Search Results (448)

In the digital economy era, digital marketing has become a key strategy for firms seeking competitive advantage. However, its reliance on data has heightened exposure to cybersecurity risks. While existing research highlights the importance of digital transformation, less is known about how cybersecurity governance influences firms’ digital marketing activities. Drawing on signalling theory and the resource-based view, this study uses panel data from Chinese A-share listed firms during 2012–2023 to examine the impact of cybersecurity governance on digital marketing and its underlying mechanisms. The results show that effective cybersecurity governance significantly enhances firms’ digital marketing engagement. Mechanism analyses identify three channels. First, by preventing data breaches and negative incidents, firms enhance corporate reputation. Second, by creating a secure operating environment, cybersecurity governance strengthens risk-taking capacity and encourages marketing innovation. Third, by improving information disclosure and stakeholder communication, it alleviates information asymmetry. Heterogeneity analyses indicate that the positive effect is more pronounced for non-state-owned enterprises, firms in eastern regions, and high-tech firms. This study fills a gap in the literature by linking cybersecurity governance path to digital marketing and contributes to research on its economic consequences. The findings also offer practical implications for strengthening internal governance to support external market activities. Full article

Mobile Wireless Sensor Networks (MWSNs) enhance traditional wireless sensor networks by allowing sensor nodes to move, resulting in continuously changing network topologies. Although this mobility enables advanced applications such as disaster response, intelligent transportation systems, and mission-critical monitoring, it poses major challenges for secure and scalable key management in large-scale deployments. Most existing key management and key pre-distribution schemes are tailored to static or lightly mobile networks and therefore suffer from limited scalability, excessive memory consumption, inefficient key utilization, and increased vulnerability to node capture when applied to highly mobile environments. This paper proposes a mobility-aware, zone-based key management scheme that integrates an enhanced composite key distribution mechanism with dynamic key refinement. The network is partitioned into logical zones, each maintaining an independent key pool to confine security breaches and improve scalability. To adapt to mobility-induced topology changes, sensor nodes continuously refine their key rings by preserving only the cryptographic keys associated with persistent neighbor relationships. This selective retention strategy significantly reduces storage overhead while strengthening resilience against key compromise and unauthorized access. Comprehensive analytical modeling and performance evaluations demonstrate that the proposed scheme achieves higher secure connectivity, stronger resistance to node capture attacks, and improved scalability compared to existing approaches, particularly in dense and highly mobile MWSN scenarios. Full article

Cybersecurity vulnerabilities are rapidly increasing, but public understanding and awareness remain limited. Since most vulnerabilities are common, they continue to exist and to be exploited. Although there are tools, including the Open Worldwide Application Security project and the common weakness enumeration method, that provide extensive information on known security problems, their information is not structured and visually shown. The tools are ineffective in speed assessment and response. We analyzed large-scale common vulnerabilities and exposures JavaScript object notation datasets to recognize key threats, to understand the underlying cause of data breaches, and to analyze vulnerability trends. Implementing keyword gate-filling techniques and better data visualization enhances the clarity and usefulness of vulnerability information. These tools enable stakeholders to make quicker and more informed decisions and implement stronger encryption and defensive measures. Finally, the results of this study lead to broad awareness, active security, and a reactive strategy to evolving cyber threats that simplifies both governmental and average-day user recognition and response to emerging attack patterns and risks across digital platforms. Full article

Background: Reverse shoulder arthroplasty (RSA) relies on secure baseplate fixation to the glenoid. This carries a risk of suprascapular nerve (SSN) injury during peripheral screw insertion. Although fixed safe zones have been described, it remains unclear whether these scale with scapular morphometry or whether common screw positions confer differential SSN risk. Methods: Twenty cadaveric shoulders (ten pairs) were dissected. The superior safe zone (distance from the supraglenoid tubercle to SSN at the suprascapular notch) and posterior safe zone (distance from the glenoid rim to SSN at the spinoglenoid notch) were measured. Scapular dimensions (height, spine length, width) were measured. In ten shoulders, simulated RSA baseplate fixation was performed with superior screws placed at 11, 12, or 1 o’clock and posterior screws at 8, 9, or 10 o’clock. Screw lengths were based on glenoid depth. Cortical breach and SSN proximity were recorded. Linear regression assessed relationships between scapular dimensions and safe zones. Results: The superior safe zone (mean 2.9 ± 0.5 cm) significantly correlated with scapular dimensions (r = 0.78–0.86; p < 0.0001). All superior screws remained intraosseous across configurations. The posterior safe zone (1.9 ± 0.6 cm) showed no correlation. Posterior cortical breach occurred in 50% of specimens across all tested positions and was associated with smaller scapular spine length (p = 0.027). No significant difference in SSN proximity was observed between posterior screw positions. Conclusions: Scapular dimensions predict the superior, but not posterior, safe zone. Scapulae with shorter spine lengths demonstrated increased risk of posterior cortical breach, independent of screw position. These findings establish anatomical scalability of the superior safe zone and suggest that scapular morphometry may inform preoperative RSA planning; however, prospective validation is needed before routine clinical implementation. Full article

