Journal articles on the topic 'Modified User Supplied Key based Encryption'

The security issues in database are growing very fast as the attackers and hackers are trying everything to compromise the security of the database. The confidentiality of the database is one of the most important aspects that needed to be maintained. One of the most effective ways to maintain the database confidentiality is Encryption. One method to achieve the standard encryption is user supplied key based encryption because this encryption technique provides the cipher text whose length is different in comparison to plain text. But it have one major shortcoming one plain text character is converted into same cipher text for its entire occurrence. In this paper we proposed the modified user supplied key based encryption in which we have all the benefits of user supplied key based encryption and at the same time it provides different characters in cipher text for different occurrence of the same plain text character.

Objectives: Masking and re-keying are two major countermeasures against the Power Side Channel Analysis attacks. Re-keying has either secret sharing overhead or needs to be used in synchronization. The Advanced Encryption System (AES) has been modified in the proposed scheme and uses re-keying without the need for secret random sharing or need for synchronized communication. The research proposed a modified AES scheme and validated its effectiveness with the AES. Methods: This study proposes modifying AES and then implementing it as software encryption using Python. As the AES has been modified, the proposed scheme should also match its strength to be further used against the Power Analysis Attack. Avalanche parameter is used to check the proposed solution strength. A data set of 10000, 50000, and 100000 records were generated to test the avalanche effect. The avalanche of existing AES and modified AES are then compared. Findings: The results indicate that the avalanche effect for both AES and the modified AES remains equivalent for the supplied dataset. To analyze further, the avalanche distribution is analyzed and randomness is checked using the Shannon entropy and found that the modified AES provides 0.5% more randomness against the AES. Hence, the modified AES fulfills the benchmark criteria to further check its strength against the Power Side Channel Analysis attacks. Novelty: The algorithm uses a part of the plain text to generate the round key making the resultant key unique and as it can be re-generated from the ciphertext and original key schedule on the decryption side, the random sharing is not needed. Keywords: Masking, Random Sharing Overhead, Differential Power Analysis (DPA), AES, Avalanche Effect, Re-keying

Abstract <strong>Objectives:</strong>&nbsp;Masking and re-keying are two major countermeasures against the Power Side Channel Analysis attacks. Re-keying has either secret sharing overhead or needs to be used in synchronization. The Advanced Encryption System (AES) has been modified in the proposed scheme and uses re-keying without the need for secret random sharing or need for synchronized communication. The research proposed a modified AES scheme and validated its effectiveness with the AES.&nbsp;<strong>Methods:</strong>&nbsp;This study proposes modifying AES and then implementing it as software encryption using Python. As the AES has been modified, the proposed scheme should also match its strength to be further used against the Power Analysis Attack. Avalanche parameter is used to check the proposed solution strength. A data set of 10000, 50000, and 100000 records were generated to test the avalanche effect. The avalanche of existing AES and modified AES are then compared.<strong>&nbsp;Findings:</strong>&nbsp;The results indicate that the avalanche effect for both AES and the modified AES remains equivalent for the supplied dataset. To analyze further, the avalanche distribution is analyzed and randomness is checked using the Shannon entropy and found that the modified AES provides 0.5% more randomness against the AES. Hence, the modified AES fulfills the benchmark criteria to further check its strength against the Power Side Channel Analysis attacks.&nbsp;<strong>Novelty:</strong>&nbsp;The algorithm uses a part of the plain text to generate the round key making the resultant key unique and as it can be re-generated from the ciphertext and original key schedule on the decryption side, the random sharing is not needed. <strong>Keywords:</strong> Masking, Random Sharing Overhead, Differential Power Analysis (DPA), AES, Avalanche Effect, Re-keying

The security of database is very important as data is the most valuable asset in the modern environment. Various security methodologies are available to secure databases. Most of the available methodologies focus on access control of the database, but there may be situations when someone intentionally or accidentally break or bypass the access control mechanism of the database and hence the confidentially of the database could be compromised. Various methods are available to preserve the confidentially of the database in those situations. The best solution in this case is encryption. Various Researchers proposed different methods by which the database encryption can be enforced and the content of database is encrypted and decrypted efficiently. All Encryption techniques available till date converts plain text into cipher text but the length of both will be same, this is a serious shortcoming of available cryptographic approach for example some attacker can guess the plain text by accessing the length of cipher. In this paper we elaborate the use of database encryption to protect the database content. We propose a User supplied Key based authentication which generates the cipher of different length in comparison to plain text. By the use of this approach database can be protected against various kind of vulnerabilities.

