Security Architecture on the Trusting Internet of Things

By analyzing existed Internet of Things＇ system security vulnerabilities, a security architecture on trusting one is constructed. In the infrastructure, an off-line identity authentication based on the combined public key （CPK） mechanism is proposed, which solves the problems about a mass amount of authentications and the cross-domain authentication by integrating nodes＇ validity of identity authentication and uniqueness of identification. Moreover, the proposal of constructing nodes＇ authentic identification, valid authentication and credible communication connection at the application layer through the perception layer impels the formation of trust chain and relationship among perceptional nodes. Consequently, a trusting environment of the Internet of Things is built, by which a guidance of designing the trusted one would be provided.

脑脊液实验室相关检测指标对神经梅毒的临床诊断价值

脑脊液实验室检测指标在神经梅毒临床诊断中的应用价值研究。方法 选取2019年2月至2022年10月苏州市第五人民医院收治的124例神经梅毒住院患者作为观察组,122例非神经梅毒住院患者作为对照组。分别收集观察组和对照组梅毒检测指标,包括TPPA、TP、TRUST结果;脑脊液相关指标,包括CSF 脑脊液,Cerebro-Spinal Fluid白细胞计数以及微量蛋白等,根据统计数据进行ROC曲线绘制,并评价相关指标对神经梅毒的临床诊断价值。结果 观察组患者 CSF-TPPA\TP\TRUST 阳性率分别为 100%、99.2%、64.5%,均明显高于对照组患者(65.6%、61.5%、2.5%);观察组患者CSF白细胞计数为0.019±0.045,同样明显高于对照组患者0.003±0.007;观察组患者CSF微量蛋白含量为694.62±381.72,明显高于对照组患者395.62±234.76,差异有显著性(P=0.000)。ROC曲线显示,CSF-TPPA\TP\TRUST 在诊断神经梅毒的其曲线下面积分别为 0.672(95% CI 0.604 ~ 0.740)、0.689(95% CI 0.621 ~ 0.756)、0.812(95% CI 0.7561 ~ 0.868),P=0.000 ,其灵敏度分别为 100%、99.2%、64.5%,特异度为 34.4% 、38.5%、97.5%;CSF 微量蛋白在诊断神经梅毒的其曲线下面积为 0.795(95% CI 0.739 ~ 0.851);CSF白细胞计数对于神经梅毒的预测准确率为0.849(95% CI 0.801~897)。结论:脑脊液实验室相关检测指标在神经梅毒中具有一定的诊断价值,可联合脑脊液微量蛋白及白细胞对神经梅毒进行诊断。 。

A Fuzzy Trust Management Mechanism with Dynamic Behavior Monitoring for Wireless Sensor Networks

Traditional wireless sensor networks(WSNs)are typically deployed in remote and hostile environments for information collection.The wireless communication methods adopted by sensor nodes may make the network highly vulnerable to various attacks.Traditional encryption and authentication mechanisms cannot prevent attacks launched by internal malicious nodes.The trust-based security mechanism is usually adopted to solve this problem in WSNs.However,the behavioral evidence used for trust estimation presents some uncertainties due to the open wireless medium and the inexpensive sensor nodes.Moreover,how to efficiently collect behavioral evidences are rarely discussed.To address these issues,in this paper,we present a trust management mechanism based on fuzzy logic and a cloud model.First,a type-II fuzzy logic system is used to preprocess the behavioral evidences and alleviate uncertainty.Then,the cloud model is introduced to estimate the trust values for sensor nodes.Finally,a dynamic behavior monitoring protocol is proposed to provide a balance between energy conservation and safety assurance.Simulation results demonstrate that our trust management mechanism can effectively protect the network from internal malicious attacks while enhancing the energy efficiency of behavior monitoring.

CRBFT:A Byzantine Fault-Tolerant Consensus Protocol Based on Collaborative Filtering Recommendation for Blockchains

