Explore the vast range of titles available.

Advances in 5G and the Internet of Things (IoT) have to cater to the diverse and varying needs of different stakeholders, devices, sensors, applications, networks, and access technologies that come together for a dedicated IoT network for a synergistic purpose. Therefore, there is a need for a solution that can assimilate the various requirements and policies to dynamically and intelligently orchestrate them in the dedicated IoT network. Thus we identify and describe a representative industry-relevant use case for such a smart and adaptive environment through interviews with experts from a leading telecommunication vendor. We further propose and evaluate candidate architectures to achieve dynamic and intelligent orchestration in such a smart environment using a systematic approach for architecture design and by engaging six senior domain and IoT experts. The candidate architecture with an adaptive and intelligent element (“Smart AAA agent”) was found superior for modifiability, scalability, and performance in the assessments. This architecture also explores the enhanced role of authentication, authorization, and accounting (AAA) and makes the base for complete orchestration. The results indicate that the proposed architecture can meet the requirements for a dedicated IoT network, which may be used in further research or as a reference for industry solutions.

Technologies for integrating enterprise web applications have improved rapidly over the years. The OAuth framework provides authentication and authorization using the users’ profile and credentials in an existing identity provider. This makes it possible for attackers to exploit any vulnerability arising from exchange of data with the provider. Vulnerability in OAuth authorization flow allows an attacker to alter the normal flow sequence of the OAuth protocol. In this paper, a machine learning-based approach was applied in the detection of potential vulnerability in the OAuth authentication and authorization flow by analyzing the relationship between changes in the OAuth parameters and the final output. This research models the OAuth protocol as a supervised learning problem where seven classification models were developed, tuned and evaluated. Exploratory Data Analytics (EDA) techniques were applied in the extraction and analysis of specific OAuth features so that each output class could be evaluated to determine the effect of the identified OAuth features. The models developed in this research were trained, tuned and tested. A performance accuracy above 90% was attained for detection of vulnerabilities in the OAuth authentication and authorization flow. Comparison with known vulnerability resulted in a 54% match.

In the past decades, healthcare has witnessed a swift transformation from traditional specialist/hospital centric approach to a patient-centric approach especially in the smart healthcare system (SHS). This rapid transformation is fueled on account of the advancements in numerous technologies. Amongst these technologies, the Internet of medicals things (IoMT) play an imperative function in the development of SHS with regard to productivity of electronic devices in addition to reliability, accuracy. Recently, several researchers have shown interest to leverage the benefits of IoMT for the development of SHS by interconnecting with the existing healthcare services and available medical resources. Though the integration of IoMT within medical resources enable to revolutionize the patient healthcare service from reactive to proactive care system, the security of IoMT is still in its infancy. As IoMT are mainly employed to capture extremely sensitive individual health data, the security and privacy of IoMT is of paramount importance and very crucial in safeguarding the patient life which could otherwise adversely affect the patient health state and in worse case may also lead to loss of life. Motivated by this crucial requirement, several researchers in tandem to the advancement in IoMT technologies have continuously made noteworthy progress to tackle the security and privacy issues in IoMT. Yet, many possible potential directions exist for future investigation. This necessitates for a complete overview of existing security and privacy solutions in the field of IoMT. Therefore, this paper aims to canvass the literature on the most promising state-of-the-art solutions for securing IoMT in SHS especially in the light of security, privacy protection, authentication and authorization and the use of blockchain for secure data sharing. Finally, highlights the review outcome briefing not only the benefits and limitation of existing security and privacy solutions but also summarizing the opportunities and possible potential future directions that can drive the researchers of next decade to improve and shape their research committed on safe integration IoMT in SHS.

Private set computation (PSC) represents a pivotal technology in the information age, facilitating the processing of sensitive datasets while safeguarding privacy. In this paper, we propose a secure quantum protocol theoretically to achieve private set computation, utilizing the quantum entanglement correlations of Greenberger-Horne-Zeilinger (GHZ) states, and applicable to computations such as Private Set Intersection Cardinality (PSI-CA) and Private Set Union Cardinality (PSU-CA). This protocol incorporates an identity verification mechanism, ensuring that only authenticated users can engage in the computation process. It is designed to specifically cater to the computational requirements of PSI-CA or PSU-CA applications, while maintaining the privacy of each element within the data sets. Our approach utilizes tripartite GHZ states alongside single qubit preparations, which are notably straightforward to generate. Furthermore, the quantum operations required from users are confined to M X or M Y measurements, thereby enhancing the protocol’s practical feasibility. The proposed protocol is secure and can resist attacks from both internal and external attackers, such as user impersonation attacks, user collusion attacks, etc. To substantiate the practical applicability, we employ an example of two private data sets for experimental verification on the IBM quantum computing platform. This work further illustrates the advantages of the GHZ state in private set computing and explores the quantum benefits of entanglement in such computations.

