Search Results (1,121)

The integration of artificial intelligence (AI) and blockchain technology opens new avenues for decentralized, transparent, and secure data-driven systems. However, ensuring privacy and verifiability in collaborative AI environments remains a key challenge, especially when model updates or decisions must be recorded immutably on-chain. In this paper, we propose a novel privacy-preserving framework that leverages an ElGamal-based aggregate signature scheme with aggregate public keys to enable secure, verifiable, and unlinkable multi-party contributions in blockchain-based AI ecosystems. This approach allows multiple AI agents or data providers to jointly sign model updates or decisions, producing a single compact signature that can be publicly verified without revealing the identities or individual public keys of contributors. The design is particularly well-suited to resource-constrained or privacy-sensitive applications such as federated learning in healthcare or finance. We analyze the security of the scheme under standard assumptions and evaluate its efficiency in different terms. The study and experimental results demonstrate the potential of our framework to enhance trust and privacy in AI collaborations over decentralized networks. Full article

The management of assembly manufacturing supply chains in a cloud computing environment poses various challenges, including extensive regional management, a lack of transparency in the supply chain, an absence of a secure and effective traceability mechanism, and difficulties in achieving safe traceability. Therefore, this paper proposes a robust traceability scheme for assembly manufacturing supply chains based on blockchain technology. The solution utilizes IoT devices to collect data on product production and processing while ensuring the security and privacy of traceability information through digital signatures and hash encryption algorithms. Furthermore, by employing an “on-chain + off-chain” mixed storage strategy, the scheme achieves secure storage of traceable data. Additionally, the proposed scheme enhances the reliability of the traceability process through an efficient on-chain query mechanism and an off-chain trusted verification method. This research provides both theoretical foundations and technical pathways for enhancing the reliability of assembly manufacturing supply chains as well as their practical application. Full article

Blockchain technologies offer transformative potential in terms of addressing the security, trust, and identity management issues that exist in large-scale Internet of Things (IoT) deployments. This narrative review provides a comprehensive survey of various studies, focusing on decentralized identity management, trust mechanisms, smart contracts, privacy preservation, and real-world IoT applications. According to the literature, blockchain-based solutions provide robust authentication through mechanisms such as Physical Unclonable Functions (PUFs), enhance transparency via smart contract-enabled reputation systems, and significantly mitigate vulnerabilities, including single points of failure and Sybil attacks. Smart contracts enable secure interactions by automating resource allocation, access control, and verification. Cryptographic tools, including zero-knowledge proofs (ZKPs), proxy re-encryption, and Merkle trees, further improve data privacy and device integrity. Despite these advantages, challenges persist in areas such as scalability, regulatory and compliance issues, privacy and security concerns, resource constraints, and interoperability. By reviewing the current state-of-the-art literature, this review emphasizes the importance of establishing standardized protocols, performance benchmarks, and robust regulatory frameworks to achieve scalable and secure blockchain-integrated IoT solutions, and provides emerging trends and future research directions for the integration of blockchain technology into the IoT ecosystem. Full article

With the growth of trusted computing demand for big data analysis, cloud computing platforms are reshaping trusted data infrastructure by integrating Blockchain as a Service (BaaS), which uses elastic resource scheduling and heterogeneous hardware acceleration to support petabyte level multi-institution data security exchange in medical, financial, and other fields. As the core hub of data-intensive scenarios, the BaaS platform has the dual capabilities of privacy computing and process automation. However, its deep dependence on smart contracts generates new code layer vulnerabilities, resulting in malicious contamination of analysis results. The existing detection schemes are limited to the perspective of single-source data, which makes it difficult to capture both global semantic associations and local structural details in a cloud computing environment, leading to a performance bottleneck in terms of scalability and detection accuracy. To address these challenges, this paper proposes a smart contract vulnerability detection method based on multi-modal semantic fusion for the blockchain analysis platform of cloud computing. Firstly, the contract source code is parsed into an abstract syntax tree, and the key code is accurately located based on the predefined vulnerability feature set. Then, the text features and graph structure features of key codes are extracted in parallel to realize the deep fusion of them. Finally, with the help of attention enhancement, the vulnerability probability is output through the fully connected network. The experiments on Ethereum benchmark datasets show that the detection accuracy of our method for re-entrancy vulnerability, timestamp vulnerability, overflow/underflow vulnerability, and delegatecall vulnerability can reach 92.2%, 96.3%, 91.4%, and 89.5%, surpassing previous methods. Additionally, our method has the potential for practical deployment in cloud-based blockchain service environments. Full article

