Data Access Control Research Articles

Multi-layer access control for cloud data using improved DBSCAN, AES, homomorphic encryption, and RMAAC for text, image, and video

Multi-layer access control for cloud data using improved DBSCAN, AES, homomorphic encryption, and RMAAC for text, image, and video

SECURITY ISSUES IN MOBILE CLOUD COMPUTING TECHNOLOGY

The widespread use of smartphones and other mobile devices has brought significant changes to the storage requirements of cloud systems, necessitating a reevaluation of security protocols. Mobile Cloud Computing (MCC) is a computing paradigm that combines the capabilities of mobile devices with the flexibility and scalability of cloud computing. MCC allows mobile users to access computational power, storage, and applications over the internet, facilitating resource-intensive tasks such as data analysis, gaming, and multimedia streaming on resource-constrained mobile devices. The integration of mobile and cloud technologies has revolutionized industries such as healthcare, education, and entertainment, offering benefits like enhanced mobility, improved resource utilization, and cost efficiency. Despite its advantages, MCC faces significant security challenges that could undermine user trust and disrupt its adoption. Since mobile devices and cloud servers are connected via insecure networks, malicious actors can exploit vulnerabilities in the system. This paper aims to analyze the primary security issues in MCC technology, focusing on data protection, authentication, access control, and other critical concerns. Unlike other issues, when dealing with business objectives, protection and privacy in financial activities are of paramount importance. This article examines mobile cloud computing, its technological model, and its role in detail. Keywords: Mobile cloud computing, Technology, Privacy issues, Security.

A CP-ABE and IOTA-Based Lightweight Sensitive Data Access Control Scheme for IoT

A CP-ABE and IOTA-Based Lightweight Sensitive Data Access Control Scheme for IoT

ABBDAC: A Novel Attribute-Based Blockchain Data Access Control Scheme in Cloud Environment

ABBDAC: A Novel Attribute-Based Blockchain Data Access Control Scheme in Cloud Environment

Blockchain-based Enterprise Community Data Access Control Methods and Applications

Data, as a fundamental resource in the digital economy of enterprise communities, can significantly enhance digital development and enterprise growth if shared securely and orderly. Despite providing detailed control, traditional attribute-based data access control methods face challenges related to privacy protection and data ownership, potentially causing data loss and trust issues. To tackle these challenges, this paper presents a blockchain-based data sharing management system, which merges the decentralized and traceable aspects of blockchain technology with attribute-based access control.

Blockchain empowered dynamic access control for secure data sharing in collaborative emergency management

In the realm of emergency management involving multi-party collaboration, securely sharing data among multiple entities poses a significant challenge. Traditional centralized data platforms struggle with fine-grained access control for data from different sources and are susceptible to single-point failures and risks of forged authorization. This paper delves into the prospective application of blockchain technology for decentralized data governance. We propose a dynamic access control technology for multi-party collaborative emergency response, which combines blockchain and attribute-based access control technologies to enable dynamic access control in multi-party data sharing scenarios. A data sharing system for collaborative emergency management built with Hyperledger Fabric has been developed and subjected to a series of evaluation tests. The experimental results reveal that our blockchain-based system not only significantly enhances data security and privacy by leveraging decentralized control but also improves the efficiency and reliability of data sharing in emergency situations. Specifically, our findings demonstrate the system's ability to dynamically adapt access control policies based on changing emergency scenarios, effectively mitigating risks associated with single-point failures and unauthorized access. These outcomes underscore the viability and reliability of our approach, providing a robust framework for secure, scalable, and flexible data sharing in the demanding field of emergency management.

