Sign in to use this feature.

Years

Between: -

Subjects

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Journals

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Article Types

Countries / Regions

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Search Results (1,781)

Search Parameters:
Keywords = confidentiality

Order results
Result details
Results per page
Select all
Export citation of selected articles as:
21 pages, 598 KB  
Article
Efficient Retrieval-Augmented Generation for Vulnerability Assessment and Penetration Testing in Automotive Engineering
by Aurora Gensale, Luca Cagliero, Cataldo Basile, Paolo Garza and Luca Ferrua
Algorithms 2026, 19(7), 555; https://doi.org/10.3390/a19070555 (registering DOI) - 7 Jul 2026
Abstract
Hundreds of connected components expose vehicle systems to an increasing number of cyber attacks. Vehicle manufacturers must establish the most appropriate procedures for vulnerability assessment and penetration testing using a mix of proprietary solutions and open-source standards. The spread of Large Language Models [...] Read more.
Hundreds of connected components expose vehicle systems to an increasing number of cyber attacks. Vehicle manufacturers must establish the most appropriate procedures for vulnerability assessment and penetration testing using a mix of proprietary solutions and open-source standards. The spread of Large Language Models (LLMs) simplifies the interaction between automotive experts and domain-specific knowledge bases. While proprietary LLM services can be expensive and raise data privacy concerns, open-source LLMs are potentially more cost-effective and better suited to in-house solutions. However, the effectiveness of open-source models in retrieving automotive-related cybersecurity information remains unclear. While adopting open-source LLMs with a few billion parameters, their reasoning and generative capabilities under in-context learning settings are questionable. To bridge this gap, this paper explores efficient solutions for Retrieval-Augmented Generation (RAG) architecture for automotive cybersecurity relying on open-source LLMs. The ultimate goal is to enable cost-effective retrieval and question answering from in-domain knowledge bases, overcoming the privacy and confidentiality issues raised by automotive experts. Using a Graph Knowledge Base designed for a corporate scenario, this paper first defines an expert-curated testing benchmark to evaluate in-domain question-answering performance across multiple aspects. Next, it proposes different RAG system variants based on various retrieval strategies and LLMs, both proprietary and open-source. Finally, it quantitatively evaluates the effectiveness of the content retrieval strategies and compares the pertinence, conciseness, and completeness of generated answers through human validation. Notably, within the scope of the performed analysis, RAGs that rely on open-source models demonstrate promising and competitive performance in some respects compared to the OpenAI GPT model. RAG retrieval performance also surpasses that of state-of-the-art solutions on existing cybersecurity benchmarks (Recall@K above 0.95 vs. 0.65 for state-of-the-art in-domain RAGs). Full article
(This article belongs to the Special Issue Lightweight and AI-Driven Cybersecurity Algorithms for IoT Networks)
Show Figures

Figure 1

36 pages, 6277 KB  
Review
A Survey on Security Threats and Mitigation Mechanisms for Smart Hospitals in the 6G Era
by Orestis Maraziotis, Georgios Mantas, Jonathan Rodriguez and Felipe Gil-Castiñeira
Sensors 2026, 26(13), 4304; https://doi.org/10.3390/s26134304 - 7 Jul 2026
Abstract
Smart Hospitals integrated within 6G edge networks aim to enhance hospital connectivity and operational efficiency by enabling intelligent and personalized e-health services and applications while optimizing resource utilization and maintaining a high degree of autonomy. Nevertheless, the interconnectivity and 6G integration, which comprise [...] Read more.
Smart Hospitals integrated within 6G edge networks aim to enhance hospital connectivity and operational efficiency by enabling intelligent and personalized e-health services and applications while optimizing resource utilization and maintaining a high degree of autonomy. Nevertheless, the interconnectivity and 6G integration, which comprise core components of Smart Hospitals, are susceptible to a wide range of security threats, posing significant risks to the confidentiality, integrity, and availability of hospital data and operations. Given that security is a critical concern for Smart Hospitals, there is an urgent need to develop novel security mechanisms to safeguard these environments within 6G edge networks. In particular, this work highlights how defining 6G characteristics, such as Ultra-Reliable Low-Latency Communications, massive IoMT connectivity, distributed edge intelligence, and AI-native network operation, not only enable next-generation hospital services but also reshape the security and privacy threat landscape and the requirements of mitigation mechanisms. In this context, the first essential step is to comprehensively understand both existing and emerging threats targeting Smart Hospitals in the 6G edge network ecosystem. Therefore, this article provides a categorization of security and privacy attacks based on their primary targets. Moreover, it presents a survey of mitigation techniques derived from recent literature, specifically designed to counter threats facing Smart Hospitals in 6G edge networks. The intent is to establish a foundation that supports ongoing research towards the development of effective, 6G-aware security countermeasures capable of protecting Smart Hospitals under the stringent latency, scalability, and reliability requirements of future healthcare environments. Full article
(This article belongs to the Section Internet of Things)
Show Figures