The effective management of electronic medical records is critical to deliver high-quality healthcare services. However, existing systems often suffer from issues such as fragmented data, lack of interoperability, and weak privacy protections, which hinder collaboration among healthcare stakeholders. This paper proposes a blockchain-based system to securely manage and share medical records in a decentralized and transparent manner. By leveraging smart contracts and access control policies, the system empowers patients with control over their data, ensures auditability of all interactions, and facilitates secure data sharing among patients, healthcare providers, insurance companies, and regulatory authorities. The proposed architecture is implemented using a private Ethereum blockchain and evaluated through a scenario-based comparison with the Prince Sultan Military Medical City system, as well as quantitative performance measurements of the blockchain prototype. Results demonstrate significant improvements in data security, access transparency, and system interoperability, with patients gaining the ability to track and control access to their records across multiple healthcare providers, while system performance remained practical for healthcare workflows. Full article

This paper introduces a novel similarity measure to link transactions which spend outputs of CoinJoin transactions, CoinJoin Spending Transactions (CSTs), by analyzing their on-chain properties, addressing the challenge of preserving user privacy in blockchain systems. Despite the adoption of privacy-enhancing techniques like CoinJoin, users remain vulnerable to transaction linkage through shared output patterns. The proposed method leverages timestamp analysis of mixed outputs and employs a one-sided Chamfer distance to quantify similarities between CSTs, enabling the identification of transactions associated with the same user. The approach is evaluated across three major CoinJoin implementations (Dash, Whirlpool, and Wasabi 2.0) demonstrating its effectiveness in detecting linked CSTs. Additionally, the work improves transaction classification rules for Wasabi 2.0 by introducing criteria for uncommon denomination outputs, reducing false positives. Results show that multiple CSTs spending shared CoinJoin outputs are prevalent, highlighting the practical significance of the similarity measure. The findings underscore the ongoing privacy risks posed by transaction linkage, even within privacy-focused protocols. This work contributes to the understanding of CoinJoin’s limitations and offers insights for developing more robust privacy mechanisms in decentralized systems. To the authors knowledge this is the first work analyzing the linkage between CSTs. Full article

Botnet attacks on Internet of Things (IoT) devices are escalating at the 5G/6G multi-access edge, yet most federated learning frameworks for IoT malware detection (FL-IMD) still hinge on a central aggregator, enlarging the attack surface, weakening privacy, and creating a single point of failure. We propose a two-tier, fully decentralized FL architecture aligned with MEC’s Proximal Edge Server (PES)/Supplementary Edge Server (SES) hierarchy. PES nodes train locally and encrypt updates with the Cheon–Kim–Kim–Song (CKKS) scheme; SES nodes verify ECDSA-signed provenance, homomorphically aggregate ciphertexts, and finalize each round via an Algorand-style committee that writes a compact, tamper-evident record (update digests/URIs and a global-model hash) to an append-only ledger. Using the N-BaIoT benchmark with an unsupervised autoencoder, we evaluate known-device and leave-one-device-out regimes against a classical centralized baseline and a cryptographically hardened but server-centric variant. With the heavier CKKS profile, attack sensitivity is preserved (TPR $\ge 0.99$), and specificity (TNR) declines by only 0.20 percentage points relative to plaintext in both regimes; a lighter profile maintains TPR while trading 3.5–4.8 percentage points of TNR for about 71% smaller payloads. Decentralization adds only a negligible per-round overhead for committee finality, while homomorphic aggregation dominates latency. Overall, our FL-IMD design removes the trusted aggregator and provides verifiable, ledger-backed provenance suitable for trustless MEC deployments. Full article

