基于TrustZone硬件隔离技术的CLKScrew攻击防护研究

随着信息技术的迅猛发展,嵌入式系统中的安全性问题日益受到关注。本文针对嵌入式平台中动态电压频率调整技术存在的安全漏洞,基于高级精简指令集机器的TrustZone硬件隔离技术设计并实现了一种可信执行环境(TEE),利用TrustZone技术实现了TEE与普通执行环境操作系统间的切换。该环境能够有效抵御CLKScrew攻击,即通过多次调整中央处理器(CPU)线程工作频率来触发嵌入式平台的运行错误。实验结果表明,在该可信执行环境中,即使面临CLK⁃Screw攻击,CPU线程仍能正常工作,确保了系统的安全性。

Enhancing Energy Efficiency with a Dynamic Trust Measurement Scheme in Power Distribution Network

The application of Intelligent Internet of Things(IIoT)in constructing distribution station areas strongly supports platform transformation,upgrade,and intelligent integration.The sensing layer of IIoT comprises the edge convergence layer and the end sensing layer,with the former using intelligent fusion terminals for real-time data collection and processing.However,the influx of multiple low-voltage in the smart grid raises higher demands for the performance,energy efficiency,and response speed of the substation fusion terminals.Simultaneously,it brings significant security risks to the entire distribution substation,posing a major challenge to the smart grid.In response to these challenges,a proposed dynamic and energy-efficient trust measurement scheme for smart grids aims to address these issues.The scheme begins by establishing a hierarchical trust measurement model,elucidating the trust relationships among smart IoT terminals.It then incorporates multidimensional measurement factors,encompassing static environmental factors,dynamic behaviors,and energy states.This comprehensive approach reduces the impact of subjective factors on trust measurements.Additionally,the scheme incorporates a detection process designed for identifying malicious low-voltage end sensing units,ensuring the prompt identification and elimination of any malicious terminals.This,in turn,enhances the security and reliability of the smart grid environment.The effectiveness of the proposed scheme in pinpointing malicious nodes has been demonstrated through simulation experiments.Notably,the scheme outperforms established trust metric models in terms of energy efficiency,showcasing its significant contribution to the field.

A Fuzzy Trust Management Mechanism with Dynamic Behavior Monitoring for Wireless Sensor Networks

Traditional wireless sensor networks(WSNs)are typically deployed in remote and hostile environments for information collection.The wireless communication methods adopted by sensor nodes may make the network highly vulnerable to various attacks.Traditional encryption and authentication mechanisms cannot prevent attacks launched by internal malicious nodes.The trust-based security mechanism is usually adopted to solve this problem in WSNs.However,the behavioral evidence used for trust estimation presents some uncertainties due to the open wireless medium and the inexpensive sensor nodes.Moreover,how to efficiently collect behavioral evidences are rarely discussed.To address these issues,in this paper,we present a trust management mechanism based on fuzzy logic and a cloud model.First,a type-II fuzzy logic system is used to preprocess the behavioral evidences and alleviate uncertainty.Then,the cloud model is introduced to estimate the trust values for sensor nodes.Finally,a dynamic behavior monitoring protocol is proposed to provide a balance between energy conservation and safety assurance.Simulation results demonstrate that our trust management mechanism can effectively protect the network from internal malicious attacks while enhancing the energy efficiency of behavior monitoring.

A Trust Evaluation Mechanism Based on Autoencoder Clustering Algorithm for Edge Device Access of IoT

First,we propose a cross-domain authentication architecture based on trust evaluation mechanism,including registration,certificate issuance,and cross-domain authentication processes.A direct trust evaluation mechanism based on the time decay factor is proposed,taking into account the influence of historical interaction records.We weight the time attenuation factor to each historical interaction record for updating and got the new historical record data.We refer to the beta distribution to enhance the flexibility and adaptability of the direct trust assessment model to better capture time trends in the historical record.Then we propose an autoencoder-based trust clustering algorithm.We perform feature extraction based on autoencoders.Kullback leibler(KL)divergence is used to calculate the reconstruction error.When constructing a convolutional autoencoder,we introduce convolutional neural networks to improve training efficiency and introduce sparse constraints into the hidden layer of the autoencoder.The sparse penalty term in the loss function measures the difference through the KL divergence.Trust clustering is performed based on the density based spatial clustering of applications with noise(DBSCAN)clustering algorithm.During the clustering process,edge nodes have a variety of trustworthy attribute characteristics.We assign different attribute weights according to the relative importance of each attribute in the clustering process,and a larger weight means that the attribute occupies a greater weight in the calculation of distance.Finally,we introduced adaptive weights to calculate comprehensive trust evaluation.Simulation experiments prove that our trust evaluation mechanism has excellent reliability and accuracy.