The revocable ciphertext-policy attribute-based encryption (R-CP-ABE) is an extension of ciphertext-policy attribute-based encryption (CP-ABE), which can realize user direct revocation and maintain a short revocation list. However, the revoked users can still decrypt the previously authorized encrypted data with their old key. The R-CP-ABE scheme should provide a mechanism to protect the encrypted data confidentiality by disqualifying the revoked users from accessing the previously encrypted data. Motivated by practical needs, we propose a new user R-CP-ABE scheme that simultaneously supports user direct revocation, short revocation list, and ciphertext update by incorporating the identity-based and time-based revocable technique. The scheme provides a strongly selective security proof under the modified decisional q -parallel bilinear Diffie–Hellman Exponent problem, where “strongly” means that the adversary can query the secret key of a user whose attribute set satisfies the challenge ciphertext access structure and whose identity is in the revocation list.

A variety of identity-based encryption mechanisms are gradually developed since BF-IBE was proposed in 2001. However, since a users public key is fully open and cannot be modified, the key update issue needs to be solved urgently. And at the same time, hierarchical IBE has been proposed to reduce the burden of a single PKG. The paper suggests wildcards and put forward WIBE, which can make one-time encryption for user groups of HIBE. Then WKU is put out based on WIBE, which is a key updating mechanism in the measure of years and manages the expiration date of users keys.

A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identity-based cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack. Doi: 10.28991/esj-2021-01259 Full Text: PDF

Abstract - Security is an action to prevent the occurrence of dangers, threats, and attacks, especially the security of cryptocurrency storage assets on the smartphone crypto mobile wallet application. Security is important to protect wallet data from asset theft attacks. The results of the observations made by many users store their wallet recovery words (mnemonic phrases) on cloud services such as Google Drive and One Drive, this is very vulnerable to data hacking if the account has been compromised then hackers take valuable data for their own benefit. Computer scientists created a cryptographic security algorithm to steal data from theft. The AES (Advanced Encryption Standard) algorithm is a symmetric block cipher cryptography algorithm where to obtain data that has been encrypted using a secret key or passkey user must enter the same key when encoding data (encryption). AES is divided into three based on key length, namely AES-128 has a key length of 128 bits, AES-192 has a key length of 192 bits, and AES-256 has a key length of 256 bits. The system that will be made in this research is to modify the rotation of the standard AES algorithm which has 10 rounds to 16 rounds. Modifications made by increasing the number of algorithm cycles make the system more secure and stronger from attacks and require longer computational time for hackers to crack encryption. The tests carried out are comparing the results of ciphertext, time and avalanche effects. The test results show differences in ciphertext output in the same file after encryption, then the time required for the modified AES algorithm in the encryption and decryption process is longer than the AES standard. While the test results on the avalanche effect showed a slight change that occurred in the standard AES by 48.6% and then in the modified AES by 55.6%. An avalanche effect has good results if there is a slight change of 45-60% (half or more). The more bits that change the more difficult the cryptographic algorithm to crack.

With the tremendous development of the online information, the term “Cloud Computing” offers multiple kinds of outsourcing and storage services to the user. Data security and privacy issues introduces multiple hurdles into it such as data leakage, calculating the key for data encryption, lack of proper security policies and renewal of application in cloud environment. One of the main issues is how to store encrypted data, decrypt it when required and renewal of application to face the security challenges. In this work we have proposed a secured and timestamp value based approach using RSA-MABC algorithm for encryption and decryption process. The work has been simulated in Cloudsim and results show our approach takes less time for encryption and decryption with added security features of renewing the secret key based on timestamp. Our results of encryption and decryption time along with the results of ttest shows that our work is better than exiting approaches.

