Computer Standards & Interfaces最新文献

英文中文

Maintainable verifiable data streaming based on redactable blockchain

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-24 DOI: 10.1016/j.csi.2025.103972

Meixia Miao , Mengchen Wang , Siqi Zhao , Fangguo Zhang , Jianghong Wei

The verifiable data streaming (VDS) protocol enables clients to delegate locally generated data items (i.e., data streaming) to a semi-honest cloud server in real time while maintaining data integrity. It is built upon a chameleon authentication tree (CAT) and digital signatures. That is, a user may confirm the retrieved data item’s integrity by recomputing the hash value on its underlying CAT root and further checking a signature of this value created by the data owner. However, many lightweight application scenarios may not deploy public-key infrastructure (PKI) to support the digital signatures. Moreover, in frequently updated application scenarios such as trend analysis and stock forecasting, many new digital signatures are generated, and malicious cloud servers might return old versions of a queried outsourced data item and the corresponding signature. Consequently, maintaining those previously created signatures becomes a challenge. In this paper, to overcome these issues, we put forth a novel construction framework of VDS by introducing a redactable blockchain. Specifically, we treat the root value of the CAT as a transaction and package it to a redactable blockchain. After that, the immutability of the underlying redactable blockchain ensures the integrity of outsourced data streaming and avoids using the digital signature. Also, as the data is updated, we can update the root value of the CAT by re-editing the corresponding block. We also put a concrete VDS construction in the new framework, and formally prove its security. Theoretical compression and experimental results indicate that the proposed VDS protocol has merits in functionality and practicality.

{"title":"Maintainable verifiable data streaming based on redactable blockchain","authors":"Meixia Miao , Mengchen Wang , Siqi Zhao , Fangguo Zhang , Jianghong Wei","doi":"10.1016/j.csi.2025.103972","DOIUrl":"10.1016/j.csi.2025.103972","url":null,"abstract":"<div><div>The verifiable data streaming (VDS) protocol enables clients to delegate locally generated data items (i.e., data streaming) to a semi-honest cloud server in real time while maintaining data integrity. It is built upon a chameleon authentication tree (CAT) and digital signatures. That is, a user may confirm the retrieved data item’s integrity by recomputing the hash value on its underlying CAT root and further checking a signature of this value created by the data owner. However, many lightweight application scenarios may not deploy public-key infrastructure (PKI) to support the digital signatures. Moreover, in frequently updated application scenarios such as trend analysis and stock forecasting, many new digital signatures are generated, and malicious cloud servers might return old versions of a queried outsourced data item and the corresponding signature. Consequently, maintaining those previously created signatures becomes a challenge. In this paper, to overcome these issues, we put forth a novel construction framework of VDS by introducing a redactable blockchain. Specifically, we treat the root value of the CAT as a transaction and package it to a redactable blockchain. After that, the immutability of the underlying redactable blockchain ensures the integrity of outsourced data streaming and avoids using the digital signature. Also, as the data is updated, we can update the root value of the CAT by re-editing the corresponding block. We also put a concrete VDS construction in the new framework, and formally prove its security. Theoretical compression and experimental results indicate that the proposed VDS protocol has merits in functionality and practicality.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103972"},"PeriodicalIF":4.1,"publicationDate":"2025-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143169386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Validation of the UEQ+ Scales for Voice Quality

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-12 DOI: 10.1016/j.csi.2024.103971

Andreas M. Klein , Jessica Kollmorgen , Andreas Hinderks , Martin Schrepp , Maria Rauschenberger , Maria-Jose Escalona

User experience (UX) measurement is vital for evaluating interactive devices and systems such as voice user interfaces (VUIs), which are widely available in smart speakers and mobile phones (e.g., Alexa and Siri). The User Experience Questionnaire Plus (UEQ+) framework provides a flexible approach with three novel constructed voice scales that assess the UX quality of VUIs. The UEQ+ contains UX scales that measure distinct UX aspects such as Efficiency, Stimulation as well as the three voice scales Response Behavior, Response Quality, and Comprehensibility. These scales can be combined to easily create a product-related questionnaire for VUI assessment. In this paper, we focus on validating the UEQ+ voice scales by verifying their reliability and validity, which are fundamental UX scale quality criteria. We surveyed a total of 623 participants, asking about three popular VUIs in two growing consumer markets. Our validation study findings confirm the reliability and factorial validity of the three UEQ+ scales for voice quality.

