Search Results (172)

This study systematically examines the intersection of emerging digital technologies and organizational accountability within the sustainability domain using the TCCM framework. Guided by the SPAR-4-SLR protocol, a final corpus of 67 high-impact peer-reviewed articles was analyzed to synthesize current knowledge and identify structural gaps in governance architectures. Findings indicate that traditional human-led narrative disclosures are increasingly supplemented or replaced by technology-embedded verification systems offering real-time data granularity. The analysis shows that while the field is largely grounded in Stakeholder Theory and the Resource-Based View, mid-range theorizing is needed to address algorithmic bias and the gap between technological capabilities and accountability practices. Empirical evidence is concentrated in Europe and East Asia, exposing a digital divide that limits the applicability of findings to resource-constrained enterprises. The study provides a conceptual synthesis of how AI, blockchain, and IoT reshape transparency, highlighting the need for governance approaches that prioritize ethical oversight, decentralized validation, and substantive rather than symbolic compliance. Full article

The proliferation of Enterprise Networks, characterized by heterogeneous devices, distributed data sources, and increasingly sophisticated cyber threats, has exposed the limitations of traditional perimeter-based security models. Guided by the principles of Zero Trust Architecture (ZTA), this paper presents a Zero-Trust (ZT)-Driven Federated Learning Algorithm for Privacy Enhancement (ZT-FL-PE), designed to safeguard model and data confidentiality in decentralized learning environments. By integrating ZTA’s “never trust, always verify” posture with Federated Learning’s (FL) decentralized training paradigm, the proposed framework eliminates the need for centralized data aggregation and significantly reduces the attack surface. The algorithm specifically targets two prominent threats to model privacy: property inference attacks (PIAs) and membership inference attacks (MIAs). We introduce adaptive verification mechanisms and privacy-preserving update transformations that enforce continuous authentication, constrain adversarial behavior, and strengthen resilience against inference-based exploitation. Experimental results demonstrate that ZT-FL-PE substantially enhances privacy protection while maintaining high model accuracy and imposing only low-to-moderate computational overhead, making it a practical and robust solution for modern ZT Enterprise environments. Full article

The proliferation of digital assets has catalyzed a profound decoupling between intangible property and traditional inheritance jurisprudence. Under the existing legal framework in Taiwan, practitioners must rely on the testamentary forms prescribed in Article 1189 of the Civil Code, which are fundamentally ill equipped to handle cryptographic assets. Specifically, Notarized Wills (Article 1191) necessitate full disclosure to a notary, creating a “Privacy–Security Paradox” where revealing private keys exposes assets to misappropriation. Conversely, while Sealed Wills (Article 1192) offer confidentiality, they are plagued by risks of physical degradation and technical non-executability. This study proposes zkWill, an EVM-compatible decentralized testamentary framework designed to bridge these structural gaps. By leveraging Zero-Knowledge Proofs (ZKPs), zkWill achieves a state of “blind compliance,” verifying that a sealed will meets the statutory requirements of the Civil Code without disclosing its underlying content. The system integrates the Permit2 protocol for secure asset migration and combines AES-256 encryption with IPFS to immunize testaments against centralized storage failures. Unlike conventional services that demand custodial trust, zkWill employs decentralized oracles to trigger automated execution, ensuring legacy distribution without compromising wallet private keys. Empirical data from the Arbitrum Sepolia testnet confirms that the framework maintains constant verification efficiency and a judicially resilient audit trail, providing a paradigm that harmonizes legal pragmatism with cryptographic security for digital inheritance. Full article

This study examines how coordination, power, and interdependence shape regulatory governance in the decentralized edible bird’s nest (EBN) sector in Pulang Pisau, Indonesia. While decentralization is often associated with improved responsiveness and local adaptability, it frequently produces fragmented regulatory systems in which authority is distributed without effective coordination. Using an actor-centered qualitative design combined with the MACTOR method, this study analyzes influence–dependence relations, objective alignment, and coordination bottlenecks across key actors. The findings show that regulatory performance is shaped less by formal mandates than by relational positioning within the governance system. Actors controlling technical verification and documentary gateways occupy high-influence positions, while licensing authorities remain operationally dependent. Although most actors share common objectives—such as hygiene, quality assurance, and traceability—these are pursued through fragmented procedures, resulting in coordination failures and regulatory inequality. Producers bear the greatest compliance burdens despite having limited influence over regulatory processes. The study introduces the concept of relational administrative capacity to explain how decentralized governance outcomes depend on the alignment of authority, expertise, and procedural sequencing across interdependent actors. The findings suggest that improving regulatory performance requires strengthening coordination architectures rather than adding new rules. Full article