Wearable technology-supported cloud-based smart health (s-health) has emerged as a promising answer to increase the efficiency and quality of healthcare as a result of rapid improvements in Internet of Things (IoT) technologies. However, the issues of data security and privacy preservation have not been fully resolved. In recent years, ciphertext policy attribute-based encryption (CP-ABE), which was developed as a versatile and potent cryptographic fundamental to accomplish one-to-many encryption with fine-grained access control, has been seen as a viable answer to the security issue in the cloud. The attribute values in the access policy, however, are supplied in cleartext in standard CP-ABE. This will conveniently reveal the data owners’ privacy (patients). Because the Internet of Things (IoT) in healthcare stores sensitive data in the cloud, security is crucial. The data must always be accessed via an access key when using traditional encryption techniques. Though the data cannot be accessed right away in an emergency, this offers greater security. The healthcare IoT created the break-glass concept to address this. The encryption technique is integrated with the broken glass idea to offer data protection and simple access in emergency scenarios. The majority of research papers employ cypher text policy attribute-based encryption (CP-ABE) with the broken glass idea to secure electronic health records. For improving data accessibility in the smart healthcare environment, modified cypher text policy attribute-based encryption (MCP-ABE) with the broken glass (BG) technique is suggested. Greater information security is achieved with this method, but the access policy is also dependent on keys that are vulnerable to hacking. To analyze the access policy individually throughout the key generation process, the attribute-based encryption procedure in this case uses the bloom filter. Information about the access policy is kept intact, which enhances the security of the keys. To continue serving patients and saving their lives, this modified CP-ABE is integrated with break glass in the smart healthcare facility. The experimental results demonstrated that, when compared to the lightweight break-glass procedure, the proposed solution is likewise the best in terms of decreased overhead. The main benefit of this strategy is that it uses the bloom filter concept in the MCP-ABE process, which protects the access policy attributes, to ensure that the key is never compromised. For data access in smart healthcare to preserve patients’ lives, the proposed MCP-ABE with broken glass is best.

Bluetooth implementsconfidentiality,authenticationandkeyderivation with custom algorithms based on theSAFER+block cipher. Bluetooth key generation is generally based on a Bluetooth PIN, which must be entered into both devices. This procedure might be modified if one of the devices has a fixed PIN (e.g., for headsets or similar devices with a restricted user interface). During pairing, an initialization key or master key is generated, using the E22 algorithm.TheE0 stream cipher is used for encrypting packets, granting confidentiality, and is based on a shared cryptographic secret, namely a previously generated link key or master key. Those keys, used for subsequent encryption of data sent via the air interface, rely on the Bluetooth PIN, which has been entered into one or both devices.

With introduction of smart things into our lives, cloud computing is used in many different areas and changes the communication method. However, cloud computing should guarantee the complete security assurance in terms of privacy protection, confidentiality, and integrity. In this paper, a Homomorphic Encryption Scheme based on Elliptic Curve Cryptography (HES-ECC) is proposed for secure data transfer and storage. The scheme stores the data in the cloud after encrypting them. While calculations, such as addition or multiplication, are applied to encrypted data on cloud, these calculations are transmitted to the original data without any decryption process. Thus, the cloud server has only ability of accessing the encrypted data for performing the required computations and for fulfilling requested actions by the user. Hence, storage and transmission security of data are ensured. The proposed public key HES-ECC is designed using modified Weil-pairing for encryption and additional homomorphic property. HES-ECC also uses bilinear pairing for multiplicative homomorphic property. Security of encryption scheme and its homomorphic aspects are based on the hardness of Elliptic Curve Discrete Logarithm Problem (ECDLP), Weil Diffie-Hellman Problem (WDHP), and Bilinear Diffie-Helman Problem (BDHP).

Secure patient health record (PHR) information exchange via cloud computing is a considerable security risk to user privacy. The fundamental reason of this issue is cloud computing’s reliance on trustworthy third parties to share data across it. To exchange data securely, many conventional cryptographic algorithms employ various keying approaches. However, relying on a trusted third party compromises the privacy of consumers’ data. To offer secure communication without the involvement of a third party, a distributed blockchain based (DBC) ciphertext–policy attribute-based encryption (CP-ABE) approach is employed in this study. Because of bilinear paring and simple scalar multiplication factors, the proposed CP-ABE system is entirely dependent on elliptic curve cryptography to reduce complexity. Furthermore, the data requester provides dynamic attributes, and a user-centric access policy is created, allowing multiple authorities to manage the attributes and provide data access. Data confidentiality, data authentication, user authentication, and tamper-proof data are all guaranteed by the suggested method. The DBC-CP-ABE method is used to provide user-centric access policies and effective key management.