Machine learning and human‐machine trust in healthcare:A systematic survey

As human‐machine interaction(HMI)in healthcare continues to evolve,the issue of trust in HMI in healthcare has been raised and explored.It is critical for the development and safety of healthcare that humans have proper trust in medical machines.Intelligent machines that have applied machine learning(ML)technologies continue to penetrate deeper into the medical environment,which also places higher demands on intelligent healthcare.In order to make machines play a role in HMI in healthcare more effectively and make human‐machine cooperation more harmonious,the authors need to build good humanmachine trust(HMT)in healthcare.This article provides a systematic overview of the prominent research on ML and HMT in healthcare.In addition,this study explores and analyses ML and three important factors that influence HMT in healthcare,and then proposes a HMT model in healthcare.Finally,general trends are summarised and issues to consider addressing in future research on HMT in healthcare are identified.

Enhancing the Trustworthiness of 6G Based on Trusted Multi-Cloud Infrastructure:A Practice of Cryptography Approach

Due to the need for massive device connectivity,low communication latency,and various customizations in 6G architecture,a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integrated network scenario.However,the openness and heterogeneity of the 6G network cause the problems of network security.To improve the trustworthiness of 6G networks,we propose a trusted computing-based approach for establishing trust relationships inmulti-cloud scenarios.The proposed method shows the relationship of trust based on dual-level verification.It separates the trustworthy states of multiple complex cloud units in 6G architecture into the state within and between cloud units.Firstly,SM3 algorithm establishes the chain of trust for the system’s trusted boot phase.Then,the remote attestation server(RAS)of distributed cloud units verifies the physical servers.Meanwhile,the physical servers use a ring approach to verify the cloud servers.Eventually,the centralized RAS takes one-time authentication to the critical evidence information of distributed cloud unit servers.Simultaneously,the centralized RAS also verifies the evidence of distributed RAS.We establish our proposed approach in a natural OpenStack-based cloud environment.The simulation results show that the proposed method achieves higher security with less than a 1%system performance loss.

A Large-Scale Group Decision Making Model Based on Trust Relationship and Social Network Updating

With the development of big data and social computing,large-scale group decisionmaking(LGDM)is nowmerging with social networks.Using social network analysis(SNA),this study proposes an LGDM consensus model that considers the trust relationship among decisionmakers(DMs).In the process of consensusmeasurement:the social network is constructed according to the social relationship among DMs,and the Louvain method is introduced to classify social networks to form subgroups.In this study,the weights of each decision maker and each subgroup are computed by comprehensive network weights and trust weights.In the process of consensus improvement:A feedback mechanism with four identification and two direction rules is designed to guide the consensus of the improvement process.Based on the trust relationship among DMs,the preferences are modified,and the corresponding social network is updated to accelerate the consensus.Compared with the previous research,the proposedmodel not only allows the subgroups to be reconstructed and updated during the adjustment process,but also improves the accuracy of the adjustment by the feedbackmechanism.Finally,an example analysis is conducted to verify the effectiveness and flexibility of the proposed method.Moreover,compared with previous studies,the superiority of the proposed method in solving the LGDM problem is highlighted.

Trusted Certified Auditor Using Cryptography for Secure Data Outsourcing and Privacy Preservation in Fog-Enabled VANETs

With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.

Research on Data Tampering Prevention Method for ATC Network Based on Zero Trust

The traditional air traffic control information sharing data has weak security characteristics of personal privacy data and poor effect,which is easy to leads to the problem that the data is usurped.Starting from the application of the ATC(automatic train control)network,this paper focuses on the zero trust and zero trust access strategy and the tamper-proof method of information-sharing network data.Through the improvement of ATC’s zero trust physical layer authentication and network data distributed feature differentiation calculation,this paper reconstructs the personal privacy scope authentication structure and designs a tamper-proof method of ATC’s information sharing on the Internet.From the single management authority to the unified management of data units,the systematic algorithm improvement of shared network data tamper prevention method is realized,and RDTP(Reliable Data Transfer Protocol)is selected in the network data of information sharing resources to realize the effectiveness of tamper prevention of air traffic control data during transmission.The results show that this method can reasonably avoid the tampering of information sharing on the Internet,maintain the security factors of air traffic control information sharing on the Internet,and the Central Processing Unit(CPU)utilization rate is only 4.64%,which effectively increases the performance of air traffic control data comprehensive security protection system.