Hierarchical Threshold Multi-Key Fully Homomorphic Encryption

Fully Homomorphic Encryption (FHE) supports computation on encrypted data without the need for decryption, thereby enabling secure outsourcing of computing to an untrusted cloud. Subsequently, motivated by application scenarios where private information is offered by different data owners, Multi-Key Fully Homomorphic Encryption (MKFHE) and Threshold Fully Homomorphic Encryption (ThFHE) were successively introduced. However, both MKFHE and ThFHE have some limitations: MKFHE requires the participation of all members during the decryption process and does not support decryption using a subset of members, while ThFHE requires pre-fixed participants and does not support dynamic joining or exiting.To address these limitations, in this paper, we propose a new notion called Hierarchical Threshold Multi-key Fully Homomorphic Encryption (HTM-FHE), which combines the features of MKFHE and ThFHE, incorporating the advantages of both. Then we provide the first construction of HTM-FHE based on lattice, denoted as HTM-TFHE. Our scheme can evaluate a binary gate on ciphertexts encrypted under different groups’ public keys followed by a bootstrapping procedure. The semantic and simulation security of HTM-TFHE is proven under the LWE assumption. Furthermore, HTM-TFHE supports fine-grained access control for encrypted data, which provides benefits in practical applications.

Comprehensive Review of Security Requirements for Mitigating Threats and Attacks on IoT Assets

Machine learning and artificial intelligence are increasingly being utilized to automate identifying and defining security requirements (SR) and addressing diverse IoT security issues. Despite its extensive environment, IoT-focused cyberattacks had the largest attack surface. IoT security requirements include data confidentiality, integrity, authentication, access control, and privacy. Inadequate emphasis on assessing security requirements leads to attacks and threats. To address the security issues that threaten the IoT environment, additional security measures are required to protect IoT-based applications from threats and other vulnerabilities. However, the absence of the security requirement assessment in IoT systems architecture jeopardizes security, exposing the system to vulnerabilities and risking organizational assets and reputation while also escalating the cost and time required to address security issues. In this study major threats and attacks are identified relevant to the assets of IoT security requirements. To systematically identify, analyze, and address potential security threats and attacks related to IoT assets, this research proposes a three-step methodology: (1) analysis of the IoT security requirements, (2) Identification of threats and attacks in IoT, and (3) IoT assets centric security threats and attacks. An illustrative example of IoT asset security is provided to highlight potential attacks and threats relevant to IoT assets. This approach offers a practical and clear foundation for the early identification of IoT security requirements and their seamless integration into requirements engineering (RE) activities, contributing to a more secure and resilient IoT system architecture.

Blockchain Technology as a Security Enhancement Framework for Internet of Things: A Comprehensive Analysis

The exponential growth of Internet of Things (IoT) devices has introduced significant security challenges that traditional cybersecurity measures struggle to address effectively. This research presents a comprehensive analysis of blockchain technology's integration with IoT systems as a solution to enhance security, privacy, and trust in connected device ecosystems. Through systematic evaluation of implementation architectures, security frameworks, and real-world applications, this study demonstrates how blockchain's inherent characteristics of decentralization, immutability, and cryptographic security can effectively address critical IoT vulnerabilities. The research examines specific applications across supply chain management, healthcare systems, and smart city infrastructure, providing quantitative and qualitative evidence of security improvements. While acknowledging challenges in scalability, energy consumption, and regulatory compliance, the study presents innovative solutions and future directions, including AI integration and privacy-enhancing technologies. The findings indicate that blockchain-IoT integration significantly improves data integrity, device authentication, and access control mechanisms, reducing security incidents by up to 60% in implemented cases. This research contributes to the growing body of knowledge on secure IoT architectures and provides practical insights for organizations considering blockchain implementation in their IoT security frameworks.

NASA open science data repository: open science for life in space.

Space biology and health data are critical for the success of deep space missions and sustainable human presence off-world. At the core of effectively managing biomedical risks is the commitment to open science principles, which ensure that data are findable, accessible, interoperable, reusable, reproducible and maximally open. The 2021 integration of the Ames Life Sciences Data Archive with GeneLab to establish the NASA Open Science Data Repository significantly enhanced access to a wide range of life sciences, biomedical-clinical and mission telemetry data alongside existing 'omics data from GeneLab. This paper describes the new database, its architecture and new data streams supporting diverse data types and enhancing data submission, retrieval and analysis. Features include the biological data management environment for improved data submission, a new user interface, controlled data access, an enhanced API and comprehensive public visualization tools for environmental telemetry, radiation dosimetry data and 'omics analyses. By fostering global collaboration through its analysis working groups and training programs, the open science data repository promotes widespread engagement in space biology, ensuring transparency and inclusivity in research. It supports the global scientific community in advancing our understanding of spaceflight's impact on biological systems, ensuring humans will thrive in future deep space missions.

