Narrow Results

In today’s gradually modest universal marketplaces, effective supply chain management (SCM) is important. Using cutting-edge strategy, contains blockchain, offers more transparency and collaboration in data sharing. This paper suggested an innovative privacy preservation approach for supply chain networks utilizing blockchain technology, employing the novel Foraging Redefined Remora Optimization Algorithm (FR-ROA). The FR-ROA offers the right keys for protecting designated sensitive areas. The encrypted data and the protected key are transmitted from the manufacturer to the supplier through the blockchain network. After distribution, the original data are reconstructed utilizing the same key. The FR-ROA strategy improves search competencies without growing computational difficulty, providing a flexible balance between exploration and exploitation in optimizing supply chain security within blockchain frameworks. We executed our suggested strategy in Python software. The proposed framework is assessed based on correlation coefficient, sanitization efficiency and restoration efficiency parameters. We also performed a comparison valuation with several conventional strategies. The experimental findings illustrate its effectiveness in improving supply chain security associated with conventional strategies.

The problem of information security is instantaneous, which involves the basic problems of science and technology and development. The analysis and integration of traditional information security big data are completed manually, which increases the time cost and labor cost to a certain extent, and greatly prolongs the time problem that information security incidents need to be processed in real time. Based on the above problems, an algorithm model is constructed to deal with the multi-source problem of information security big data with information technology. Quickly analyze and fuse similar data. In order to meet the actual requirements, this paper gives the corresponding algorithm process for data preprocessing, data correlation and other issues, mainly including noise filtering, correlation analysis and logic function for statistical logic problems caused by different amounts of data, and gives solutions to solve the basic data analysis layer problems. In view of the storage problem, it is necessary to judge the fusion degree of information security data, select the data in the form of database, add time series labels and then store them, which makes the security events have natural physical labels, and facilitate database operations such as output and retrieval. The construction of the algorithm can not only make an issue in theory, but also need to gather practice, which is the only and effective way to test the performance of the algorithm. Therefore, this paper puts forward seven simulation perspectives based on the common problems of information security big data, and takes several data evaluation criteria as simulation objects to explore and lay a theoretical foundation and experimental data for the long-term development of the algorithm. The full-text construction data analysis layer algorithm faces not cold data but social information with practical utility. Excellent analysis ability provides favorable and real objective underlying data for social decision makers, and provides substantive help for decision-making.

The development of modern Internet communication technology and the popularization of multimedia technology have brought convenience to the sharing and storage of multimedia information such as images, videos, and audio. However, at the same time, it has brought about the problem of copyright theft of multimedia information, causing serious information security risks. Digital watermarking technology embeds copyright information in multimedia information in an invisible way, which can effectively realize copyright protection and traceability of infringement. Aiming at the problem that the existing learning model-based methods cannot fully extract and fuse the features of carrier images and watermark images, a robust digital watermarking method based on reversible information hiding is proposed. First, a watermark embedding model based on reversible information hiding is established, and the features of the download volume image and the watermark image in different dimensions are fully extracted and fused to generate a dense image with excellent visual quality. Then, a watermark extraction model based on reversible information hiding is established, and a noise layer is added between the embedding and the extraction model, and the attacked dense image is input to the watermark extraction model to extract the watermark. Under the constraint of the loss function, the network model learns to embed watermark information in the area that is more robust to the attack and is not easy to cause visual quality degradation, so as to optimize the comprehensive performance of the method. Experimental results show that the proposed method effectively improves the imperceptibility and robustness.

Quantum private comparison (QPC), whose security is based on some laws of quantum mechanics (e.g. quantum noncloning theorem and Heisenbergs uncertainty principle), allows $n(n\ge 2)$ parties who do not trust each other to judge whether their secret data are the same while maintaining data privacy. In this paper, we investigate the utility of the maximally entangled seven-qubit state for QPC, and we propose a new protocol which enables two parties to compare their secret data with each other for equality without disclosing their secret data. In our protocol, single particle measurements and Bell-basis measurements are employed, both of which can be implemented with current technologies. In addition to quantum measurements, our protocol does not use other quantum technologies such as entanglement swapping and unitary operations. A semi-honest third-party who assists two parties in implementing the protocol is assumed in our protocol. Furthermore, we use the entanglement correlations of the maximally entangled seven-qubit state and collaborative computing between parties for privacy protection, and we use quantum key distribution (QKD) to ensure the security of the cooperative computing when two parties are in different locations. What is more, we show that the security towards both outsider and insider attacks can be guaranteed.

