Search Results (632)

The digital business environment is rapidly evolving with advancements in information technology (IT), increasing the risk of information security incidents. Grounded in the resource-based view and in contingency theory, this study adopts a different approach from prior research by conceptualizing security management activities not as mere risk control mechanisms, but as strategic innovation drivers that can enhance corporate performance (sales revenue and operating profit). The authors develop a research model with six independent variables, including internal and external security management activities, CISO role configuration (independent or dual-role with CIO), and investment levels in IT and information security. The dependent variables include sales revenue and operating profit, with ISMS or ISO certification as a moderating variable. Using information security (IS) disclosures and financial data from 545 Korean firms that have reported their security management activities to the Ministry of Science and ICT, multiple regression and moderation analyses reveal that high IT investment negatively impacts performance, but this effect is mitigated when formal security systems, like ISMS or ISO, are in place. The results suggest that integrating recognized security frameworks into management strategies can enhance both innovation and financial outcomes, encouraging a proactive approach to security management. Full article

With the emergence of Survey 4.0, the oil and gas (O & G) industry is now considering spatial digital twins during their field design to enhance visualization, efficiency, and safety. O & G companies have already initiated investments in the research and development of spatial digital twins to build digital mining models. Existing studies commonly adopt surveys and case studies as their evaluation approach to validate the feasibility of spatial digital twins and related technologies. However, this approach requires high costs and resources. To address this gap, this study explores the feasibility of the informed argument method within the design science framework. A land survey data model (LSDM)-based digital twin prototype for O & G field design, along with 3D spatial datasets located in Lot 2 on RP108045 at petroleum lease 229 under the Department of Resources, Queensland Government, Australia, was selected as a case for this study. The ISO/IEC 25010 model was adopted as a methodology for this study to evaluate the prototype and Digital Twin Victoria (DTV). It encompasses eight metrics, such as functional suitability, performance efficiency, compatibility, usability, security, reliability, maintainability, and portability. The results generated from this study indicate that the prototype encompasses a standard level of all parameters in the ISO/IEC 25010 model. The key significance of the study is its methodological contribution to evaluating the spatial digital twin models through cost-effective means, particularly under circumstances with strict regulatory requirements and low information accessibility. Full article

In the deep integration process between digital infrastructure and new economic forms, structural imbalance between the evolution rate of cloud storage technology and the growth rate of data-sharing demands has caused systemic security vulnerabilities such as blurred data sovereignty boundaries and nonlinear surges in privacy leakage risks. Existing academic research indicates current proxy re-encryption schemes remain insufficient for cloud access control scenarios characterized by diversified user requirements and personalized permission management, thus failing to fulfill the security needs of emerging computing paradigms. To resolve these issues, a revocable attribute-based proxy re-encryption scheme supporting policy-hiding is proposed. Data owners encrypt data and upload it to the blockchain while concealing attribute values within attribute-based encryption access policies, effectively preventing sensitive information leaks and achieving fine-grained secure data sharing. Simultaneously, proxy re-encryption technology enables verifiable outsourcing of complex computations. Furthermore, the SM3 (SM3 Cryptographic Hash Algorithm) hash function is embedded in user private key generation, and key updates are executed using fresh random factors to revoke malicious users. Ultimately, the scheme proves indistinguishability under chosen-plaintext attacks for specific access structures in the standard model. Experimental simulations confirm that compared with existing schemes, this solution delivers higher execution efficiency in both encryption/decryption and revocation phases. Full article

Addressing privacy concerns is one of the key challenges facing the development of Internet of Things (IoT)-based systems (IoTSs). As IoT devices often collect and process personal and sensitive information, strict privacy policies must be defined and enforced to keep data secure and safe, ensuring security and regulatory compliance. Any data breach could compromise the security of the system, leading to various types of threats and attacks, some of which could even endanger human life. Therefore, it is crucial to design and build a comprehensive and general privacy framework for the development of IoTSs. This framework should not be limited to specific IoTS domains but should be general enough to support and cover most IoTS domains. In this paper, we present a framework that assists developers by (i) enabling them to build IoTSs that comply with privacy standards, such as the General Data Protection Regulation (GDPR), and (ii) providing a simplified and practical approach to identifying and addressing privacy concerns. In addition, the framework enables developers to implement effective countermeasures. Full article

