Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematica...Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematical and computer modeling of a novel two-dimensional(2D)chaotic system for secure key generation in quantum image encryption(QIE).The proposed map employs trigonometric perturbations in conjunction with rational-saturation functions and hence,named as Trigonometric-Rational-Saturation(TRS)map.Through rigorous mathematical analysis and computational simulations,the map is extensively evaluated for bifurcation behaviour,chaotic trajectories,and Lyapunov exponents.The security evaluation validates the map’s non-linearity,unpredictability,and sensitive dependence on initial conditions.In addition,the proposed TRS map has further been tested by integrating it in a QIE scheme.The QIE scheme first quantum-encodes the classic image using the Novel Enhanced Quantum Representation(NEQR)technique,the TRS map is used for the generation of secure diffusion key,which is XOR-ed with the quantum-ready image to obtain the encrypted images.The security evaluation of the QIE scheme demonstrates superior security of the encrypted images in terms of statistical security attacks and also against Differential attacks.The encrypted images exhibit zero correlation and maximum entropy with demonstrating strong resilience due to 99.62%and 33.47%results for Number of Pixels Change Rate(NPCR)and Unified Average Changing Intensity(UACI).The results validate the effectiveness of TRS-based quantum encryption scheme in securing digital images against emerging quantum threats,making it suitable for secure image encryption in IoT and edge-based applications.展开更多
This article takes the current autonomous driving technology as the research background and studies the collaborative protection mechanism between its system-on-chip(SoC)functional safety and information security.It i...This article takes the current autonomous driving technology as the research background and studies the collaborative protection mechanism between its system-on-chip(SoC)functional safety and information security.It includes an introduction to the functions and information security of autonomous driving SoCs,as well as the main design strategies for the collaborative prevention and control mechanism of SoC functional safety and information security in autonomous driving.The research shows that in the field of autonomous driving,there is a close connection between the functional safety of SoCs and their information security.In the design of the safety collaborative protection mechanism,the overall collaborative protection architecture,SoC functional safety protection mechanism,information security protection mechanism,the workflow of the collaborative protection mechanism,and its strategies are all key design elements.It is hoped that this analysis can provide some references for the collaborative protection of SoC functional safety and information security in the field of autonomous driving,so as to improve the safety of autonomous driving technology and meet its practical application requirements.展开更多
The current situation,information technology and problems of logistics for agricultural products were summarized.Some key technologies involved in mobilebased logistics information system for Hainan agricultural produ...The current situation,information technology and problems of logistics for agricultural products were summarized.Some key technologies involved in mobilebased logistics information system for Hainan agricultural products were analyzed,such as information classification and retrieval,user information authentication via QR code,and logistics information services based on WEB and mobile devices.Emphasis was given to study the design idea,content,method for the system.展开更多
Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, dif...Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, different sensor nodes can cooperate and compose with each other to complete more complicated tasks for user. However, because of the regional characteristic of sensor nodes, merging data with different sensitivities become a primary requirement to the composite services, and information flow security should be intensively considered during service composition. In order to mitigate the great cost caused by the complexity of modeling and the heavy load of single-node verification to the energy-limited sensor node, in this paper, we propose a new distributed verification framework to enforce information flow security on composite services of smart sensor network. We analyze the information flows in composite services and specify security constraints for each service participant. Then we propose an algorithm over the distributed verification framework involving each sensor node to participate in the composite service verification based on the security constraints. The experimental results indicate that our approach can reduce the cost of verification and provide a better load balance.展开更多
Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components o...Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.展开更多
Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- for...Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- formation security systems. If designer do not securely implement them, the secret key will be easily extracted by side-channel attacks (SCAs) or combinational SCA thus mitigat- ing the security of the entire communication system. Previous countermeasures of PKC im- plementations focused on the core part of the algorithms and ignored the modular inversion which is widely used in various PKC schemes. Many researchers believe that instead of straightforward implementation, constant time modular inversion (CTMI) is enough to resist the attack of simple power analysis combined with lattice analysis. However, we find that the CTMI security can be reduced to a hidden t-bit multiplier problem. Based on this feature, we firstly obtain Hamming weight of interme- diate data through side-channel leakage. Then, we propose a heuristic algorithm to solve the problem by revealing the secret (partial and full) base of CTMI. Comparing previous nec-essary input message for masking filtering, our procedure need not any information about the secret base of the inversion. To our knowl- edge, this is the first time for evaluating the practical security of CTM! and experimental results show the fact that CTMI is not enough for high-level secure communication systems.展开更多
In this paper,we study an Intelligent Reflecting Surface(IRS)assisted Mobile Edge Computing(MEC)system under eavesdropping threats,where the IRS is used to enhance the energy signal transmission and the offloading per...In this paper,we study an Intelligent Reflecting Surface(IRS)assisted Mobile Edge Computing(MEC)system under eavesdropping threats,where the IRS is used to enhance the energy signal transmission and the offloading performance between Wireless Devices(WDs)and the Access Point(AP).Specifically,in the proposed scheme,the AP first powers all WDs with the wireless power transfer through both direct and IRS-assisted links.Then,powered by the harvested energy,all WDs securely offload their computation tasks through the two links in the time division multiple access mode.To determine the local and offloading computational bits,we formulate an optimization problem to jointly design the IRS's phase shift and allocate the time slots constrained by the security and energy requirements.To cope with this non-convex optimization problem,we adopt semidefinite relaxations,singular value decomposition techniques,and Lagrange dual method.Moreover,we propose a dichotomy particle swarm algorithm based on the bisection method to process the overall optimization problem and improve the convergence speed.The numerical results illustrate that the proposed scheme can boost the performance of MEC and secure computation rates compared with other IRS-assisted MEC benchmark schemes.展开更多
Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation inform...Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.展开更多
With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQ...With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQE model based on security-critical components to improve the efficiency of system security evaluation urgently.In this paper,we summarize the implication of critical components in different filed and propose a recognition algorithm of security-critical components based on threat attack tree to support the ISQE process.The evaluation model establishes a framework for ISQE of CHISs that are updated iteratively.Firstly,with the support of asset identification and topology data,we sort the security importance of each asset based on the threat attack tree and obtain the security-critical components(set)of the CHIS.Then,we build the evaluation indicator tree of the evaluation target and propose an ISQE algorithm based on the coefficient of variation to calculate the security quality value of the CHIS.Moreover,we present a novel indicator measurement uncertainty aiming to better supervise the performance of the proposed model.Simulation results show the advantages of the proposed algorithm in the evaluation of CHISs.展开更多
Biometric security is a growing trend,as it supports the authentication of persons using confidential biometric data.Most of the transmitted data in multi-media systems are susceptible to attacks,which affect the secur...Biometric security is a growing trend,as it supports the authentication of persons using confidential biometric data.Most of the transmitted data in multi-media systems are susceptible to attacks,which affect the security of these sys-tems.Biometric systems provide sufficient protection and privacy for users.The recently-introduced cancellable biometric recognition systems have not been investigated in the presence of different types of attacks.In addition,they have not been studied on different and large biometric datasets.Another point that deserves consideration is the hardware implementation of cancellable biometric recognition systems.This paper presents a suggested hybrid cancellable biometric recognition system based on a 3D chaotic cryptosystem.The rationale behind the utilization of the 3D chaotic cryptosystem is to guarantee strong encryption of biometric templates,and hence enhance the security and privacy of users.The suggested cryptosystem adds significant permutation and diffusion to the encrypted biometric templates.We introduce some sort of attack analysis in this paper to prove the robustness of the proposed cryptosystem against attacks.In addition,a Field Programmable Gate Array(FPGA)implementation of the pro-posed system is introduced.The obtained results with the proposed cryptosystem are compared with those of the traditional encryption schemes,such as Double Random Phase Encoding(DRPE)to reveal superiority,and hence high recogni-tion performance of the proposed cancellable biometric recognition system.The obtained results prove that the proposed cryptosystem enhances the security and leads to better efficiency of the cancellable biometric recognition system in the presence of different types of attacks.展开更多
Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in ...Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.展开更多