Microservices is an emerging paradigm for developing distributed systems. With their widespread adoption, more and more work investigated the relation between microservices and security. Alas, the literature on this subject does not form a well-defined corpus : it is spread over many venues and composed of contributions mainly addressing specific scenarios or needs. In this work, we conduct a systematic review of the field, gathering 290 relevant publications—at the time of writing, the largest curated dataset on the topic. We analyse our dataset along two lines: (a) quantitatively, through publication metadata, which allows us to chart publication outlets, communities, approaches, and tackled issues; (b) qualitatively, through 20 research questions used to provide an aggregated overview of the literature and to spot gaps left open. We summarise our analyses in the conclusion in the form of a call for action to address the main open challenges.

The rapid adoption of green mobility solutions—such as electric-vehicle sharing and intelligent transportation systems—has accelerated the integration of Internet of Things (IoT) technologies, introducing complex security and performance challenges. While conceptual Identity and Access Management (IAM) frameworks exist, few are empirically validated for the scale, heterogeneity, and real-time demands of modern mobility ecosystems. This work presents a data-backed, container-native reference architecture for secure and resilient Authentication, Authorization, and Accounting (AAA) in green mobility environments. The framework integrates Keycloak within a Kubernetes-orchestrated infrastructure and applies Zero Trust and defense-in-depth principles. Effectiveness is demonstrated through rigorous benchmarking across latency, throughput, memory footprint, and automated fault recovery. Compared to a monolithic baseline, the proposed architecture achieves over 300% higher throughput, 90% faster startup times, and 75% lower idle memory usage while enabling full service restoration in under one minute. This work establishes a validated deployment blueprint for IAM in IoT-driven transportation systems, offering a practical foundation for a secure and scalable mobility infrastructure.

House Speaker Kevin McCarthy (R-Calif.) pushed President Biden to agree to work requirements for millions of low-income Americans ahead of debt limit talks on May 16.

Videoconferencing has become a crucial enabler for sustainable collaboration and learning during the COVID-19 pandemic. However, national regulations often restrict public institutions from introducing commercial videoconferencing services. Open-source software is an attractive option for institutions if it can be protected from potential security threats while ensuring high usability. Unfortunately, to the best of our knowledge, we hardly find available open-source videoconferencing applications in the literature that stress their usability and adopt security-related frameworks. This study presents a federated-access management system called trustHub, which was developed to enable flexible and elaborate access control and protocol-agnostic user authentication. In addition, we introduce two videoconferencing applications that aim to improve the usability of leveraged open-source software. They are prototyped to operate in concert with trustHub to take firm access control and accept various types of identity providers. Consequently, using data collected from trustHub and a prototyped videoconferencing application over a 10-month period, we conduct a comprehensive analysis to understand the usage patterns of federated access and videoconferencing during the pandemic and, thus, verify their feasibility indirectly.

In recent years, organizations are starting to demand a finer user access control in order to offer added-value services, while end users desire more control over their private information. Several approaches have been proved to be efficient in protecting basic scenarios. However, in scenarios requiring advanced features, such as advanced authorization capabilities, level of assurance facilities or effective privacy management, certain issues still need to be addressed. In this work, we propose an identity management infrastructure, based on the SAML, XACML and XKMS standards, which extends current approaches in order to achieve the required features. We include a performance analysis to show the feasibility of this architecture.

Involvement of multiple cloud providers enhances the security complexity in cloud computing. Despite engaging best in class human and hardware resources, cyber-attacks in cloud paradigm continue to rise. This work aims to explore the cloud vulnerabilities that arise due to the multiple entry points. Underlying security threats are categorized into resources at providers' end, hardware security, transmission security, process security, and endpoint security. To mitigate the cyber-attacks in cloud, this work proposed a comprehensive multi-point-based framework that leverages the underlying hardware to strengthen the security at the user's end, internet service provider's end, and at the cloud data center. Security is further fortified by including the process level interaction at terminals. Framework is advanced enough to accommodate the vulnerable points of a system and a network. With the implementation of the proposed system, potential attacks can be detected during early state of penetration.