Quantum cryptography has of late opened up the possibilities of exploiting the characteristics of quantum mechanics in the realm of network security. An interesting problem in cryptography is the distribution of the encryption key between the two parties involved in communication. This paper proposes a secure quantum key distribution protocol using the properties of super increasing knapsack sequences. The mapping from the knapsack sequences to the quantum states is achieved by rotating a three-bit quantum tuple.

With the rapid development of digital cameras and smart phones, the image identification system in current times will be of a great impact. This will cause the form of image information to increase serious security issues. Especially, the emergence of the recaptured image makes conventional digital image forensics algorithm invalid. Therefore, a new image forensics algorithm is urgently needed to identify the recaptured image. In this paper, a new recaptured image identifying algorithm is put forward based on wavelet transformation and noise analysis by analyzing the differences between the real and recaptured images generated in the imaging process. First, the proposed algorithm extracts mean value, variance and skewness as wavelet characteristic from the high-frequency images and low-frequency images by wavelet transformation. Meanwhile, the proposed algorithm analyzes the noise image by means of local binary pattern to extract noise characteristic. Finally, the support vector machine is applied to classify the recaptured image with wavelet characteristics and noise characteristics. The results show the presented method can not only identify the recaptured image obtained from different media but also have better identification rate, and the dimension of the characteristic vector is also lower than those obtained by other algorithms.

With the rapid development of digital phones, the digital image forensics system in current times has had a great impact. It will lead to a serious threat for us, and especially the emergence of the recaptured image makes the existing digital image forensics algorithm invalid. So, it needs an effective image detection algorithm for us to identify recaptured images. In this paper, a new detection algorithm of the recaptured image is presented based on gray level co-occurrence matrix by analyzing the differences between the real and recaptured images. In order to analyze the differences, a new image evaluation model was put forward in this paper, which is called image variance ratio. Firstly, the algorithm proposed extracted high-frequency and low-frequency information of images by wavelet transform, based on which we calculated the relative gray level co-occurrence matrices. Secondly, the features of gray level co-occurrence matrix were extracted. At last, the recaptured image was classified by the support vector machine according to the features. The experimental results showed the algorithm proposed can not only effectively identify the recaptured image obtained from different media but also have better identification rate.

With the improvement of digital image display technology, the “secondary imaging” caused by digital cameras is also gradually popularized, and the quality of the recaptured image formed by this imaging is also getting higher and higher, and this kind of high-quality fake image has caused great threat to digital images security. We propose a neural network-based recaptured image identification algorithm and use the difference between two types of images to build the identification algorithm in the frequency domain. The algorithm uses filtering to obtain the feature images which are the high-frequency and low-frequency filtering images, in order to further distinguish the image differences, the direction of the filtered image obtained from high-frequency images, each direction of the filtered image contains high-frequency information at different angles, and the low-frequency image is downsampled. At the same time, the low-frequency image is downsampled to obtain a multi-scale filtered image. The algorithm extracts the features from previous images as the feature values for classification, and finally uses neural networks for classification to obtain the classification results, and these prove that the algorithm presented is able to differentiate the recaptured images effectively in this paper.

In a resource-constrained environment of the 21st century, the use of hardware-based reconfigurable systems such as Field Programmable Gate Array (FPGAs) is considered an effective way to enhance information security. In comparison with traditional custom circuitry that does not give a flexible approach, it is observed that the reconfigurable hardware shows an excellent potential for cyber security by increasing hardware speeds and flexibility. Therefore, in a quest to integrate multi-core systems, the Network-on-Chip (NoC) has become one of the popular widespread techniques to maximize router security. Due to the significant overhead of chip space and the power consumption of the routers, it is substantially more expensive to construct as compared to a bus-based system. The control component (CC) interacts with the networks that inject packets based on router switching and activity. These control components are coupled with each network to produce a system of controlled networks. The system is further linked with CFM or a Centralized Fabric Manager, which serves as the network’s focal point. After that, the CFM runs the algorithm regularly. The analytic parameters comprise flip flop, power, latency, number of lookup tables (LUTs), and throughput. In the proposed method, the number of LUTs is $0.35{\mathrm{\text{mm}}}^2$, the flip flop is $3.5{\mathrm{\text{mm}}}^2$, the power is $3.4\mu$W, the latency is 5941ns, and the planned throughput is 0.56 flits/cycle. Results indicate that the crossbar switch reduces errors and minimizes the delay in the architecture’s outcome level, which further overcomes the descriptions of performance, power throughput, and area delay parameters. The findings of the research can be useful to enhance information security among lightweight devices besides minimizing the chances of network attacks in today’s dynamic and complex cyberspace.

