The distributed, heterogeneous, and shared security risks of power equipment data across its entire lifecycle limit the facilitation and integrated sharing of data across the entire lifecycle. This paper proposes a machine-learning-based secure data-sharing model for power equipment data during its lifecycle. The development of the proposed model includes multi-source data merging from the operation, inspection, and maintenance process into one data format through semantic mapping, in the unified structure of the data so that machine-learning is used for feature extraction and risk-prediction for dynamic access control and the adaptive encryption and de-sensitization balance between risk mitigation and data sharing is still maintained. The full-process monitoring and feedback monitoring to detect anomalous behavior can also optimize the polices in real-time. The experimentation provides an assigned data penetration rate of 96.3% for the disconnector. The leakage rate of sensitive information was reduced to 1.8% once the risk level was increased to extremely high. This separation alleviates the conflict of data security and data sharing by providing original research efforts for intelligent information and database systems.

The increasing adoption of Internet hospital systems—enabled by the real-time data streaming capabilities of the Internet of Medical Things (IoMT)—has intensified the need for secure, scalable, and low-latency data management infrastructures. Existing blockchain-based solutions often fail to meet these requirements, particularly under high-frequency workloads and stringent privacy demands. To address these limitations, this study proposes a simulation-based post-quantum-inspired alliance blockchain architecture tailored for Internet hospital systems. The framework incorporates four key innovations: (1) a Kyber-inspired hybrid encryption simulation, reducing encryption and decryption times by 72.3% and 74.4%, respectively, compared to RSA-2048; (2) a lightweight patient-centric access control mechanism based on authorization proofs achieving an average verification latency of ∼0.002 ms; (3) a Raft-based scalable consensus protocol, tested under a synchronous constant-delay network assumption, reducing consensus latency by 92.3% while supporting up to 1000 nodes with sub-150 ms finality; and (4) a fault-tolerant IoMT data ingestion layer using 3-of-5 median filtering, sustaining 90–96.2% sensor correction accuracy under varying fault injection rates. The system is prototyped in Google Colab Pro using synthetic data from 1000 virtual patients. Comparative benchmarks against PBFT and RSA-based systems show a fivefold increase in throughput, ∼9.4–12.3% energy savings per transaction, and ∼14% lower memory consumption during encryption. With a modest daily storage footprint (∼15 MB/day), the proposed solution is both resource-efficient and deployment-ready in simulation environments. These results confirm the potential of this architecture to enable trustworthy, energy-aware, and real-time blockchain infrastructures for next-generation digital healthcare ecosystems.

Warehouse facility access control security represents a critical factor in maintaining operational integrity and preventing criminal activities. This research addresses the elevated security threat risks associated with physical surveillance systems that continue to rely on manual methods with suboptimal performance. The study develops an automated security system based on face recognition technology, implementing Haar Cascade and K-Nearest Neighbors Classifier methods to identify and verify warehouse user identities with precision and automation. The research object focuses on facial recognition systems for warehouse access control. The methodology applies Haar Cascade algorithms for facial detection and K-Nearest Neighbors Classifier for classifying detected faces against existing datasets. Implementation utilizes external webcams, computer hardware, and Python-based programming software. Results demonstrate that the developed system achieves facial recognition accuracy exceeding 90%, delivering superior security performance compared to manual systems. The research concludes that face recognition technology effectively enhances efficiency and security in warehouse access management. The study recommends implementing such systems in large-scale warehouse facilities to optimize security management protocols

Development and evaluation of a head-controlled wheelchair system for users with severe motor impairments.

Health care access and risk factor control in US adults with cardiovascular disease from 2015 to 2023.

Blockchain-based dynamic MUD profiles for tamper-proof IoT access control

Achieving cloud resource optimization with trust-based access control: A novel ML strategy for enhanced performance.