Blockchain has been widely used in finance,the Internet of Things(IoT),supply chains,and other scenarios as a revolutionary technology.Consensus protocol plays a vital role in blockchain,which helps all participants to maintain the storage state consistently.However,with the improvement of network environment complexity and system scale,blockchain development is limited by the performance,security,and scalability of the consensus protocol.To address this problem,this paper introduces the collaborative filtering mechanism commonly used in the recommendation system into the Practical Byzantine Fault Tolerance(PBFT)and proposes a Byzantine fault-tolerant(BFT)consensus protocol based on collaborative filtering recommendation(CRBFT).Specifically,an improved collaborative filtering recommendation method is designed to use the similarity between a node’s recommendation opinions and those of the recommender as a basis for determining whether to adopt the recommendation opinions.This can amplify the recommendation voice of good nodes,weaken the impact of cunningmalicious nodes on the trust value calculation,andmake the calculated resultsmore accurate.In addition,the nodes are given voting power according to their trust value,and a weight randomelection algorithm is designed and implemented to reduce the risk of attack.The experimental results show that CRBFT can effectively eliminate various malicious nodes and improve the performance of blockchain systems in complex network environments,and the feasibility of CRBFT is also proven by theoretical analysis.

Towards Blockchain-Based Secure BGP Routing,Challenges and Future Research Directions

Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.

Enhancing the Trustworthiness of 6G Based on Trusted Multi-Cloud Infrastructure:A Practice of Cryptography Approach

Due to the need for massive device connectivity,low communication latency,and various customizations in 6G architecture,a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integrated network scenario.However,the openness and heterogeneity of the 6G network cause the problems of network security.To improve the trustworthiness of 6G networks,we propose a trusted computing-based approach for establishing trust relationships inmulti-cloud scenarios.The proposed method shows the relationship of trust based on dual-level verification.It separates the trustworthy states of multiple complex cloud units in 6G architecture into the state within and between cloud units.Firstly,SM3 algorithm establishes the chain of trust for the system’s trusted boot phase.Then,the remote attestation server(RAS)of distributed cloud units verifies the physical servers.Meanwhile,the physical servers use a ring approach to verify the cloud servers.Eventually,the centralized RAS takes one-time authentication to the critical evidence information of distributed cloud unit servers.Simultaneously,the centralized RAS also verifies the evidence of distributed RAS.We establish our proposed approach in a natural OpenStack-based cloud environment.The simulation results show that the proposed method achieves higher security with less than a 1%system performance loss.

Enhancing Energy Efficiency with a Dynamic Trust Measurement Scheme in Power Distribution Network

The application of Intelligent Internet of Things(IIoT)in constructing distribution station areas strongly supports platform transformation,upgrade,and intelligent integration.The sensing layer of IIoT comprises the edge convergence layer and the end sensing layer,with the former using intelligent fusion terminals for real-time data collection and processing.However,the influx of multiple low-voltage in the smart grid raises higher demands for the performance,energy efficiency,and response speed of the substation fusion terminals.Simultaneously,it brings significant security risks to the entire distribution substation,posing a major challenge to the smart grid.In response to these challenges,a proposed dynamic and energy-efficient trust measurement scheme for smart grids aims to address these issues.The scheme begins by establishing a hierarchical trust measurement model,elucidating the trust relationships among smart IoT terminals.It then incorporates multidimensional measurement factors,encompassing static environmental factors,dynamic behaviors,and energy states.This comprehensive approach reduces the impact of subjective factors on trust measurements.Additionally,the scheme incorporates a detection process designed for identifying malicious low-voltage end sensing units,ensuring the prompt identification and elimination of any malicious terminals.This,in turn,enhances the security and reliability of the smart grid environment.The effectiveness of the proposed scheme in pinpointing malicious nodes has been demonstrated through simulation experiments.Notably,the scheme outperforms established trust metric models in terms of energy efficiency,showcasing its significant contribution to the field.

Trusted Certified Auditor Using Cryptography for Secure Data Outsourcing and Privacy Preservation in Fog-Enabled VANETs

With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.

A Large-Scale Group Decision Making Model Based on Trust Relationship and Social Network Updating

With the development of big data and social computing,large-scale group decisionmaking(LGDM)is nowmerging with social networks.Using social network analysis(SNA),this study proposes an LGDM consensus model that considers the trust relationship among decisionmakers(DMs).In the process of consensusmeasurement:the social network is constructed according to the social relationship among DMs,and the Louvain method is introduced to classify social networks to form subgroups.In this study,the weights of each decision maker and each subgroup are computed by comprehensive network weights and trust weights.In the process of consensus improvement:A feedback mechanism with four identification and two direction rules is designed to guide the consensus of the improvement process.Based on the trust relationship among DMs,the preferences are modified,and the corresponding social network is updated to accelerate the consensus.Compared with the previous research,the proposedmodel not only allows the subgroups to be reconstructed and updated during the adjustment process,but also improves the accuracy of the adjustment by the feedbackmechanism.Finally,an example analysis is conducted to verify the effectiveness and flexibility of the proposed method.Moreover,compared with previous studies,the superiority of the proposed method in solving the LGDM problem is highlighted.