Advanced Encryption Standard (AES) has been a prevalent cryptographic structure in the world. Existing AES-related cryptographic accelerators generally face the problem of high power consumption. To deal with this challenge, this paper presents a cryptographic structure that employs iterative reuse to decrease resource utilization. Through the efficient use of delay-line RAM, the implementation of long-length key storage results in a reduction in the utilization of registers. The computational complexity of AES cryptographic algorithm is reduced by using homomorphic mapping to the inversion operation in S-box from the Galois Fields GF(2${}^8)$ to GF[(2${}^4{)}^2$]. Such proposed AES cryptographic accelerator is characterized by its low resource utilization and low power consumption. In addition, we have also conducted some simulation analysis to evaluate its performance. The synthesis result indicates that the AES cryptographic accelerator exhibits a 0.74% reduction in utilization of LUT and a 35% decrease in power consumption, as compared to the original version. The proposed AES cryptographic accelerator results in an area of 0.101 mm², a throughput of 12.28 Gbps, and a power consumption of 2.56 mW in TSMC 90 nm.

As use of information systems in R&D environments has increased enormously, the risks of technology leakage through information systems have become more serious. To provide a basic guideline of R&D security which helps enterprise executives to solve the managerial problems of R&D security planning is a purpose of this paper. This paper provides an integrated security framework including R&D security goal, R&D-related division and activity, and pool of controls. With the integrated security framework suggested in this paper, an enterprise that invests hundreds of thousands of dollars to develop a new product can adapt itself to mitigate security risks and reduce potential losses of technology leakage. It could be believed to be the first attempt to provide the R&D-specific security framework for enterprise executives to solve the security problems in R&D environments.

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.

Intelligent computing techniques have a paramount importance to the treatment of cybersecurity incidents. In such Artificial Intelligence (AI) context, while most of the algorithms explored in the cybersecurity domain aim to present solutions to intrusion detection problems, these algorithms seldom approach the correction procedures that are explored in the resolution of cybersecurity incident problems that already took place. In practice, knowledge regarding cybersecurity resolution data and procedures is being under-used in the development of intelligent cybersecurity systems, sometimes even lost and not used at all. In this context, this work proposes the Case-based Cybersecurity Incident Resolution System (CCIRS), a system that implements an approach to integrate case-based reasoning (CBR) techniques and the IODEF standard in order to retain concrete problem-solving experiences of cybersecurity incident resolution to be reused in the resolution of new incidents. Different types of experimental results so far obtained with the CCIRS show that information security knowledge can be retained with our approach in a reusable memory improving the resolution of new cybersecurity problems.

Competition in today’s globalized markets forces organizations to collaborate within dynamic business networks to provide mass-customized integrated solutions for customers. The collaboration within dynamic business networks necessitates forming dynamic networked business processes (DNBPs). Networked business processes need to be supported by high quality information that is exchanged in a trustworthy environment. Information governance (IG) is described as a holistic approach to different mechanisms that support high quality and secure information exchanges. However, dynamism of networked business processes causes IG issues like unsecured information access and low quality information products to emerge. In this paper, a comprehensive list of the IG issues in DNBPs is identified through structured steps. The identified IG issues are characterized within four main categories, respectively, information product quality, information service quality, information security, and metadata issues. For the evaluation of the practical significance of the identified IG issues, a case study is conducted in a business network that provides mobility solutions. In this way, the paper closes the gap between studies on IG, which have mostly concentrated on IG within the borders of a single organization or IG in stable business networks, and studies on dynamic business networks, which have addressed the formation of dynamic inter-organizational interactions without paying rigorous attention to information artefacts that are exchanged.

Background: Nowadays, service-oriented architectures and cloud-based infrastructures are widely used in manufacturing industries and IT organizations. These architectures and infrastructures are based on shared system resources. In some organizations, system resources like a printer, photocopy machines, and scanners are also shared among the members of the organization. The purpose of the proposed work is to model various types of shared system resources, shared system resources based architecture/infrastructure and analyze the model to identify the possible security risk associated with shared system resources and shared system resources based architecture/infrastructure.

Design Approach: To model shared system resources and shared system resources based architecture/Infrastructure, Petri net and its variations are used. For security analysis of the Petri net based model of the shared system resource, Petri net algebra based concepts are applied.