Graphical abstract

21 pages, 1312 KB  
Article
Evaluation of the Implementation and Contribution of Patient Partners on a Steering Committee at a University Hospital in the Province of Québec, Canada
by Marie-Pascale Pomey, Seynabou Ka, Monica Iliescu Nelea, Cécile Vialaron, Noé Djawn White, Annabelle Boutin-Wilkins, Marie Chiu-Neveu, Marie-Andrée Côté and Geneviève David
Healthcare 2026, 14(13), 2021; https://doi.org/10.3390/healthcare14132021 - 7 Jul 2026
Abstract
Background/Objectives: Over the past decade, an academic hospital in Montréal has progressively integrated patient partnership into quality improvement committees and peer support. In January 2024, this approach was extended by appointing two patient partners to the Steering Committee, a strategic governance body. This [...] Read more.
Background/Objectives: Over the past decade, an academic hospital in Montréal has progressively integrated patient partnership into quality improvement committees and peer support. In January 2024, this approach was extended by appointing two patient partners to the Steering Committee, a strategic governance body. This study aimed to describe their integration, examine perceived effects and limitations from patient partners’ and executives’ perspectives, and formulate recommendations for similar initiatives. Methods: An in-depth qualitative case study was conducted between August 2024 and April 2025. Semi-structured interviews were carried out with Steering Committee members, including the two patient partners, and with the former Chief Executive Officer. Data were analyzed using thematic content analysis to identify themes related to implementation, participation, perceived contributions, and organizational conditions. Results: Integrating patient partners into the Steering Committee was unanimously perceived as relevant and value-adding. Their presence reintroduced the patient perspective, grounded deliberations in lived experience, reinforced the hospital’s mission, supported shared understanding, and encouraged simplification of complex issues. Challenges constrained more active participation, including insufficient clarity regarding roles and objectives; variable access to information due to confidentiality; technical language and acronyms; meeting formats that did not systematically create space for patient partners’ input; and incomplete institutional recognition. Variation across departments also emerged. Conclusions: Integrating patient partners into a Steering Committee is a promising governance innovation, but deliberate organizational adjustments are required. Co-constructed expectations and roles, strengthened onboarding and ongoing support, formalized information-access modalities, improved facilitation and plain-language practices, and stronger symbolic and practical recognition are needed to sustain meaningful participation. Full article
(This article belongs to the Special Issue How Patient Experience Contributes to Improving Healthcare)
Show Figures

