Search Results (408)

Biometric authentication, such as facial recognition and fingerprint scanning, is now standard on mobile devices, offering secure and convenient access. However, the processing of biometric data is tightly regulated under the European Union’s General Data Protection Regulation (GDPR), where such data qualifies as “special category” personal data when used for uniquely identifying individuals. Compliance requires meeting strict conditions, including explicit consent and data protection by design. Passkeys, the modern name for FIDO2-based authentication credentials developed by the FIDO Alliance, enable passwordless login using public key cryptography. Its “match-on-device” architecture stores biometric data locally in secure hardware (e.g., Android’s Trusted Execution Environment, Apple’s Secure Enclave), potentially reducing the regulatory obligations associated with cloud-based biometric processing. This paper examines how Passkeys are implemented on Android and iOS platforms and their differences in architecture, API access, and hardware design, and how those differences affect compliance with the GDPR. Through a comparative analysis, we evaluate the extent to which each platform supports local processing, data minimization, and user control—key principles under GDPR. We find that while both platforms implement strong local protections, differences in developer access, trust models, and biometric isolation can influence the effectiveness and regulatory exposure of Passkeys deployment. These differences have direct implications for privacy risk, legal compliance, and implementation choices by app developers and service providers. Our findings highlight the need for platform-aware design and regulatory interpretation in the deployment of biometric authentication technologies. This work can help inform stakeholders, policymakers, and legal experts in drafting robust privacy and ethical policies—not only in the realm of biometrics but across AI technologies more broadly. By understanding platform-level implications, future frameworks can better align technical design with regulatory compliance and ethical standards. Full article

Accurate spatial information of cropland is crucial for precision agricultural management and ensuring national food security. High-resolution remote sensing imagery combined with deep learning algorithms provides a promising approach for extracting detailed cropland information. However, due to the diverse morphological characteristics of croplands across different agricultural landscapes, existing deep learning methods encounter challenges in precise boundary localization. The advancement of large-scale vision models has led to the emergence of the Segment Anything Model (SAM), which has demonstrated remarkable performance on natural images and attracted considerable attention in the field of remote sensing image segmentation. However, when applied to high-resolution cropland extraction, SAM faces limitations in semantic expressiveness and cross-domain adaptability. To address these issues, this study proposes a dual-branch framework integrating SAM and a semantically aware network (SAM-SANet) for high-resolution cropland extraction. Specifically, a semantically aware branch based on a semantic segmentation network is applied to identify cropland areas, complemented by a boundary-constrained SAM branch that directs the model’s attention to boundary information and enhances cropland extraction performance. Additionally, a boundary-aware feature fusion module and a prompt generation and selection module are incorporated into the SAM branch for precise cropland boundary localization. The former aggregates multi-scale edge information to enhance boundary representation, while the latter generates prompts with high relevance to the boundary. To evaluate the effectiveness of the proposed approach, we construct three cropland datasets named GID-CD, JY-CD and QX-CD. Experimental results on these datasets demonstrated that SAM-SANet achieved mIoU scores of 87.58%, 91.17% and 71.39%, along with mF1 scores of 93.54%, 95.35% and 82.21%, respectively. Comparative experiments with mainstream semantic segmentation models further confirmed the superior performance of SAM-SANet in high-resolution cropland extraction. Full article

This paper presents a novel gateway-centric architecture for context-aware trust evaluation in Internet of Battle Things (IoBT) environments. The system is structured across multiple layers, from embedded sensing devices equipped with internal modules for signal filtering, anomaly detection, and encryption, to high-level data processing in a secure cloud infrastructure. At its core, the gateway evaluates the trustworthiness of sensor nodes by computing reputation scores based on behavioral and contextual metrics. This design offers operational advantages, including reduced latency, autonomous decision-making in the absence of central command, and real-time responses in mission-critical scenarios. Our system integrates supervised learning, specifically Decision Tree Regression (DTR), to estimate reputation scores using features such as transmission success rate, packet loss, latency, battery level, and peer feedback. The results demonstrate that the proposed approach ensures secure, resilient, and scalable trust management in distributed battlefield networks, enabling informed and reliable decision-making under harsh and dynamic conditions. Full article