{"title":"Validation of the UEQ+ Scales for Voice Quality","authors":"Andreas M. Klein , Jessica Kollmorgen , Andreas Hinderks , Martin Schrepp , Maria Rauschenberger , Maria-Jose Escalona","doi":"10.1016/j.csi.2024.103971","DOIUrl":"10.1016/j.csi.2024.103971","url":null,"abstract":"<div><div>User experience (UX) measurement is vital for evaluating interactive devices and systems such as voice user interfaces (VUIs), which are widely available in smart speakers and mobile phones (e.g., Alexa and Siri). The User Experience Questionnaire Plus (UEQ+) framework provides a flexible approach with three novel constructed voice scales that assess the UX quality of VUIs. The UEQ+ contains UX scales that measure distinct UX aspects such as <em>Efficiency</em>, <em>Stimulation</em> as well as the three voice scales <em>Response Behavior</em>, <em>Response Quality</em>, and <em>Comprehensibility</em>. These scales can be combined to easily create a product-related questionnaire for VUI assessment. In this paper, we focus on validating the UEQ+ voice scales by verifying their <em>reliability</em> and <em>validity</em>, which are fundamental UX scale quality criteria. We surveyed a total of 623 participants, asking about three popular VUIs in two growing consumer markets. Our validation study findings confirm the <em>reliability</em> and <em>factorial validity</em> of the three UEQ+ scales for voice quality.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103971"},"PeriodicalIF":4.1,"publicationDate":"2025-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143360781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A blockchain-based multi-keyword rank search scheme for B+ tree inverted index

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-09 DOI: 10.1016/j.csi.2024.103968

Jin Sun, Nana Song, Lu Wang, Kexin Ye, Mengna Kang

In the cloud storage environment, data providers encrypt their data before transferring it to the cloud server to reduce storage pressure and facilitate internal sharing. However, most of the plans have certain drawbacks, such as: the search efficiency is low, the cloud server central problem is serious, and the ability to resist keyword guess attack is poor et al. To overcome these shortcomings, this paper presents a blockchain-based multi-keyword rank search scheme for B+ tree inverted index to improve the search accuracy and efficiency. First, we choose the top-

k

keywords with high weight to build a B+ tree inverted index. Then, the cloud server calculates the relevance score of ciphertext using the optimized TF-IDF formula and sends the top-

k

ciphertexts to the user. In addition, verification and match contract on the blockchain to verify the identity of users and address the semi-trust and centralization of cloud server. We have deployed reward and punishment contracts on the blockchain to regulate the behavior of data providers and cloud server. Rigorous security certification shows that the scheme can resist choose keyword attack (CKA) and keyword guess attack (KGA). Through experiments, it is found that our scheme has good search efficiency and communication efficiency.