From Standard Policy-Based Zero Trust to Absolute Zero Trust (AZT): A Quantum Leap to Q-Day Security

Cybercrime is projected to cost a whopping $23.8 Trillion by 2027. This is essentially because there’s no computer network that’s not vulnerable. Fool-proof cybersecurity of personal data in a connected computer is considered practically impossible. The advent of quantum computers (QC) will worsen cybersecurity. QC will be a boon for data-intensive industries by drastically reducing the computing time from years to minutes. But QC will render our current cryptography vulnerable to quantum attacks, breaking nearly all modern cryptographic systems. Before QCs with sufficient qubits arrive, we must be ready with quantum-safe strategies to protect our ICT infrastructures. Post-quantum cryptography (PQC) is being aggressively pursued worldwide as a defence from the potential Q-day threat. NIST (National Institute of Standards and Technology), in a rigorous process, tested 82 PQC schemes, 80 of which failed after the final round in 2022. Recently the remaining two PQCs were also cracked by a Swedish and a French team of cryptographers, placing NIST’s PQC standardization process in serious jeopardy. With all the NIST-evaluated PQCs failing, there’s an urgent need to explore alternate strategies. Although cybersecurity heavily relies on cryptography, recent evidence indicates that it can indeed transcend beyond encryption using Zero Vulnerability Computing (ZVC) technology. ZVC is an encryption-agnostic absolute zero trust (AZT) approach that can potentially render computers quantum resistant by banning all third-party permissions, a root cause of most vulnerabilities. Unachievable in legacy systems, AZT is pursued by an experienced consortium of European partners to build compact, solid-state devices that are robust, resilient, energy-efficient, and with zero attack surface, rendering them resistant to malware and future Q-Day threats.

Trust in Clinical Practice: A Systematic Review

Background: The aim of this study is to gain a better understanding of the true importance of trust in clinical practice by looking at how it is formed, how it affects clinical practice, and how to improve it. Methods: Using the PRISMA-ScR checklist, a review of the literature was performed to identify research evaluating the importance of trust in the doctor-patient relationship. After thorough screening and removal of duplicates, 21 articles were used in the literature review. Results: The classifying themes that emerged in the selected articles were What Makes Trust and Effects of Trust. The theme of What Makes Trust garnered two subthemes as well: Impact of Doctor-Patient Relationship on Trust and Impact of Shared Decision-Making on Trust. Further to that, the overarching themes found were slightly more specific. They were Traits of Trust, Mistrust and Barriers to Trust, Positive Effects of Trust and the Effects of a Lack of Trust. We found that the best way to improve trust was to improve communication between the patient and the doctor. Additionally, we found that the biggest barrier to a trusting doctor patient relationship was a stigmatised condition, followed by a perception of a financially-motivated doctor. Finally, we found that a lack of trust can prevent patients from seeking and receiving proper treatment. Conclusions: With a better understanding of how trust is built and the extent of the role it plays in clinical practice, we hope that this growing knowledge can improve the practice of many doctors in the future. It is certain that more research needs to be done in this area, especially focusing on vulnerable and stigmatised populations such as chronic pain patients.

Reinforcing of Citizen’s Trust in E-Government: The Cameroon’s Case

The embracing of ICTs and related technologies has enhanced different approaches for governments worldwide to deliver services to their citizens in a smart way. However, the usage of e-government services by common citizens is recognized as one of the major setbacks of e-government development in both developed and developing countries. Moreover, government agencies in these countries are facing great challenges in keeping the citizens motivated enough to continue to use e-government services. This research aims to investigate the factors that influence citizens’ trust towards continue use of e-government services in Cameroon. The proposed research model consisted of three main constructs including technological, governmental, risk factors as well as six demographic characteristics (age, gender, educational level, income, internet experience and cultural perception). A five-point Likert scale questionnaire was designed to collect data physically and electronically, 352 valid questionnaires were retrieved. Simple and Multiple regression analysis methods were applied to build an adequate model based on the verification of hypotheses proposed. Based on results obtained, four demographic characteristics (age, education, occupation and income) have influence on citizens’ trust in e-government meanwhile gender and cultural affiliation have no influence. Furthermore, technological factors and governmental factors positively influence trust level in e-government, whereas risk factors have a negative influence on trust level. Deducing from the results, a list of recommendations is proposed to the government of Cameroon in order to reinforce citizens’ trust in e-government services.