A Trust Evaluation Mechanism Based on Autoencoder Clustering Algorithm for Edge Device Access of IoT

First,we propose a cross-domain authentication architecture based on trust evaluation mechanism,including registration,certificate issuance,and cross-domain authentication processes.A direct trust evaluation mechanism based on the time decay factor is proposed,taking into account the influence of historical interaction records.We weight the time attenuation factor to each historical interaction record for updating and got the new historical record data.We refer to the beta distribution to enhance the flexibility and adaptability of the direct trust assessment model to better capture time trends in the historical record.Then we propose an autoencoder-based trust clustering algorithm.We perform feature extraction based on autoencoders.Kullback leibler(KL)divergence is used to calculate the reconstruction error.When constructing a convolutional autoencoder,we introduce convolutional neural networks to improve training efficiency and introduce sparse constraints into the hidden layer of the autoencoder.The sparse penalty term in the loss function measures the difference through the KL divergence.Trust clustering is performed based on the density based spatial clustering of applications with noise(DBSCAN)clustering algorithm.During the clustering process,edge nodes have a variety of trustworthy attribute characteristics.We assign different attribute weights according to the relative importance of each attribute in the clustering process,and a larger weight means that the attribute occupies a greater weight in the calculation of distance.Finally,we introduced adaptive weights to calculate comprehensive trust evaluation.Simulation experiments prove that our trust evaluation mechanism has excellent reliability and accuracy.

Multi-source heterogeneous data access management framework and key technologies for electric power Internet of Things

The power Internet of Things(IoT)is a significant trend in technology and a requirement for national strategic development.With the deepening digital transformation of the power grid,China’s power system has initially built a power IoT architecture comprising a perception,network,and platform application layer.However,owing to the structural complexity of the power system,the construction of the power IoT continues to face problems such as complex access management of massive heterogeneous equipment,diverse IoT protocol access methods,high concurrency of network communications,and weak data security protection.To address these issues,this study optimizes the existing architecture of the power IoT and designs an integrated management framework for the access of multi-source heterogeneous data in the power IoT,comprising cloud,pipe,edge,and terminal parts.It further reviews and analyzes the key technologies involved in the power IoT,such as the unified management of the physical model,high concurrent access,multi-protocol access,multi-source heterogeneous data storage management,and data security control,to provide a more flexible,efficient,secure,and easy-to-use solution for multi-source heterogeneous data access in the power IoT.

Research on Data Tampering Prevention Method for ATC Network Based on Zero Trust

The traditional air traffic control information sharing data has weak security characteristics of personal privacy data and poor effect,which is easy to leads to the problem that the data is usurped.Starting from the application of the ATC(automatic train control)network,this paper focuses on the zero trust and zero trust access strategy and the tamper-proof method of information-sharing network data.Through the improvement of ATC’s zero trust physical layer authentication and network data distributed feature differentiation calculation,this paper reconstructs the personal privacy scope authentication structure and designs a tamper-proof method of ATC’s information sharing on the Internet.From the single management authority to the unified management of data units,the systematic algorithm improvement of shared network data tamper prevention method is realized,and RDTP(Reliable Data Transfer Protocol)is selected in the network data of information sharing resources to realize the effectiveness of tamper prevention of air traffic control data during transmission.The results show that this method can reasonably avoid the tampering of information sharing on the Internet,maintain the security factors of air traffic control information sharing on the Internet,and the Central Processing Unit(CPU)utilization rate is only 4.64%,which effectively increases the performance of air traffic control data comprehensive security protection system.

Cloud edge integrated security architecture of new cloud manufacturing system

With the rapid development of cloud manufacturing technology and the new generation of artificial intelligence technology,the new cloud manufacturing system(NCMS)built on the connotation of cloud manufacturing 3.0 presents a new business model of“Internet of everything,intelligent leading,data driving,shared services,cross-border integration,and universal innovation”.The network boundaries are becoming increasingly blurred,NCMS is facing security risks such as equipment unauthorized use,account theft,static and extensive access control policies,unauthorized access,supply chain attacks,sensitive data leaks,and industrial control vulnerability attacks.Traditional security architectures mainly use information security technology,which cannot meet the active security protection requirements of NCMS.In order to solve the above problems,this paper proposes an integrated cloud-edge-terminal security system architecture of NCMS.It adopts the zero trust concept and effectively integrates multiple security capabilities such as network,equipment,cloud computing environment,application,identity,and data.It adopts a new access control mode of“continuous verification+dynamic authorization”,classified access control mechanisms such as attribute-based access control,rolebased access control,policy-based access control,and a new data security protection system based on blockchain,achieving“trustworthy subject identity,controllable access behavior,and effective protection of subject and object resources”.This architecture provides an active security protection method for NCMS in the digital transformation of large enterprises,and can effectively enhance network security protection capabilities and cope with increasingly severe network security situations.