{"title":"A blockchain-based multi-keyword rank search scheme for B+ tree inverted index","authors":"Jin Sun, Nana Song, Lu Wang, Kexin Ye, Mengna Kang","doi":"10.1016/j.csi.2024.103968","DOIUrl":"10.1016/j.csi.2024.103968","url":null,"abstract":"<div><div>In the cloud storage environment, data providers encrypt their data before transferring it to the cloud server to reduce storage pressure and facilitate internal sharing. However, most of the plans have certain drawbacks, such as: the search efficiency is low, the cloud server central problem is serious, and the ability to resist keyword guess attack is poor et al. To overcome these shortcomings, this paper presents a blockchain-based multi-keyword rank search scheme for B+ tree inverted index to improve the search accuracy and efficiency. First, we choose the top-<span><math><mi>k</mi></math></span> keywords with high weight to build a B+ tree inverted index. Then, the cloud server calculates the relevance score of ciphertext using the optimized TF-IDF formula and sends the top-<span><math><mi>k</mi></math></span> ciphertexts to the user. In addition, verification and match contract on the blockchain to verify the identity of users and address the semi-trust and centralization of cloud server. We have deployed reward and punishment contracts on the blockchain to regulate the behavior of data providers and cloud server. Rigorous security certification shows that the scheme can resist choose keyword attack (CKA) and keyword guess attack (KGA). Through experiments, it is found that our scheme has good search efficiency and communication efficiency.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103968"},"PeriodicalIF":4.1,"publicationDate":"2025-01-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A smart virtual keyboard to improve communication of locked-in patients

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-04 DOI: 10.1016/j.csi.2024.103963

Alessia Lucia Prete , Paolo Andreini , Simone Bonechi , Monica Bianchini

Over the last decade, thanks to advances in sensor technology, imaging, and data analytics, the use of AI-based medical devices has seen an exponential increase, with massive adoption by hospitals and specialized laboratories. Among support devices for patients with limited or no residual mobility, and unable to interact to express their basic needs, artificial intelligence technologies offer promising solutions for augmentative and alternative communication (AAC), necessary for people with speech disorders, language impairment, and autism. This paper focuses on the development of a smart virtual keyboard for patients with reduced communication capabilities — specifically improving the AAC BrainControl Interface device, which uses an EEG helmet to detect users’ brain activity — to help them interact with the outside world. By leveraging machine learning techniques for language generation, particularly using recurrent networks and large language models, it is possible to accurately predict user intent and improve their typing experience. Experimental results show the average number of interactions reduced by a factor of 2.66 compared to the original sequential key scanning method, which is extremely significant for locked-in patients.

{"title":"A smart virtual keyboard to improve communication of locked-in patients","authors":"Alessia Lucia Prete , Paolo Andreini , Simone Bonechi , Monica Bianchini","doi":"10.1016/j.csi.2024.103963","DOIUrl":"10.1016/j.csi.2024.103963","url":null,"abstract":"<div><div>Over the last decade, thanks to advances in sensor technology, imaging, and data analytics, the use of AI-based medical devices has seen an exponential increase, with massive adoption by hospitals and specialized laboratories. Among support devices for patients with limited or no residual mobility, and unable to interact to express their basic needs, artificial intelligence technologies offer promising solutions for augmentative and alternative communication (AAC), necessary for people with speech disorders, language impairment, and autism. This paper focuses on the development of a smart virtual keyboard for patients with reduced communication capabilities — specifically improving the AAC BrainControl Interface device, which uses an EEG helmet to detect users’ brain activity — to help them interact with the outside world. By leveraging machine learning techniques for language generation, particularly using recurrent networks and large language models, it is possible to accurately predict user intent and improve their typing experience. Experimental results show the average number of interactions reduced by a factor of 2.66 compared to the original sequential key scanning method, which is extremely significant for locked-in patients.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103963"},"PeriodicalIF":4.1,"publicationDate":"2025-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143169387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DWTAT-DASIS: Fusion of discrete wavelet transform and access tree for distributed authentication in secret image sharing

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-02 DOI: 10.1016/j.csi.2024.103969

