Search Results (24)

Gaia-X, a European initiative, aims to create a digital sovereignty framework for service ecosystems in the future Internet. Its applicability to the health domain was explored in the Gaia-X-Med project, which aimed to establish a common dataspace for various medical use cases based on Gaia-X principles. This paper presents a trust- and consent-based approach to the secure authentication and digital contract negotiation central to this endeavor and discusses the challenges that arose during the adoption of the Gaia-X framework, particularly relating to the strict requirements of the European healthcare domain with regards to privacy and consent regulations. By exploring the practical implications of Gaia-X in the healthcare context, this paper aims to contribute to the ongoing discussions surrounding the digital sovereignty of both citizens and corporations, as well as its realization via future Internet technologies. Full article

This study examines the role of humanitarian diplomacy during the Tigray humanitarian crisis in Ethiopia, a humanitarian disaster marked by severe shortages in food, healthcare, and essential services that deeply affect civilians. A qualitative approach using both primary and secondary data grounds the study by exploring key actors in humanitarian diplomacy, their successes, and barriers to aid delivery. Humanitarian actors, such as UN agencies, international NGOs, donor countries, the EU, the US, and the African Union, have engaged with the Ethiopian government, the TPLF, and the Tigray Transitional Government to alleviate the crisis. Notable achievements in humanitarian diplomacy include negotiations, information gathering, communication, civilian needs assessment, resource mobilization, advocacy for international law, and distressed civilians. Humanitarian diplomacy has facilitated international aid operations, saving lives during critical periods, despite practical difficulties. Diplomatic efforts have faced significant interruptions due to access restrictions imposed by the Ethiopian government, security threats from ongoing fighting leading to attacks on aid convoys and casualties among aid workers, and bureaucratic obstacles imposed by the Ethiopian government. This study highlights the necessity for effective humanitarian diplomacy in accounting for complex political landscapes in conflict-affected regions, developing flexible strategies that enhance access to aid, and improving humanitarian interventions. Full article

The security requirements for SDN (Software-Defined Network) cross-domain communication are diverse and dynamically changing; thus, a security service negotiation function is required for the SDN interdomain. However, the SDN interdomain distributed communication environment leads to a lack of trustworthiness and security. Therefore, this paper proposes a blockchain-based SDN interdomain security service negotiation mechanism, BSSN-SDNs, to provide automatic, secure, and trustworthy SDN interdomain security service negotiation. BSSN-SDNs proposes a three-layer reference architecture that enables joint on-chain and off-chain work by extending the security service negotiation module and blockchain client on the controller and deploying security service negotiation smart contracts on the blockchain. It especially adopts non-interactive key exchange and the message authentication code to ensure the confidentiality of the secure service negotiated on-chain. Finally, the timeliness as well as security and trustworthiness of BSSN-SDNs are analyzed, and the FISCO BCOS-based experiment results show that the delay of BSSN-SDNs is acceptable and is positively correlated with the number of policies and the number of SDN domains involved in negotiation. Full article

This study provides a comprehensive review and comparative analysis of existing Information Flow Tracking (IFT) tools which underscores the imperative for mitigating data leakage in complex cloud systems. Traditional methods impose significant overhead on Cloud Service Providers (CSPs) and management activities, prompting the exploration of alternatives such as IFT. By augmenting consumer data subsets with security tags and deploying a network of monitors, IFT facilitates the detection and prevention of data leaks among cloud tenants. The research here has focused on preventing misuse, such as the exfiltration and/or extrusion of sensitive data in the cloud as well as the role of anonymization. The CloudMonitor framework was envisioned and developed to study and design mechanisms for transparent and efficient IFT (eIFT). The framework enables the experimentation, analysis, and validation of innovative methods for providing greater control to cloud service consumers (CSCs) over their data. Moreover, eIFT enables enhanced visibility to assess data conveyances by third-party services toward avoiding security risks (e.g., data exfiltration). Our implementation and validation of the framework uses both a centralized and dynamic IFT approach to achieve these goals. We measured the balance between dynamism and granularity of the data being tracked versus efficiency. To establish a security and performance baseline for better defense in depth, this work focuses primarily on unique Dynamic IFT tracking capabilities using e.g., Infrastructure as a Service (IaaS). Consumers and service providers can negotiate specific security enforcement standards using our framework. Thus, this study orchestrates and assesses, using a series of real-world experiments, how distinct monitoring capabilities combine to provide a comparatively higher level of security. Input/output performance was evaluated for execution time and resource utilization using several experiments. The results show that the performance is unaffected by the magnitude of the input/output data that is tracked. In other words, as the volume of data increases, we notice that the execution time grows linearly. However, this increase occurs at a rate that is notably slower than what would be anticipated in a strictly proportional relationship. The system achieves an average CPU and memory consumption overhead profile of 8% and 37% while completing less than one second for all of the validation test runs. The results establish a performance efficiency baseline for a better measure and understanding of the cost of preserving confidentiality, integrity, and availability (CIA) for cloud Consumers and Providers (C&P). Consumers can scrutinize the benefits (i.e., security) and tradeoffs (memory usage, bandwidth, CPU usage, and throughput) and the cost of ensuring CIA can be established, monitored, and controlled. This work provides the primary use-cases, formula for enforcing the rules of data isolation, data tracking policy framework, and the basis for managing confidential data flow and data leak prevention using the CloudMonitor framework. Full article