Figure 1

37 pages, 2136 KB  
Article
A Lightweight Zero-Trust Authentication and Key Agreement Scheme for the Industrial Internet of Things
by Xun Zhang, Zhiying Mu, Dejun Mu and Xin Liu
Appl. Sci. 2026, 16(13), 6765; https://doi.org/10.3390/app16136765 - 6 Jul 2026
Abstract
The Industrial Internet of Things (IIoT) demands authentication that protects resource-constrained field devices, supports fine-grained access control, and reduces reliance on implicitly trusted gateways. Existing IIoT authentication and key agreement schemes mainly verify cryptographic identity and establish session keys, but provide limited support [...] Read more.
The Industrial Internet of Things (IIoT) demands authentication that protects resource-constrained field devices, supports fine-grained access control, and reduces reliance on implicitly trusted gateways. Existing IIoT authentication and key agreement schemes mainly verify cryptographic identity and establish session keys, but provide limited support for zero-trust access decisions after authentication such as role-specific operation control, gateway-side relation protection, emergency override, and context-aware re-verification. This paper proposes a lightweight zero-trust authentication and key agreement scheme for IIoT. The scheme embeds role-, device-, environment-, and behavior-aware control points into the authentication flow, protects gateway-side authentication relations and operator–asset mappings using secGear-based confidential computing, and supports pseudonym-based identity protection and break-the-glass emergency access. To complement deterministic access control, an optional auxiliary risk evaluation module provides trust evidence from contextual and operator-state signals without becoming part of the cryptographic critical path. This module is used to trigger re-verification, privilege degradation, audit escalation, or session termination before high-risk control privileges are released; it does not replace cryptographic authentication or constitute a formal guarantee of coercion detection, and the cryptographic layer remains fully functional and formally analyzable even when the auxiliary risk evaluation module is disabled. BAN logic and AVISPA analyses verify the cryptographic authentication and key agreement layer, while a comparative overhead analysis under an analytical operation count basis indicates low computation and communication cost relative to representative resource-constrained IoT authentication schemes. Full article
Show Figures

Figure 1

30 pages, 9795 KB  
Article
In-Vehicle Time-Sensitive Networking with Blockchain-Based Error-Bounded Data Management
by Ray-I Chang, Ting-Wei Hsu and Yu-Han Ke
Sensors 2026, 26(13), 4260; https://doi.org/10.3390/s26134260 - 4 Jul 2026
Viewed by 196
Abstract
Autonomous driving systems (ADSs) increasingly rely on LiDAR sensors for perception. However, the resulting high-volume data places a strain on storage systems and network bandwidth and raises data-privacy concerns. We propose an IoT data engineering framework for processing, transmitting, storing, and retrieving high-volume [...] Read more.
Autonomous driving systems (ADSs) increasingly rely on LiDAR sensors for perception. However, the resulting high-volume data places a strain on storage systems and network bandwidth and raises data-privacy concerns. We propose an IoT data engineering framework for processing, transmitting, storing, and retrieving high-volume LiDAR sensor data in in-vehicle systems that combines error-bounded compression and blockchain-based storage over in-vehicle Time-Sensitive Networking (TSN). With IEEE 802.1Qbv-based TSN scheduling, our framework supports deterministic delivery within the evaluated setup. It combines AES-GCM encryption, blockchain smart contracts, and InterPlanetary File System (IPFS) storage to support confidential, tamper-evident archival under the stated trust and threat model. Experimental evaluation on the KITTI dataset demonstrates that our BEDM framework reduces LiDAR data volume by 75.4%, contributing to a total network bandwidth reduction of 53.7%. The results demonstrate the feasibility and effectiveness of the integrated framework within the evaluated KITTI-based setup and single-switch TSN abstraction, and cross-scene and TSN traffic-sensitivity analyses further characterize its robustness. Full article
(This article belongs to the Special Issue Data Engineering in the Internet of Things: 3rd Edition)
Show Figures