Chuanda Cai , Changgen Peng , Hanlin Tang , Bin Xiao , Weijie Tan

Secret sharing of distributed data in cloud environments prevents unauthorized and wanton access and misuse by malicious participants. However, when applying secret sharing to image formats, the fixed range of pixel values in images presents unique challenges for share recovery, often resulting in recovery algorithms that reconstruct images in a lossy manner. Moreover, one-way authentication methods for participants in cloud environments are insufficient to address the heightened security demands of high-trust scenarios. This paper presents a secret image-sharing scheme with distributed authentication (DWTAT-DASIS) designed for cloud storage environments. By leveraging Discrete Wavelet Transform and an Access Tree structure, the scheme addresses the limitations of existing approaches (such as compression-based secret sharing and visual cryptography), which fail to provide lossless image recovery and efficient performance. Additionally, DWTAT-DASIS enhances security through fine-grained access control and two-way authentication. Finally, security analysis and experiments were conducted on the proposed protocol, demonstrating its ability to resist common attack methods as well as some deeper-level attack methods, meeting the security requirements for image storage in cloud systems. Experimental analysis shows that compared with similar protocols, this protocol can ensure the integrity of image restoration and greatly reduce the probability of image transmission being attacked.

{"title":"DWTAT-DASIS: Fusion of discrete wavelet transform and access tree for distributed authentication in secret image sharing","authors":"Chuanda Cai , Changgen Peng , Hanlin Tang , Bin Xiao , Weijie Tan","doi":"10.1016/j.csi.2024.103969","DOIUrl":"10.1016/j.csi.2024.103969","url":null,"abstract":"<div><div>Secret sharing of distributed data in cloud environments prevents unauthorized and wanton access and misuse by malicious participants. However, when applying secret sharing to image formats, the fixed range of pixel values in images presents unique challenges for share recovery, often resulting in recovery algorithms that reconstruct images in a lossy manner. Moreover, one-way authentication methods for participants in cloud environments are insufficient to address the heightened security demands of high-trust scenarios. This paper presents a secret image-sharing scheme with distributed authentication (DWTAT-DASIS) designed for cloud storage environments. By leveraging Discrete Wavelet Transform and an Access Tree structure, the scheme addresses the limitations of existing approaches (such as compression-based secret sharing and visual cryptography), which fail to provide lossless image recovery and efficient performance. Additionally, DWTAT-DASIS enhances security through fine-grained access control and two-way authentication. Finally, security analysis and experiments were conducted on the proposed protocol, demonstrating its ability to resist common attack methods as well as some deeper-level attack methods, meeting the security requirements for image storage in cloud systems. Experimental analysis shows that compared with similar protocols, this protocol can ensure the integrity of image restoration and greatly reduce the probability of image transmission being attacked.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103969"},"PeriodicalIF":4.1,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143169390","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Evaluating Incident Response in CSIRTs using Cube Socio-technical Systems Analysis

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-01-02 DOI: 10.1016/j.csi.2024.103970

Haula Sani Galadima , Cormac Doherty , Nick McDonald , Junli Liang , Rob Brennan

This paper provides a novel method for evaluating Incident Response (IR) teams through the application of the Cube Socio-technical Systems Analysis (STSA) methodology. Cube is a form of structured Human Factors enquiry and has previously been successfully applied in both aviation and healthcare. By utilising STSA, this study aims to understand and evaluate incident knowledge across the IR socio-technical domain. Traditional approaches to IR improvement often focus solely on technical aspects, neglecting social factors that may significantly influence IR effectiveness.

This research presents the results of extending the ARK platform for a cybersecurity IR Cube STSA of IR activities in a case study involving a large, accredited Computer Security Incident Response Team (CSIRT). It evaluates the IR system and team needs before the development of a technological intervention to improve IR learning and preparation capabilities. We present an extended Cube questionnaire, that defines specialised IR questions, an ontology, and terminology for the cybersecurity domain based on the ISO27000 series of standards. The case study demonstrates the ARK platform's capability to capture and analyse IR systems using a Multi-stage Cube STSA analysis shared in a reusable knowledge graph based on W3C standards. This provides a shared knowledge base based on FAIR (Findable, Accessible, Interoperable, Reusable) linked data, that may support generation of training materials, playbooks, and best practices to enhance IR capabilities and CSIRT operations. We show how this approach provides new insights and reusable artefacts for CSIRTs to enhance organisational cyber resilience and learning.