Machine learning and human‐machine trust in healthcare:A systematic survey

As human‐machine interaction(HMI)in healthcare continues to evolve,the issue of trust in HMI in healthcare has been raised and explored.It is critical for the development and safety of healthcare that humans have proper trust in medical machines.Intelligent machines that have applied machine learning(ML)technologies continue to penetrate deeper into the medical environment,which also places higher demands on intelligent healthcare.In order to make machines play a role in HMI in healthcare more effectively and make human‐machine cooperation more harmonious,the authors need to build good humanmachine trust(HMT)in healthcare.This article provides a systematic overview of the prominent research on ML and HMT in healthcare.In addition,this study explores and analyses ML and three important factors that influence HMT in healthcare,and then proposes a HMT model in healthcare.Finally,general trends are summarised and issues to consider addressing in future research on HMT in healthcare are identified.

Trust-based Intelligent Scheme for Mitigating Black Hole Attacks in IoT

Internet of Things(IoT)networks are characterized by a multitude of wireless,interconnected devices that can dynamically join or exit the network without centralized administration or fixed infrastructure for routing.While multipath routing in IoT networks can improve data transmission reliability and load balancing by establishing multiple paths between source and destination nodes,these networks are susceptible to security threats due to their wireless nature.Traditional security solutions developed for conventional networks are often ill-suited to the unique challenges posed by IoT environments.In response to these challenges,this paper proposes the integration of the Ad hoc On-demand Multipath Distance Vector(AOMDV)routing protocol with a trust model to enhance network performance.Key findings from this research demonstrate the successful fusion of AOMDV with a trust model,resulting in tangible improvements in network performance.The assessment of trustworthiness bolsters both security and routing capabilities in IoT networks.The trust model plays a crucial role in mitigating black hole attacks in IoT networks by evaluating the trustworthiness of nodes and helping in the identification and avoidance of malicious nodes that may act as black holes.Simulation results validate the efficacy of the proposed trust-based routing mechanism in achieving its objectives.Trust plays a pivotal role in decision-making and in the creation of secure distribution systems.By assessing the trustworthiness of nodes,both network security and routing efficiency can be enhanced.The effectiveness of the proposed trust-based routing mechanism is scrutinized through simulations,offering insights into its potential advantages in terms of improved network security and routing performance in the context of the IoT.

不同梅毒检测方法(ELISA、TPPA、TRUST)效果比较

目的对比ELISA、TPPA、TRUST对梅毒的检测效果。方法将2020年1月~2023年6月我院诊治的疑似梅毒感染患者980例。对所有患者分别应用ELISA、TPPA、TRUST进行梅毒螺旋体(TP)检测。对比三种检测方法的TP阳性率及对梅毒的诊断效能。结果ELISA检测的TP阳性率及对梅毒感染的诊断效能均明显高于TRUST检测(P<0.05);ELISA检测的TP阳性率对梅毒感染的诊断效能略高于TPPA检测,TPPA检测的TP阳性率及对梅毒感染的诊断效能略高于TRUST检测(P>0.05)。结论相比于TRUST而言,ELISA对TP的阳性检出率及对梅毒感染的诊断效能更高,TPPA居中,但综合而言三种方法具有不同的侧重点,其中ELISA适合进行大批量样本筛查,TPPA适合进行梅毒感染诊断,而TRUST适合进行疗效及预后评估,故可根据实际需求来选择。