Pervasive and ubiquitous computing has enabled people better integrate physical things into the digital world. The internet of things (IoT) has been considerably more widely used in business and everyday life in the last decade. Innovative healthcare information and communication technologies are a vast field of research and applications that need IoT benefits, including speed, security, and low cost. The proposed modified advanced encryption standard (AES)-cipher block chaining (CBC)-based blockchain technology offers a shared key to devices that need to communicate directly with or with entities outside the smart healthcare network to give users greater control over transactions. The experiments are carried out using a Raspberry Pi 3, whereas two different sensors are &lrm;employed in this case. Blockchain technology encrypts data between doctor and patient with varied user numbers. The results from experiments revealed that the proposed modified AES-CBC based blockchain technology could provide the IoT application with security services (confidentiality, integrity, and access control) with efficient execution time.

Cloud computing is a powerful and popular information technology paradigm that enables data service outsourcing and provides higher-level services with minimal management effort. However, it is still a key challenge to protect data privacy when a user accesses the sensitive cloud data. Privacy-preserving database query allows the user to retrieve a data item from the cloud database without revealing the information of the queried data item, meanwhile limiting user’s ability to access other ones. In this study, in order to achieve the privacy preservation and reduce the communication complexity, a quantum-based database query scheme for privacy preservation in cloud environment is developed. Specifically, all the data items of the database are firstly encrypted by different keys for protecting server’s privacy, and in order to guarantee the clients’ privacy, the server is required to transmit all these encrypted data items to the client with the oblivious transfer strategy. Besides, two oracle operations, a modified Grover iteration, and a special offset encryption mechanism are combined together to ensure that the client can correctly query the desirable data item. Finally, performance evaluation is conducted to validate the correctness, privacy, and efficiency of our proposed scheme.

In spite of all the advantages delivered by cloud computing, several challenges are hindering the migration of customer software and data into the cloud. On top of the list is the security and privacy concerns arising from the storage and processing of sensitive data on remote machines that are not owned, or even managed by the customers themselves. In this paper, initially a homomorphic encryption-based Cryptographic Agent is proposed. The proposed Cryptographic Agent is based on Paillier scheme, and is supported by user-configurable software protection and data privacy categorization agents, as well as set of accountable auditing services required to achieve legal compliance and certification. This scheme was tested using different text documents with different sizes. Testing results showed that as the size of the document increases, the size of the generated key increases dramatically causing a major problem in regards to the processing time and the file size especially for large documents. This leaded us to the second part of this research which is: a modified security architecture that adds two major autonomic security detective agents to the multi-agent architecture of cloud data storage. In this paper, we focus on the first agent namely (Automated Master Agent, AMA) that is added to the Multi Agent System Architecture (MASA) layer (cloud client-side) by which any changes happen in the document are mapped in a QR code encoded key print (KP). Experimental results after integrating these agents showed a 100% alternation detection accuracy and a superiority in extracting the KP of large and very large size documents which exceeds the currently available products and leverage the tamper-proof capabilities of cryptographic coprocessors to establish a secure execution domain in the computing cloud that is physically and logically protected from unauthorized access.

&lt;abstract&gt; &lt;p&gt;In the era of cloud computing, the technique of access control is vital to protect the confidentiality and integrity of cloud data. From the perspective of servers, they should only allow authenticated clients to gain the access of data. Specifically, the server will share a communication channel with the client by generating a common session key. It is thus regarded as a symmetric key for encrypting data in the current channel. An access control mechanism using attribute-based encryptions is most flexible, since the decryption privilege can be granted to the ones who have sufficient attributes. In the paper, the authors propose a secure access control consisting of the attributed-based mutual authentication and the attribute-based encryption. The most appealing property of our system is that the attribute keys associated with each user is periodically updatable. Moreover, we will also show that our system fulfills the security of fuzzy selective-ID assuming the hardness of Decisional Modified Bilinear Diffie-Hellman (DMBDH) problem.&lt;/p&gt; &lt;/abstract&gt;