Results: The present paper successfully demonstrates that the proposed Petri net based modeling approach can be used for quantitative and qualitative security analysis of shared system resources and shared system resources based architecture/infrastructure. For quantitative analysis of security risk associated with shared system resources, information theoretic concepts are used. To demonstrate the effectiveness of the proposed method, case studies are also incorporated in the present paper. The proposed approach can take various security risk factors like timing analysis attack, information leakage due to confidentiality policy violation and power analysis attack into the consideration while analyzing the security of shared system resources in the industrial environment.

A new and efficient scheme to protect confidential images is proposed in this paper. The proposed scheme does not use a secret key to protect confidential images as conventional encryption schemes do, and nor are there cipher images corresponding to the confidential images. A confidential image can be reconstructed easily by the cooperation of all the participants in a special group. Each participant of the special group holds a virtual image which can show any picture, and she/he uses this virtual image to cooperate with the other legal participants to reconstruct the confidential image. These pictures shown in the virtual images are significantly different and are irrelative to each other. Besides, they bear no relation to the confidential image either. According to our experimental results, each reconstructed confidential image which does turn out to look like the original confidential image through our human visual system and its PSNR is greater than 34 dB for 256 gray level images.

In this paper, we propose a watermarking scheme for non-uniform B-spline (NUBS) surface. Firstly, we first do sampling on a NUBS surface and get the sample points, then the watermark is embedded into the DCT coefficients of the sample points and the watermarked sample points are transformed back, finally the watermarked surface is reconstructed from watermarked sample points using global interpolation. A sign correlation detector is used to test for the presence of the watermark, and the original surface is not required at this stage. Experimental results show that our algorithm can preserve the shape of the original surface within a specified error, and that it is robust against attacks including knot insertion, order elevation, addition of white noise, rotation, scaling, translation and further watermarking.

Robust and invisible watermarking provides a feasible solution to prove the ownership of the genuine content owner. Different watermarking algorithms have been presented by the researchers in the past but no algorithm could be termed as perfect. Proposed work puts forward a novel image-adaptive method of embedding a binary watermark in the image in a transparent manner. Discrete wavelet transform (DWT), singular value decomposition (SVD) and discrete cosine transform (DCT) are used together in the proposed hybrid watermarking scheme. Image-adaptive nature of the scheme is reflected in the usage of only high entropy $8\times 8$ blocks for the watermark embedding. Binary watermark is embedded in the DCT coefficients using a flexible strength derived from the means of the DCT coefficients. This flexible strength factor (SF) has different value for the DCT coefficients originated from different $8\times 8$ blocks. Any desired level of visual quality could be obtained by varying the adjusting parameter of the flexible SF. Side information generated in the watermark embedding is used in the detection of watermark. The presented watermarking technique shows better robustness in comparison to the three contemporary watermarking techniques.

“Nobody ever got fired for buying IBM,” was a widely used cliché in the 1970s in the corporate IT (information technology) world. Since then, the traditional process of purchasing software has dramatically changed, challenged by the advent of open source software (OSS). Since its inception in the 1980s, OSS has matured, grown, and become one of the important driving forces of the enterprise ecosystem. However, it has also brought important IT security risks that are impacting the OSS IT adoption decision-making process. The recent Heartbleed bug demonstrated the grandeur of the issue. While much of the noise relates to the amplification of perceived risks by the popular mass media coverage, the effect is that many enterprises, mainly for risk reasons, have still chosen not to adopt OSS. We investigated “how do information security related characteristics of OSS affect the risk perception and adoption decision of OSS” by conducting an online survey of 188 IT decision-makers. The proposed Open Source Risk Adoption Model offers novel insights on the importance of the perceived risk antecedents. Our research brings new theoretical contributions, such as understanding the perceived IT security risk (PISR) relationship with adoption intention (AI) in the OSS context, for researchers and important insights for IT information professionals. We have found that IT security risk has a significant role in OSS adoption intention. Our results offer possible future research directions and extend existing theoretical understanding of OSS adoption.

In the big data processes, management and analytics are primary areas where we can introduce the decision making on information security to mitigate the big data breaches. According to the growing number of online systems and big data handling, mitigating the big data breaches is the serious problem during the processing period which needs to be monitored using appropriate technique. The goal of this research is to prevent the big data breaches using correct decision making based on information security concepts such as access control with authentication which depend on the management policies. The analytical approach of information security solution can also be useful for securing the big data infrastructure and key management that improve the big data breaches. As an analytical method, information security which focuses on detecting and securing the big data breaches is considered with access control. Here, we have introduced the multi-priority model influenced with the network calculus and access control which monitors the breaches during the big data processing. In the results and analysis, we can provide a graph which shows the monitoring improvement for decision making during the mitigation of big data breaches.