Hadoop-based secure storage solution for big data in cloud computing environment

In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose a Hadoop based big data secure storage scheme.Firstly,in order to disperse the NameNode service from a single server to multiple servers,we combine HDFS federation and HDFS high-availability mechanisms,and use the Zookeeper distributed coordination mechanism to coordinate each node to achieve dual-channel storage.Then,we improve the ECC encryption algorithm for the encryption of ordinary data,and adopt a homomorphic encryption algorithm to encrypt data that needs to be calculated.To accelerate the encryption,we adopt the dualthread encryption mode.Finally,the HDFS control module is designed to combine the encryption algorithm with the storage model.Experimental results show that the proposed solution solves the problem of a single point of failure of metadata,performs well in terms of metadata reliability,and can realize the fault tolerance of the server.The improved encryption algorithm integrates the dual-channel storage mode,and the encryption storage efficiency improves by 27.6% on average.

Towards Blockchain-Based Secure BGP Routing,Challenges and Future Research Directions

Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.

IoT-Enabled Plant Monitoring System with Power Optimization and Secure Authentication

Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agricultural monitoring,they often face limitations such as high power consumption,restricted mobility,complex deployment requirements,and inadequate security measures for data access.This paper introduces an enhanced IoT application for agricultural monitoring systems that address these critical shortcomings.Our system strategically combines power efficiency,portability,and secure access capabilities,assisting farmers in monitoring and tracking crop environmental conditions.The proposed system includes a remote camera that captures images of surrounding plants and a sensor module that regularly monitors various environmental factors,including temperature,humidity,and soil moisture.We implement power management strategies to minimize energy consumption compared to existing solutions.Unlike conventional systems,our implementation utilizes the Amazon Web Services(AWS)cloud platform for reliable data storage and processing while incorporating comprehensive security measures,including Two-Factor Authentication(2FA)and JSON Web Tokens(JWT),features often overlooked in current agricultural IoT solutions.Users can access this secure monitoring system via a developed Android application,providing convenient mobile access to the gathered plant data.We validate our system’s advantages by implementing it with two potted garlic plants on Okayama University’s rooftop.Our evaluation demonstrates high sensor reliabil-ity,with strong correlations between sensor readings and reference data,achieving determination coefficients(R2)of 0.979 for temperature and 0.750 for humidity measurements.The implemented power management strategies extend battery life to 10 days on a single charge,significantly outperforming existing systems that typically require daily recharging.Furthermore,our dual-layer security implementation utilizing 2FA and JWT successfully protects sensitive agricultural data from unauthorized access.

Secure Tracking Control via Fixed-Time Convergent Reinforcement Learning for a UAV CPS

Dear Editor,This letter is concerned with the secure tracking control problem in the unmanned aerial vehicle(UAV) system by fixed-time convergent reinforcement learning(RL). By virtue of the zero-sum game,the false data injection(FDI) attacker and secure controller are viewed as game players.

Secure and Efficient Outsourced Computation in Cloud Computing Environments

Secure and efficient outsourced computation in cloud computing environments is crucial for ensuring data confidentiality, integrity, and resource optimization. In this research, we propose novel algorithms and methodologies to address these challenges. Through a series of experiments, we evaluate the performance, security, and efficiency of the proposed algorithms in real-world cloud environments. Our results demonstrate the effectiveness of homomorphic encryption-based secure computation, secure multiparty computation, and trusted execution environment-based approaches in mitigating security threats while ensuring efficient resource utilization. Specifically, our homomorphic encryption-based algorithm exhibits encryption times ranging from 20 to 1000 milliseconds and decryption times ranging from 25 to 1250 milliseconds for payload sizes varying from 100 KB to 5000 KB. Furthermore, our comparative analysis against state-of-the-art solutions reveals the strengths of our proposed algorithms in terms of security guarantees, encryption overhead, and communication latency.

A Holistic Secure Communication Mechanism Using a Multilayered Cryptographic Protocol to Enhanced Security

In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.