Electronic Health Record (EHR) systems are a valuable and effective tool for exchanging medical information about patients between hospitals and other significant healthcare sector stakeholders in order to improve patient diagnosis and treatment around the world. Nevertheless, the majority of the hospital infrastructures that are now in place lack the proper security, trusted access control, and management of privacy and confidentiality concerns that the current EHR systems are supposed to provide. Goal. For various EHR systems, this research proposes a Blockchain-enabled Hyperledger Fabric Architecture as a solution to this delicate issue. The three steps of the suggested system are the secure upload phase, the secure download phase, and authentication. Patient registration, login, and verification make up the authentication step. The administrator grants authorization to read, edit, delete, or revoke the files following user details verification. In the secure upload phase, feature extraction is carried out first, and then a hashed access policy is created from the extracted feature. Next, the hash value is stored in an IoT-based Hyperledger blockchain. The uploaded EHR files are additionally encrypted before being stored on the cloud server. In the secure download step, the physician uses a hashed access policy to send the request to the cloud and decrypts the corresponding files. The experimental findings demonstrate that the system outperformed cutting-edge techniques. The proposed Modified Key Policy Attribute-Based Encryption performs better for the remaining 10 to 25 mb file sizes. This IoT framework compares MKP-ABE with certain efficiency indicators, such as encryption, decryption period, protection level analysis and encrypted memory use, resource use on decryption, upload time, and transfer time, which are present in the KP-ABE, the ECC, RSA, and AES. Here, the IoT device suggested requires 4008 ms for data encryption and 4138 ms for the data decryption.

This paper introduces a novel framework designed to bolster privacy protections within automated voice authentication systems, addressing mounting concerns as voice-based authentication grows in prominence. The widespread adoption of these systems has underscored apprehensions regarding the storage and processing of sensitive voice biometric data without adequate safeguards. To mitigate these risks, a modified framework is proposed, aiming to enhance privacy without compromising authentication accuracy and efficiency. Three key techniques are implemented to address these challenges. Firstly, advanced encryption methods are employed for secure voice data storage and transmission, through the homomorphic encryption to enable authentication processing on encrypted data. Secondly, a privacy-preserving feature extraction method is introduced, transforming raw voice inputs into irreversible representations to shield original biometric information. Additionally, the framework incorporates differential privacy mechanisms, adding controlled noise to aggregated voice data to prevent individual identification within large datasets. A user-centric consent and control model is proposed, empowering individuals to manage their voice profiles and authentication settings. Experimental findings demonstrate that the framework achieves enhanced authentication accuracy while markedly reducing privacy risks compared to conventional systems. This contribution addresses the ongoing challenge of balancing security and privacy in biometric authentication technologies.

This paper introduces a novel framework designed to bolster privacy protections within automated voice authentication systems, addressing mounting concerns as voice-based authentication grows in prominence. The widespread adoption of these systems has underscored apprehensions regarding the storage and processing of sensitive voice biometric data without adequate safeguards. To mitigate these risks, a modified framework is proposed, aiming to enhance privacy without compromising authentication accuracy and efficiency. Three key techniques are implemented to address these challenges. Firstly, advanced encryption methods are employed for secure voice data storage and transmission, through the homomorphic encryption to enable authentication processing on encrypted data. Secondly, a privacy-preserving feature extraction method is introduced, transforming raw voice inputs into irreversible representations to shield original biometric information. Additionally, the framework incorporates differential privacy mechanisms, adding controlled noise to aggregated voice data to prevent individual identification within large datasets. A user-centric consent and control model is proposed, empowering individuals to manage their voice profiles and authentication settings. Experimental findings demonstrate that the framework achieves enhanced authentication accuracy while markedly reducing privacy risks compared to conventional systems. This contribution addresses the ongoing challeng

Now a days, have a great dependence on computer and network and the security of computer related to the whole world and everybody. Cryptography is the art and science of achieving security by encoding message to make them non readable, to secure data information transmits over the network, In this paper introduced modified RSA approach based on multi keys and Chinese remainder theorem (CRT), which RSA algorithm is asymmetric key encryption technique. The objective of this Technique is to provide secure transmission of data between any networks. Which is the Network security is an activity which is designed to provide the usage protection and integrity of the Network and data. So that only the user allowed can read and process it, the objective of this paper Enhancement the performance of RSA and increase the security. In proposed model RSA will be implemented using java.