All modern computer users need to be concerned about information system security (individuals and organisations). Many businesses established various security structures to protect information system security from har...All modern computer users need to be concerned about information system security (individuals and organisations). Many businesses established various security structures to protect information system security from harmful occurrences by implementing security procedures, processes, policies, and information system security organisational structures to ensure data security. Despite all the precautions, information security remains a disaster in Tanzania’s learning institutions. The fundamental issue appears to be a lack of awareness of crucial information security factors. Various companies have different security issues due to differences in ICT infrastructure, implementations, and usage. The study focuses on identifying information system security threats and vulnerabilities in public higher learning institutions in Tanzania, particularly the Institute of Accountancy Arusha (IAA). The study involved all employees of IAA, academics, and other supporting staff, which totalled 302, and the sample size was 170. The study utilised a descriptive research design, where the quantitative methodology was used through a five-point Likert scale questionnaire, and found that key factors that affect the security of information systems at IAA include human factors, policy-related issues, work environment and demographic factors. The study proposed regular awareness and training programs;an increase in women’s awareness of information system security;proper policy creation and reviews every 4 years;promote actions that lessen information system security threats and vulnerabilities, and the creation of information system security policy documents independently from ICT policy.展开更多
In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramou...In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramount when sharing such information with authorized healthcare providers.Although electronic patient records and the internet have facilitated the exchange of medical information among healthcare providers,concerns persist regarding the security of the data.The security of Electronic Health Record Systems(EHRS)can be improved by employing the Cuckoo Search Algorithm(CS),the SHA-256 algorithm,and the Elliptic Curve Cryptography(ECC),as proposed in this study.The suggested approach involves usingCS to generate the ECCprivate key,thereby enhancing the security of data storage in EHR.The study evaluates the proposed design by comparing encoding and decoding times with alternative techniques like ECC-GA-SHA-256.The research findings indicate that the proposed design achieves faster encoding and decoding times,completing 125 and 175 iterations,respectively.Furthermore,the proposed design surpasses other encoding techniques by exhibiting encoding and decoding times that are more than 15.17%faster.These results imply that the proposed design can significantly enhance the security and performance of EHRs.Through the utilization of CS,SHA-256,and ECC,this study presents promising methods for addressing the security challenges associated with EHRs.展开更多
Smart grids have the characteristics of being observable,controllable,adaptive,self-healing,embedded independent processing,and real-time analysis.With the development of smart grids,constructing a grid to cover globa...Smart grids have the characteristics of being observable,controllable,adaptive,self-healing,embedded independent processing,and real-time analysis.With the development of smart grids,constructing a grid to cover global,unified information systems,which should be adapted to fulf ill the requirements of the characteristics,is essential.This paper presents an service-oriented architecture(SOA)for smart grid information-engineering systems based on knowledge grid,which could form as a service-oriented architecture through business,technology and management;it would extract potentially valuable information from the massive amount of information on the generation side,the grid side,and the electricity side,then share the useful information to improve availability,security and stability.展开更多
The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of user...The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of users and devices.Researchers in academia and industry are focusing on technological advancements to achieve highspeed transmission,cell planning,and latency reduction to facilitate emerging applications such as virtual reality,the metaverse,smart cities,smart health,and autonomous vehicles.NextG continuously improves its network functionality to support these applications.Multiple input multiple output(MIMO)technology offers spectral efficiency,dependability,and overall performance in conjunctionwithNextG.This article proposes a secure channel estimation technique in MIMO topology using a norm-estimation model to provide comprehensive insights into protecting NextG network components against adversarial attacks.The technique aims to create long-lasting and secure NextG networks using this extended approach.The viability of MIMO applications and modern AI-driven methodologies to combat cybersecurity threats are explored in this research.Moreover,the proposed model demonstrates high performance in terms of reliability and accuracy,with a 20%reduction in the MalOut-RealOut-Diff metric compared to existing state-of-the-art techniques.展开更多