Figure 1

39 pages, 3618 KB  
Article
Efficient Authenticated Fine-Grained Access Engine for Encrypted Data in Mobile Edge Cloud
by Zhishuo Zhang, Jianding Guo, Caixing Shao, Wen Huang and Shijie Zhou
Electronics 2026, 15(13), 2933; https://doi.org/10.3390/electronics15132933 - 4 Jul 2026
Viewed by 102
Abstract
Fine-grained, authenticated, traceable, and efficient encrypted access control is indispensable for secure data sharing in mobile edge cloud networks, especially for resource-constrained data requesters. Despite the prevalence of outsourced ciphertext-policy attribute-based encryption (CP-ABE) solutions, existing schemes still suffer from critical practical limitations. First, [...] Read more.
Fine-grained, authenticated, traceable, and efficient encrypted access control is indispensable for secure data sharing in mobile edge cloud networks, especially for resource-constrained data requesters. Despite the prevalence of outsourced ciphertext-policy attribute-based encryption (CP-ABE) solutions, existing schemes still suffer from critical practical limitations. First, requester-side transformation keys are typically unverified prior to computationally expensive outsourced decryption operations. Second, commitment-based verification mechanisms fail to validate the identity of data publishers. Third, the online computational overhead scales linearly with either the requester attribute set or the policy-matching set, severely degrading practical efficiency. To address these issues, this paper proposes ePoFSC, a novel policy-oriented functional signcryption scheme for authenticated encrypted data sharing in mobile edge cloud scenarios. The proposed ePoFSC scheme integrates pre-auditing and caching mechanisms for requester trapdoors before online access requests, enabling constant-time operations for request generation, request verification, and request header construction independent of requester attribute scale. In the outsourced decryption phase, ePoFSC offloads all costly pairing and exponentiation operations with constant computational complexity, leaving only lightweight policy-dependent group multiplications for terminal requesters. Furthermore, ePoFSC tightly couples decryption verification with publisher authentication and requester traceability to realize comprehensive access accountability. Rigorous security analysis formally validates the confidentiality, publisher-side unforgeability, and requester traceability of the proposed scheme. Extensive experimental evaluations on the BLS12-381 curve verify that ePoFSC achieves prominent performance superiority over existing state-of-the-art schemes in both the encryption and data recovery phases. Full article
(This article belongs to the Special Issue Secure and Privacy-Enhanced Data Sharing)
31 pages, 16826 KB  
Article
Reconstruction-Resistant Image Transmission Using Semantic Communications
by Thisarani Atulugama, Yasith Ganearachchi, Prabath Samarathunga, Udara Jayasinghe and Anil Fernando
Appl. Sci. 2026, 16(13), 6696; https://doi.org/10.3390/app16136696 - 4 Jul 2026
Viewed by 93
Abstract
Semantic communication has emerged as a promising paradigm for next-generation wireless networks, offering substantial efficiency gains by prioritizing the transmission of task-relevant meaning over bit-level accuracy. However, while its benefits in bandwidth reduction and intelligent data representation are well established, its potential to [...] Read more.
Semantic communication has emerged as a promising paradigm for next-generation wireless networks, offering substantial efficiency gains by prioritizing the transmission of task-relevant meaning over bit-level accuracy. However, while its benefits in bandwidth reduction and intelligent data representation are well established, its potential to provide intrinsic reconstruction resistance without relying on conventional cryptographic mechanisms remains largely unexplored. This paper investigates whether semantic communication system architectures themselves can contribute to intrinsic reconstruction resistance for image transmission. We propose an autoencoder-based semantic communication framework in which images are encoded into latent representations and transmitted over a wireless channel, with decoding performed using architecture-specific neural networks. Unlike traditional secure communication approaches that depend on encryption, the proposed method leverages architectural uniqueness and representation-level abstraction to limit unauthorized reconstruction. To systematically analyze this, we evaluate eight adversarial scenarios encompassing variations in encoder–decoder architecture and initialization, including both matched (worst-case) and maximum mismatched (best-case) conditions. The system is modeled using a standard Alice–Bob–Mallory framework, where an adversary attempts to reconstruct intercepted semantic representations without full architectural knowledge. Performance is evaluated using peak signal-to-noise ratio (PSNR) and structural similarity index measure (SSIM) for reconstruction quality, alongside semantic accuracy measured via a convolutional neural network (CNN)-based classifier and embedding cosine similarity to assess information leakage. Experimental results demonstrate that architectural mismatches substantially degrade both visual reconstruction and semantic interpretability for unauthorized receivers, while matched configurations enable substantial recovery. It is important to emphasise that the proposed approach does not provide cryptographic confidentiality; rather, it offers architecture-dependent resistance to unauthorised semantic reconstruction under restricted adversarial assumptions. Overall, the results show that semantic communication systems can exhibit intrinsic reconstruction resistance through architecture-dependent latent-space organisation, reducing reliance on additional cryptographic overhead under restricted adversarial assumptions, while also highlighting limitations when adversaries possess full architectural and initialisation knowledge. Full article
24 pages, 4727 KB  
Article
A Dual-Domain Adaptation Framework for Electro-Mechanical Actuator Fault Diagnosis
by Yiwen Hu, Jie Ren, Shu Chen and Jianyu Wang
Processes 2026, 14(13), 2188; https://doi.org/10.3390/pr14132188 - 4 Jul 2026
Viewed by 182
Abstract
Many unsupervised domain adaptation methods require simultaneous access to both source-domain and target-domain data during the training stage. However, in practical electro-mechanical actuator (EMA) fault diagnosis, source-domain data may be unavailable, or it might not be able to be directly shared because of [...] Read more.
Many unsupervised domain adaptation methods require simultaneous access to both source-domain and target-domain data during the training stage. However, in practical electro-mechanical actuator (EMA) fault diagnosis, source-domain data may be unavailable, or it might not be able to be directly shared because of data ownership, confidentiality, or deployment constraints. Moreover, variations in command waveform, amplitude, load, and operating speed can cause distribution shifts between different working conditions, which degrades the diagnostic performance of models trained under a single condition. The domain adaptation model will also experience decreased performance in the source domain due to catastrophic forgetting. Hence, a dual-domain adaptation model is proposed, one which can reduce the risk of data leakage and relieve catastrophic forgetting in the source domain while improving domain adaptation in the target domain. The proposed framework transfers a source-trained model to the target domain without directly accessing source-domain samples. Sparse domain attention is introduced into the feature network to construct source-related and target-related feature channels, aiming to reduce source-domain performance degradation during target-domain adaptation. In addition, the classifier is fixed according to the source-domain hypothesis, and local structure clustering is used to improve pseudo-label consistency for unlabeled target-domain samples. The effectiveness of the proposed method is compared with several methods, utilizing low-frequency and high-frequency monitoring signals of the electro-mechanical actuator dataset, respectively. Full article
(This article belongs to the Special Issue Fault Diagnosis of Equipment in the Process Industry)
Show Figures