This study investigates the cybersecurity landscape of Aotearoa-New Zealand through a culturally grounded lens, focusing on the integration of Indigenous Māori values into cybersecurity frameworks. In response to escalating cyber threats, the research adopts a mixed-methods and interdisciplinary approach—combining surveys, focus groups, and case studies—to explore how cultural principles such as whanaungatanga (collective responsibility) and manaakitanga (care and respect) influence digital safety practices. The findings demonstrate that culturally informed strategies enhance trust, resilience, and community engagement, particularly in rural and underserved Māori communities. Quantitative analysis revealed that 63% of urban participants correctly identified phishing attempts compared to 38% of rural participants, highlighting a significant urban–rural awareness gap. Additionally, over 72% of Māori respondents indicated that cybersecurity messaging was more effective when delivered through familiar cultural channels, such as marae networks or iwi-led training programmes. Focus groups reinforced this, with participants noting stronger retention and behavioural change when cyber risks were communicated using Māori metaphors, language, or values-based analogies. The study also confirms that culturally grounded interventions—such as incorporating Māori motifs (e.g., koru, poutama) into secure interface design and using iwi structures to disseminate best practices—can align with international standards like NIST CSF and ISO 27001. This compatibility enhances stakeholder buy-in and demonstrates universal applicability in multicultural contexts. Key challenges identified include a cybersecurity talent shortage in remote areas, difficulties integrating Indigenous perspectives into mainstream policy, and persistent barriers from the digital divide. The research advocates for cross-sector collaboration among government, private industry, and Indigenous communities to co-develop inclusive, resilient cybersecurity ecosystems. Based on the UTAUT and New Zealand’s cybersecurity vision “Secure Together—Tō Tātou Korowai Manaaki 2023–2028,” this study provides a model for small nations and multicultural societies to create robust, inclusive cybersecurity frameworks. Full article

The rapid spread of COVID-19 increased the need for speedy diagnostic tools, which led scientists to conduct extensive research on deep learning (DL) applications that use chest imaging, such as chest X-ray (CXR) and computed tomography (CT). This review examines the development and performance of DL architectures, notably convolutional neural networks (CNNs) and emerging vision transformers (ViTs), in identifying COVID-19-related lung abnormalities. Individual ResNet architectures, along with CNN models, demonstrate strong diagnostic performance through the transfer protocol; however, ViTs provide better performance, with improved readability and reduced data requirements. Multimodal diagnostic systems now incorporate alternative methods, in addition to imaging, which use lung ultrasounds, clinical data, and cough sound evaluation. Information fusion techniques, which operate at the data, feature, and decision levels, enhance diagnostic performance. However, progress in COVID-19 detection is hindered by ongoing issues stemming from restricted and non-uniform datasets, as well as domain differences in image standards and complications with both diagnostic overfitting and poor generalization capabilities. Recent developments in COVID-19 diagnosis involve constructing expansive multi-noise information sets while creating clinical process-oriented AI algorithms and implementing distributed learning protocols for securing information security and system stability. While deep learning-based COVID-19 detection systems show strong potential for clinical application, broader validation, regulatory approvals, and continuous adaptation remain essential for their successful deployment and for preparing future pandemic response strategies. Full article