Instruction Set Randomization (ISR) is able to protect against remote code injection attacks by randomizing the instruction set of each process. Thereby, even if an attacker succeeds to inject code, it will fail to execute on the randomized processor. The majority of existing ISR implementations is based on emulators and binary instrumentation tools that unfortunately: (i) incur significant runtime performance overheads, (ii) limit the ease of deployment, (iii) cannot protect the underlying operating system kernel, and (iv) are vulnerable to evasion attempts that bypass the ISR protection itself.&nbsp; To address these issues, we present the design and implementation of ASIST, an architecture with both hardware and operating system support for ISR. ASIST uses our extended SPARC processor that is mapped onto a FPGA board and runs our modified Linux kernel to support the new features. In particular, before executing a new user-level process, the operating system loads its randomization key into a newly defined register, and the modified processor decodes the process&#39;s instructions with this key. Besides that, ASIST uses a separate randomization key for the operating system to protect the base system against attacks that exploit kernel vulnerabilities to run arbitrary code with elevated privileges. Our evaluation shows that ASIST can transparently protect both user-land applications and the operating system kernel from code injection and code reuse attacks, with about 1.5% runtime overhead when using simple encryption schemes, such as XOR and Transposition; more secure ciphers, such as AES, even though they are much more complicated for mapping them to hardware, they are still within acceptable margins,with approximately 10% runtime overhead, when efficiently leveraging the spatial locality of code through modern instruction cache configurations.

A secured mutual authentication protocol (SMAP Fog/Edge) has been developed for fog computing. The protocol provides secure mutual authentication which lightweight and efficient for fog computing environments. However, based on AVISPA’s verification from Azzahra research, this protocol has been found to be vulnerable to man-in-the-middle (MITM) attacks due to the absence of an authentication scheme between authentication server and the edge user. The attacks are carried out assuming that the public key of the fog server is not distributed over a secure channel. Rhim research and Lestari research successfully enhance the security level with digital signature. In line with that, we propose modified mechanism that utilizes encryption and digital signatures to substitute the secure channel for distributing the public key of the fog server and authenticating edge users by the authentication server. All modification is using authentication server for digital signature to enhance the security of SMAP Fog/Edge and make it resistant to man-in-the-middle attacks. The proposed protocol is revalidated using the AVISPA tool to determine whether the vulnerability still exists. The result indicates prototype successfully resistant to MITM

Better resource utilization, quick speed, affordability, and accessibility for data exchange and storage are all provided by cloud computing. However, security concerns become the main barrier as data storage-possibly sensitive data-is increasingly outsourced to cloud businesses. Preserving data files encrypted before customers upload them to the cloud is a shared approach to safeguarding data confidentiality. Customers who use cloud storage services can save money on data management maintenance expenses. Data confidentiality is the main issue when outsourcing customer data to cloud storage providers. To prevent misuse of firm data, an access control system is also required. Regretfully, it might be difficult to develop a safe and efficient data exchange plan, especially for firms that are dynamic. First, in a secure way, recommend Role Based Access Control (RBAC). or key distribution without the need for any secure lines of communication, and group managers can safely provide group keys to users. One well-known access control paradigm is rolebased access control (RBAC), which maps users to roles and roles to privileges on data objects to provide flexible restrictions and database management. Using blockchain technology, an emerging technology, for data storage is the suggested remedy. First, describe the blockchain-based data storage system paradigm that includes hash and block creation. This work proposes an ECC based encryption system to solve user identity privacy and data privacy in the current access control techniques. It incorporates an anonymous control mechanism along with RBAC and cryptographic techniques. If a group member can be removed, the current group's public keys will be instantly modified, preventing the original content from needing to be re-encrypted. Individuals who are part of the group can access the cloud source; users whose access has been canceled cannot access the cloud again. Keywords: Elliptic Curve Cryptography, Cloud Storage Process, Group Creation, Role-Based Access Permission, Data Sharing, Data Encryption, Secure Data Access.

Nowadays, password based authentication is one the most common way of authentication for most of the user logins. However, the advancement in technology also posing many threats for the password authentication systems. Everybody will be keen to know others password. But there exists a very few who is very keen to devise a new authentication. In this paper, we have proposed a more advanced password authentication method yet a simple one which gives a tough competition for the attacker to break the password. For this, we are providing a special key-display interface to assist the modified cued click point’s technique which helps in the more sophisticated dynamic authentication method. This interface helps to break the single password into a combination of 4 passwords and also adds three more password strings to the current password which is entered. It also uses a special one way encryption algorithm called Nesting 93 which is developed explicitly for this system. It helps to prevent almost any kind of attacks&lt;strong&gt;&lt;/strong&gt;.