The Blockchain-Based Medical Insurance Transaction System (BMIT) developed in this study addresses key issues in traditional medical insurance—information silos, data tampering, and privacy breaches—through innovative blockchain architectural design and technical infrastructure reconstruction. Built on a consortium blockchain architecture with FISCO BCOS (Financial Blockchain Shenzhen Consortium Blockchain Open Source Platform) as the underlying platform, the system leverages FISCO BCOS’s distributed ledger, granular access control, and efficient consensus algorithms to enable multi-stakeholder on-chain collaboration. Four node roles and data protocols are defined: hospitals (on-chain data providers) generate 3D coordinate hashes of medical data via an algorithmically enhanced Bloom Filter for on-chain certification; patients control data access via blockchain private keys and unique parameters; insurance companies verify eligibility/claims using on-chain Bloom filters; the blockchain network stores encrypted key data (public keys, Bloom filter coordinates, and timestamps) to ensure immutability and traceability. A 3D-enhanced Bloom filter—tailored for on-chain use with user-specific hash functions and key control—stores only 3D coordinates (not raw data), cutting storage costs for 100 records to 1.27 KB and reducing the error rate to near zero ($1.77\%$ lower than traditional schemes for 10,000 entries). Three core smart contracts (identity registration, medical information certification, and automated verification) enable the automation of on-chain processes. Performance tests conducted on a 4-node consortium chain indicate a transaction throughput of 736 TPS (Transactions Per Second) and a per-operation latency of 181.7 ms, which meets the requirements of large-scale commercial applications. BMIT’s three-layer design (“underlying blockchain + enhanced Bloom filter + smart contracts”) delivers a balanced, efficient blockchain medical insurance prototype, offering a reusable technical framework for industry digital transformation. Full article

The accelerating complexity of urban environments has prompted cities to adopt digital technologies that improve efficiency, sustainability, and resilience. Among these, Urban Digital Twins (UDTw) have emerged as transformative tools for real-time representation, simulation, and management of urban systems. This Systematic Literature Review (SLR) examines the integration of Digital Twins (DTw), the Internet of Things (IoT), and Artificial Intelligence (AI) into the Smart City Development (SCD). Following the PSALSAR framework and PRISMA 2020 guidelines, 64 peer-reviewed articles from IEEE Xplore, Association for Computing Machinery (ACM), Scopus, and Web of Science (WoS) digital libraries were analyzed by using bibliometric and thematic methods via the Bibliometrix package in R. The review allowed identifying key technological trends, such as edge–cloud, architectures, 3D immersive visualization, Generative AI (GenAI), and blockchain, and classifies UDTw applications into five domains: traffic management, urban planning, environmental monitoring, energy systems, and public services. Persistent challenges have been also outlined, including semantic interoperability, predictive modeling, data privacy, and impact evaluation. This study synthesizes the current state of the field, by clearly identifying a thematic mapping, and proposes a research agenda to align technical innovation with measurable urban outcomes, offering strategic insights for researchers, policymakers, and planners. Full article