Background/Objectives: Access to specialized care for patients with cognitive impairment in remote areas is often limited. Despite the increasing adoption of telemedicine, standardized guidelines have not yet been specified. This study aimed to develop a comprehensive protocol for the specialized neurological, neuropsychological, and neuropsychiatric assessment of patients with cognitive disorders in remote areas through telemedicine. Methods: We analyzed data from (i) a comprehensive literature review of the existing recommendations, reliability studies, and telemedicine models for cognitive disorders, (ii) insights from a three-year experience of a specialized telemedicine outpatient clinic for cognitive movement disorders in Greece, and (iii) suggestions coming from dementia specialists experienced in telemedicine (neurologists, neuropsychologists, psychiatrists) who took part in three focus groups. A critical synthesis of the findings was performed in the end. Results: The final protocol included: technical and organizational requirements (e.g., a high-resolution screen and a camera with zoom, room dimensions adequate for gait assessment, a noise-canceling microphone); medical history; neurological, neuropsychiatric, and neuropsychological assessment adapted to videoconferencing; ethical–legal aspects (e.g., data security, privacy, informed consent); clinician–patient interaction (e.g., empathy, eye contact); diagnostic work-up; linkage to other services (e.g., tele-psychoeducation, caregiver support); and instructions for treatment and follow-up. Conclusions: This protocol is expected to serve as an example of good clinical practice and a source for official telemedicine guidelines for cognitive disorders. Ultimate outcomes include the potential enhanced access to specialized care, minimized financial and logistical costs, and the provision of a standardized, effective model for the remote diagnosis, treatment, and follow-up. This model could be applied not only in Greece, but also in other countries with similar healthcare systems and populations living in remote, difficult-to-access areas. Full article

The healthcare industry is witnessing a rapid rise in the adoption of wearable and implantable medical devices, including advanced electrochemical sensors and other smart diagnostic technologies. These devices are increasingly used to enable real-time monitoring of physiological parameters, allowing for faster diagnosis and more personalized care plans. Their growing presence reflects a broader shift toward smart connected healthcare systems aimed at delivering immediate and actionable insights to both patients and medical professionals. At the same time, the healthcare industry is increasingly targeted by cyberattacks, primarily due to the high value of medical information; in addition, the growing integration of ICT technologies into medical devices has introduced new vulnerabilities that were previously absent in this sector. To mitigate these risks, new international guidelines advocate the adoption of best practices for secure software development, emphasizing a security-by-design approach in the design and implementation of such devices. However, the vast and fragmented nature of the information required to effectively support these development processes poses a challenge for the numerous stakeholders involved. In this paper, we demonstrate how key features of the Malware Information Sharing Platform (MISP) can be leveraged to systematically collect and structure vulnerability-related information for medical devices. We propose tailored structures, objects, and taxonomies specific to medical devices, facilitating a standardized data representation that enhances the security-by-design development of these devices. Full article

The integration of artificial intelligence (AI) into education requires frameworks that are not only technically robust but also ethically and pedagogically grounded. This paper proposes the Generalist Education Artificial Intelligence (GEAI) framework—a conceptual blueprint designed to enable privacy-preserving, personalized, and multimodal AI-supported learning in educational contexts. GEAI features a Trusted Domain architecture that supports secure, voluntary multimodal data collection via multimedia registration devices (MM Devices), edge-based AI inference, and institutional data sovereignty. Drawing on principles from constructivist pedagogy and regulatory standards such as GDPR and FERPA, GEAI supports adaptive feedback, engagement monitoring, and learner-centered interaction while addressing key challenges in ethical data governance, transparency, and accountability. To bridge theory and application, we outline a staged validation roadmap informed by technical feasibility assessments and stakeholder input. This roadmap lays the foundation for future prototyping and responsible deployment in real-world educational settings, positioning GEAI as a forward-looking contribution to both AI system design and education policy alignment. Full article