The brain's electric field configuration reflects its momentary, global functional state. The fluctuations of these states can be analyzed at millisecond resolution by the EEG microstate analysis. This analysis reportedly allowed the detection of brain state duration, occurrence, and sequence aberrations in psychiatric disorders such as schizophrenia, dementia, and depression. Several existing software solutions implement the microstate analysis, but they all require extensive user-interaction. This represents a major obstacle to time-efficient automated analyses and parameter exploration of large EEG datasets. Scriptable programming languages such as Python provide a means to efficiently automate such analysis workflows.For this reason, I developed the KEY EEG Python Library keypy. This library implements all steps necessary to compute the microstate analysis based on artefact free segments of EEG. It includes functions to carry out the necessary preprocessing (data loading, filtering, average referencing), modified k-means clustering based microstate identification, principal component based mean computation (across recording runs, conditions, participants, and or participant groups), and to retrieve the microstate class based statistics necessary to compare microstate parameters between groups and/or conditions. Keypy is an open source library and freely available from https://www.github.com/keyinst/keypy.Keypy provides a platform for automated microstate analysis of large-scale EEG datasets from psychiatric patient populations and their comparison to healthy controls. It is easily applicable and allows efficient identification of deviant brain states in clinical conditions.Disclosure of interestThe authors have not supplied their declaration of competing interest.

At present, the application of the embedded microkernel operating system in military and civil fields has begun to take shape, but it has not yet formed a unified method and standard. Due to its high performance, low frequency, and high reliability, dual-core embedded processors are getting the attention of many chip manufacturers. Compatibility has been favored by many telecom equipment manufacturers and embedded high-end application integrators, but the dual-core embedded processor needs a new real-time operating system to support it, so that it can give full play to the high performance of the dual-core. It paves the way for the application of its processor in the embedded field, but the design of embedded AI engine is not transparent to it; so, it needs the support of operating system. The user code is used to be in the operating system processor environment; so, it can be used on dual core processor first. In the real-time operating system that supports dual-core processors, the part that needs to be modified is mainly concentrated in the kernel part; so, the core design is the key point to support dual-core processors. This article is to seize this key point to carry out in-depth research. The difference and influence of hardware architecture between dual-core processor and single-core processor are the primary content of the study. Through the research of the dual-core processor architecture, the general abstraction of the dual-core processor architecture is obtained, which is the starting point of the follow-up research. This paper mainly studies the design of embedded AI engine based on the microkernel operating system, extracts the security requirements of the operating system, designs and implements the operating system from the perspective of formal verification, and considers the verification problem under the background of RTOS development, so as to avoid using too many complex data structures and algorithms in the system design and reduce the difficulty of experimental verification. In this paper, we use the spatiotemporal data model, data sharing security in the cloud environment, symmetric encryption scheme, and Paillier homomorphic encryption method to study the design of embedded AI engine based on the microkernel operating system. According to the idea of microkernel architecture, the kernel is divided into four main modules: task processing, semaphore, message queue, interrupt, and exception processing, and the lock mechanism to prevent reentrancy in software is analyzed separately. Three core function modules, initialization, process grinding, and interrupt processing, are extracted from the microkernel operating system to form the formal verification area of the operating system. At the same time, the system syntax and semantics of related rights are separated, and the main rationalization rules are described. The results show that the core of the microkernel operating system in five states adopts the microkernel architecture in the dual core environment. The microkernel architecture is a compact system kernel with good adjustability. Based on the analysis of the microkernel operating system, the internal structure of each module in the kernel is summarized, and the modules are modified according to the machine characteristics of the dual core processor; it corresponds to adding modules to meet the characteristics of dual core architecture. Kernel design is a systematic theoretical research process. This paper only uncovers the tip of the iceberg of real-time operating system kernel design on dual-core embedded processors. It is necessary to understand the kernel more deeply and master the kernel in the future work and study.

Background and Objective: The public and group communication carried out in the social, cloud, and mobile networks suffer from unauthorized users. The data security is required for secure authentication, monetary transactions and other sensitive information. The steganography methods empower the user with invulnerable communication in public domain. In this paper, a region secure and pattern based alternate 2B-3C (2Bit-3Channel) Steganography method is proposed to improve the content reliability and data security. Methods: In this method, the cover pixels are retrieved by applying the spiral rectangular pattern over the cover image. This spiral pattern also secures the core content region and the pixels from the core ROI (Region of Interest) is used as a cover only for larger size secret information. In this proposed steganography method, two channels are considered alternatively based on the defined rules. The LSB (Least Significant Bit) of both channels is XOR with input data bits and key to perform data hiding. The method is applied on real time color images taken from COREL and USC-SIPI-ID. The evaluation of proposed steganography approach is done using MSE (Mean Square Error), PSNR (Peak Signal-to-Noise Ratio), BER (Bit Error Rate), NCC (Normalized Cross Correlation) and SSIM (Structural Similarity Index Matrix). Result: The comparative results are generated for 50 real time images against the existing LSB (Least Significant Bit), LSBM (Least Significant Bit Modulation), LSBMR (Least Significant bit Matched Revisited), SCC (Stego Color Cycle), SHSI (Simple Hue-Saturation-Intensity), HIS-MLSB(Simple Hue-Saturation-Intensity-Modified LSB) and IMMEA(Iterative Magic Matrix Encryption Algorithm) methods. Conclusion: The experimentation results verified that the proposed 2B-3C approach improved the data hiding in qualitative and quantitative aspects.