Current healthcare data systems face major challenges in preventing unauthorized access, ensuring compliance with data privacy regulations, and enabling intelligent secondary use of patient information. To address these issues, we introduce cluster-based analysis with machine learning for enhanced healthcare data security (CAML-EHDS), a unified framework that combines homomorphic encryption, attribute-based elliptic curve cryptography (ECC), and semantic clustering with machine learning. CAML-EHDS improves upon existing models by offering fine-grained access control, adaptive threat detection, and data-driven insights while preserving privacy. Experimental results show that CAML-EHDS achieves up to 98% classification accuracy with low node count, and maintains 94% accuracy even at high node distribution levels, while ensuring encryption time under 24 seconds and acceptable data loss below 29%. Moreover, in comparative analysis with state-of-the-art models (support vector machine (SVM), random forest (RF), and decision tree (DT)), CAML-EHDS outperforms all in key metrics with an accuracy of 0.96. These results demonstrate CAML-EHDS’s potential for real-world deployment in secure, scalable, and intelligent healthcare environments, including privacy-aware digital marketing integration.

Cloud storage faces significant security and access control challenges due to reduced user oversight and the emerging threat of quantum computing to traditional cryptographic methods. Existing revocable Identity-Based Encryption (IBE) schemes are limited by their lack of post quantum security, inefficient revocation mechanisms that require re-encryption of data, and cumbersome key update procedures. We propose a post-quantum secure Ring-LWE IBE scheme with dynamic time-based revocation tailored for cloud environments. Our solution is built on the hardness of the Ring Learning with Errors (RLWE) problem to ensure quantum resistance and introduces a novel time-based revocation framework. In our approach, user access is bound to discrete periods and managed through a hierarchical binary tree structured over identities and time. This design eliminates the need to re-encrypt stored data upon user revocation. Instead, a trusted authority periodically distributes lightweight key updates exclusively to non-revoked users. Thanks to the binary tree structure, non-revoked users can compute updated decryption keys with only O (log Nₘₐₓ) overhead in both computation and communication, where Nₘₐₓ is the maximum number of users or periods. Revoked users, having no access to future updates, lose decryption capabilities. We provide formal security proofs showing the schemes resistance against adaptive identity and time-period-based attacks, grounded in the RLWE assumption. Overall, our scheme offers an effective combination of post-quantum security, efficient access control, and simplified key management, making it suitable for secure cloud data sharing in the quantum era.

This study presents the design, implementation, and validation of a cloud security architecture on Amazon Web Services (AWS) that integrates Defense in Depth strategies with Identity and Access Management (IAM) Best Practices, tailored for small and medium-sized enterprises (SMEs). Using the AWS Free Tier, an experimental cloud infrastructure was constructed to evaluate the effectiveness of multi-layered protection encompassing network segmentation, least-privilege access control, and real-time monitoring. The architecture employed a segmented Virtual Private Cloud (VPC) with public and private subnets, controlled by Security Groups (SGs) and Network Access Control Lists (NACLs), while IAM policies and Multi-Factor Authentication (MFA) enforced identity-level security. Centralized monitoring through CloudTrail and CloudWatch enabled anomaly detection and event logging with high accuracy. Test results showed that unauthorized access was effectively blocked, suspicious activities were detected promptly, and all administrative actions were recorded reliably. The findings indicate that combining layered network defenses and IAM governance significantly enhances the resilience, visibility, and security posture of SMEs adopting AWS environments. Beyond its technical effectiveness, the model offers scalability, auditability, and cost-efficiency—demonstrating that enterprise-grade protection can be achieved even within the resource constraints of SMEs. Future work is encouraged to integrate automation and advanced AWS tools such as GuardDuty and Config to strengthen real-world adaptability and compliance.