With the rapid growth of Artificial Intelligence of Things (AIoT), identity management and trusted communication have become critical for system security and reliability. Continuous AI learning and large-scale device connectivity introduce challenges such as permission drift, cross-domain access, and fine-grained API calls. Traditional identity management often fails to balance privacy protection with efficiency, leading to risks of data leakage and misuse. To address these issues, this paper proposes a blockchain-based self-sovereign identity (SSI) management mechanism for AIoT. By integrating SSI with a zero-trust framework, it achieves decentralized identity storage and continuous verification, effectively preventing unauthorized access and misuse of identity data. The mechanism employs selective disclosure (SD) technology, allowing users to submit only necessary attributes, thereby ensuring user control over self-sovereign identity information and guaranteeing the privacy and integrity of undisclosed attributes. This significantly reduces verification overhead. Additionally, this paper designs a context-aware dynamic permission management that generates minimal permission sets in real time based on device requirements and environmental changes. Combined with the zero-trust principles of continuous verification and least privilege, it enhances secure interactions while maintaining flexibility. Performance experiments demonstrate that, compared with conventional approaches, the proposed zero-trust architecture-based SSI management mechanism better mitigates the risk of sensitive attribute leakage, improves identity verification efficiency under SD, and enhances the responsiveness of dynamic permission management, providing robust support for secure and efficient AIoT operations. Full article

Vehicular Ad Hoc Networks (VANETs) support safety-critical and traffic-optimization applications through low-latency, reliable V2X communication. However, securing integrity and auditability with blockchain is challenging because conventional BFT-style consensus incurs high message overhead and latency. We introduce CoCoChain, a concept-aware consensus mechanism tailored to VANETs. Instead of exchanging full payloads, CoCoChain trains a sparse autoencoder (SAE) offline on raw message payloads and encodes each message into a low-dimensional concept vector; only the top-k activations are broadcast during consensus. These compact semantic digests are integrated into a practical BFT workflow with per-phase semantic checks using a cosine-similarity threshold $\theta =0.85$ (calibrated on validation data to balance detection and false positives). We evaluate CoCoChain in OMNeT++/SUMO across urban, highway, and multi-hop broadcast under congestion scenarios, measuring latency, throughput, packet delivery ratio, and Age of Information (AoI), and including adversaries that inject semantically corrupted concepts as well as cross-layer stress (RF jamming and timing jitter). Results show CoCoChain reduces consensus message overhead by up to 25% and confirmation latency by 20% while maintaining integrity with up to 20% Byzantine participants and improving information freshness (AoI) under high channel load. This work focuses on OBU/RSU semantic-aware consensus (not 6G joint sensing or multi-base-station fusion). The code, configs, and an anonymized synthetic replica of the dataset will be released upon acceptance. Full article

The value of personal data can only be unlocked through efficient circulation. This study explores a multi-party collaborative mechanism for personal-data trading, aiming to improve data quality and market vitality via incentive-compatible institutional design, thereby supporting the high-quality development of the digital economy. Symmetry enhancement refers to the use of strategies and mechanisms to narrow the information gap among data controllers, operators, and demanders, enabling all parties to facilitate personal-data transactions on relatively equal footing. Drawing on evolutionary-game theory, we construct a tripartite dynamic-game model that incorporates data controllers, data operators, and data demanders. We analyze how initial willingness, payoff structures, breach costs, and risk factors (e.g., data leakage) shape each party’s strategic choices (cooperate vs. defect) and their evolutionary trajectories, in search of stable equilibrium conditions and core incentive mechanisms for a healthy market. We find that (1) the initial willingness to cooperate among participants is the foundation of a virtuous cycle; (2) the net revenue of data products significantly influences operators’ and demanders’ propensity to cooperate; and (3) the severity of breach penalties and the potential losses from data leakage jointly affect the strategies of all three parties, serving as key levers for maintaining market trust and compliance. Accordingly, we recommend strengthening contract enforcement and trust-building; refining the legal and regulatory framework for data rights confirmation, circulation, trading, and security; and promoting stable supply–demand cooperation and market education to enhance awareness of data value and compliance, thereby stimulating individuals’ willingness to authorize the use of their data and maximizing its value. Full article

