Explore the vast range of titles available.

Access control is becoming increasingly important for today’s ubiquitous systems which provide mechanism to prevent sensitive resources against unauthorized users. In access control models, the administration of access control policies is a task of paramount importance for distributed systems. A crucial analysis problem is to foresee if a set of administrators can give a user an unauthorized access permission. In this paper, we consider the analysis problem in the context of the administrative role-based access control (ARBAC) and its extension, the administrative temporal role-based access control (ATRBAC). More details, we present how to design analysis techniques, namely asasp2.1 and asaspTIME2.0 for ARBAC and ATRBAC, respectively, which are based on the ideas of a framework to analyze infinite state-transition systems. Moreover, we describe how we design heuristics to enable the analysis techniques to scale up to handle large and complex authorization policies. An extensive experimentation shows that the proposed techniques are scalability and the heuristics play a key role in the success of the analysis tools over well-known analysis techniques.

Fuzzy role-based access control (FRBAC) is essential for risk-based environments in many futuristic applications, even though role-based access control (RBAC) is the efficient and widely used access control model for enterprise applications. In FRBAC, authorization related information is vague. It brings the fuzziness in mapping among the components of FRBAC such as user, role and permission. Holding the fuzziness in FRBAC, it is challenging for the security engineer to verify the constraints and correctness of access control policy. On verifying the constraints and correctness of access control policy, knowledge representation techniques are much useful in practice. In this scenario, representing FRBAC using fuzzy ontology might be the right choice for semantic web application. The main objective of this article is to represent the access permissions of FRBAC using fuzzy ontology and verify whether the constraints of FRBAC are possible to get implemented in it or not.

We propose an approach for conformance testing of implementations required to enforce access control policies specified using the Temporal Role-Based Access Control (TRBAC) model. The proposed approach uses Timed Input-Output Automata (TIOA) to model the behavior specified by a TRBAC policy. The TIOA model is transformed to a deterministic se-FSA model that captures any temporal constraint by using two special events Set and Exp. The modified W-method and integer-programming-based approach are used to construct a conformance test suite from the transformed model. The conformance test suite so generated provides complete fault coverage with respect to the proposed fault model for TRBAC specifications.

Large language models (LLMs) have transformed Natural Language Processing (NLP) by enabling robust text generation and understanding. However, their deployment in sensitive domains like healthcare, finance, and legal services raises critical concerns about privacy and data security. This paper proposes a comprehensive framework for embedding trust mechanisms into LLMs to dynamically control the disclosure of sensitive information. The framework integrates three core components: User Trust Profiling, Information Sensitivity Detection, and Adaptive Output Control. By leveraging techniques such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), Named Entity Recognition (NER), contextual analysis, and privacy-preserving methods like differential privacy, the system ensures that sensitive information is disclosed appropriately based on the user’s trust level. By focusing on balancing data utility and privacy, the proposed solution offers a novel approach to securely deploying LLMs in high-risk environments. Future work will focus on testing this framework across various domains to evaluate its effectiveness in managing sensitive data while maintaining system efficiency.

In traditional power grids, the unidirectional flow of energy and information has led to a decrease in efficiency. To address this issue, the concept of microgrids with bidirectional flow and independent power sources has been introduced. The components of a microgrid utilize various IoT protocols such as OPC-UA, MQTT, and DDS to implement bidirectional communication, enabling seamless network communication among different elements within the microgrid. Technological innovation, however, has simultaneously given rise to security issues in the communication system of microgrids. The use of IoT protocols creates vulnerabilities that malicious hackers may exploit to eavesdrop on data or attempt unauthorized control of microgrid devices. Therefore, monitoring and controlling security vulnerabilities is essential to prevent intrusion threats and enhance cyber resilience in the stable and efficient operation of microgrid systems. In this study, we propose an RBAC-based security approach on top of DDS protocols in microgrid systems. The proposed approach allocates roles to users or devices and grants various permissions for access control. DDS subscribers request access to topics and publishers request access to evaluations from the role repository using XACML. The overall implementation model is designed for the publisher to receive XACML transmitted from the repository and perform policy decision making and enforcement. By applying these methods, security vulnerabilities in communication between IoT devices can be reduced, and cyber resilience can be enhanced.

The fast computerization of health care has created the issue of data leakage, unauthorized access and patient loss of trust. As Electronic Health Records (EHRs) become the focus of clinical processes, data protection, security, and auditing have become a matter of concern. Conventional centralized medical records are still vulnerable to single points of vulnerability, untraceability, and misuse of privileges, resulting in data breach and lack of trust of security in health care data management. To mitigate these problems, this study will propose a privacy-sensitive medical data management system based on blockchain technology to offer secure, transparent, and role-based access to EHRs. The framework combines multi-layer cryptographic security, decentralized authorization through smart contracts, and encrypted storage with the InterPlanetary File System (IPFS) to secure confidentiality and scalability. Access transactions are stored verifiably and tamper-resistant on the blockchain, which does not affect efficiency. Based on the UCI Heart Disease data, the framework was able to attain 98.5% access success, 220 access requests/sec, and 96% privacy retention rates, which is 12–15 times higher than traditional centralized EHR systems. These findings illustrate a robust, scalable and privacy ensuring alternative that guarantees integrity, accountability and efficiency of operations in medical data sharing.