This study examines the development and implementation of Your Favorite Shirt, a web-based platform designed to modernize thrift shop operations through digital transformation. Many thrift businesses in Indonesia still rely on manual processes or social media, leading to inefficiencies in inventory management, transaction tracking, and reporting. To address these challenges, a prototype-based development method was applied, involving requirement analysis, initial design, prototype construction, user testing, and iterative refinement. The system integrates key features such as multi-role login, product catalogues, transaction management, payment options, and order tracking. Evaluation through functional testing and the PIECES framework demonstrated positive results across performance, efficiency, control, and service dimensions, with an average system response time of under one second. User Acceptance Testing (UAT) with a Likert-scale questionnaire produced a mean score of 1.85, indicating strong user satisfaction. Beyond improving operational efficiency, the platform also supports sustainable fashion practices by curating quality secondhand products and reducing textile waste. However, risk assessment identified several areas requiring improvement, including the absence of a Business Continuity Plan, limited access control mechanisms, and lack of systematic documentation. Future development should focus on integrating social media APIs, implementing product recommendation systems, enhancing layered security, and deploying analytical dashboards to support data-driven decision-making.

This study presents the development and evaluation of a secure and efficient real-time face recognition system for school attendance, integrating cancelable biometrics with cryptographic hashing. A total of 115 face samples were collected from students and teachers under diverse lighting, pose, and expression conditions. Images were pre-processed using Contrast Limited Adaptive Histogram Equalization (CLAHE) and Gamma Correction, followed by feature extraction with ResNet-128D, key-based random projection, binarization into 128-bit templates, and SHA-256 hashing. Evaluation results demonstrated an accuracy of 86.09%, precision of 100%, recall of 86.09%, and F1-score of 92.52%, with an average latency of 281.71 ms, remaining well below the operational threshold of 500 ms. Offline pre-processing improved the F1-Score by 7.50% on large datasets and 7.28% on smaller datasets without sacrificing processing speed. From a security perspective, the system achieved zero false acceptances (FAR = 0%) and allowed template regeneration when compromised, reinforcing privacy preservation. These findings validate the feasibility of combining cancelable biometrics with cryptographic hashing to balance accuracy, speed, and security in practical attendance systems. The research underscores its broader applicability to access control and public security, while future work should emphasize adaptive pre-processing, diverse hardware validation, and hardware acceleration for robust real-time deployment.

The manual system of license plate recognition and fine management is not efficient and contains risks of errors. This paper presents SmartLPD, a web-based application that can automatically detect and manage fines by use of computer vision, and role-based access control. The system has been implemented with Tesseract OCR as a license plate recognition system [1], [2], the Spring Boot as a backend service [3] and a responsive web interface [4], [5] which supports image upload as well as live camera capture. We can have an 85-percent detection rate with processing times of less than 3 seconds, and offer citizens and government interfaces separately. The modular architecture of the system provides the reliability of features of the fallback and access security, provided by JWT-based authentication.

This study developed the Psychosocial Support Management System (PSMS) to strengthen accessibility, efficiency, and confidentiality in providing mental health services within a State University. Using a descriptive-developmental research design, the system was created through the Agile Software Development Life Cycle (SDLC) framework with PHP and MariaDB. It features secure online request forms, structured case management, analytics, and Advanced Encryption Standard (AES) encryption to ensure compliance with the Data Privacy Act of 2012 (RA 10173). Usability was evaluated through standardized instruments, which revealed that both system users and clients perceived the platform as highly usable, reliable, and easy to navigate. Findings indicated that the PSMS effectively streamlined psychosocial service processes, improved record-keeping, and facilitated evidence-based decision-making through its analytics dashboard. Moreover, the integration of encryption and access control mechanisms ensured the protection of sensitive information and promoted user trust in the system. Overall, the PSMS demonstrated its potential as a dependable digital platform for managing university-based mental health services. It is recommended that the system be adopted institution-wide and continuously improved through enhancements such as automated notifications and multilingual support to expand accessibility and promote sustainable implementation.