The formation of strategies and tactics of destructive impact (DI) at the stages of complex computer attacks (CCAs) largely depends on the content of intelligence data obtained by the intruder about the attacked elements of distributed information systems (DISs). This study analyzes scientific papers, methodologies and standards in the field of assessing the indicators of awareness of the intruder about the objects of DI and symmetrical indicators of intelligence security of the elements of the DIS. It was revealed that the aspects of changing the quantitative and qualitative characteristics of intelligence data (ID) at the stages of CCA, as well as their impact on the possibilities of using certain types of simple computer attacks (SKAs), are poorly studied and insufficiently systematized. This paper uses technologies for modeling the process of an intruder obtaining ID based on the application of the methodology of black, grey and white boxes and the theory of fuzzy sets. This allowed us to identify the relationship between certain arrays of ID and the possibilities of applying certain types of SCA end-structure arrays of ID according to the levels of identifying objects of DI, and to create a scale of intruder awareness symmetrical to the scale of intelligence protection of the elements of the DIS. Experiments were conducted to verify the practical applicability of the developed models and techniques, showing positive results that make it possible to identify vulnerable objects, tactics and techniques of the intruder in advance. The result of this study is the development of an intruder awareness scale, which includes five levels of his knowledge about the attacked system, estimated by numerical intervals and characterized by linguistic terms. Each awareness level corresponds to one CCA stage: primary ID collection, penetration and legalization, privilege escalation, distribution and DI. Awareness levels have corresponding typical ID lists that can be potentially available after conducting the corresponding type of SCA. Typical ID lists are classified according to the following DI levels: network, hardware, system, application and user level. For each awareness level, the method of obtaining the ID by the intruder is specified. These research results represent a scientific contribution. The practical contribution is the application of the developed scale for information security (IS) incident management. It allows for a proactive assessment of DIS security against CCAs—modeling the real DIS structure and various CCA scenarios. During an incident, upon detection of a certain CCA stage, it allows for identifying data on DIS elements potentially known by the intruder and eliminating further development of the incident. The results of this study can also be used for training IS specialists in network security, risk assessment and IS incident management. Full article

The Internet of Medical Things (IoMT) is a rapidly expanding network of medical devices, sensors, and software that exchange patient health data. While IoMT supports personalized care and operational efficiency, it also introduces significant privacy risks, especially when handling sensitive health information. Data Identification and Classification (DIC) are therefore critical for distinguishing which data attributes require stronger safeguards. Effective DIC contributes to privacy preservation, regulatory compliance, and more efficient data management. This study introduces SDAIPA (SDAIA-HIPAA), a standardized hybrid IoMT data classification framework that integrates principles from HIPAA and SDAIA with a dual risk perspective—uniqueness and harm potential—to systematically classify IoMT health data. The framework’s contribution lies in aligning regulatory guidance with a structured classification process, validated by domain experts, to provide a practical reference for sensitivity-aware IoMT data management. In practice, SDAIPA can assist healthcare providers in allocating encryption resources more effectively, ensuring stronger protection for high-risk attributes such as genomic or location data while minimizing overhead for lower-risk information. Policymakers may use the standardized IoMT data list as a reference point for refining privacy regulations and compliance requirements. Likewise, AI developers can leverage the framework to guide privacy-preserving training, selecting encryption parameters that balance security with performance. Collectively, these applications demonstrate how SDAIPA can support proportionate and regulation-aligned protection of health data in smart healthcare systems. Full article