The rapid growth of data in various industries has led to a pressing need for innovative solutions that ensure both the security and efficiency of data management systems. As organizations increasingly rely on large-scale datasets for decision-making, ensuring the privacy and integrity of this data becomes a critical challenge. The study introduces the Integrated Privacy-Preserving Data Management System (IPP-DMS), designed to enhance data security, computational efficiency, and user privacy. Unlike conventional systems, IPP-DMS focuses on processing large-scale datasets, such as financial records, customer interactions, and sensor data, employing advanced feature extraction techniques like Gray-Level Co-occurrence Matrix (GLCM) and Principal Component Analysis (PCA) to uncover critical patterns and optimize data handling. The system uses Advanced Encryption Standard (AES) for robust data encryption, differential privacy for data anonymization, and Role-Based Access Control (RBAC) for secure user management. Additionally, an AI-driven anomaly detection module monitors real-time access patterns to ensure compliance with data protection regulations. With an AUC score of 0.91 for anomaly detection, a 0.85-second authentication time, and a 0.45-second access delay, experimental data demonstrate that IPP-DMS works better than conventional systems. In addition, the system provides better scalability and efficiency than PACS, SEISS, and DEIS, processing up to 2000 requests per minute. IPP-DMS provides a scalable, secure, and efficient solution for privacy-preserving data management, setting a new benchmark in the field by integrating advanced methodologies with standard security measures.

The rise of Internet hospitals has significant issues associated with data security and governance in managing sensitive patient data. This paper discusses an alliance blockchain (i.e., a private blockchain) model for governance innovation in internet hospitals with an improved encryption methodology. We compare our proposed model, improved Rivest–Shamir–Adleman (RSA) encryption, integrated into the blockchain framework. Improved RSA achieves impressive improvements in all key metrics by increasing the throughput by 24.7% and lowering the latency by 19.8% compared to the base model. Thus, the improved model is more optimized for processing transactions related to healthcare data. Memory usage was also reduced by 14.3%. While encryption time remained pretty close, the decryption time remarkably improved by 97.5%. IoT sensors are one of the foundations for Internet hospitals that produce consistent patient data streams, such as physiological and environmental metrics. The proposed alliance blockchain model enables the secure and efficient real-time management of this sensor data. These results demonstrate the capability of alliance blockchain and cryptographic upgrades in creating safe and efficient governance frameworks for Internet hospitals.

A medical record is an important part of a patient’s follow-up. It comprises healthcare professionals’ views, prescriptions, analyses, and all information about the patient. Several players, including the patient, the doctor, and the pharmacist, are involved in the process of sharing, and managing this file. Any authorized individual can access the electronic medical record (EMR) from anywhere, and the data are shared among various health service providers. Sharing the EMR requires various conditions, such as security and confidentiality. However, existing medical systems may be exposed to system failure and malicious intrusions, making it difficult to deliver dependable services. Additionally, the features of these systems represent a challenge for centralized access control methods. This paper presents SEMRAchain a system based on Access control (Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC)) and a smart contract approach. This fusion enables decentralized, fine-grained, and dynamic access control management for EMR management. Together, blockchain technology as a secure distributed ledger and access control provides such a solution, providing system stakeholders with not just visibility but also trustworthiness, credibility, and immutability.

Healthcare systems are increasingly vulnerable to security threats due to their reliance on digital platforms. Traditional access control models like Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) have limitations in mitigating evolving risks in these systems. Despite their unique features, these models face limitations in mitigating evolving risks in healthcare systems. Traditional models are primarily oriented towards allocating permissions according to predetermined roles or policies, which results in challenges in effectively adapting to the dynamic complexities of modern healthcare ecosystems. Therefore, this paper proposes a novel risk-aware RBAC and ABAC access control model to enhance the flexibility, adaptability and security issues associated with healthcare systems. The proposed model integrates RBAC for role-based categorization, ABAC for fine-grained control based on user attributes and environmental factors, and Risk-Based Access Control (RiBAC) for dynamic risk assessment. The proposed model dynamically adjusts access permissions based on risk values, ensuring accurate and adaptable access control decisions. The experimental results demonstrate the feasibility and effectiveness of the proposed model in granting access to authorized users while denying access to unauthorized users. Through a series of 43 experiments that simulate various scenarios of access control operations in the healthcare system, the proposed model demonstrates significant improvement in the accuracy, precision, and recall of access control decisions compared to traditional models. The proposed model’s ability to dynamically assess risk and adjust access permissions based on contextual factors significantly enhances its ability to mitigate threats and protect sensitive medical data.