Secure group communication in Vehicle Ad hoc Networks (VANETs) over open channels remains a challenging task. To enable secure group communications with conditional privacy, it is necessary to establish a secure session using Authenticated Key Agreement (AKA). However, existing AKAs suffer from problems such as cross-domain dynamic group session key negotiation and heavy computational burdens on the Trusted Authority (TA) and vehicles. To address these challenges, we propose a dynamic privacy-preserving anonymous authentication scheme for condition matching in fog-cloud-based VANETs. The scheme employs general Elliptic Curve Cryptosystem (ECC) technology and fog-cloud computing methods to decrease computational overhead for On-Board Units (OBUs) and supports multiple TAs for improved service quality and robustness. Furthermore, certificateless technology alleviates TAs of key management burdens. The security analysis indicates that our solution satisfies the communication security and privacy requirements. Experimental simulations verify that our method achieves optimal overall performance with lower computational costs and smaller communication overhead compared to state-of-the-art solutions. Full article

With the rapid popularization of current Internet of Things (IoT) technology and 5G networks, as well as the continuous updating of new service lifestyles and businesses, the era of big data processing for the IoT has arrived. However, centralizing all data for processing in the cloud can lead to issues such as communication latency and privacy breaches. To solve these problems, edge computing, as a new network architecture close to terminal data sources and supporting low latency services, has gradually emerged. In this context, cloud edge collaborative computing has become an important network architecture. With the changing security requirements and communication methods of cloud edge collaborative network architecture, traditional authentication key agreement protocols are no longer applicable. Therefore, a new IoT authentication and key agreement protocol needs to be designed to solve this problem. This study proposes an IoT accessible solution for cloud edge collaboration. This scheme adopts a chaotic mapping algorithm to achieve efficient authentication. It ensures the anonymity and untraceability of users. Following this, we conducted strict security verification using BAN logic and Scyther tools. Through experimental comparative analysis, the research results show that the protocol performs better than other schemes while ensuring security. This indicates that the protocol can achieve efficient authentication and key negotiation in cloud edge collaborative network architecture, providing a secure and reliable solution for the accessibility of the IoT. Full article

To support more complex and robust online services, enterprise-class applications prefer to interconnect multiple servers as the pedestal to enhance the system’s interoperability. However, the multiserver architecture always struggles to reconcile the trade-off between convenience and security, leaving users exposed to a variety of network attack threats. Existing security authentication schemes based on the Chebyshev Chaotic Map for multiserver architectures cannot provide three-factor (including password, biometric feature, and smart card) security. Therefore, we propose a novel Physical-Unclonable-Function-based Lightweight Three-Factor Authentication (PUF-LTA) scheme, which can achieve three-factor security. The PUF-LTA scheme mainly includes two components: (1) PUF-assisted registration and (2) lightweight mutual authentication with one-time interaction. During the PUF-assisted registration process, to defend against side-channel attacks on smart cards, the login credentials of users are XORed with the unique identifier generated by the PUF so that the adversary cannot obtain these secret login credentials. During the lightweight mutual authentication process, we combine the Chebyshev polynomial map and symmetric encryption/decryption to negotiate the session key between users and servers, which only needs one interaction. The security performance of PUF-LTA is theoretically proved by leveraging the random oracle model. In contrast with relevant multiserver authentication schemes, PUF-LTA is more efficient and suitable for resource-constrained multiserver environments because it can ensure secure three-factor authentication and support flexible biometrics and password updates with less computation cost. Full article

In the era of big data, facilitating efficient data flow is of paramount importance. Governments and enterprises worldwide have been investing in the big data industry, promoting data sharing and trading. However, existing data trading platforms often suffer from issues like privacy breaches, single points of failure, data tampering, and non-transparent transactions due to their reliance on centralized servers. To address these challenges, blockchain-based big data transaction models have been proposed. However, these models often lack system integrity and fail to fully meet user requirements while ensuring adequate security. To overcome these limitations, this paper presents an Ethereum-based big data trading model that establishes a comprehensive and secure trading system. The model aims to provide users with more convenient, secure, and professional services. Through the utilization of smart contracts, users can efficiently match data and negotiate prices online while ensuring secure data delivery through encryption technologies. Additionally, the model introduces a trusted third-party entity that offers professional data evaluation services and actively safeguards user data ownership in the event of disputes. The implementation of the model includes the development of smart contracts and the necessary machine learning code, followed by rigorous testing and validation. The experimental results validate the effectiveness and reliability of our proposed model, demonstrating its potential to ensure effective and secure big data trading. Full article