Adaptation of Federated Explainable Artificial Intelligence for Efficient and Secure E-Healthcare Systems

Explainable Artificial Intelligence(XAI)has an advanced feature to enhance the decision-making feature and improve the rule-based technique by using more advanced Machine Learning(ML)and Deep Learning(DL)based algorithms.In this paper,we chose e-healthcare systems for efficient decision-making and data classification,especially in data security,data handling,diagnostics,laboratories,and decision-making.Federated Machine Learning(FML)is a new and advanced technology that helps to maintain privacy for Personal Health Records(PHR)and handle a large amount of medical data effectively.In this context,XAI,along with FML,increases efficiency and improves the security of e-healthcare systems.The experiments show efficient system performance by implementing a federated averaging algorithm on an open-source Federated Learning(FL)platform.The experimental evaluation demonstrates the accuracy rate by taking epochs size 5,batch size 16,and the number of clients 5,which shows a higher accuracy rate(19,104).We conclude the paper by discussing the existing gaps and future work in an e-healthcare system.

Sher: A Secure Broker for DevSecOps and CI/CD Workflows

GitHub Actions, a popular CI/CD platform, introduces significant security challenges due to its integration with GitHub’s open ecosystem and its use of flexible workflow configurations. This paper presents Sher, a Python-based tool that enhances the security of GitHub Actions by automating the detection and remediation of security issues in workflows. Self-Hosted Ephemeral Runner, or Sher, acts as a broker between GitHub’s APIs and a customizable, isolated environment, analyzing workflows through a static rules engine and automatically fixing identified issues. By providing a secure, ephemeral runner environment and a dynamic analysis tool, Sher addresses common misconfigurations and vulnerabilities, contributing to the resilience and integrity of DevSecOps practices within software development pipelines.

Deep Learning-Based Secure Transmission Strategy with Sensor-Transmission-Computing Linkage for Power Internet of Things

The automatic collection of power grid situation information, along with real-time multimedia interaction between the front and back ends during the accident handling process, has generated a massive amount of power grid data. While wireless communication offers a convenient channel for grid terminal access and data transmission, it is important to note that the bandwidth of wireless communication is limited. Additionally, the broadcast nature of wireless transmission raises concerns about the potential for unauthorized eavesdropping during data transmission. To address these challenges and achieve reliable, secure, and real-time transmission of power grid data, an intelligent security transmission strategy with sensor-transmission-computing linkage is proposed in this paper. The primary objective of this strategy is to maximize the confidentiality capacity of the system. To tackle this, an optimization problem is formulated, taking into consideration interruption probability and interception probability as constraints. To efficiently solve this optimization problem, a low-complexity algorithm rooted in deep reinforcement learning is designed, which aims to derive a suboptimal solution for the problem at hand. Ultimately, through simulation results, the validity of the proposed strategy in guaranteed communication security, stability, and timeliness is substantiated. The results confirm that the proposed intelligent security transmission strategy significantly contributes to the safeguarding of communication integrity, system stability, and timely data delivery.

OFDM with Generalized Cascade Index Modulation for Secure Communications

Cascade index modulation(CIM) is a recently proposed improvement of orthogonal frequency division multiplexing with index modulation(OFDM-IM) and achieves better error performance.In CIM, at least two different IM operations construct a super IM operation or achieve new functionality. First, we propose a OFDM with generalized CIM(OFDM-GCIM) scheme to achieve a joint IM of subcarrier selection and multiple-mode(MM)permutations by using a multilevel digital algorithm.Then, two schemes, called double CIM(D-CIM) and multiple-layer CIM(M-CIM), are proposed for secure communication, which combine new IM operation for disrupting the original order of bits and symbols with conventional OFDM-IM, to protect the legitimate users from eavesdropping in the wireless communications. A subcarrier-wise maximum likelihood(ML) detector and a low complexity log-likelihood ratio(LLR) detector are proposed for the legitimate users. A tight upper bound on the bit error rate(BER) of the proposed OFDM-GCIM, D-CIM and MCIM at the legitimate users are derived in closed form by employing the ML criteria detection. Computer simulations and numerical results show that the proposed OFDM-GCIM achieves superior error performance than OFDM-IM, and the error performance at the eavesdroppers demonstrates the security of D-CIM and M-CIM.