Trust-based Intelligent Scheme for Mitigating Black Hole Attacks in IoT

Internet of Things(IoT)networks are characterized by a multitude of wireless,interconnected devices that can dynamically join or exit the network without centralized administration or fixed infrastructure for routing.While multipath routing in IoT networks can improve data transmission reliability and load balancing by establishing multiple paths between source and destination nodes,these networks are susceptible to security threats due to their wireless nature.Traditional security solutions developed for conventional networks are often ill-suited to the unique challenges posed by IoT environments.In response to these challenges,this paper proposes the integration of the Ad hoc On-demand Multipath Distance Vector(AOMDV)routing protocol with a trust model to enhance network performance.Key findings from this research demonstrate the successful fusion of AOMDV with a trust model,resulting in tangible improvements in network performance.The assessment of trustworthiness bolsters both security and routing capabilities in IoT networks.The trust model plays a crucial role in mitigating black hole attacks in IoT networks by evaluating the trustworthiness of nodes and helping in the identification and avoidance of malicious nodes that may act as black holes.Simulation results validate the efficacy of the proposed trust-based routing mechanism in achieving its objectives.Trust plays a pivotal role in decision-making and in the creation of secure distribution systems.By assessing the trustworthiness of nodes,both network security and routing efficiency can be enhanced.The effectiveness of the proposed trust-based routing mechanism is scrutinized through simulations,offering insights into its potential advantages in terms of improved network security and routing performance in the context of the IoT.

不同梅毒检测方法(ELISA、TPPA、TRUST)效果比较

目的对比ELISA、TPPA、TRUST对梅毒的检测效果。方法将2020年1月~2023年6月我院诊治的疑似梅毒感染患者980例。对所有患者分别应用ELISA、TPPA、TRUST进行梅毒螺旋体(TP)检测。对比三种检测方法的TP阳性率及对梅毒的诊断效能。结果ELISA检测的TP阳性率及对梅毒感染的诊断效能均明显高于TRUST检测(P<0.05);ELISA检测的TP阳性率对梅毒感染的诊断效能略高于TPPA检测,TPPA检测的TP阳性率及对梅毒感染的诊断效能略高于TRUST检测(P>0.05)。结论相比于TRUST而言,ELISA对TP的阳性检出率及对梅毒感染的诊断效能更高,TPPA居中,但综合而言三种方法具有不同的侧重点,其中ELISA适合进行大批量样本筛查,TPPA适合进行梅毒感染诊断,而TRUST适合进行疗效及预后评估,故可根据实际需求来选择。

The Critical Role of Middle Leaders in Schools:Cultivating a Culture of Trust and Supporting Educational Reform

This research delves into the often-underappreciated role of middle leaders in educational organizations,highlighting their significance as the linchpins between senior leadership and classroom teachers.Utilizing qualitative research methods,the study investigates the multifaceted responsibilities,challenges,and contributions of middle leaders in schools.Findings indicate that middle leaders foster a culture of trust within the institution by providing mentorship and guidance to new teachers.They undertake substantial tasks,such as team coordination,grade direction,and student supervision,in addition to their teaching duties.Despite their pivotal role,middle leaders often face mounting pressures and heavy workloads.This research underscores the need to recognize and support middle leaders in educational settings,acknowledging their vital role in fostering cohesion and facilitating the implementation of educational reforms.

Trust beyond Technology Algorithms: A Theoretical Exploration of Consumer Trust and Behavior in Technological Consumption and AI Projects

In an era dominated by artificial intelligence (AI), establishing customer confidence is crucial for the integration and acceptance of AI technologies. This interdisciplinary study examines factors influencing customer trust in AI systems through a mixed-methods approach, blending quantitative analysis with qualitative insights to create a comprehensive conceptual framework. Quantitatively, the study analyzes responses from 1248 participants using structural equation modeling (SEM), exploring interactions between technological factors like perceived usefulness and transparency, psychological factors including perceived risk and domain expertise, and organizational factors such as leadership support and ethical accountability. The results confirm the model, showing significant impacts of these factors on consumer trust and AI adoption attitudes. Qualitatively, the study includes 35 semi-structured interviews and five case studies, providing deeper insight into the dynamics shaping trust. Key themes identified include the necessity of explainability, domain competence, corporate culture, and stakeholder engagement in fostering trust. The qualitative findings complement the quantitative data, highlighting the complex interplay between technology capabilities, human perceptions, and organizational practices in establishing trust in AI. By integrating these findings, the study proposes a novel conceptual model that elucidates how various elements collectively influence consumer trust in AI. This model not only advances theoretical understanding but also offers practical implications for businesses and policymakers. The research contributes to the discourse on trust creation and decision-making in technology, emphasizing the need for interdisciplinary efforts to address societal challenges associated with technological advancements. It lays the groundwork for future research, including longitudinal, cross-cultural, and industry-specific studies, to further explore consumer trust in AI.