This article examines the role of migrant organizations (MOs) in the welfare state and reflects on the transformation and negotiation processes in the organization of social protection in a society that is increasingly characterized by various forms of cross-border mobility. The article first describes various transformation trends in German social policy by highlighting the activation policy and marketization of social services. This transformation concerns not only the formal (material) forms of social protection and the relationship between migration and social policy, but also the organization of social protection within the German welfare state. By analysing qualitative interviews with representatives of migrant organizations and welfare associations, we then show which roles are ascribed to MOs by other welfare actors in the context of social protection and how the MOs position themselves. We argue that these role ascriptions are part of a negotiation process that goes along with the transformation of the German welfare state. MOs are increasingly addressed in the context of integration policy, while at the same time they are becoming more professional and are claiming a stronger role in formal security services. The discussion of the changing role of MOs in the future organization of the welfare state also sheds light on the question of the successful adaptation of social services to the needs of migrants in general. Full article

Various efforts are presently being undertaken to set up and maintain open, inclusive, participatory, and transparent processes, whilst at the same time, strengthening stakeholder partnerships in implementing SDGs remains a challenge. This paper enriched the discussion of multi-stakeholder approaches through a dynamic multi-level system view of stakeholder mapping, along with important theoretical frameworks and key empirical results to tackle the lack of security of energy services in poor urban settings. The study attempted to develop comprehensive cases for Africa-based experiences of the pilot project launched through a set-up of an energy living lab in the Groenheuwel community, as well as achieve an improved understanding of social-technical benefits of gendered energy security and innovative solutions at the household level. The contents are two-fold. The first part assesses the theoretical models available for stakeholders and outcome mapping. The second part focuses on the preliminary identification of stakeholders and their primary interests at all levels. The results of this study found that the energy living lab in poor urban settings recognised the importance of stakeholder mapping and the development of new solutions. Findings indicated that all stakeholders should support the government in the development of policies and strategies. Findings also suggested that key players should proactively agree and negotiate with the local government on energy outcome measures. It was also found that multi-stakeholder involvement improved transparency and accountability for decision making. Full article

A healthcare information system allows patients and other users to remotely login to medical services to access health data through the Internet. To protect the privacy of patients and security over the public network, secure communication is required. Therefore, the security of data in transmission has been attracting increasing attention. In recent years, blockchain technology has also attracted more attention. Relevant research has been published at a high rate. Most methods of satisfying relevant security-related regulations use modular and exponential calculation. This study proposes a medical care information preservation mechanism that considers the entire process of data storage in devices from wearable devices to mobile devices to medical center servers. The entire process is protected and complies with HIPAA privacy and security regulations. The proposed scheme uses extended chaotic map technology to develop ID-based key negotiation for wearable devices, and thereby reduces the amount of computing that must be carried out by wearable devices and achieve lightness quantify. It also uses the non-tamperability of the blockchain to ensure that the data have not been tampered with, improving data security. The proposed mechanism can resist a variety of attacks and is computationally lighter than the elliptic curve point multiplication that has been used elsewhere, while retaining its security characteristics. Full article

The African continent is home to 15% of the world’s population and suffers from a disease burden of more than 25% globally. In this COVID-19 era, the high burden and mortality are further worsened due to inequities, inequalities such as inadequate health systems, scarce financial and human resources, as well as unavailability of inexpensive medicines of good quality, safety, and efficacy. The Universal Health Coverage ensures that people have access to high-quality essential health services, secure, reliable, and affordable essential medicines and vaccines, as well as financial security. This paper aimed at addressing the critical need for a continental African Medicines Agency (AMA) in addressing the inequities and the role of global health diplomacy in building consensus to support the ratification of the Treaty of AMA. A literature review was done in Scopus, Web of Science, MEDLINE/PubMed, and Google Scholar search engine to identify the critical literature in the context of study objectives. All the articles published after 2015 till 2021 in the context of AMA were included. African Health Strategy 2016–2030 highlighted the importance of an African regulatory mechanism for medicines and medical products. Through global health diplomacy (GHD), the African Union and its partners can negotiate and cooperate in providing infrastructural, administrative, and regulatory support for establishing the AMA. The paper emphasizes the South–South cooperation and highlights the contributions of India and China in the supply of medicines and vaccines to Africa. A strong AMA created through GHD can be a vital instrument in utilizing Trade-Related Aspects of Intellectual Property Rights (TRIPS) flexibilities extension and an ideal partner for European and other regional regulatory authorities seeking to stem the tide of counterfeit, sub-standard, or fake products. Full article