Patients Monitoring and Data Management System for Hospitals

This work concerns creating a monitoring system for a smart hospital using Raspberry Pi to measure vital signs. The readings are continually sent to central monitoring units outside the room instead of being beside the patients, to ensure less contacting between the medical staff and patients, also the cloud is used for those who leave the hospital, as the design can track on their medical cases. Data presentation and analysis were accomplished by the LabVIEW program. A Graphical User Interface (GUI) has been created by the Virtual-Instrument (VI) of this program that offer real-time access to monitor patients' measurements. If unhealthy states are detected, the design triggers alerts and sends SMS message to the doctor. furthermore, the clinicians can scan a QR code (which is assigned to each patient individually) to access its real-time measurements. The system also utilizes Electrocardiography (ECG) to detect abnormalities and identify specific heart diseases based on its extracted parameters to encourage patients to seek timely medical attention, while aiding doctors in making well-informed decisions. To evaluate the system's performance, it is tested in the hospital on many patients of different ages and diseases as well. According to the results, the accuracy measurement of SpO2 was about 98.39%, 97.7% for (heart rate) and 98.7% for body temperature. This shows that the system can offer many patients receiving health services from various facilities, and it ensures efficient data management, access control, real-time monitoring, and secure patient information aligning with healthcare standards.

Developing a trustworthy national health data space: public needs and policy implications

Abstract Background The ongoing development of a national health data space in Switzerland presents an opportunity to transform health delivery and care by enabling large-scale secondary health research. Central to this development is the Health2030 strategy, which calls for the establishment of public trust in the reliability and security of data collection, storage, and exchange. Methods We conducted four focus groups across the German, French and Italian-speaking regions of Switzerland to inform the development of the Swiss health data space that fosters public trust. To inform Swiss policy, we held a panel discussion with patient experts and healthcare professionals to translate the focus group findings into governance and public communication requirements. We synthesized our findings using a thematic analysis approach and proposed a guiding health policy strategy. Results Citizens perceive the health data space as trustworthy conditional on the delivery of its promised higher levels of transparency, security, and lower risk compared to other data sharing initiatives. To ensure its trustworthiness, citizens call for the provision of value-based consent to control data access based on the actors involved and research purposes, alongside implementing accountability measures for data misuse. Governance framework requirements entail establishing an advisory group for the health data space with sufficient representation of the Swiss population, including members of the public, patient advisory groups, and researchers. Public communication requirements call for ongoing monitoring of public opinion on health data space, alongside establishing public engagement initiatives, such as public fora, to inform ongoing progress. Conclusions Policy efforts should prioritize the meaningful involvement of relevant stakeholders throughout all stages of the health data space development to foster trust. Central to these efforts is balancing public expectations with their practical implementation. Key messages • For the health data space to be trustworthy, citizens require transparency on their data use and the security measures taken, value-based consent for data access, and accountability measures. • Diverse representation in governance and continuous public involvement are key policy measures to build public trust in the development of national health data spaces.

Transforming academic assessment: The metaverse‐backed Web 3 secure exam system

AbstractMetaverse—a three‐dimensional computational environment—combines physical and virtual reality to enable social relationships and immersive experiences by mimicking real‐world scenarios. Metaverse is considered the third wave of the internet revolution (exploiting Web 3.0), leveraging upcoming technologies such as extended reality and artificial intelligence shaping a new era of human–‐machine interactions. In recent years, increased research and development on educational technologies (EduTech) based on blockchain technology has seen substantial growth of metaverse‐based solutions within the higher education context. This research aims to synergize blockchain technology and metaverse environments to conduct online exams (metaExam) in a trustworthy, reliable, and secure way. The synergy between blockchain and the metaverse brings various benefits, such as improved security, cost effectiveness, and increased efficiency in the online examination process. One of the central features of the proposed solution metaExam is to leverage cryptographic protocols via blockchain to control data access, making verification faster and protecting against misuse. Exam scores and grades are stored on a blockchain ledger using a digital signature method to enhance security. We validated the proposed solution by testing a prototype on the Ethereum platform using the Sepolia Testnet network using Microsoft Windows environment. Evaluation results indicate (i) query response time (10–50 ms), (ii) and query execution performance (CPU utilization between 1%–5%) offering computationally feasible solution. This research contributes by integrating blockchain and metaverse technologies to offer a solution metaExam that can offer improved security and immersive user experience for exam management. The proposed solution and its validation can provide insights into transforming online exams, offering a fresh perspective on addressing concerns about exam grade authenticity and verifying academic credentials in EduTech.