The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These in...The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These infrastructures are very effective in providing a fast response to the respective queries of the requesting modules, but their distributed nature has introduced other problems such as security and privacy. To address these problems, various security-assisted communication mechanisms have been developed to safeguard every active module, i.e., devices and edges, from every possible vulnerability in the IoT. However, these methodologies have neglected one of the critical issues, which is the prediction of fraudulent devices, i.e., adversaries, preferably as early as possible in the IoT. In this paper, a hybrid communication mechanism is presented where the Hidden Markov Model (HMM) predicts the legitimacy of the requesting device (both source and destination), and the Advanced Encryption Standard (AES) safeguards the reliability of the transmitted data over a shared communication medium, preferably through a secret shared key, i.e., , and timestamp information. A device becomes trusted if it has passed both evaluation levels, i.e., HMM and message decryption, within a stipulated time interval. The proposed hybrid, along with existing state-of-the-art approaches, has been simulated in the realistic environment of the IoT to verify the security measures. These evaluations were carried out in the presence of intruders capable of launching various attacks simultaneously, such as man-in-the-middle, device impersonations, and masquerading attacks. Moreover, the proposed approach has been proven to be more effective than existing state-of-the-art approaches due to its exceptional performance in communication, processing, and storage overheads, i.e., 13%, 19%, and 16%, respectively. Finally, the proposed hybrid approach is pruned against well-known security attacks in the IoT.展开更多
Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-o...Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.展开更多
As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial c...As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial control system of the gas extraction plant is characterized by numerous points and centralized operations,with a strong reliance on the system and stringent real-time requirements.展开更多
In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote clien...In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.展开更多
The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single ...The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.展开更多
基金funded by Deanship of Research and Graduate Studies at King Khalid University.The authors extend their appreciation to the Deanship of Research and Graduate Studies at King Khalid University for funding this work through Large Group Project under grant number(RGP.2/556/45).
文摘Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematical and computer modeling of a novel two-dimensional(2D)chaotic system for secure key generation in quantum image encryption(QIE).The proposed map employs trigonometric perturbations in conjunction with rational-saturation functions and hence,named as Trigonometric-Rational-Saturation(TRS)map.Through rigorous mathematical analysis and computational simulations,the map is extensively evaluated for bifurcation behaviour,chaotic trajectories,and Lyapunov exponents.The security evaluation validates the map’s non-linearity,unpredictability,and sensitive dependence on initial conditions.In addition,the proposed TRS map has further been tested by integrating it in a QIE scheme.The QIE scheme first quantum-encodes the classic image using the Novel Enhanced Quantum Representation(NEQR)technique,the TRS map is used for the generation of secure diffusion key,which is XOR-ed with the quantum-ready image to obtain the encrypted images.The security evaluation of the QIE scheme demonstrates superior security of the encrypted images in terms of statistical security attacks and also against Differential attacks.The encrypted images exhibit zero correlation and maximum entropy with demonstrating strong resilience due to 99.62%and 33.47%results for Number of Pixels Change Rate(NPCR)and Unified Average Changing Intensity(UACI).The results validate the effectiveness of TRS-based quantum encryption scheme in securing digital images against emerging quantum threats,making it suitable for secure image encryption in IoT and edge-based applications.
文摘This article takes the current autonomous driving technology as the research background and studies the collaborative protection mechanism between its system-on-chip(SoC)functional safety and information security.It includes an introduction to the functions and information security of autonomous driving SoCs,as well as the main design strategies for the collaborative prevention and control mechanism of SoC functional safety and information security in autonomous driving.The research shows that in the field of autonomous driving,there is a close connection between the functional safety of SoCs and their information security.In the design of the safety collaborative protection mechanism,the overall collaborative protection architecture,SoC functional safety protection mechanism,information security protection mechanism,the workflow of the collaborative protection mechanism,and its strategies are all key design elements.It is hoped that this analysis can provide some references for the collaborative protection of SoC functional safety and information security in the field of autonomous driving,so as to improve the safety of autonomous driving technology and meet its practical application requirements.