Intelligent Reflecting Surface-Aided Secure and Covert Communications

This work employs intelligent reflecting surface(IRS)to enhance secure and covert communication performance.We formulate an optimization problem to jointly design both the reflection beamformer at IRS and transmit power at transmitter Alice in order to optimize the achievable secrecy rate at Bob subject to a covertness constraint.We first develop a Dinkelbach-based algorithm to achieve an upper bound performance and a high-quality solution.For reducing the overhead and computational complexity of the Dinkelbach-based scheme,we further conceive a low-complexity algorithm in which analytical expression for the IRS reflection beamforming is derived at each iteration.Examination result shows that the devised low-complexity algorithm is able to achieve similar secrecy rate performance as the Dinkelbach-based algorithm.Our examination also shows that introducing an IRS into the considered system can significantly improve the secure and covert communication performance relative to the scheme without IRS.

Analysis of Secured Cloud Data Storage Model for Information

This paper was motivated by the existing problems of Cloud Data storage in Imo State University, Nigeria such as outsourced data causing the loss of data and misuse of customer information by unauthorized users or hackers, thereby making customer/client data visible and unprotected. Also, this led to enormous risk of the clients/customers due to defective equipment, bugs, faulty servers, and specious actions. The aim if this paper therefore is to analyze a secure model using Unicode Transformation Format (UTF) base 64 algorithms for storage of data in cloud securely. The methodology used was Object Orientated Hypermedia Analysis and Design Methodology (OOHADM) was adopted. Python was used to develop the security model;the role-based access control (RBAC) and multi-factor authentication (MFA) to enhance security Algorithm were integrated into the Information System developed with HTML 5, JavaScript, Cascading Style Sheet (CSS) version 3 and PHP7. This paper also discussed some of the following concepts;Development of Computing in Cloud, Characteristics of computing, Cloud deployment Model, Cloud Service Models, etc. The results showed that the proposed enhanced security model for information systems of cooperate platform handled multiple authorization and authentication menace, that only one login page will direct all login requests of the different modules to one Single Sign On Server (SSOS). This will in turn redirect users to their requested resources/module when authenticated, leveraging on the Geo-location integration for physical location validation. The emergence of this newly developed system will solve the shortcomings of the existing systems and reduce time and resources incurred while using the existing system.

EG-STC: An Efficient Secure Two-Party Computation Scheme Based on Embedded GPU for Artificial Intelligence Systems

This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.

A Secure Blockchain-Based Vehicular Collision Avoidance Protocol: Detecting and Preventing Blackhole Attacks

This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication among traveling vehicles.Finally,it aims to find a secure solution to prevent blackhole attacks on vehicular network communications.The proposed solution relies on authenticating vehicles by joining a blockchain network.This technology provides identification information and receives cryptography keys.Moreover,the ad hoc on-demand distance vector(AODV)protocol is used for route discovery and ensuring reliable node communication.The system activates an adaptive mode for monitoring communications and continually adjusts trust scores based on packet delivery performance.From the experimental study,we can infer that the proposed protocol has successfully detected and prevented blackhole attacks for different numbers of simulated vehicles and at different traveling speeds.This reduces accident rates by 60%and increases the packet delivery ratio and the throughput of the connecting network by 40%and 20%,respectively.However,extra overheads in delay and memory are required to create and initialize the blockchain network.