Figure 1

24 pages, 621 KB  
Article
Efficient Verifiable Computation for Support Vector Machine Training over Secret-Shared Data
by Shimao Yu, Liang Su and Hanlin Zhang
Cryptography 2026, 10(4), 46; https://doi.org/10.3390/cryptography10040046 - 3 Jul 2026
Viewed by 152
Abstract
The outsourcing of machine learning tasks, such as Support Vector Machine (SVM) training, to cloud platforms poses significant security challenges, primarily concerning the confidentiality of sensitive training data and the integrity of computation results returned by potentially malicious servers. To address these challenges, [...] Read more.
The outsourcing of machine learning tasks, such as Support Vector Machine (SVM) training, to cloud platforms poses significant security challenges, primarily concerning the confidentiality of sensitive training data and the integrity of computation results returned by potentially malicious servers. To address these challenges, this paper proposes a lightweight, privacy-preserving, and verifiable SVM training scheme designed for resource-constrained clients. Our scheme leverages a replicated secret sharing protocol to securely distribute training data and model parameters across multiple non-colluding servers, executing the entire collaborative training process in the share domain without leaking plaintext information. Furthermore, to guarantee computational correctness, we introduce a novel interval-based index point storage strategy combined with a bilinear mapping-based parameter label consistency check. This verifiable mechanism enables clients to perform sampled, lightweight audits of the cloud’s intermediate training states and final outputs. Experimental evaluations on multiple typical datasets demonstrate that the proposed scheme maintains stable classification performance while achieving an order-of-magnitude decrease in training runtime compared with existing ciphertext-based methods, offering a highly configurable trade-off among verification coverage, computational overhead, and storage cost. Full article
Show Figures