Geopolitical instability poses a significant threat to food systems by disrupting production, trade, and market access, thereby undermining both food security and long-term sustainability. Unlike peacetime food insecurity driven by poverty or climate change, conflict-related crises often involve blockades, agricultural destruction, and deliberate famine. This paper conducts a bibliometric review of the academic literature from 2010 to 2024, and partially 2025, to examine how food security and resilience under the influence of conflict have been conceptualized, focusing on their intersections with war, global food systems, and sustainability. We used the Web of Science database and tools such as VOSviewer version 1.6.18, Microsoft Excel and Bibliomagika version 2.10.0, to map thematic clusters, identify influential authors, publishers, and academic partnerships and trace the evolution of scholarly attention on this topic. Our findings reveal a growing recognition of using food as a tool of war, the increasing politicization of food aid, and heightened awareness of the fragility of agricultural systems under conflict. At the same time, significant gaps still persist, particularly in the study of “unconventional” food systems such as black markets and informal supply chains, which often sustain communities during crises but remain underexplored in mainstream scholarship. By identifying these gaps, this review outlines research priorities for developing inclusive and resilient policies, ultimately enhancing the capacity of global food systems to withstand the pressures of conflict and geopolitical instability. Full article

Semantic communication (SemCom), as a revolutionary paradigm for next-generation networks, shifts the focus from traditional bit-level transmission to the delivery of meaning and purpose. Grounded in the Data, Information, Knowledge, Wisdom, Purpose (DIKWP) model and its mapping framework, together with the relativity of understanding theory, the discussion systematically reviews advances in semantic-aware communication and personalized semantic security. By innovatively introducing the “Purpose” dimension atop the classical DIKW hierarchy and establishing interlayer feedback mechanisms, the DIKWP model enables purpose-driven, dynamic semantic processing, providing a theoretical foundation for both SemCom and personalized semantic security based on cognitive differences. A comparative analysis of existing SemCom architectures, personalized artificial intelligence (AI) systems, and secure communication mechanisms highlights the unique value of the DIKWP model. An integrated cognitive–conceptual–semantic network, combined with the principle of semantic relativity, supports the development of explainable, cognitively adaptive, and trustworthy communication systems. Practical implementation paths are explored, including DIKWP-based semantic chip design, white-box AI evaluation standards, and dynamic semantic protection frameworks, establishing theoretical links with emerging trends such as task-oriented communication and personalized foundation models. Embedding knowledge representation and cognitive context into communication protocols is shown to enhance efficiency, reliability, and security significantly. In addition, key research challenges in semantic alignment, cross-domain knowledge sharing, and formal semantic metrics are identified, while future research directions are outlined to guide the evolution of intelligent communication networks and provide a systematic reference for the advancement of the field. Full article

Clean water security demands autonomous systems that sense, reason, and act at scale. We introduce AquaSurveil, a unified multi-agent platform coupling mobile robots, fixed IoT nodes, and privacy-preserving machine learning for continent-scale water health surveillance. The architecture blends Gaussian-process mapping with distributed particle filtering, multi-agent deep-reinforcement Voronoi coverage, GAN/LSTM anomaly detection, and sheaf-theoretic data fusion; components are tuned by Bayesian optimization and governed by Age-of-Information-aware power control. Evaluated on a 2.82-million-record dataset (1940–2023; five countries), AquaSurveil achieves up to 96% spatial-coverage efficiency, an ROC-AUC of 0.96 for anomaly detection, ≈95% state-estimation accuracy, and reduced energy consumption versus randomized patrols. These results demonstrate scalable, robust, and energy-aware water quality surveillance that unifies robotics, the IoT, and modern AI. Full article