Firmware vulnerabilities in embedded devices have caused serious security incidents, necessitating similarity analysis of binary program instruction embeddings to identify vulnerabilities. However, existing instruction embedding methods neglect program execution semantics, resulting in accuracy limitations. Furthermore, current embedding approaches utilize independent computation across models, where the lack of standardized interaction information between models makes it difficult for embedding models to efficiently detect firmware vulnerabilities. To address these challenges, this paper proposes a firmware vulnerability detection scheme based on statistical inference and code similarity fuzzy matching analysis for resource-constrained vehicular network environments, helping to balance both accuracy and efficiency. First, through dynamic programming and neighborhood search techniques, binary code is systematically partitioned into normalized segment collections according to specific rules. The binary code is then analyzed in segments to construct semantic equivalence mappings, thereby extracting similarity metrics for function execution semantics. Subsequently, Google Protocol Buffers (ProtoBuf) is introduced as a serialization format for inter-model data transmission, serving as a “translation layer” and “bridging technology” within the firmware vulnerability detection framework. Additionally, a ProtoBuf-based certificate authentication scheme is proposed to enhance vehicular network communication reliability, improve data serialization efficiency, and increase the efficiency and accuracy of the detection model. Finally, a vehicular network simulation environment is established through secondary development on the NS-3 network simulator, and the functionality and performance of this architecture were thoroughly tested. Results demonstrate that the algorithm possesses resistance capabilities against common security threats while minimizing performance impact. Experimental results show that FirmPB delivers superior accuracy with 0.044 s inference time and 0.932 AUC, outperforming current SOTA in detection performance. Full article

This article examines a hybrid generation of cryptographic keys, whose novelty lies in the fusion of a multiscale subkey generation with prime sieve and subkeys inspired by quantum mechanics. It combines number theory with techniques emulated and inspired by quantum mechanics, also based on two demons capable of dynamically modifying the cryptographic model. The integration is structured through the JDL. In fact, a specific information fusion model is used to improve security. As a result, the resulting key depends not only on the individual components, but also on the fusion path itself, allowing for dynamic and cryptographically agile configurations that remain consistent with quantum mechanics-inspired logic. The proposed approach, called quantum and prime information fusion (QPIF), couples a simulated quantum entropy source, derived from the numerical solution of the Schrödinger equation, with a multiscale prime number sieve to construct multilevel cryptographic keys. The multiscale sieve, based on recent advances, is currently among the fastest available. Designed to be compatible with classical computing environments, the method aims to contribute to cryptography from a different perspective, particularly during the coexistence of classical and quantum computers. Among the five key generation algorithms implemented here, the ultra-optimised QRNG offers the most effective trade-off between performance and randomness. The results are validated using standard NIST statistical tests. This hybrid framework can also provide a conceptual and practical basis for future work on PQC aimed at addressing the challenges posed by the quantum computing paradigm. Full article

Deterministic random bit generators (DRBG) play a crucial role in device security because they generate secret information cryptographic systems, e.g., secret keys and parameters. Thus, attacks on DRBGs can result in the exposure of important secret values, which can threaten the entire cryptographic system of the target Internet of Things (IoT) equipment and smart devices. In 2020, Meyer proposed a side-channel attack (SCA) method that recovers the output random bits by analyzing the power consumption traces of the NIST standard AES CTR DRBG. In addition, most algorithmic countermeasures against SCAs also utilize random numbers; thus, such vulnerabilities are more critical than other SCAs on cryptographic modules. Meyer’s attack recovers the secret random number in four stages of the attack using only the power traces, which the CTR DRBG processes in 256 blocks. We present an approach that employs a clustering algorithm to enhance Meyer’s attack. The proposed attack increases the attack success rate and recovers more information using a clustering attack in the first step. In addition, it improves the attack accuracy in the third and fourth steps using the information obtained from the clustering process. These results lead to the possibility of attacks at higher noise levels and increase the diversity of target devices for attacking the CTR DRBG. Experiments were conducted on an Atmel XMEGA128D4 processor to evaluate the effectiveness of the proposed attack method. We also introduced artificial noise into the power traces to compare the proposed attack’s performance at different noise levels. Our results demonstrate that the first step of the proposed attack achieves a higher success rate than Meyer’s attack at all noise levels. For example, at high noise levels, the difference in the success rates is up to 50%. In steps 3 and 4, an average performance improvement of 18.5% greater than Meyer’s proposed method is obtained. The proposed attack effectively extends the target to more noisy environments than previous attacks, thereby increasing the threat of SCA on CTR DRBGs. Full article