Following the stablecoin legislation (GENIUS Act) enacted under the second Trump administration in 2025, blockchain has become core digital economy infrastructure. However, privacy risks from decentralization and transparency constrain adoption in regulated industries, requiring solutions that harmonize blockchain architecture with regulatory compliance. Existing research relies on reactive auditing or post-execution rule checking, which wastes computational resources or provides only basic encryption or access controls without comprehensive privacy compliance. The proposed Artificial Intelligence-enhanced Regulatory Proof-of-Compliance (AIRPoC) framework addresses this gap through a two-phase consensus mechanism that integrates AI legal agents with semantic web technologies for autonomous regulatory compliance enforcement. Unlike existing research, AIRPoC implements a dual-layer architecture where AI-powered regulatory validation precedes consensus execution, ensuring that only compliant transactions proceed to blockchain finalization. The system employs AI legal agents that automatically construct and update regulatory databases via multi-oracle networks, using SPARQL-based inference engines for real-time General Data Protection Regulation (GDPR) compliance validation. A simulation-based experimental evaluation conducted across 24 tests with 116,200 transactions in a controlled environment demonstrates 88.9% compliance accuracy, with 9502 transactions per second (TPS) versus 11,192 TPS for basic Proof-of-Stake (PoS) (4.5% overhead). This research represents a paradigm shift to dynamic, transaction-based regulatory models that preserve blockchain efficiency. Full article

Background: Healthcare data interoperability faces significant barriers, including regulatory compliance complexities, institutional trust deficits, and technical integration challenges. Current centralized architectures demonstrate inadequate mechanisms for balancing data accessibility requirements with patient privacy protection, as mandated by HIPAA and GDPR frameworks. Traditional compliance approaches rely on manual policy implementation and periodic auditing, which are insufficient for dynamic, multi-organizational healthcare data-sharing scenarios. Objective: This study develops and proposes a blockchain-based healthcare data management framework that leverages Hyperledger Fabric, IPFS, and the HL7 FHIR standard and incorporates automated regulatory compliance mechanisms via smart contract implementation to meet HIPAA and GDPR requirements. It assesses the theoretical system architecture, security characteristics, and scalability considerations. Methods: We developed a permissioned blockchain architecture that employs smart contracts for privacy policy enforcement and for patient consent management. The proposed system incorporates multiple certification authorities for patients, hospitals, and research facilities. Architectural evaluation uses theoretical modeling and system design analysis to assess a system’s security, compliance, and scalability. Results: The proposed framework demonstrated enhanced security through decentralized control mechanisms and cryptographic protection protocols. Smart contract-based compliance verification can automate routine regulatory tasks while maintaining human oversight in complex scenarios. The architecture supports multi-organizational collaboration with attribute-based access control and comprehensive audit-trail capabilities. Conclusions: Blockchain-based healthcare data-sharing systems provide enhanced security and decentralized control compared with traditional architectures. The proposed framework offers a promising solution for automating regulatory compliance. However, implementation considerations—including organizational readiness, technical complexity, and scalability requirements—must be addressed for practical deployment in healthcare settings. Full article

As cyberattacks grow increasingly sophisticated, the timely exchange of Cyber Threat Intelligence (CTI) has become essential to enhancing situational awareness and enabling proactive defense. Several challenges exist in CTI sharing, including the timely dissemination of threat information, the need for privacy and confidentiality, and the accessibility of data even in unstable network conditions. In addition to security and privacy, latency and throughput are critical performance metrics when selecting a suitable platform for CTI sharing. Substantial efforts have been devoted to developing effective solutions for CTI sharing. Several existing CTI sharing systems adopt either centralized or blockchain-based architectures. However, centralized models suffer from scalability bottlenecks and single points of failure, while the slow and limited transactions of blockchain make it unsuitable for real-time and reliable CTI sharing. To address these challenges, we propose a DDS-based framework that automates data sanitization, STIX-compliant structuring, and real-time dissemination of CTI. Our prototype evaluation demonstrates low latency, linear throughput scaling at configured send rates up to 125 messages per second, with 100% delivery success across all scenarios, while sustaining low CPU and memory overheads. The findings of this study highlight the unique ability of DDS to overcome the timeliness, security, automation, and reliability challenges of CTI sharing. Full article