{"title":"Evaluating Incident Response in CSIRTs using Cube Socio-technical Systems Analysis","authors":"Haula Sani Galadima , Cormac Doherty , Nick McDonald , Junli Liang , Rob Brennan","doi":"10.1016/j.csi.2024.103970","DOIUrl":"10.1016/j.csi.2024.103970","url":null,"abstract":"<div><div>This paper provides a novel method for evaluating Incident Response (IR) teams through the application of the Cube Socio-technical Systems Analysis (STSA) methodology. Cube is a form of structured Human Factors enquiry and has previously been successfully applied in both aviation and healthcare. By utilising STSA, this study aims to understand and evaluate incident knowledge across the IR socio-technical domain. Traditional approaches to IR improvement often focus solely on technical aspects, neglecting social factors that may significantly influence IR effectiveness.</div><div>This research presents the results of extending the ARK platform for a cybersecurity IR Cube STSA of IR activities in a case study involving a large, accredited Computer Security Incident Response Team (CSIRT). It evaluates the IR system and team needs before the development of a technological intervention to improve IR learning and preparation capabilities. We present an extended Cube questionnaire, that defines specialised IR questions, an ontology, and terminology for the cybersecurity domain based on the ISO27000 series of standards. The case study demonstrates the ARK platform's capability to capture and analyse IR systems using a Multi-stage Cube STSA analysis shared in a reusable knowledge graph based on W3C standards. This provides a shared knowledge base based on FAIR (Findable, Accessible, Interoperable, Reusable) linked data, that may support generation of training materials, playbooks, and best practices to enhance IR capabilities and CSIRT operations. We show how this approach provides new insights and reusable artefacts for CSIRTs to enhance organisational cyber resilience and learning.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103970"},"PeriodicalIF":4.1,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

HealthDID: An efficient and authorizable multi-party privacy-preserving EMR sharing system based on DID

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2024-12-24 DOI: 10.1016/j.csi.2024.103967

Zuodong Wu, Dawei Zhang

Electronic medical record (EMR) sharing is widely acknowledged as a crucial approach for enhancing healthcare quality. However, existing EMR sharing systems face some privacy issues when implementing authorization and supervision, leading to the widespread formation of medical data islands. To address these issues, we constructed HealthDID, an efficient and authorizable system for multi-party privacy-preserving EMR sharing. Specifically, we first proposed a global identity management method based on Decentralized Identifier (DID) to address the issues of identity unification and authentication in cross-institutional EMR sharing. Then, we proposed a novel authorization method that enabled verification of the authorization proofs without revealing the patients’ identities. Moreover, we proposed a supervised signature method to meet the diverse privacy requirements of doctors while allowing the supervisor to recover the true identities of those suspected. Finally, we utilized Private Set Intersection with Payload (PSI-Payload) technology to support large-scale batch retrieval of EMR. Formal security proofs prove that HealthDID can achieve specified security goals. Theoretical analysis and experimental results show that our system is more efficient than other related works, with lower running time and reasonable communication costs.

{"title":"HealthDID: An efficient and authorizable multi-party privacy-preserving EMR sharing system based on DID","authors":"Zuodong Wu, Dawei Zhang","doi":"10.1016/j.csi.2024.103967","DOIUrl":"10.1016/j.csi.2024.103967","url":null,"abstract":"<div><div>Electronic medical record (EMR) sharing is widely acknowledged as a crucial approach for enhancing healthcare quality. However, existing EMR sharing systems face some privacy issues when implementing authorization and supervision, leading to the widespread formation of medical data islands. To address these issues, we constructed HealthDID, an efficient and authorizable system for multi-party privacy-preserving EMR sharing. Specifically, we first proposed a global identity management method based on Decentralized Identifier (DID) to address the issues of identity unification and authentication in cross-institutional EMR sharing. Then, we proposed a novel authorization method that enabled verification of the authorization proofs without revealing the patients’ identities. Moreover, we proposed a supervised signature method to meet the diverse privacy requirements of doctors while allowing the supervisor to recover the true identities of those suspected. Finally, we utilized Private Set Intersection with Payload (PSI-Payload) technology to support large-scale batch retrieval of EMR. Formal security proofs prove that HealthDID can achieve specified security goals. Theoretical analysis and experimental results show that our system is more efficient than other related works, with lower running time and reasonable communication costs.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103967"},"PeriodicalIF":4.1,"publicationDate":"2024-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143169392","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