As a typical application of sensor networks, there exist many information security problems in smart parks, such as confusion of personnel access, lack of security management, disorderly data flow, insufficient collection of audit evidence, and so on. Aiming at the scenario of personnel and equipment moving in different areas of smart parks, the paper proposes a joint authorization and dynamic access control mechanism, which can provide unified identity management services, access control services, and policy management services, and effectively solve the problem of multi-authorization in user identity and authority management. The license negotiation interaction protocol is designed to prevent common network attack threats in the process of identity authentication and authority management. In order to realize the tamper-proof storage of personnel and equipment movement trajectory, the paper also designs a movement trajectory traceability protocol based on a Merkle tree, which solves the problems of internal personnel malicious attack, trusted third-party dependency bottleneck, high overheads of tracking algorithms, and so on. The experimental results show that compared with the current security control mechanisms for sensor networks, the joint authorization, and dynamic access control mechanism can support multi-party authorization and traceability, while the overhead it generates in initialization, encryption, decryption, and key generation steps are basically the same as other mechanisms do. Full article

This paper describes and critically reviews an important but under-theorized value capture mechanism that we have termed “vertical allocations” (or vertical exactions). This mechanism enables cities to capture value vertically by allocating floor space for public utilities in privately owned, mixed-use, vertical development. As a value capture tool, vertical allocations allow the government to tap value uplift to supply the nearby neighborhood, and the city as a whole, with much needed public services. The owner or developer is required to make in-kind contributions in the form of spaces provided for a range of public facilities such as schools, preschools, community centers, and public medical clinics. While focusing on vertical exactions in Israel we explore how a certain share of land/floorspace can be allocated for public amenities in a given project. There are several legal pathways for securing public floorspace including negotiated agreements, land readjustment and expropriation. The findings show that unclear policies and regulations could create frictions between developers and municipalities, and these raise the nexus question as well as debates about construction costs and financial contributions developers have to make. Specifically, the paper finds that while developers often argue that cities should cover the costs of constructing public floorspace, city officials assert that the costs should be borne by the owners and developers. Full article

Notwithstanding the dispersed nature of the water, energy and food (WEF) nexus scholarship in the African continent, its strategic importance to the African agenda has gained widespread attention in research and planning circles. In this regard, the bibliometric science mapping and content analysis of the WEF nexus scientific publication trends, the conceptual, intellectual and social structures, as well as the inherent paradigmatic shifts in the WEF nexus body of knowledge in the African continent have been undertaken, using the nexus body of literature accessed from the Web of Science and Scopus core collection databases. The review results confirmed that, whilst the WEF nexus scholarship has expanded since 2013, there is also evidence of growth in the conceptual, intellectual and social structures of the WEF nexus in the African continent. These shifts have resulted in the emergence of hot topics (subfields) including modelling and optimization, climate variability and change, environmental ecosystem services sustainability, and sustainable development and livelihoods. The review further determined that these structures have evolved along two main perspectives of WEF nexus research development, i.e., the interdisciplinary and transdisciplinary domains. In support of the interpretation of the visual analytics of the intellectual structure and changing patterns of the WEF nexus research, the shifts in positivist, interpretivist and pragmatic paradigmatic perspectives (these are underpinned by the ontology, epistemology, and methodology and methods) are considered when explaining WEF nexus research shifts: (a) From the unconnected silo paradigms that focus on water, energy and food (security concerns) to interconnected (and sometimes interdependent or nested) linkages or systems incorporating environmental, social-economic and political drivers (also viewed as subfields) in a bid to holistically support the Sustainable Development Goals (SDGs) across the African continent; and (b) in the evaluation of the WEF nexus scholarship based on novel analytical approaches. We contend that whilst the theories of science change underpin this apparent expansion, the macro-economic theory will find use in explaining how the WEF nexus research agenda is negotiated and the Integrative Environmental Governance (IEG) is the duly suited governance theory to bridge the inherent disconnect between WEF nexus output and governance processes uncovered in the literature. Overall, operational challenges and opportunities of the WEF nexus abound, transitioning the WEF nexus research to practice in Africa, motivating the need to take advantage of the scholar–practitioner research underpinnings, as contemplated in the transdisciplinary research approach, which is characterised by the dual quest for new knowledge and considerations of use. Yet, there is need for more coordinated and collaborative research to achieve impact and transition from WEF nexus thinking to WEF nexus practice. Full article