Session hijacking remains a critical threat in modern cybersecurity, allowing attackers to impersonate legitimate users by exploiting stolen session tokens. Conventional perimeter-based security frameworks often fail to prevent such attacks due to their reliance on static authentication. This study proposes a Zero Trust Architecture (ZTA) approach to prevent and mitigate session hijacking through continuous authentication, device trust verification, and micro-segmentation. A comprehensive dataset—including real-world attack traces, simulated penetration tests, and ZTA implementation logs—was used to evaluate the system's performance. The core components include risk-based access control, short-lived device-bound tokens, and behavioral analytics. Results demonstrate that the proposed model effectively blocks invalid or replayed tokens and untrusted devices, achieving a 100% detection rate in simulated hijacking scenarios. Compared to traditional methods, ZTA significantly reduces the session attack surface and improves resistance against MITM attacks. While challenges remain in user experience and legacy system compatibility, the security benefits justify implementation in cloud and hybrid enterprise environments. It is recommended that organizations adopt ZTA as a foundational security strategy to counter evolving session-based threats.

Enterprise firms that have operations in scaled software markets continue to struggle in developing actionable intelligence out of customer data sharing in a wide array of divergent operation systems, such as customer relationship management software, billing software, marketing automation software, and product telemetry software. The Procore Customer Data Platform project was implemented to solve those issues by building a unified identity resolution service, modular extract-load-transform pipelines with continual quality validation, extensive revenue intelligence models integrating opportunity pipeline through cash collection, and event-driven synchronization so that the operational can be activated almost in real time. The system brought together customer identities, behavioral signals, and financial transactions in an authoritative golden record that did not have duplicate identities and semantic inconsistencies, which previously hampered cross-functional coordination and strategy decision-making processes. The master data management functions were integrated with both deterministic and probabilistic matching functions to create unified customer profiles with comprehensive levels of coverage in entity resolution, with a high level of data quality maintained using automated validation frameworks to enforce schema compliance, referential integrity, and business rule compliance. Revenue intelligence features linked customer acquisition by retention and expansion lifecycle stage, which offered a clear understanding of annual recurring revenue, churn rates, and renewal likelihood, and expansion opportunity to intervene proactively to maximize resources. The event-driven architecture decreased operational latency in the form of batch processing cycles of a few days to streaming synchronization cycles of a few minutes to ensure customer engagement in a timely manner based on usage patterns, payments, and support interactions. Governance structures that included role-based access controls, field-level masking, thorough audit logs, and automatic consent management were also able to comply with significant privacy regulations and create ethical data stewardship principles based on transparency, fairness, and purpose restriction. Quantitative business deliverables comprised of impressive revenue forecast accuracy by removing variance, executive reporting preparation time was dramatically reduced, manual data reconciliation time was dramatically reduced, marketing campaign conversion rates were dramatically increased, and customer retention rates were significantly increased through proactive identification and intervention of risks. The qualitative change in the organization included the recovery of the stakeholder confidence in analytical products, creation of definite metric ownership by using transparent data leveraging, the shift to continuous evidence-based strategic planning instead of the quarterly reactive reporting, and the development of a data culture citizenship when cross-functional teams were involved in the governance decisions and quality was maintained at the corresponding levels. The program can prove that rigorous information engineering disposition coordinated with strategic business goals and facilitated by elaborate governance approaches may turn disjointed information clues into an enduring competitive edge by enhancing the predictability of revenue, operational effectiveness, and maximization of customer lifetime value.

A Time-based Secure Access Control Framework for Cloud Medical Sensor Information Systems