Figure 1

18 pages, 2310 KB  
Review
Glycemic Variability and Continuous Glucose Monitoring in Occupational Health: A Narrative Review of Emerging Evidence and Potential Applications in Working Populations
by Aikaterini Andreadi, Stella Andreadi, Federica Todaro, Marco Cerilli, Pietro Lodeserto, Giuseppe Pinto, Marco Meloni, Alfonso Bellia, Luca Coppeta, Andrea Magrini, George P. Chrousos and Davide Lauro
Healthcare 2026, 14(13), 1979; https://doi.org/10.3390/healthcare14131979 - 3 Jul 2026
Viewed by 195
Abstract
Background: Fasting plasma glucose, glycated hemoglobin (HbA1c), and oral glucose tolerance testing remain central to the diagnosis and monitoring of dysglycemia, but they mainly reflect the average glycemic exposure or discrete time-point measurements and may not capture intraday and interday glucose fluctuations. Glycemic [...] Read more.
Background: Fasting plasma glucose, glycated hemoglobin (HbA1c), and oral glucose tolerance testing remain central to the diagnosis and monitoring of dysglycemia, but they mainly reflect the average glycemic exposure or discrete time-point measurements and may not capture intraday and interday glucose fluctuations. Glycemic variability (GV) has been associated with oxidative stress, endothelial dysfunction, inflammation, and diabetes-related complications, although much of the evidence derives from experimental, clinical, and diabetes-care settings rather than occupational cohorts. Aim: This narrative review examines the physiological basis, measurement, and potential occupational relevance of GV and continuous glucose monitoring (CGM) in working populations. Methods: Literature was narratively selected from biomedical databases, major guidelines, consensus statements, and occupational-health sources, prioritizing reviews, clinical guidelines, cohort studies, mechanistic studies, and CGM studies. No systematic search, risk-of-bias assessment, or quantitative synthesis was performed. Main findings: CGM is an established technology in selected diabetes-care contexts and provides metrics such as coefficient of variation, time in range, time above range, and time below range. Its use in occupational medicine, however, remains investigational outside selected clinical circumstances. Work-related factors such as shift work, circadian disruption, sleep loss, psychosocial stress, irregular meal timing, sedentary behavior, and variable physical workload may influence glucose regulation, but direct evidence linking these exposures to CGM-measured GV in workers remains limited. Implications: Potential applications include research on occupational determinants of metabolic health, monitoring of workplace lifestyle interventions, and individualized management of workers with diabetes in safety-sensitive roles, provided that consent, confidentiality, clinical follow-up, equity, and data-governance safeguards are ensured. Conclusions: GV assessment may complement traditional metabolic markers in selected occupational-health contexts, but routine CGM-based surveillance of general worker populations is not currently supported by sufficient evidence. Further longitudinal and interventional studies are required. Full article
Show Figures

Figure 1

26 pages, 2049 KB  
Systematic Review
Systematic Review of Privacy Preservation in Federated Learning for Secured Healthcare Applications
by Anu Alankamony and Ninisha Nels
Information 2026, 17(7), 647; https://doi.org/10.3390/info17070647 - 2 Jul 2026
Viewed by 208
Abstract
The quick transition of the healthcare industry to digital during the era of the Internet of Medical Things and Artificial Intelligence has ignited the demand for frameworks for data sharing while retaining safety and patient privacy. Centralized learning models place potentially sensitive patient [...] Read more.
The quick transition of the healthcare industry to digital during the era of the Internet of Medical Things and Artificial Intelligence has ignited the demand for frameworks for data sharing while retaining safety and patient privacy. Centralized learning models place potentially sensitive patient data at risk of leakage, regulatory violation, and cyber-attacks which undermine receptivity and responsible ownership of big medical data. Federated learning is a novel paradigm that allows patients from various healthcare entities to train machine learning models while maintaining the ability to leverage their data without sharing their direct data. This study proposes a systematic literature review of approaches of privacy-preserving federated learning frameworks in healthcare applications. Following PRISMA guidelines, searches were conducted across Web of Science, Scopus, IEEE Xplore, ScienceDirect, PubMed, and ACM Digital Library with predefined query strings, explicit inclusion/exclusion criteria, and quality appraisal procedures. A total of 80 peer-reviewed studies, published from January 2015 to December 2025, were included in this systematic review, which examined cryptographic, architectural and algorithmic methods including differential privacy, homomorphic encryption, and Secure Multi-Party Computation, along with integrations using blockchain to enhance trust and confidence in distributed healthcare systems. The findings indicate a gradual shift towards hybrid privacy-preserving federated learning architectures which combined multiple security mechanisms to improve trust, confidentiality and robustness. Although significant progress has been achieved, the real-world deployment of such systems is heavily affected due to the challenges in communication efficiency, non-IID data distribution, adversarial attacks, and regulatory requirements. This research highlights future research directions for scalable, explainable and interoperable federated architectures that strike an optimal balance of privacy, utility and system performance for next-gen health intelligence. Trial registration: PROSPERO (CRD420261401073). Full article
Show Figures