Ensuring Consistency in Interagency Government Data Exchange: A Blockchain‐based Solution

ABSTRACTEffective data exchange holds the potential to bridge information gaps between government agencies, creating essential prerequisites for enhanced collaboration. However, consistency issue often hinders the performance of interagency government data exchange. Inconsistent query results may be returned from different databases if data records are not timely synchronized, degrading mutual trust and collaboration efficiency among agencies. To address this issue, an interagency government data exchange approach is proposed. Specifically, consortium blockchain is leveraged as a write‐ahead log, enabling different agencies to trace relevant requests failed to be executed in real‐time, thereby promptly providing consistent query results. Detailed settings on protocol level are designed for the blockchain platform to facilitate data exchange regulation, including data structures, consensus algorithms and access control mechanism. Extensive simulation experiments are conducted to evaluate the performance of the proposed approach and investigate the impact of different parameters on data consistency and system availability.

A practical vehicular‐fog‐based privacy‐preserving attribute‐based keyword search system using potential games

AbstractThe growth of fog computing drives Internet of Things users to outsource data for services like storage and sharing. To ensure secure and efficient data search, extensive research has been conducted on searchable encryption, specifically attribute‐based keyword search (ABKS). ABKS facilitates precise access control over encrypted data while maintaining search functionality. However, delegating complex search operations to fog nodes introduces challenges like latency limitations, compromised search results, and unauthorized occupation of server resources. In this manuscript, we propose a Time‐Efficient Data Retrieval (TEDR) scheme to address these challenges. Our scheme incorporates two access policies, allowing data owners (DOs) and data users (DUs) to control data access and search queries. TEDR enables fog nodes to verify search queries before decryption, avoiding unnecessary decryption for invalid queries. We introduce a decentralized query submitting framework to allocate search queries among fog nodes, addressing redundancy concerns and latency issues. We analyze the decentralized query submitting game and classify it as a potential game, making it suitable for decentralized decision‐making. We evaluate TEDR performance on real‐world datasets, demonstrating practicality and efficiency. Our scheme reduces computational and communication costs by approximately 30% compared to existing methods.

The Application of Data Security Protection in Enterprises

Data security protection is crucial in modern enterprises. With the rapid development of information technology, businesses are facing increasingly serious challenges such as data breaches, cyber attacks, and information security management. This article aims to delve into the necessity and effective application of data security protection. Firstly, it defines data security and its significance to business operations, emphasizing the value of data and the importance of its protection. Subsequently, it analyzes the main security threats that enterprises currently face, including risks of both internal and external attacks. It then introduces several key protective technologies and strategies, such as data encryption, access control, and security monitoring, which can effectively mitigate risks. Finally, through case studies, successful implementation effects of data security protection are demonstrated, highlighting the ongoing efforts and development directions for businesses in the field of data security. It is hoped that this article will provide valuable insights for enterprises to establish comprehensive data security protection systems.

Securing Automated Intelligence: Challenges and Solutions in RPA and Generative AI Integration

Integrating Robotic Process Automation (RPA) and Generative AI can revolutionize business processes, enabling greater efficiency, scalability, and intelligent decision-making. However, this powerful combination also introduces various security challenges and impacts to governance that organizations must address to protect sensitive data and maintain trust in automation systems. As RPA bots increasingly interact with AI models, vulnerabilities such as unauthorized data access, malicious model manipulation, and improper handling of sensitive information become more pronounced. These risks can lead to cyberattacks, data breaches, and regulatory compliance violations. This paper examines the security challenges inherent in RPA and Generative AI integration, focusing on three key areas: data privacy, model integrity, and automation governance. We assess how improper configurations and lack of security oversight can expose these systems to exploitation. Furthermore, we explore solutions such as implementing robust encryption protocols, secure data access controls, and continuous monitoring of AI model behavior to detect anomalies. By presenting case studies and evaluating emerging best practices, we offer a framework for safeguarding RPA and AI systems, ensuring that automation remains a trusted and secure tool for organizations. The paper also discusses aligning security strategies with regulatory requirements and industry standards. This approach enables organizations to unlock the full potential of RPA and Generative AI while mitigating risks and protecting against evolving cyber threats.