In this study, the key challenges faced by global navigation satellite systems (GNSSs) in the field of security are addressed, and an eye diagram-based deep learning framework for intelligent classification of interference types is proposed. GNSS signals are first transformed into two-dimensional eye diagrams, enabling a novel visual representation wherein interference types are distinguished through entropy-centric feature analysis. Specifically, the quantification of information entropy within these diagrams serves as a theoretical foundation for extracting salient discriminative features, reflecting the structural complexity and uncertainty of the underlying signal distortions. We designed a hybrid architecture that integrates spatial feature extraction, gradient stability enhancement, and time dynamics modeling capabilities and combines the advantages of a convolutional neural network, residual network, and bidirectional long short-term memory network. To further improve model performance, we propose an improved coati optimization algorithm (ICOA), which combines chaotic mapping, an elite perturbation mechanism, and an adaptive weighting strategy for hyperparameter optimization. Compared with mainstream optimization methods, this algorithm improves the convergence accuracy by more than 30%. Experimental results on jamming datasets (continuous wave interference, chirp interference, pulse interference, frequency-modulated interference, amplitude-modulated interference, and spoofing interference) demonstrate that our method achieved performance in terms of accuracy, precision, recall, F1 score, and specificity, with values of 98.02%, 97.09%, 97.24%, 97.14%, and 99.65%, respectively, which represent improvements of 1.98%, 2.80%, 6.10%, 4.59%, and 0.33% over the next-best model. This study provides an efficient, entropy-aware, intelligent, and practically feasible solution for GNSS interference identification. Full article

Graph anomaly detection (GAD) is crucial for safeguarding the integrity and security of complex systems, such as social networks and financial transactions. Despite the advances made by Graph Neural Networks (GNNs) in the field of GAD, existing methods still exhibit limitations in capturing subtle structural anomaly patterns: they typically over-rely on reconstruction error, struggle to fully exploit structural similarity among nodes, and fail to effectively integrate attribute and structural information. To tackle these challenges, this paper proposes a structure-aware dual-path attention graph node anomaly detection method (DPGAD). DPGAD employs wavelet diffusion to extract network neighborhood features for each node while incorporating a dual attention mechanism to simultaneously capture attribute and structural similarities, thereby obtaining richer feature details. An adaptive gating mechanism is then introduced to dynamically adjust the fusion of attribute features and structural features. This allows the model to focus on the most relevant features for anomaly detection, enhancing its robustness and antinoise capability. Our experimental evaluation across multiple real-world datasets demonstrates that DPGAD consistently surpasses existing methods, achieving average improvements of 9.06% in AUC and 11% in F1-score. Especially in scenarios where structural similarity is crucial, DPGAD has a performance advantage of more than 20% compared with the most advanced methods. Full article

The graded management of structured sensitive data has become a key challenge in data security governance, particularly amid digital transformation in sectors such as government, finance, and healthcare. The existing methods suffer from limited generalization, low efficiency, and reliance on static rules. This paper proposes PPM-SACG, a privacy preference matrix-based model for sensitive attribute classification and grading. The model adopts a three-stage architecture: (1) composite sensitivity metrics are derived by integrating information entropy and group privacy preferences; (2) domain knowledge-guided clustering and association rule mining improve classification accuracy; and (3) mutual information-based hierarchical clustering enables dynamic grouping and grading, incorporating high-sensitivity isolation. Experiments using real-world vehicle management data (50 attributes, 3000 records) and user privacy surveys verify the method’s effectiveness. Compared with existing approaches, PPM-SACG doubles computational efficiency and supports scenario-aware deployment, offering enhanced compliance and practicality for structured data governance. Full article

Volumetric video streaming holds transformative potential for telemedicine, enabling immersive remote consultations, surgical training, and real-time collaborative diagnostics. However, transmitting sensitive patient data (e.g., 3D medical scans, surgeon head/gaze movements) raises critical privacy risks, including exposure of biometric identifiers and protected health information (PHI). To address the above concerns, we propose SecureTeleMed, a dual-track encryption scheme tailored for volumetric video based telemedicine. SecureTeleMed combines viewport obfuscation and region of interest (ROI)-aware frame encryption to protect both patient data and clinician interactions while complying with healthcare privacy regulations (e.g., HIPAA, GDPR). Evaluations show SecureTeleMed reduces privacy leakage by 89% compared to baseline encryption methods, with sub-50 ms latency suitable for real-time telemedicine applications. Full article