This study presents ZK-EHR, a decentralized access control framework designed to enable secure and privacy-preserving sharing of encrypted electronic health records across institutional boundaries. Unlike existing blockchain-based EHR access control systems that expose user identities on-chain or lack cryptographic privacy guarantees, ZK-EHR decouples authorization from identity disclosure by integrating zk-SNARK-based proofs with blockchain smart contracts to verify policy compliance without revealing user roles, affiliations, or credentials. The framework employs three differentiated actor roles—Patient (Data Owner), Doctor (Care Provider), and Researcher (Authorized Analyst)—with distinct policy-driven access workflows, a custom Groth16 zero-knowledge circuit for role-based constraint enforcement, and a modular architecture combining on-chain verification with off-chain encrypted storage via IPFS. Concrete design proposals for access revocation and replay attack prevention are introduced to address operational security requirements. The system was evaluated under multiple operational and adversarial scenarios. Experimental results indicate consistent on-chain verification latency (approximately 390 ms), reliable rejection of tampered submissions, and per-verification gas consumption of 216,631 gas. A comparative analysis against representative baseline systems demonstrates that ZK-EHR uniquely combines identity anonymity, on-chain cryptographic policy enforcement, and auditable encrypted record retrieval. These findings establish the feasibility of zk-SNARK-based access control for decentralized, verifiable, and privacy-aware EHR management. Full article

Document authentication remains a pressing challenge in various domains, including financial services, academic credentialing, healthcare, and supply chain management. Existing centralized verification systems are vulnerable to manipulation, inefficiency, and limited transparency. Blockchain technology, with its immutability and tamper-resistant capabilities, offers a strong decentralized alternative; however, many current implementations lack structured, issuer-bound relationships for documents. This paper proposes a blockchain-based model that leverages a hierarchical token structure to authenticate and trace the provenance of high-value digital documents, with a focus on financial records. The model introduces the concept of an issuer-bound parent token and document-linked child tokens, enforcing a structured trust relationship between a legitimate institution and the documents it issues. By combining on-chain cryptographic hashing with off-chain file references, the approach is designed to balance verifiability with scalability. We implement a proof-of-concept using Ethereum-compatible smart contracts on a permissioned blockchain and evaluate it in a consortium-style financial setting. Our functional analyses demonstrate the model’s ability to ensure document integrity, provenance, and resistance to document fraud. This work offers a practical and extensible foundation for secure digital document authentication and verification in financial and other trust-sensitive settings. Full article

Cyber–Physical Systems of Systems (CPSoS) integrate autonomous constituent systems to accomplish complex missions. Nonetheless, decentralized coordination and continuous evolution create intricate dependencies that make behavior difficult to analyze. Current semi-formal modeling approaches, despite being easy to understand and widely accessible, lack semantic precision and are not computationally checkable to guarantee time-critical properties. Furthermore, current formal methods are often fragmented: they analyze behavior either at the individual CPS level or the collective CPSoS level, failing to provide a multi-level specification. To address these limitations, we propose an integrated framework combining SysML and Maude rewriting logic. SysML provides structural and behavioral specification capabilities, while Maude enables rigorous semantics, executable models, and formal verification. First, our approach proposes MM-CPSoS, a meta-model that unifies CPS and CPSoS entities with explicit temporal constraints. Dynamic behavior is captured through evolution patterns governing mission progression across both levels. Then, we encode SysML models into Maude as object-oriented configurations and conditional rewrite rules, enabling linear temporal logic (LTL) model checking of temporal properties. Finally, we demonstrate our approach through a Time-Aware Road Crisis Management System (TaRCiMaS²). Full article

The rapid convergence of the Internet of Things (IoT) and decentralized finance (DeFi) is reshaping the digital economy by enabling autonomous, trustless, and value-driven interactions among connected devices. This paper provides a comprehensive survey of the emerging paradigm that combines IoT’s pervasive sensing and communication capabilities with DeFi’s programmable financial infrastructure. We first discuss the motivation behind this convergence and explore key opportunities, including autonomous machine-to-machine (M2M) payments, decentralized data marketplaces, and trustless IoT service provisioning. Despite its potential, IoT–DeFi integration introduces significant security and privacy challenges related to smart contract vulnerabilities, consensus protocol risks, oracle manipulation, and constrained device capabilities. We review existing mitigation approaches such as lightweight cryptography, secure contract design, and decentralized identity management, and critically assess their limitations in heterogeneous, resource-limited environments. Building on this analysis, identify research gaps and propose future directions emphasizing formal verification of IoT-integrated smart contracts, robust oracle design, interoperability frameworks, and privacy-preserving trust models. This survey systematically maps opportunities, threats, and open issues. In doing so, it guides researchers and practitioners toward building secure, scalable, and energy-efficient IoT–DeFi ecosystems for next-generation decentralized applications. Full article