Dynamic business process modeling and verification for inter-organizational collaboration

To achieve an on-demand and dynamic composition model of inter-organizational business processes, a new approach for business process modeling and verification is introduced by using the pi-calculus theory. A new business process model which is multi-role, multi-dimensional, integrated and dynamic is proposed relying on inter-organizational collaboration. Compatible with the traditional linear sequence model, the new model is an M x N multi-dimensional mesh, and provides horizontal and vertical formal descriptions for the collaboration business process model. Finally, the pi-calculus theory is utilized to verify the deadlocks, livelocks and synchronization of the example models. The result shows that the proposed approach is efficient and applicable in inter-organizational business process modeling.

CMIA、TPPA与TRUST检测梅毒的临床应用

目的通过比较化学发光微粒子免疫分析(CMIA)、梅毒颗粒凝集试验(TPPA)与甲苯胺红不加热血清试验(TRUST)3种实验室检测梅毒的方法,分析3种检测方法的侧重方向与优缺点,评价3种方法在筛查梅毒特异性抗体中的临床应用价值。方法选取2022年在西藏自治区人民医院接受梅毒检测的627例受检者作为研究对象,同时采集所有受检者3管静脉血,采集当日采用CMIA法、TPPA试验和TRUST试验进行梅毒检测。观察3种方法的检测结果,计算结果的一致性与阴阳符合率,对计算结果进行分析。结果CMIA阳性率66.83%,TPPA阳性率59.81%,TRUST阳性率21.05%;3种方法结果一致率为52.63%;CMIA法与TPPA法检测结果一致性为91.07%;TPPA法与CMIA法阳性符合率98.40%,阴性符合率80.16%,TPPA法与TRUST法阳性符合率34.93%,阴性符合率99.60%。结论CMIA法存在较多假阳性,适合应用到梅毒筛查试验;TPPA法特异性好,准确性高,适用于确诊;TRUST法灵敏度较低,适合用来检测病程和治疗效果;3种方法联合检测可以使诊断更加准确。

Social Network and Inter-Organizational Learning: The Case of a Brazilian Cooperative of Fish-Farmers

The inter-organizational learning approach has shown considerable growth in recent years. The concepts of trust and cooperation between individuals present in the New Economic Sociology (NES) approach of social relations emerge with great emphasis and are gaining prominence as a facilitator and propellant mechanism in transferring knowledge inside networks. This study aims to analyze the learning networks formed by fish-farmers organized into a cooperative to identify the characteristics of the network through structural analysis and identification of its critical actors. The study was performed with thirteen fish-farmers of a cooperative headquartered inMundo Novocounty, which is located inMato Grosso do Sulstate in the Midwest region of Brazil. Questionnaires and interviews with closed and open questions were used to collect the data. Measures of centrality (for individuals), density and reciprocity (in relations between individuals) were obtained from ORA software. The findings revealed that experience exchanges between fish-farmers, events participation, meetings attendance, speech audience and technical advice are the main forms of inter-organizational learning. Results suggest that the network has low levels of cohesion and that it is not taking advantage of its full potential. It was also found that there is a subgroup within the network that presents a high level of cohesion and shared learning based on cooperative informal relationships. Grounded in findings, suggestions for future research are presented.

Trust evaluation model of power terminal based on equipment portrait

As the number of power terminals continues to increase and their usage becomes more widespread,the security of power systems is under great threat.In response to the lack of effective trust evaluation methods for terminals,we propose a trust evaluation model based on equipment portraits for power terminals.First,we propose an exception evaluation method based on the network flow order and evaluate anomalous terminals by monitoring the external characteristics of network traffic.Second,we propose an exception evaluation method based on syntax and semantics.The key fields of each message are extracted,and the frequency of keywords in the message is statistically analyzed to obtain the keyword frequency and time-slot threshold for evaluating the status of the terminal.Thus,by combining the network flow order,syntax,and semantic analysis,an equipment portrait can be constructed to guarantee security of the power network terminals.We then propose a trust evaluation method based on an equipment portrait to calculate the trust values in real time.Finally,the experimental results of terminal anomaly detection show that the proposed model has a higher detection rate and lower false detection rate,as well as a higher real-time performance,which is more suitable for power terminals.