RSH-BU: Revocable secret handshakes with backward unlinkability from VLR group signatures

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2024-12-19 DOI: 10.1016/j.csi.2024.103966

Yamin Wen , Min Wan , Junying Zhao , Zheng Gong , Yuqiao Deng

Secret handshake scheme is a bi-directional authentication method that enables two participants from the same organization to identify both sides in private. A new generic construction of secret handshakes is proposed in this paper, which is primarily derived from Verifier-Local Revocation Group Signature (VLR-GS). An instance of the secret handshake scheme, drawn from a short VLR-GS with backward unlinkability, is presented. Our scheme incorporates an efficient revocation mechanism that guarantees both traceability and unlinkability. Moreover, the past actions of revoked users remain confidential due to the backward unlinkability mechanism. We have also enhanced the communication protection between the Group Authority (GA) and its members to prevent malicious GA from forging group members. Compared to previous secret handshake schemes, our scheme significantly reduces both communication and computation overhead, making it particularly suitable for mobile environments. Our proposal’s security can be proven under the random oracle model, given the difficulty of Decision Linear (DLIN) and q-Strong Diffie–Hellman (q-SDH) problems.

{"title":"RSH-BU: Revocable secret handshakes with backward unlinkability from VLR group signatures","authors":"Yamin Wen , Min Wan , Junying Zhao , Zheng Gong , Yuqiao Deng","doi":"10.1016/j.csi.2024.103966","DOIUrl":"10.1016/j.csi.2024.103966","url":null,"abstract":"<div><div>Secret handshake scheme is a bi-directional authentication method that enables two participants from the same organization to identify both sides in private. A new generic construction of secret handshakes is proposed in this paper, which is primarily derived from Verifier-Local Revocation Group Signature (<span>VLR-GS</span>). An instance of the secret handshake scheme, drawn from a short <span>VLR-GS</span> with backward unlinkability, is presented. Our scheme incorporates an efficient revocation mechanism that guarantees both traceability and unlinkability. Moreover, the past actions of revoked users remain confidential due to the backward unlinkability mechanism. We have also enhanced the communication protection between the Group Authority (<span>GA</span>) and its members to prevent malicious <span>GA</span> from forging group members. Compared to previous secret handshake schemes, our scheme significantly reduces both communication and computation overhead, making it particularly suitable for mobile environments. Our proposal’s security can be proven under the random oracle model, given the difficulty of Decision Linear (DLIN) and q-Strong Diffie–Hellman (q-SDH) problems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103966"},"PeriodicalIF":4.1,"publicationDate":"2024-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143169391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Towards projection of the individualised risk assessment for the cybersecurity workforce

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2024-12-19 DOI: 10.1016/j.csi.2024.103962

Agnė Brilingaitė , Linas Bukauskas , Ingrida Domarkienė , Tautvydas Rančelis , Laima Ambrozaitytė , Rūta Pirta , Ricardo G. Lugo , Benjamin J. Knox