Abstract: Authentication enables individuals to be automatically recognized based on their behavioral or physiological traits. Biometrics is extensively utilized in many commercial and official identifying systems to facilitate automated access control. This research presents a model for multimodal biometric recognition that utilizes a feature level fusion method. The suggested method encompasses a series of five processes, namely pre-processing, feature extraction from all attributes, feature level fusion, feature space reduction, and recognition via machine learning techniques. The initial stage involves the pre-processing of three distinct modalities, namely iris, pamprint, and fingerprint. Next, the process of feature extraction is conducted for each modality in order to extract the features. Following this, the features extracted from three modalities were combined at the feature level. The utilization of feature level fusion in integrating multiple biometric data presents several advantages in comparison to alternative fusion procedures, but accompanied by the notable limitation of creating feature vectors of substantial dimensions. The main objective of this study is to analyze the difficulties related to the management of high-dimensional data and investigate several methods of feature reduction that can be applied to multimodal biometric systems. This study presents a novel approach that employs Cuckoo Search (CS) optimization technique for the purpose of feature selection. The objective is to address the challenges related to integrating the Iris, palmprint, and fingerprint feature spaces at the feature level. Normalization is applied to bring all the feature spaces into same domain during integration of features at feature level. Machine Learning approaches are utilized to assess the effectiveness of feature selection based on Cuckoo Search Algorithm (CSA) and feature space reduction using Principal Component Analysis (PCA) on the CASIA, IITD, and FVC databases. Additionally, matching is performed using the Euclidean distance. The trials undertaken in this study indicated a significant reduction in the feature space when iris, palmprint, and fingerprint characteristics were merged at the feature level. Specifically, the use of CS resulted in a greater reduction compared to PCA. The decrease in size led to an improvement in the accuracy of recognition.

This research reconstructs the authority of notaries in the era of cyber notary by relating the function of proving authentic deeds to verification of tax compliance of the witnesses. Departing from a normative juridical method supported by limited empirical data, this study combines legislative, conceptual, and comparative approaches to harmonize various relevant regulations. The results of the study show that the probative equality of electronic documents requires strict technical prerequisites—including certified electronic signatures, authoritative time-stamping, tamper-evident trail audits—along with the functional equivalent of attendance, reading, and signing. The integration of NIK-NPWP and risk-based tax KYC protocols strengthens identity accuracy and completeness of fiscal obligations, but must be limited by the principles of privacy-by-design, purpose limitation, and role-based access control. This article proposes a draft of operational standards, deed clauses regarding the disclosure and retention of fiscal data, and an architecture of interoperability between notarial systems, trust services, population, and taxation. Policy implications include strengthening accountability, service efficiency, and legitimacy of evidence, as well as reinforcing the code of ethics and fulfilling the right to data protection in the digital legal ecosystem. Methodologically, the main contribution of this research lies in the integration of dogmatic analysis with technical specifications that can be audited as the basis for policy feasibility tests.

Cloud-based file sharing is now ubiquitous across education, healthcare, finance, and government, yet widely used platforms still suffer from misconfigured links, provider-side key custody, and coarse, user- managed permissions. This paper presents Secure File Sharing Using Cloud, a production-oriented web system that unifies client-side AES encryption with an admin- controlled authorization workflow to deliver end-to-end confidentiality, accountable access, and practical scalability. The system adopts a three-tier architecture— React frontend, PHP/AJAX application layer, and MySQL data layer—deployed on AWS EC2 for elasticity and high availability. Files are encrypted prior to upload and remain ciphertext at rest; cross-user retrieval is possible only after explicit administrative approval, with all actions captured in immutable audit logs. We formalize a threat model covering eavesdroppers, credential guessing, SQL injection, and honest-but-curious cloud providers, and map each risk to concrete controls: HTTPS transport, authenticated encryption (AES-GCM), salted password hashing, strict session handling, least-privilege queries, and centralized authorization. A prototype implementation demonstrates that secure operation need not compromise usability: uploads and downloads of files up to 50 MB complete within 3–5 seconds, and the system remains stable with 100 concurrent users while preventing unauthorized access by design. Compared with prior work that emphasizes cryptographic strength, big-data throughput, or system-level mechanisms in isolation, our approach integrates cryptography, governance, and cloud deployment into a cohesive platform suitable for small-to-medium organizations and academic institutions. We discuss extendability to role- based access control, multi-factor authentication, hybrid key distribution (AES + RSA), and verifiable, tamper- evident logging. We release implementation artifacts, schema templates, and threat-model checklists to support replication, audits, and classroom adoption and practitioner use