Decentralized Identity (DID) systems aim to restore user control over digital identities by minimizing reliance on centralized authorities. However, ensuring secure identity management in distributed environments remains a significant challenge. Biometric authentication offers a compelling solution by leveraging unique, non-transferable human traits to enhance security and usability compared to traditional methods such as passwords or tokens. Integrating biometrics into DID frameworks represents an important step toward privacy-preserving, user-centric identity verification aligned with the principles of decentralization. Despite growing interest in both biometrics and DIDs, their integration remains largely underexplored in the literature, with hardly any survey providing a systematic analysis of this convergence. This work addresses this gap by presenting a comprehensive review of biometric-enabled DID systems, examining their architectures, potential, and limitations. It emphasizes the role of multimodal biometrics in enhancing accuracy, inclusiveness, and resistance to spoofing, while highlighting key challenges related to data immutability, privacy preservation, interoperability, and regulatory compliance. Overall, this survey establishes a structured foundation for future research on secure, scalable, and privacy-preserving biometric-enabled decentralized identity frameworks. Full article

Background: Blockchain technology has emerged as a transformative communication solution for securing distributed systems. However, several vulnerabilities exist during transactions, including latency and network congestion issues during mempool processing, topology weaknesses, cross-chain bridge exploits, and cryptographic weaknesses. These vulnerabilities have led to attacks that have threatened system integrity, including Block Extractable Value (BEV) attacks, Maximal Extractable Value (MEV) attacks, sandwich attacks, liquidation, and Decentralized Finance (DeFi) reordering attacks, among others. Thus, implementing a robust security framework based on the Confidentiality, Integrity, and Availability (CIA) triad remains critical for addressing modern blockchain technology threats. Objective: This paper examines blockchain technology, its various vulnerabilities, and attacks to determine how criminals exploit the system during transactions. Further, it evaluates its impact on users. Then, implement a blockchain attack in a “MasterChain” virtual environment to demonstrate how vulnerable spots can be practically exploited and discuss the application of the CIA security triad through modern cryptographic primitives. Methods: The approach considers Hevner’s design science framework, which emphasizes creating innovative artifacts that address identified problems while contributing to the knowledge base through rigorous evaluation. Furthermore, we developed a MasterChain tool using Python with Flask for distributed node communication, utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA) with the Standards for Efficient Cryptography Prime 256-bit Koblitz curve 1 (secp256k1) for digital signatures and Secure Hash Algorithm 3 (SHA-3) (Keccak-256) hashing for block integrity. Results: show how the CIA has been implemented to provide secure communication through ECDSA-based transactions, SHA-3 chain integrity verification, and a multi-node distributed architecture, respectively. The performance analysis shows that ECDSA provides 256-bit security with 64-byte signatures compared to 2048-bit Rivest–Shamir–Adleman (RSA)’s 256-byte signatures, achieving a 75% reduction in bandwidth overhead. SHA-3 provides immunity to length extension attacks while maintaining equivalent collision resistance to SHA-256. Conclusions: The MasterChain framework provides a practical foundation for implementing blockchain security that addresses both classical and emerging vulnerabilities. The adoption of ECDSA and SHA-3 (Keccak-256) positions the system favourably for modern blockchain applications, while providing insights into the cryptographic trade-offs between performance, security, and compatibility. Full article

The Dubai Government has made significant investments in digital learning through platforms such as Al Mawrid and Bayanati, enabling widespread access to employee training and upskilling. However, there remains a major gap in translating accumulated learning into intelligent workforce restructuring. This paper proposes “SkillChain DX,” a policy-driven framework that applies artificial intelligence (AI) to dynamically map employee-acquired skills to evolving job roles across departments, developed using a conceptual design science and policy analysis approach. The framework integrates blockchain to ensure secure, tamper-proof verification of skill credentials across diverse training platforms. To validate feasibility, a pilot prototype was implemented using sentence-transformer models for semantic skill inference and cryptographic hashing mechanisms for decentralized credential verification. Experimental evaluation across six controlled scenarios demonstrated an average role-matching accuracy of approximately 82%, blockchain transaction throughput exceeding 1000 operations per second, and near-instant credential verification with over 99% performance improvement compared to manual processes. The findings demonstrate that integrating AI-driven skill inference with decentralized credential verification can significantly enhance internal mobility, role alignment, and workforce planning at a policy level. The study benchmarks international practices and outlines a practical implementation path for the Dubai Government using only publicly available technologies and case studies, positioning SkillChain DX as one of the first integrated AI–blockchain policy frameworks tailored to public sector human resources (HR) transformation in Dubai. The proposed system framework bridges the current disconnect between training access and organizational transformation, supporting a proactive, transparent, and skills-first public sector, while offering actionable policy insights for future government HR modernization. Full article