基金Supported by the Key Science and Technology Planning Project of Hainan Province(ZDXM2014082)the China Spark Program(2012GA8000022)the Natural Science Foundation of Hainan Province(613172)~~
文摘The current situation,information technology and problems of logistics for agricultural products were summarized.Some key technologies involved in mobilebased logistics information system for Hainan agricultural products were analyzed,such as information classification and retrieval,user information authentication via QR code,and logistics information services based on WEB and mobile devices.Emphasis was given to study the design idea,content,method for the system.
基金supported in part by National Natural Science Foundation of China(61502368,61303033,U1135002 and U1405255)the National High Technology Research and Development Program(863 Program)of China(No.2015AA017203)+1 种基金the Fundamental Research Funds for the Central Universities(XJS14072,JB150308)the Aviation Science Foundation of China(No.2013ZC31003,20141931001)
文摘Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, different sensor nodes can cooperate and compose with each other to complete more complicated tasks for user. However, because of the regional characteristic of sensor nodes, merging data with different sensitivities become a primary requirement to the composite services, and information flow security should be intensively considered during service composition. In order to mitigate the great cost caused by the complexity of modeling and the heavy load of single-node verification to the energy-limited sensor node, in this paper, we propose a new distributed verification framework to enforce information flow security on composite services of smart sensor network. We analyze the information flows in composite services and specify security constraints for each service participant. Then we propose an algorithm over the distributed verification framework involving each sensor node to participate in the composite service verification based on the security constraints. The experimental results indicate that our approach can reduce the cost of verification and provide a better load balance.
基金Author extends his appreciation to the Deanship of Scientific Research at Imam Mohammad Ibn Saud Islamic University for funding and supporting this work through Graduate Student Research Support Program.
文摘Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.
基金supported by the Key Technology Research and Sample-Chip Manufacture on Resistance to Physical Attacks at Circuit Level(546816170002)
文摘Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- formation security systems. If designer do not securely implement them, the secret key will be easily extracted by side-channel attacks (SCAs) or combinational SCA thus mitigat- ing the security of the entire communication system. Previous countermeasures of PKC im- plementations focused on the core part of the algorithms and ignored the modular inversion which is widely used in various PKC schemes. Many researchers believe that instead of straightforward implementation, constant time modular inversion (CTMI) is enough to resist the attack of simple power analysis combined with lattice analysis. However, we find that the CTMI security can be reduced to a hidden t-bit multiplier problem. Based on this feature, we firstly obtain Hamming weight of interme- diate data through side-channel leakage. Then, we propose a heuristic algorithm to solve the problem by revealing the secret (partial and full) base of CTMI. Comparing previous nec-essary input message for masking filtering, our procedure need not any information about the secret base of the inversion. To our knowl- edge, this is the first time for evaluating the practical security of CTM! and experimental results show the fact that CTMI is not enough for high-level secure communication systems.
基金supported in part by the National Natural Science Foundation of China under Grant 62271399 and 62206221in part by the Key Research and Development Program of Shaanxi Province under Grant 2022KW-07+1 种基金in part by National Key Research and Development Program of China under Grant 2020YFB1807003in part by the Shanghai Sailing Program under Grant 20YF1416700。
文摘In this paper,we study an Intelligent Reflecting Surface(IRS)assisted Mobile Edge Computing(MEC)system under eavesdropping threats,where the IRS is used to enhance the energy signal transmission and the offloading performance between Wireless Devices(WDs)and the Access Point(AP).Specifically,in the proposed scheme,the AP first powers all WDs with the wireless power transfer through both direct and IRS-assisted links.Then,powered by the harvested energy,all WDs securely offload their computation tasks through the two links in the time division multiple access mode.To determine the local and offloading computational bits,we formulate an optimization problem to jointly design the IRS's phase shift and allocate the time slots constrained by the security and energy requirements.To cope with this non-convex optimization problem,we adopt semidefinite relaxations,singular value decomposition techniques,and Lagrange dual method.Moreover,we propose a dichotomy particle swarm algorithm based on the bisection method to process the overall optimization problem and improve the convergence speed.The numerical results illustrate that the proposed scheme can boost the performance of MEC and secure computation rates compared with other IRS-assisted MEC benchmark schemes.
文摘Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.