Reinforcing of Citizen’s Trust in E-Government: The Cameroon’s Case

The embracing of ICTs and related technologies has enhanced different approaches for governments worldwide to deliver services to their citizens in a smart way. However, the usage of e-government services by common citizens is recognized as one of the major setbacks of e-government development in both developed and developing countries. Moreover, government agencies in these countries are facing great challenges in keeping the citizens motivated enough to continue to use e-government services. This research aims to investigate the factors that influence citizens’ trust towards continue use of e-government services in Cameroon. The proposed research model consisted of three main constructs including technological, governmental, risk factors as well as six demographic characteristics (age, gender, educational level, income, internet experience and cultural perception). A five-point Likert scale questionnaire was designed to collect data physically and electronically, 352 valid questionnaires were retrieved. Simple and Multiple regression analysis methods were applied to build an adequate model based on the verification of hypotheses proposed. Based on results obtained, four demographic characteristics (age, education, occupation and income) have influence on citizens’ trust in e-government meanwhile gender and cultural affiliation have no influence. Furthermore, technological factors and governmental factors positively influence trust level in e-government, whereas risk factors have a negative influence on trust level. Deducing from the results, a list of recommendations is proposed to the government of Cameroon in order to reinforce citizens’ trust in e-government services.

不同梅毒检验方法在梅毒螺旋体检测中的临床效果

分析不同检验方法对梅毒螺旋体的检出价值。方法 80例疑似梅毒患者为研究对象,均进行酶联免疫吸附法(ELISA)、梅毒螺旋体颗粒凝集试验(TPPA)、甲苯胺红不加热血清试验(TRUST)检验,评估检验结果。结果 ELISA法、TPPA法检验梅毒螺旋体的价值高于TRUST法(P<0.05);ELISA法较TPPA法特异度更高(P<0.05)。结论 通过ELISA法、TPPA法检验梅毒螺旋体价值高,其中ELISA法有较高的灵敏度。

From Standard Policy-Based Zero Trust to Absolute Zero Trust (AZT): A Quantum Leap to Q-Day Security

Cybercrime is projected to cost a whopping $23.8 Trillion by 2027. This is essentially because there’s no computer network that’s not vulnerable. Fool-proof cybersecurity of personal data in a connected computer is considered practically impossible. The advent of quantum computers (QC) will worsen cybersecurity. QC will be a boon for data-intensive industries by drastically reducing the computing time from years to minutes. But QC will render our current cryptography vulnerable to quantum attacks, breaking nearly all modern cryptographic systems. Before QCs with sufficient qubits arrive, we must be ready with quantum-safe strategies to protect our ICT infrastructures. Post-quantum cryptography (PQC) is being aggressively pursued worldwide as a defence from the potential Q-day threat. NIST (National Institute of Standards and Technology), in a rigorous process, tested 82 PQC schemes, 80 of which failed after the final round in 2022. Recently the remaining two PQCs were also cracked by a Swedish and a French team of cryptographers, placing NIST’s PQC standardization process in serious jeopardy. With all the NIST-evaluated PQCs failing, there’s an urgent need to explore alternate strategies. Although cybersecurity heavily relies on cryptography, recent evidence indicates that it can indeed transcend beyond encryption using Zero Vulnerability Computing (ZVC) technology. ZVC is an encryption-agnostic absolute zero trust (AZT) approach that can potentially render computers quantum resistant by banning all third-party permissions, a root cause of most vulnerabilities. Unachievable in legacy systems, AZT is pursued by an experienced consortium of European partners to build compact, solid-state devices that are robust, resilient, energy-efficient, and with zero attack surface, rendering them resistant to malware and future Q-Day threats.

Futureproofing Blockchain & Cryptocurrencies against Growing Vulnerabilities & Q-Day Threat with Quantum-Safe Ledger Technology (QLT)

With one billion users using 380 exchanges, the security of blockchains and cryptocurrencies remains a major concern as billions are lost to hackers every year. Cryptocurrency hacks negatively impact cryptocurrency markets introducing volatility. Each major scam/hack incident results in a significant price dip for most cryptocurrencies, decelerating the growth of the blockchain economy. Existing blockchain vulnerabilities are further amplified by the impending existential threat from quantum computers. While there’s no reprieve yet from the scam/hack prone blockchain economy, quantum resilience is being aggressively pursued by post quantum cryptography (PQC) researchers, despite 80 of 82 candidate PQCs failing. As PQC has no role in combating inherent vulnerabilities, securing over 1000 existing blockchains against scammers/hackers remains a top priority for this industry. This research proposes a novel Quantum-safe Ledger Technology (QLT) framework that not only secures DLTs/cryptocurrencies and exchanges from current vulnerabilities but protects them from the impending Q-day threats from future quantum computers. As blockchain-agnostic technology, the QLT framework can be easily adapted to secure any blockchain or crypto exchange.