Figure 1

29 pages, 431 KB  
Review
Security by Light in Sensor Networks: A Structured Review of Optical and Photonic Security Mechanisms
by Ramin Irani, Siamak Khatibi and Shahryar Eivazzadeh
J. Cybersecur. Priv. 2026, 6(4), 115; https://doi.org/10.3390/jcp6040115 - 1 Jul 2026
Viewed by 117
Abstract
Sensor networks increasingly combine exposed sensing nodes, optical communication, photonic hardware, near-sensor inference, and distributed infrastructure monitoring. This changes the security problem from protecting packets alone to establishing device provenance, measurement integrity, link confidentiality and availability, trustworthy inference, physical situational awareness, lifecycle control, [...] Read more.
Sensor networks increasingly combine exposed sensing nodes, optical communication, photonic hardware, near-sensor inference, and distributed infrastructure monitoring. This changes the security problem from protecting packets alone to establishing device provenance, measurement integrity, link confidentiality and availability, trustworthy inference, physical situational awareness, lifecycle control, and governance. This structured review with documented scoping searches examines security by light: mechanisms in which optical or photonic phenomena directly realize, constrain, compute, or observe a security-relevant function. The review synthesizes screened evidence across photonic roots of trust, visible-light communication and LiFi security, photonic intelligence, reservoir and chaotic photonics, and distributed photonic sensing infrastructure. Searches across arXiv, IEEE Xplore, ACM Digital Library, and Scopus yielded 228 deduplicated candidate records, of which 187 were retained as core evidence and eight as contextual evidence. To avoid overstating heterogeneous photonic work, retained records were separated into direct security evidence, security-adjacent capability evidence, background/framework evidence, and excluded records. The central result is architectural: light-enabled mechanisms are most defensible when they provide explicit, confidence-rated evidence to conventional security engineering. In this paper, confidence-rated evidence means evidence whose security interpretation is tied to a stated asset, adversary or failure mode, evidence role, validation setting, robustness limits, deployment fit, and reproducibility condition. This avoids treating optical novelty, spatial confinement, analog complexity, or high-dimensional dynamics as assurance by themselves. The paper develops an auditable taxonomy, evidence appraisal rubric, mechanism-family synthesis, integration architecture, maturity analysis, and research agenda for incorporating light-enabled mechanisms into secure sensor-networked systems. Full article
15 pages, 3272 KB  
Article
A Resilient and Decentralized System Based on Blockchain and Quantum-Secure Communication for Cyber and Strategic Diplomacy
by Bogdan Tiganoaia, Ionut-Petrisor Anghel, Constantin Bratianu and Doina Banciu
Systems 2026, 14(7), 755; https://doi.org/10.3390/systems14070755 - 1 Jul 2026
Viewed by 177
Abstract
This paper proposes, implements and tests a resilient and decentralized system based on blockchain and quantum-secure communication for cyber, scientific, and strategic diplomacy. By introducing a dynamic post-quantum cryptographic binding layer, the proposed architecture significantly amplifies organizational resilience against sovereign-state data disruption and [...] Read more.
This paper proposes, implements and tests a resilient and decentralized system based on blockchain and quantum-secure communication for cyber, scientific, and strategic diplomacy. By introducing a dynamic post-quantum cryptographic binding layer, the proposed architecture significantly amplifies organizational resilience against sovereign-state data disruption and harvesting attempts within highly adversarial environments. The system guarantees end-to-end transparency and confidentiality in the sharing of resources, and it can be used in resilient organizations and for cyber, scientific, and strategic diplomacy. It integrates the following technologies and modules: blockchain technology with a semantic distribution of quantum keys, a frontend interface built exclusively with React, a backend module implemented in Python Flask 3.1.2 and served via Gunicorn 25.0.3, and a set of modular components dedicated to blockchain, quantum simulation, and distributed storage. Moving past theoretical bounds, this work presents structural Threat Models, real-world deployment parameters for Eastern European research infrastructures, and multi-variable empirical performance evaluations under authentic institutional workloads. Moreover, the proposed architecture offers an extensible foundation for the development of future resilient ecosystems supported by blockchain and quantum technologies. Full article
(This article belongs to the Special Issue Strategic Management Towards Organisational Resilience (2nd Edition))
Show Figures