Research on intelligent search-and-secure technology in accelerator hazardous areas based on machine vision

Prompt radiation emitted during accelerator operation poses a significant health risk,necessitating a thorough search and securing of hazardous areas prior to initiation.Currently,manual sweep methods are employed.However,the limitations of manual sweeps have become increasingly evident with the implementation of large-scale accelerators.By leveraging advancements in machine vision technology,the automatic identification of stranded personnel in controlled areas through camera imagery presents a viable solution for efficient search and security.Given the criticality of personal safety for stranded individuals,search and security processes must be sufficiently reliable.To ensure comprehensive coverage,180°camera groups were strategically positioned on both sides of the accelerator tunnel to eliminate blind spots within the monitoring range.The YOLOV8 network model was modified to enable the detection of small targets,such as hands and feet,as well as larger targets formed by individuals near the cameras.Furthermore,the system incorporates a pedestrian recognition model that detects human body parts,and an information fusion strategy is used to integrate the detected head,hands,and feet with the identified pedestrians as a cohesive unit.This strategy enhanced the capability of the model to identify pedestrians obstructed by equipment,resulting in a notable improvement in the recall rate.Specifically,recall rates of 0.915 and 0.82were obtained for Datasets 1 and 2,respectively.Although there was a slight decrease in accuracy,it aligned with the intended purpose of the search-and-secure software design.Experimental tests conducted within an accelerator tunnel demonstrated the effectiveness of this approach in achieving reliable recognition outcomes.

Trusted Certified Auditor Using Cryptography for Secure Data Outsourcing and Privacy Preservation in Fog-Enabled VANETs

With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.

An Efficient and Provably Secure SM2 Key-Insulated Signature Scheme for Industrial Internet of Things

With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.

Secure Computation Efficiency Resource Allocation for Massive MIMO-Enabled Mobile Edge Computing Networks

In this article,the secure computation efficiency(SCE)problem is studied in a massive multipleinput multiple-output(mMIMO)-assisted mobile edge computing(MEC)network.We first derive the secure transmission rate based on the mMIMO under imperfect channel state information.Based on this,the SCE maximization problem is formulated by jointly optimizing the local computation frequency,the offloading time,the downloading time,the users and the base station transmit power.Due to its difficulty to directly solve the formulated problem,we first transform the fractional objective function into the subtractive form one via the dinkelbach method.Next,the original problem is transformed into a convex one by applying the successive convex approximation technique,and an iteration algorithm is proposed to obtain the solutions.Finally,the stimulations are conducted to show that the performance of the proposed schemes is superior to that of the other schemes.

Secure symbol level precoding for cell-free network based on band-region constraint of the eavesdropper’s receiving signal

A symbol level secure precoding scheme based on band-region constraint of the eavesdropper’s receiving signal is proposed to enhance the energy efficiency of cell-free multiple-input multiple-output(MIMO)networks in the presence of an eavesdropper while guaranteeing the quality of service(QoS)of user and the security of system.Moreover,to lighten its high computational complexity,original problem is divided into several cascade sub-problems firstly,and then those sub-problems are handled by combining Lagrangian dual function and improved Hooke-Jeeves method together.Comparative ex-periment with other secure symbol-level precoding schemes demonstrate that proposed scheme can achieve the lower power consumption with almost same symbol error rate and QoS of user.

Energy-efficient joint UAV secure communication and 3D trajectory optimization assisted by reconfigurable intelligent surfaces in the presence of eavesdroppers

We consider a scenario where an unmanned aerial vehicle(UAV),a typical unmanned aerial system(UAS),transmits confidential data to a moving ground target in the presence of multiple eavesdroppers.Multiple friendly reconfigurable intelligent surfaces(RISs) help to secure the UAV-target communication and improve the energy efficiency of the UAV.We formulate an optimization problem to minimize the energy consumption of the UAV,subject to the mobility constraint of the UAV and that the achievable secrecy rate at the target is over a given threshold.We present an online planning method following the framework of model predictive control(MPC) to jointly optimize the motion of the UAV and the configurations of the RISs.The effectiveness of the proposed method is validated via computer simulations.