Robots and diverse sensors constitute a self-contained network. The integration of the Internet and the IoT extends this network, enabling seamless interconnection and information exchange between robotic sensors and external systems. Given that cybersecurity breaches cause significant losses, strengthening the security defenses of autonomous robots and sensor networks is critical. To enhance cybersecurity within robotic sensor networks, we examined strategies, objectives, frameworks, and methods for security improvement in this study. Through case-based analysis, recommendations and references were suggested to advance the cybersecurity capabilities of robotic sensor networks. Full article

The fast expansion of the Internet of Things (IoT) has increased the need for strong security measures to protect the enormous network of interconnected devices. This paper proposes a unique approach that combines optimization, intuitive design principles, and Least Weighted Elliptic Curve Cryptography (LWECC) to improve IoT device security while reducing power consumption. The proposed optimization strategy focuses on lowering computational overhead, which is critical for IoT devices with limited energy and processing power. The proposed method significantly reduces the amount of energy required for cryptographic operations by carefully selecting appropriate elliptic curves and optimizing cryptographic algorithms, ensuring that IoT devices may continue to function without compromising security. Furthermore, by selecting elliptic curves with minimal attack vulnerability, the use of LWECC provides an additional layer of protection. This technique ensures that, even in the face of emerging threats, IoT devices remain highly resilient, reducing the chance of security breaches while preserving functionality without using excessive power. Experimental results show a power consumption of only 0.156 W and 0.25 W for memory and router topologies, respectively, with an error margin of 0.01. The stated error margin pertains to the simulation-based evaluation of transmission-level data handling within the LWECC-enabled memory/router pipeline, rather than the risk of physical memory-cell failure or fabrication yield. The value shows the maximum amount of packet/data-stream loss detected during encrypted data transfer, rather than hardware memory reliability. Full article

The rapid digital transformation of healthcare has improved clinical efficiency, patient engagement, and data accessibility, but it has also introduced significant cyber security and data privacy challenges. Healthcare IT systems increasingly rely on interconnected networks, electronic health records (EHRs), tele-medicine platforms, cloud infrastructures, and Internet of Medical Things (IoMT) devices, which collectively expand the attack surface for cyber threats. This scoping review maps and synthesizes recent evidence on cyber security risks in healthcare, including ransomware, data breaches, insider threats, and vulnerabilities in legacy systems, and examines key data privacy concerns related to patient confidentiality, regulatory compliance, and secure data governance. We also review contemporary security strategies, including encryption, multi-factor authentication, zero-trust architecture, blockchain-based approaches, AI-enabled threat detection, and compliance frameworks such as HIPAA and GDPR. Persistent challenges include integrating robust security with clinical usability, protecting resource-limited hospital environments, and managing human factors such as staff awareness and policy adherence. Overall, the findings suggest that effective healthcare cyber security requires a multi-layered defense combining technical controls, continuous monitoring, governance and regulatory alignment, and sustained organizational commitment to security culture. Future research should prioritize adaptive security models, improved standardization, and privacy-preserving analytics to protect patient data in increasingly complex healthcare ecosystems. Full article

Metaverse presents significant opportunities for educational advancement by facilitating immersive, personalized, and interactive learning experiences through technologies such as virtual reality (VR), augmented reality (AR), extended reality (XR), and artificial intelligence (AI). However, this potential is compromised if digital environments fail to uphold individuals’ privacy, autonomy, and equity. Despite their widespread adoption, the privacy implications of these environments remain inadequately understood, both in terms of technical vulnerabilities and legislative challenges, particularly regarding user consent management. Contemporary Metaverse systems collect highly sensitive information, including biometric signals, spatial behavior, motion patterns, and interaction data, often surpassing the granularity captured by traditional social networks. The lack of privacy-by-design solutions, coupled with the complexity of underlying technologies such as VR/AR infrastructures, 3D tracking systems, and AI-driven personalization engines, makes these platforms vulnerable to security breaches, data misuse, and opaque processing practices. This study presents a structured literature review and comparative analysis of privacy risks, consent mechanisms, and digital boundaries in metaverse platforms, with particular attention to educational contexts. We argue that privacy-aware design is essential not only for ethical compliance but also for supporting the long-term sustainability goals of digital education. Our findings aim to inform and support the development of secure, inclusive, and ethically grounded immersive learning environments by providing insights into systemic privacy and policy shortcomings. Full article