基金supported in part by the National Key R&D Program of China under Grant 2019YFB2102400,2016YFF0204001in part by the BUPT Excellent Ph.D.Students Foundation under Grant CX2019117.
文摘With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQE model based on security-critical components to improve the efficiency of system security evaluation urgently.In this paper,we summarize the implication of critical components in different filed and propose a recognition algorithm of security-critical components based on threat attack tree to support the ISQE process.The evaluation model establishes a framework for ISQE of CHISs that are updated iteratively.Firstly,with the support of asset identification and topology data,we sort the security importance of each asset based on the threat attack tree and obtain the security-critical components(set)of the CHIS.Then,we build the evaluation indicator tree of the evaluation target and propose an ISQE algorithm based on the coefficient of variation to calculate the security quality value of the CHIS.Moreover,we present a novel indicator measurement uncertainty aiming to better supervise the performance of the proposed model.Simulation results show the advantages of the proposed algorithm in the evaluation of CHISs.
文摘Biometric security is a growing trend,as it supports the authentication of persons using confidential biometric data.Most of the transmitted data in multi-media systems are susceptible to attacks,which affect the security of these sys-tems.Biometric systems provide sufficient protection and privacy for users.The recently-introduced cancellable biometric recognition systems have not been investigated in the presence of different types of attacks.In addition,they have not been studied on different and large biometric datasets.Another point that deserves consideration is the hardware implementation of cancellable biometric recognition systems.This paper presents a suggested hybrid cancellable biometric recognition system based on a 3D chaotic cryptosystem.The rationale behind the utilization of the 3D chaotic cryptosystem is to guarantee strong encryption of biometric templates,and hence enhance the security and privacy of users.The suggested cryptosystem adds significant permutation and diffusion to the encrypted biometric templates.We introduce some sort of attack analysis in this paper to prove the robustness of the proposed cryptosystem against attacks.In addition,a Field Programmable Gate Array(FPGA)implementation of the pro-posed system is introduced.The obtained results with the proposed cryptosystem are compared with those of the traditional encryption schemes,such as Double Random Phase Encoding(DRPE)to reveal superiority,and hence high recogni-tion performance of the proposed cancellable biometric recognition system.The obtained results prove that the proposed cryptosystem enhances the security and leads to better efficiency of the cancellable biometric recognition system in the presence of different types of attacks.
基金the Science and Technology Innovation Program of Shanghai Science and Technology Commit-tee(No.19511103500)。
文摘Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.
文摘All modern computer users need to be concerned about information system security (individuals and organisations). Many businesses established various security structures to protect information system security from harmful occurrences by implementing security procedures, processes, policies, and information system security organisational structures to ensure data security. Despite all the precautions, information security remains a disaster in Tanzania’s learning institutions. The fundamental issue appears to be a lack of awareness of crucial information security factors. Various companies have different security issues due to differences in ICT infrastructure, implementations, and usage. The study focuses on identifying information system security threats and vulnerabilities in public higher learning institutions in Tanzania, particularly the Institute of Accountancy Arusha (IAA). The study involved all employees of IAA, academics, and other supporting staff, which totalled 302, and the sample size was 170. The study utilised a descriptive research design, where the quantitative methodology was used through a five-point Likert scale questionnaire, and found that key factors that affect the security of information systems at IAA include human factors, policy-related issues, work environment and demographic factors. The study proposed regular awareness and training programs;an increase in women’s awareness of information system security;proper policy creation and reviews every 4 years;promote actions that lessen information system security threats and vulnerabilities, and the creation of information system security policy documents independently from ICT policy.
文摘In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramount when sharing such information with authorized healthcare providers.Although electronic patient records and the internet have facilitated the exchange of medical information among healthcare providers,concerns persist regarding the security of the data.The security of Electronic Health Record Systems(EHRS)can be improved by employing the Cuckoo Search Algorithm(CS),the SHA-256 algorithm,and the Elliptic Curve Cryptography(ECC),as proposed in this study.The suggested approach involves usingCS to generate the ECCprivate key,thereby enhancing the security of data storage in EHR.The study evaluates the proposed design by comparing encoding and decoding times with alternative techniques like ECC-GA-SHA-256.The research findings indicate that the proposed design achieves faster encoding and decoding times,completing 125 and 175 iterations,respectively.Furthermore,the proposed design surpasses other encoding techniques by exhibiting encoding and decoding times that are more than 15.17%faster.These results imply that the proposed design can significantly enhance the security and performance of EHRs.Through the utilization of CS,SHA-256,and ECC,this study presents promising methods for addressing the security challenges associated with EHRs.