In the era of global digitalisation, there is rapid development of services requiring cybersecurity resilience against adversarial actions. The demand for skilled cybersecurity professionals is at an all-time high, with over three million positions yet to be filled worldwide. Employers call for help to recruit and retain specialists as a stressful cybersecurity work environment increases the risk of insecure and non-compliant behaviour. Current training methodologies need to be revised to address this issue, underlining the need for a shift towards more individualised training methods to raise awareness about personal traits that impact professional conduct. This paper introduces a multi-disciplinary model that enables the personal trait triangulation of the cybersecurity specialist from three different perspectives: human genetics, psychology, and information and communication technology. The model offers a novel approach by incorporating a self-regulation feature, exemplified through impulsivity measured by the Barratt Impulsiveness Scale, and leveraging a web-based system for both psychological assessment and cybersecurity task completion. Pilot experimental data (n=48) was used for model building and proof of concept. The example demonstrates model potential in individual behaviour prognosis. It suggests its utility in tailoring training strategies that not only enhance cybersecurity performance but also aid in workforce retention by acknowledging and addressing the complex interplay of factors influencing daily cyber routines.

{"title":"Towards projection of the individualised risk assessment for the cybersecurity workforce","authors":"Agnė Brilingaitė , Linas Bukauskas , Ingrida Domarkienė , Tautvydas Rančelis , Laima Ambrozaitytė , Rūta Pirta , Ricardo G. Lugo , Benjamin J. Knox","doi":"10.1016/j.csi.2024.103962","DOIUrl":"10.1016/j.csi.2024.103962","url":null,"abstract":"<div><div>In the era of global digitalisation, there is rapid development of services requiring cybersecurity resilience against adversarial actions. The demand for skilled cybersecurity professionals is at an all-time high, with over three million positions yet to be filled worldwide. Employers call for help to recruit and retain specialists as a stressful cybersecurity work environment increases the risk of insecure and non-compliant behaviour. Current training methodologies need to be revised to address this issue, underlining the need for a shift towards more individualised training methods to raise awareness about personal traits that impact professional conduct. This paper introduces a multi-disciplinary model that enables the personal trait triangulation of the cybersecurity specialist from three different perspectives: human genetics, psychology, and information and communication technology. The model offers a novel approach by incorporating a self-regulation feature, exemplified through impulsivity measured by the Barratt Impulsiveness Scale, and leveraging a web-based system for both psychological assessment and cybersecurity task completion. Pilot experimental data (n=48) was used for model building and proof of concept. The example demonstrates model potential in individual behaviour prognosis. It suggests its utility in tailoring training strategies that not only enhance cybersecurity performance but also aid in workforce retention by acknowledging and addressing the complex interplay of factors influencing daily cyber routines.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103962"},"PeriodicalIF":4.1,"publicationDate":"2024-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient private information retrievals for single-server based on verifiable homomorphic encryption

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2024-12-16 DOI: 10.1016/j.csi.2024.103961

Fucai Zhou , Jintong Sun , Qiang Wang , Yun Zhang , Ruiwei Hou , Chongyang Wang

Private Information Retrieval (PIR) enables users to search data from public databases without revealing their queries to the database owner. However, current PIR protocols often ignore data integrity protection and suffer from high retrieval overhead. To address these challenges, we propose a new PIR protocol, called VHE-PIR. In VHE-PIR, we utilize a concrete implementation of verifiable homomorphic encryption (VHE) to ensure data integrity. VHE allows us to generate verifiable proofs by encrypting and evaluating ciphertexts. Furthermore, we introduce an acceleration module (AM) to improve retrieval efficiency. AM decomposes matrix multiplication into multiple threads, realizes simultaneous execution, and improves the speed of data encryption and information retrieval. By combining VHE and AM, we provide an efficient PIR solution that protects data privacy and integrity. Experimental results show that VHE-PIR outperforms similar protocols in terms of retrieval efficiency.

引用次数: 0

首页上一页

下一页尾页

类型

全部化学•材料生命科学医学物理工程技术环境•农林材料科学地球科学法学管理学化学环境科学与生态学计算机科学教育学经济学农林科学人文科学生物学数学物理与天体物理心理学综合性期刊其他工业工程理学历史学农学文学信息工程

数据库

全部 ACS Publications Elsevier ieeexplore Springer The Royal Society of Chemistry Wiley

期刊

Computer Standards & Interfaces

全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.

﹀