Through systematic literature synthesis (2000–2024) integrating Foucault’s disciplinary power theory, Nissenbaum’s contextual integrity framework, and job design theory, this paper develops the Autonomy-Surveillance Conceptual Framework to explain differential psychological impacts of digital workplace surveillance. The embrace of remote work has increased surveillance practices among organizations as an increased need to ensure employee productivity in remote settings appears, along with a drive to ensure data security and streamline workflows. Many employees perceive such practices as a breach of privacy, signifying employer distrust. The framework predicts that surveillance creates varying degrees of contextual integrity violation based on job autonomy: high-autonomy knowledge workers experience severe violations through trust erosion, procedural injustice, and temporal autonomy loss, while low-autonomy workers evaluate surveillance primarily through fairness criteria. This paper addresses a critical gap in existing research, which has focused on low-autonomy roles. By examining which roles are most impacted by digital surveillance, this paper seeks to highlight transparency and autonomy-sensitive policies to maximize the associated benefits of digital surveillance, while calling attention to employee well-being, trust, and organizational performance. Full article

Cloud storage continues to experience recurring provider-side breaches, raising concerns about the confidentiality and recoverability of user data. This study addresses this challenge by introducing an Artificial Intelligence (AI)-driven hybrid architecture for secure, reconstruction-resistant multi-cloud storage. The system applies telemetry-guided fragmentation, where fragment sizes are dynamically predicted from real-time bandwidth, latency, memory availability and disk I/O, eliminating the predictability of fixed-size fragmentation. All payloads are compressed, encrypted with AES-128 and dispersed across independent cloud providers, while two encrypted fragments are retained within a VeraCrypt-protected local vault to enforce a distributed trust threshold that prevents cloud-only reconstruction. Synthetic telemetry was first used to evaluate model feasibility and scalability, followed by hybrid telemetry integrating real Microsoft system traces and Cisco network metrics to validate generalization under realistic variability. Across all evaluations, XGBoost and Random Forest achieved the highest predictive accuracy, while Neural Network and Linear Regression models provided moderate performance. Security validation confirmed that partial-access and cloud-only attack scenarios cannot yield reconstruction without the local vault fragments and the encryption key. These findings demonstrate that telemetry-driven adaptive fragmentation enhances predictive reliability and establishes a resilient, zero-trust framework for secure multi-cloud storage. Full article

With the continuous expansion of data trading, the data supply chain system has gradually developed and improved. However, frequent security issues during the data transaction process have seriously hindered the development of the digital economy. As a key link in the data supply chain, the data trading market needs to use blockchain technology to achieve full-chain supervision of the data supply chain, which has become a top priority. Based on prospect theory, this paper constructs an evolutionary game model composed of data suppliers, consumers and data trading markets at all levels. The main factors affecting the system game strategy are discussed. The results show that: (1) The development of the data supply chain system can be divided into three stages, and blockchain technology plays a key role in realizing full-chain supervision of the data transaction process. The costs of blockchain adoption, market rewards, and penalties significantly affect the behavior of all parties. (2) The behavior of data suppliers has strong negative externalities and affects other participants. In addition, the larger the size of the data transaction, the lower the probability of breach by the data provider. (3) Adopting blockchain technology and implementing effective incentives can promote the development of the data supply chain. Full article

The expansion of Internet of Things (IoT) devices in domestic smart homes has created new conveniences but also significant security risks. Insecure firmware, weak authentication and weak encryption leave households exposed to privacy breaches, data leakage and systemic attacks. Although research has addressed several challenges, contributions remain fragmented and difficult for non-technical users to apply. This work addresses the following research question: How can a theoretical framework be developed to enable automated vulnerability scanning and prioritisation for non-technical users in domestic IoT environments? A Systematic Literature Review of 40 peer-reviewed studies, conducted under PRISMA 2020 guidelines, identified four structural gaps: dispersed vulnerability knowledge, fragmented scanning approaches, over-reliance on technical severity in prioritisation and weak protocol standardisation. The paper introduces a four-module framework: a Vulnerability Knowledge Base, an Automated Scanning Engine, a Context-Aware Prioritisation Module and a Standardisation and Interoperability Layer. The framework advances knowledge by integrating previously siloed approaches into a layered and iterative artefact tailored to households. While limited to conceptual evaluation, the framework establishes a foundation for future work in prototype development, household usability studies and empirical validation. By addressing fragmented evidence with a coherent and adaptive design, the study contributes to both academic understanding and practical resilience, offering a pathway toward more secure and trustworthy domestic IoT ecosystems. Full article