Globally, crop productive systems exhibit climatic adaptation, resulting in increased overall yields over the past century. Nevertheless, inter-annual fluctuations in production can lead to food price volatility, raising concerns about food security. Within this framework, short-term crop yield predictions informed by climate observations may significantly contribute to sustainable agricultural development. In this study, we discuss the criteria for historical monitoring and forecasting of the productive system response to climatic fluctuations, both ordinary and extreme. Here, forecasting is intended as an assessment of the conditional probability distribution of crop yield, given the observed value of a key climatic index in an appropriately chosen month of the year. Wheat production in the Teramo province (central Italy) is adopted as a case study to illustrate the approach. To characterize climatic conditions, this study utilizes the Standardized Precipitation Evapotranspiration Index (SPEI) as a key indicator impacting wheat yield. Validation has been carried out by means of Monte Carlo simulations, confirming the effectiveness of the method. The main findings of this study show that the model describing the yield–SPEI relationship has time-varying parameters and that the study of their variation trend allows for an estimate of their current values. These results are of interest from a methodological point of view, as these methods can be adapted to various crop products across different geographical regions, offering a tool to anticipate production figures. This offers effective tools for informed decision-making in support of both agricultural and economic sustainability, with the additional benefit of helping to mitigate price volatility. Full article

To meet the growing demand for secure and reliable image protection in digital communication, this paper proposes a novel image encryption framework that addresses the challenges of high plaintext sensitivity, resistance to statistical attacks, and key security. The method combines a two-dimensional dynamically coupled map lattice (2D DCML) with elementary cellular automata (ECA) to construct a heterogeneous chaotic system with strong spatiotemporal complexity. To further enhance nonlinearity and diffusion, a multi-source perturbation mechanism and adaptive DNA encoding strategy are introduced. These components work together to obscure the image structure, pixel correlations, and histogram characteristics. By embedding spatial and temporal symmetry into the coupled lattice evolution and perturbation processes, the proposed method ensures a more uniform and balanced transformation of image data. Meanwhile, the method enhances the confusion and diffusion effects by utilizing the principle of symmetric perturbation, thereby improving the overall security of the system. Experimental evaluations on standard images demonstrate that the proposed scheme achieves high encryption quality in terms of histogram uniformity, information entropy, NPCR, UACI, and key sensitivity tests. It also shows strong resistance to chosen plaintext attacks, confirming its robustness for secure image transmission. Full article

The swift advancement of information and communication technology has made it increasingly difficult to guarantee the security of transmitted data. Traditional encryption techniques, particularly in multimedia applications, frequently fail to defend against sophisticated attacks, such as chosen-plaintext, differential, and statistical analysis attacks. More often than not, traditional cryptographic methods lack proper diffusion and sufficient randomness, which is why they are vulnerable to these types of attacks. By combining multi-level chaotic maps with Least Significant Bit (LSB) steganography and Advanced Encryption Standard (AES) encryption, this study proposes an improved security approach for picture transmission. A hybrid chaotic system dynamically creates the encryption keys, guaranteeing high unpredictability and resistance to brute-force attacks. Next, it incorporates the encrypted images into video frames, making it challenging to find the secret data. The suggested method demonstrates its resilience to statistical attacks by achieving entropy values over 7.99 and number of pixels change rate (NPCR) values above 99.63% in contrast to traditional encryption techniques, showing how resilient it is to statistical attacks. Our hybrid approach improves data secrecy and resistance to various cryptographic attacks. Experimental results confirm the efficiency of the suggested technique by achieving entropy values around 7.99, number of pixels change rate (NPCR) values above 99.63%, and unified average changing intensity (UACI) values over 31.98%, ensuring the secure transmission of sensitive images while maintaining video imperceptibility. Full article