Artificial intelligence (AI) and machine learning (ML) have become integral to various applications, leveraging vast amounts of heterogeneous, globally distributed Internet of Things (IoT) data to identify patterns and build accurate ML models for predictive tasks. Federated learning (FL) is a distributed ML technique developed to learn from such distributed data while ensuring privacy. Nevertheless, traditional FL requires a central server for aggregation, which can be a central point of failure and raises trust issues. Blockchain-based federated learning (BFL) has emerged as an FL extension that provides guaranteed decentralization alongside other security assurances. However, due to the inherent openness of blockchain, BFL comes with several vulnerabilities that remain unexplored in literature, e.g., a higher possibility of model poisoning attacks. This paper investigates how scaling-based model poisoning attacks are made easier in BFL systems and their effects on model performance. Subsequently, it proposes FedECPA-an extension of FedAvg aggregation algorithm with Efficient Countermeasure against scaling-based model Poisoning Attacks in BFL. FedECPA filters out clients with outlier weights and protects the model against these attacks. Several experiments are conducted with different attack scenarios and settings. We further compared our results to a frequently used defense mechanism, Multikrum. Results show the effectiveness of our defense mechanism in protecting BFL from these attacks. On the MNIST dataset, it maintains an overall accuracy of $98\%$ and $89\%$ and outperforms our baseline with $4\%$ and $38\%$ in both IID and non-IID settings, respectively. Similar results were achieved with the CIFAR-10 dataset. Full article

Blockchain-based cold chain logistics (BCCL) systems establish a new logistics data-sharing mechanism with blockchain technology, which destroys the traditional data island problem and promotes cross-institutional data interoperability. However, security vulnerabilities, risks of data loss, exposure of private information, and particularly the emergence of quantum-based attacks pose heightened threats to the existing BCCL framework. This paper first introduces a transaction privacy preserving (TPP) model for BCCLS that aggregates the blockchain and ring signcryption scheme together to strengthen the security of the data exchange process. Then, a lattice-based ring signcryption (LRSC) scheme is proposed. This LRSC utilizes the lattice assumption to enhance resistance against quantum attacks while employing ring mechanisms to safeguard the anonymity and privacy of the actual signer. It also executes signature and encryption algorithms simultaneously to improve algorithm execution efficiency. Moreover, the formal security proof results show that this LRSC can capture the signer’s confidentiality and unforgeability. Experimental findings indicate that the LRSC scheme achieves higher efficiency compared with comparable approaches. The proposed TPP model and LRSC scheme effectively facilitate cross-institutional logistics data exchange and enhance the utilization of logistics information via the BCCL system. Full article

With the rapid growth of Artificial Intelligence of Things (AIoT), identity management and trusted communication have become critical for system security and reliability. Continuous AI learning and large-scale device connectivity introduce challenges such as permission drift, cross-domain access, and fine-grained API calls. Traditional identity management often fails to balance privacy protection with efficiency, leading to risks of data leakage and misuse. To address these issues, this paper proposes a blockchain-based self-sovereign identity (SSI) management mechanism for AIoT. By integrating SSI with a zero-trust framework, it achieves decentralized identity storage and continuous verification, effectively preventing unauthorized access and misuse of identity data. The mechanism employs selective disclosure (SD) technology, allowing users to submit only necessary attributes, thereby ensuring user control over self-sovereign identity information and guaranteeing the privacy and integrity of undisclosed attributes. This significantly reduces verification overhead. Additionally, this paper designs a context-aware dynamic permission management that generates minimal permission sets in real time based on device requirements and environmental changes. Combined with the zero-trust principles of continuous verification and least privilege, it enhances secure interactions while maintaining flexibility. Performance experiments demonstrate that, compared with conventional approaches, the proposed zero-trust architecture-based SSI management mechanism better mitigates the risk of sensitive attribute leakage, improves identity verification efficiency under SD, and enhances the responsiveness of dynamic permission management, providing robust support for secure and efficient AIoT operations. Full article