Figure 1

35 pages, 2889 KB  
Article
Chain-of-Blocks Assisted Secure Feature Selection, Federated Learning and Classifications in Cloud and Distributed Malicious Edge IoT Environments
by Artrim Kjamilji
Computers 2026, 15(7), 423; https://doi.org/10.3390/computers15070423 - 30 Jun 2026
Viewed by 416
Abstract
We tackle the problem of secure and private feature selection by homomorphically evaluating features’ information gains over the encrypted data of horizontally partitioned private datasets owned by edge IoT (Internet of Things) devices. In the process, we use a powerful cloud server to [...] Read more.
We tackle the problem of secure and private feature selection by homomorphically evaluating features’ information gains over the encrypted data of horizontally partitioned private datasets owned by edge IoT (Internet of Things) devices. In the process, we use a powerful cloud server to do the bulk of the costly homomorphic encryption aggregations. We proceeded with secure and private federated learning (training) and Machine Learning (ML) classification over the selected features in the same environmental settings (context). In the process, the participants interact with each other under strict security, privacy, and efficiency requirements. To this end, to each participant’s interaction we provide confidentiality, integrity, and authenticity (CIA) by signing its hashed contents with the corresponding participant’s private key. We assure consistency among interactions by introducing timestamps and linking them with the hashed content(s) of the preceding interaction(s). Those linked blocks of hashed content(s) from each interaction of participants while running the protocols produce the so-called chain-of-blocks (COB) structure, which will be utilized to detect malicious edge IoT dataset owners, unauthorized participants, and network errors. The security of the proposed protocols is proven through rigorous mathematical modeling. Extensive experimental evaluations over benchmark datasets give an advantage to our secure protocols ranging from several times to orders of magnitudes w.r.t to the state of the art in terms of computation and communication costs, as well as security and privacy characteristics. Moreover, since the utilized underlying cryptographic techniques are resilient to quantum computer attacks, the proposed algorithms are applicable to the post-quantum world. Full article
27 pages, 1044 KB  
Article
Performance Benchmarking of DNP3 Implementations in Smart Grid Environments
by Mahesh Narayanan, Hareesh Eemani and Arslan Munir
Electronics 2026, 15(13), 2831; https://doi.org/10.3390/electronics15132831 - 28 Jun 2026
Viewed by 149
Abstract
Secure communication is one of the foundational requirements for modern smart grid operations, where Distributed Network Protocol 3 (DNP3) remains a primary protocol for monitoring and control. Key stakeholders in the smart grid—such as transmission operators, distribution operators, utilities, and balancing authorities—are increasingly [...] Read more.
Secure communication is one of the foundational requirements for modern smart grid operations, where Distributed Network Protocol 3 (DNP3) remains a primary protocol for monitoring and control. Key stakeholders in the smart grid—such as transmission operators, distribution operators, utilities, and balancing authorities—are increasingly required to strengthen their cybersecurity protections. They must maintain the reliability of communications across complex, bandwidth-constrained wide-area networks (WANs). This paper presents a practical evaluation of four DNP3 deployment models: DNP3 in its native unsecured form, DNP3 with Secure Authentication (SA), DNP3 over Transport Layer Security (TLS 1.3), and DNP3 protected using IPsec encryption at the network layer. The paper evaluates how each security approach performs in a production-like smart grid environment. This paper primarily focuses on the widely deployed DNP3-SA model, which provides authentication and integrity but not confidentiality. Although newer Secure Authentication versions exist, including SAv6, they are still less common in operational utility environments. Experiments are conducted using a hardware-informed simulation testbed that emulates realistic utility WAN conditions, including multiple routing hops, MPLS as a transport for packets, and varied link capacities. Performance is assessed in terms of bandwidth efficiency, round-trip latency, and additional computational overhead on the field devices. Based on the findings, the paper presents a decision framework to help utilities select DNP3 security implementations that align with regulatory expectations and operational reliability. Full article
(This article belongs to the Special Issue Communication Technologies for Smart Grid Application)
Back to TopTop