文摘Smart grids have the characteristics of being observable,controllable,adaptive,self-healing,embedded independent processing,and real-time analysis.With the development of smart grids,constructing a grid to cover global,unified information systems,which should be adapted to fulf ill the requirements of the characteristics,is essential.This paper presents an service-oriented architecture(SOA)for smart grid information-engineering systems based on knowledge grid,which could form as a service-oriented architecture through business,technology and management;it would extract potentially valuable information from the massive amount of information on the generation side,the grid side,and the electricity side,then share the useful information to improve availability,security and stability.
基金funding from King Saud University through Researchers Supporting Project number(RSP2024R387),King Saud University,Riyadh,Saudi Arabia.
文摘The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of users and devices.Researchers in academia and industry are focusing on technological advancements to achieve highspeed transmission,cell planning,and latency reduction to facilitate emerging applications such as virtual reality,the metaverse,smart cities,smart health,and autonomous vehicles.NextG continuously improves its network functionality to support these applications.Multiple input multiple output(MIMO)technology offers spectral efficiency,dependability,and overall performance in conjunctionwithNextG.This article proposes a secure channel estimation technique in MIMO topology using a norm-estimation model to provide comprehensive insights into protecting NextG network components against adversarial attacks.The technique aims to create long-lasting and secure NextG networks using this extended approach.The viability of MIMO applications and modern AI-driven methodologies to combat cybersecurity threats are explored in this research.Moreover,the proposed model demonstrates high performance in terms of reliability and accuracy,with a 20%reduction in the MalOut-RealOut-Diff metric compared to existing state-of-the-art techniques.
基金supported by the Deanship of Graduate Studies and Scientific Research at Qassim University via Grant No.(QU-APC-2025).
文摘The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These infrastructures are very effective in providing a fast response to the respective queries of the requesting modules, but their distributed nature has introduced other problems such as security and privacy. To address these problems, various security-assisted communication mechanisms have been developed to safeguard every active module, i.e., devices and edges, from every possible vulnerability in the IoT. However, these methodologies have neglected one of the critical issues, which is the prediction of fraudulent devices, i.e., adversaries, preferably as early as possible in the IoT. In this paper, a hybrid communication mechanism is presented where the Hidden Markov Model (HMM) predicts the legitimacy of the requesting device (both source and destination), and the Advanced Encryption Standard (AES) safeguards the reliability of the transmitted data over a shared communication medium, preferably through a secret shared key, i.e., , and timestamp information. A device becomes trusted if it has passed both evaluation levels, i.e., HMM and message decryption, within a stipulated time interval. The proposed hybrid, along with existing state-of-the-art approaches, has been simulated in the realistic environment of the IoT to verify the security measures. These evaluations were carried out in the presence of intruders capable of launching various attacks simultaneously, such as man-in-the-middle, device impersonations, and masquerading attacks. Moreover, the proposed approach has been proven to be more effective than existing state-of-the-art approaches due to its exceptional performance in communication, processing, and storage overheads, i.e., 13%, 19%, and 16%, respectively. Finally, the proposed hybrid approach is pruned against well-known security attacks in the IoT.
文摘Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.
文摘As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial control system of the gas extraction plant is characterized by numerous points and centralized operations,with a strong reliance on the system and stringent real-time requirements.
基金The National Natural Science Foundation of China(No.71071033)the Youth Foundation of Humanity and Social Scienceof Ministry of Education of China(No.11YJC630234)
文摘In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.
基金Supported by the National High Technology Research and Development Program of China("863"Program)(2006AA706103)~~
文摘The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.