The evolution of Hybrid Power Supply Systems (HPSSs) has extended from ground-based microgrids to the safety-critical domain of More Electric Aircraft (MEA). This paper presents a comprehensive review of dynamic power allocation strategies, bridging the gap between mature ground-based control theories and the stringent operational requirements of aerospace systems. Strategies are systematically classified into centralized, decentralized, and distributed architectures based on control structures. Evaluations indicate that centralized strategies, while effective in microgrids, achieve global optimality but face reliability constraints in airborne environments. In contrast, decentralized strategies based on virtual impedance ensure the high reliability and “plug-and-play” modularity essential for avionics yet often yield suboptimal coordination. Consequently, distributed cooperative control is identified as the most promising paradigm to bridge this gap, synthesizing optimization with fault tolerance. Finally, critical challenges in adapting these technologies to aviation—spanning algorithmic determinism and airworthiness certification—are discussed, and future trends in hybrid intelligence and digital twin-based verification are outlined for next-generation airborne energy systems. Full article

Modern passport systems face significant challenges in secure data sharing, real-time verification, and user-controlled authorization, particularly in cross-border scenarios. Existing digital passport solutions, often built on permissioned blockchains, suffer from limited transparency, scalability, and high operational costs. This paper proposes a decentralized passport management system based on an Ethereum Layer 2 architecture that combines global governance with high-throughput and cost-efficient passport operations. The system adopts a hybrid design in which a Global Passport Registry smart contract is deployed on the Ethereum mainnet for cross-country coordination, while passport issuance, access control, and identity management are handled on Layer 2 networks through country-operated Passport Managers and user-specific Personal Passport smart contracts. Extensive performance evaluations show that Ethereum Layer 1 throughput saturates at approximately 40–50 transactions per second (TPS), whereas the proposed Layer 2 deployment consistently exceeds 150 TPS and reaches up to 300 TPS under higher-performance environments, significantly surpassing the estimated system requirement of 70 TPS. These improvements result in faster response times, reduced congestion, and substantially lower transaction costs, demonstrating that public Ethereum Layer 2 infrastructures can effectively support a scalable, self-sovereign, privacy-preserving, and globally verifiable digital passport system suitable for real-world deployment. Full article

Ensuring the reliable, auditable, and privacy-oriented distribution of donations in disaster logistics constitutes a critical challenge due to multi-stakeholder coordination difficulties and the risk of misuse. This study presents a modular architecture, named SecureRelief, operating on a permissioned Hyperledger Fabric platform. The architecture integrates authentication based on Self-Sovereign Identity (SSI), Decentralized Identifiers (DID), and WebAuthn, together with Attribute-Based Access Control (ABAC), and enables the verification of delivery evidence through privacy-preserving validation using zero-knowledge proofs (ZKP). Documents are stored off-chain on the InterPlanetary File System (IPFS), while only cryptographic summary (hash) values sufficient for integrity verification are maintained on-chain. In scenario-based laboratory experiments, the blockchain layer demonstrated low latency (p95 < 16 ms) and stable transaction throughput, confirming its scalability. While the API layer handled high burst request loads with a 0% error rate, the additional computational overhead introduced by the integrated privacy-preserving (ZKP) mechanisms kept the end-to-end transaction latency within acceptable limits for disaster management applications (3.5–4.5 s). Full article

With the rapid development of online aquatic product trading, traditional centralized platforms are facing increasing pressure in terms of data security, privacy protection, and trust. Problems such as tampering with transaction records, weak identity authentication, privacy leakage, and the difficulty of balancing matching efficiency with security limit the further development of these platforms. To address these issues, this paper proposes a blockchain-based identity authentication and access control scheme for online aquatic product trading. The scheme first introduces a dual authentication mechanism that combines a verifiable random function with a Schnorr-based zero-knowledge proof, providing strong decentralized identity verification and resistance to replay attacks. It then designs a dynamic access control strategy based on a multi-dimensional reputation model, which converts user behavior, attributes, and historical transaction performance into a comprehensive trust score used to determine fine-grained access rights. In addition, an AES-PEKS hybrid encryption method is employed to support encrypted keyword search and order matching while protecting the confidentiality of order data. This paper implements a multi-channel architecture for aquatic product trading prototype system on Hyperledger Fabric. This system separates registration, order processing, and reputation management into different channels to improve concurrency and enhance privacy protection. Security analysis shows that the proposed solution effectively defends against replay attacks, key leaks, data tampering, and privacy theft. Performance evaluation further demonstrates that, compared to a single-chain architecture, the multi-channel design, while increasing security mechanisms, maintains a stable throughput of approximately 223 tx/s even when concurrency reaches 600–800 tx/s, ensuring normal operation of the trading system. These results indicate that this solution provides a practical technical approach and system-level reference for building secure, reliable, and efficient online aquatic product trading platforms. Full article