Citizen-centric smart city construction (SCC) has been the crucial mode for enhancing citizens’ well-being with rapid urbanization. While smart cities are constructed to improve urban operational safety, the concomitant low resilience of infrastructure, data breaches, and other issues also lead to physical, financial, and legal consequences, which therefore have the complicated the impact on citizens’ security perception of smart city construction (CSPSCC). To achieve sustainable smart city construction, it is important to clarify the influencing factors on CSPSCC. Although the enhancement of CSPSCC needs the joint efforts of citizens, government, and social organizations, the previous studies mostly focus on influencing factors from the single stakeholder. To address this gap, the theory of planned behavior was expanded to examine factors influencing CSPSCC from the perspective of participatory governance. Taking Nanjing as a case, hypotheses testing, mediating testing, and heterogeneity analysis were carried out for this theoretical model. The results show that the security governance of citizens, the government, and social organizations all had a positive impact on CSPSCC, with citizens’ behavioral intention being the most significant influencing factor. In addition, CSPSCC is also significantly affected by the citizens’ age, educational level, and usage frequency of smart city services. Full article

The advancement of Automotive Industry 4.0 has promoted the development of Vehicle to Vehicle (V2V) and Internet of Vehicles (IoV) communication, which marks the new era for intelligent, connected and automated transportation. Despite the benefits of this metamorphosis in terms of effectiveness and convenience, new obstacles to safety, inter-connectivity, and cybersecurity emerge. The tire pressure monitoring system (TPMS) is one prominent feature that senses tire pressure, which is closely related to vehicle stability, braking performance and fuel efficiency. However, the majority of TPMSs currently in use are based on the use of insecure and proprietary wireless communication links that can be breached by attackers so as to interfere with not only tire pressure readings but also sensor data manipulation. For this purpose, we design a secure TPMS architecture suitable for real-time IoV sensing. The framework is experimentally implemented using a Raspberry Pi 3B+ (Raspberry Pi Ltd., Cambridge, UK) as an independent autonomous control unit (ACU), interfaced with vehicular pressure sensors and a LoRa SX1278 (Semtech Corporation, Camarillo, CA, USA) module to support low-power, long-range communication. The gathered sensor data are encrypted, their integrity checked, source authenticated by lightweight cryptographic algorithms and sent to a secure server locally. To validate this approach, we show a three-node exhibition where Node A (raw data and tampered copy), B (unprotected copy) and C (secure auditor equipped with alerting of tampering and weekly rotation of the ID) realize detection of physical level threats at top speeds. The validated datasets are further enriched in a MATLAB R2024a simulator by replicating the data of one vehicle by 100 virtual vehicles communicating using over 5G, LoRaWAN and LoRa P2P as communication protocols under urban, rural and hill-station scenarios. The presented statistics show that, despite 5G ultra-low latency, LoRa P2P consistently provides better reliability and energy efficiency and is more resistant to attacks in the presence of various terrains. Considering the lack of private vehicular 5G infrastructure and the regulatory restrictions, this work simulated and evaluated the performance of 5G communication, while LoRa-based communication was experimentally validated with a hardware prototype. The results underline the trade-offs among LoRa P2P and an infrastructure-based uplink 5G mode, when under some specific simulation conditions, as opposed to claiming superiority over all 5G modes. In conclusion, the presented Raspberry Pi–MATLAB hybrid solution proves to be an effective and scalable approach to secure TPMS in IoV settings, intersecting real-world sensing with large-scale network simulation, thus enabling safer and smarter next-generation vehicular systems. Full article

Zero-day intrusions on IoT endpoints demand defenses that curtail attacker impact and persistence after breach. This article presents Fine-Grained Runtime Containment Agent (FG-RCA), a lightweight post-exploitation containment system that learns least-privilege behavior from execution and enforces it in the kernel via eBPF with Linux Security Modules (LSM). In a learn phase, LSM/eBPF probes stream security-relevant events to a Rust agent that synthesizes policies per device role. In an enforce phase, policies are compiled into eBPF maps and evaluated at an extended hook set spanning process execution (bprm_check_security), file access (file_open), network egress and exfiltration (socket_connect, socket_sendmsg), privilege use (capable), process injection (ptrace_access_check), tamper/anti-forensics (inode_unlink). Policies bind to kernel-truth identities—inode, device, mount intrusion detection system (IDS), executable SHA-256, and cgroup/namespace identifiers—rather than paths, mitigating time-of-check to time-of-use (TOCTOU) and aliasing. Operational safeguards include Ed25519-signed policies, atomic rollback, and shadow mode logging events to enable policy evolution. Evaluation on embedded Linux demonstrates containment with low overhead. Full article