactions among participants but also safeguards their real identities,and provides mechanisms to unmask these identities when malicious activities are performed.We illustrate the proposed mechanism through a case study on VFL across four banks.Finally,our theoretical analysis proves the security of SecureVFL.Experiments demonstrated that SecureVFL outperformed existing multi-party VFL privacy-preserving schemes,such as MP-FedXGB,in terms of both overhead and model performance.
基金Supported by the 2024 Hebei Medical Science Research Project,No.20241638Key Research and Development Program of Zhangjiakou City,No.2311041D.
文摘BACKGROUND An investigation is undertaken to assess the effects of permissive hypercapnia(PH)combined with goal-directed fluid therapy(GDFT)on postoperative recovery and psychological well-being among elderly patients undergoing laparoscopic surgical procedures.AIM To ascertain whether the combination of PH and GDFT improves clinical recovery indicators,reduces postoperative complications,and alleviates anxiety,depression,and inflammatory responses in this specific patient population.METHODS A total of 120 elderly patients who underwent laparoscopic surgery in our hospital from July 2023 to June 2024 were randomly allocated into two groups:A control group(n=60)and a study group(n=60).In the control group,conventional anesthesia ventilation and fluid management protocols were administered,while in the study group,PH(with intraoperative PaCO_(2) maintained between 45-55 mmHg)was combined with GDFT.Postoperative recovery indicators,including the time to first flatus,time to ambulation,and length of hospital stay,were compared between the groups.Additionally,complication rates,anxietydepression scores assessed via the Hospital Anxiety and Depression scale,and levels of inflammatory factors were analyzed to evaluate the outcomes.RESULTS When compared with the control group,the study group demonstrated significantly shorter time to first flatus[(48.3±6.2)hours vs(62.5±7.8)hours],time to ambulation[(28.4±4.2)hours vs(38.6±5.1)hours],and length of hospital stay[(5.2±1.1)days vs(7.4±1.3)days](P<0.05).A significantly lower postoperative complication rate was observed in the study group(8.3%vs 21.7%,P<0.05).Additionally,at 3 days postoperatively,significantly lower anxiety scores[(5.2±1.4)vs(7.8±1.6)]and depression scores[(4.8±1.2)vs(7.1±1.5)]were recorded in the study group compared to the control group(P<0.05);Furthermore,at 24 hours postoperatively,serum levels of interleukin-6,tumor necrosis factorα,and C-reactive protein were found to be significantly lower in the study group than in the control group(P<0.05).CONCLUSION Postoperative recovery is significantly expedited,postoperative complications are markedly reduced,anxietydepression status is substantially improved,and inflammatory response is notably diminished in elderly patients undergoing laparoscopic surgery when PH is combined with GDFT,thereby making it worthy of clinical application.