A federated learning approach to automated and secure supplier selection in cyber manufacturing as-a-service

The emergence of cyber or platform-based manufacturing as-a-service is rapidly disrupting the way discrete parts are sourced and manufactured. However, the centralized business model of cyber manufacturing as-a-service platforms raises concerns about data ownership and access control of independent manufacturing suppliers. Contrary to centralized platforms, cyber manufacturing as-a-service aims to connect designers with geographically distributed manufacturers by serving as a broker who matches the query part design requirements with the manufacturing capabilities of candidate suppliers in its network. One of the key challenges in realizing the vision of cyber manufacturing as-a-service is the lack of a computationally efficient method for manufacturing capability search while maintaining data security of the proprietary datasets of the suppliers in the network. In this paper, we propose a federated learning approach that utilizes a deep unsupervised part retrieval model (FL-DUPR) to learn a federated embedding of suppliers’ manufacturing capabilities without directly accessing their proprietary datasets. We demonstrate through two case studies that this approach yields a supplier selection accuracy of 89 % when the manufacturing capabilities of the suppliers do not overlap, and a multi-label supplier selection accuracy of 87 % when there are significant overlaps in the suppliers’ manufacturing capabilities. We also show that our unsupervised learning approach outperforms the baseline supervised learning classification model trained under the same federated learning framework. The results demonstrate the promise of the proposed federated embedding approach for automated identification of the required manufacturing capabilities offered by various suppliers without directly accessing their proprietary data, thus paving the way for a more secure cyber manufacturing as-a-service business model.

PatCen: A blockchain-based patient-centric mechanism for the granular access control of infectious disease-related test records.

The recent global outbreaks of infectious diseases such as COVID-19, yellow fever, and Ebola have highlighted the critical need for robust health data management systems that can rapidly adapt to and mitigate public health emergencies. In contrast to traditional systems, this study introduces an innovative blockchain-based Electronic Health Record (EHR) access control mechanism that effectively safeguards patient data integrity and privacy. The proposed approach uniquely integrates granular data access control mechanism within a blockchain framework, ensuring that patient data is only accessible to explicitly authorized users and thereby enhancing patient consent and privacy. This system addresses key challenges in healthcare data management, including preventing unauthorized access and overcoming the inefficiencies inherent in traditional access mechanisms. Since the latency is a sensitive factor in healthcare data management, the simulations of the proposed model reveal substantial improvements over existing benchmarks in terms of reduced computing overhead, increased throughput, minimized latency, and strengthened overall security. By demonstrating these advantages, the study contributes significantly to the evolution of health data management, offering a scalable, secure solution that prioritizes patient autonomy and privacy in an increasingly digital healthcare landscape.

Analysis of Key Technologies for Data Security Protection Based on Cloud Computing

With the rapid development of cloud computing, more and more enterprises and institutions are migrating their data and business operations to the cloud. However, this shift has brought data security issues in cloud environments to the forefront. This paper primarily investigates the key technologies for data security protection in cloud computing environments. It begins by introducing the basic concepts and architecture of cloud computing and analyzing the fundamental concepts and threats related to data security protection. The paper then delves into critical technologies such as data encryption, access control, data storage and backup security, and data privacy protection, detailing the algorithmic principles and implementation methods of these technologies. Additionally, the paper explores the challenges faced by current cloud computing data security protection technologies and their corresponding solutions, analyzing the effectiveness of these technologies through practical case studies. Finally, the paper forecasts the future development trends of cloud computing data security technologies, particularly the potential impact of emerging technologies on data security protection. This research aims to provide theoretical and technical support for data security protection in cloud computing environments.