Aim of the article. The Internet of Things (IoT) is an integral part of the modern Internet. Numerous publications concerning IoT business models (BM) mainly focus on an analysis of the specificity acquired by components of traditional BM templates when used in IoT. BM components, such as the value creation or revenue model, are declared to be IOT business models in general, what leads to a huge number of proposed BM variants actually being just the ways of implementing certain BM components; feasibility and efficiency of combining different realizations of BM components is not investigated. The article aims to systematize the IoT BM, analyse the content of the BM components and identify the effective options for their implementation. Analyses results. The approach to IoT BM design is radically different from that of traditional BM due to the fundamental differences in value creation. The main innovative element of the IoT BM is the digital service supplied by IoT devices. This provides the possibility to consider the IoT business models as a kind of PSS models but requires taking into account the digital nature of IoT services and incorporating models developed for software and cloud technologies. There is a lot of approaches to building the IoT business models, but it is difficult to give preference to any of them. Approaches relying on modified BMC templates and S. Turber / O. Vermasan's three-dimensional model based on a combination of the Magic Triangle and St. Galen's Navigator with the architecture of IoT seem to be the most instrumental. At the same time, when forming a business model at the level of a single actor in the IoT ecosystem, the BMC looks more attractive, while the Turber / Vermasan three-dimensional model is more useful at the ecosystem level. In order to build a business model of IoT, one needs to understand the structure of the IoT device and its ability to provide various services. The functionality of the IoT device directly affects the value component of the BM. At the same time it is necessary to distinguish between the value creation model, the content of the value proposition and the revenue model. The value model is supposed to reflect the structure of the process of value creation and consumption. The value proposition identifies functions performed by the particular proposal to satisfy a particular consumer need. This means that the content of the value proposition must reflect the state of satisfaction of this need and its change as a result of the consumption of the value. Proposed functions are to be based on the loT technological capabilities. The highlighted effecient value propositions, such as Remote Usage and Condition Monitoring, Compliance Monitoring, Preventative Maintenance, Remote Diagnostics, Automated Inventory Replenishment, Information as a Service etc. consider the specific requirements of IoT to the value propositions. The implementation of each proposition is supported by the basic functions of the IoT sensors, which are provided by different types of devices. These value propositions can be implemented within the framework of certain value creation models. On the basis of analysis of numerous publications, 20 typical models of value creation in the IoT BM (Physical Freemium, (Digital) Add-on, Product-as-a-Service, Hardware as a Service, Digital Lock-in, Usage-Based Consumption, Value Co-creation, Performance-as-a-Product, Solution-oriented Model, Product Sharing, Product as Point of Sales, Costs Savings Sharing, Razor and Blades, Object Self Service, Revenue Sharing, Asset Sharing, Data as a Service, Offer a Service, Smart Product as Add-on, White Label), were identified. The possibility of combining them with different revenue models was investigated and the most effective combinations were revealed. The IoT BM employ a variety of revenue models and their combinations, the common feature of which is that at least one of the models in a combination of revenue models is based on permanent or recurring revenue. The development of the IoT BM starts with the identification of the need to be satisfied by the value proposition and of the extent to which the value is capable of satisfying this need, which requires the identification of the current and expected state of need satisfaction and actions to be taken to change this state, i.e. the type and functions of the IoT device to support these actions. Once the necessary type of device functions has been determined, the type of IoT sensor can be selected. After defining the concept of a value proposition, it is possible to develop value and revenue models compatible with the chosen proposal, to identify key resources and partners, ways to promote the product and communicate with the customer. Crowdfunding seems to be a promising way for Ukrainian start-ups to obtain initial resources, and when creating value, in addition to the already widely used models of Digital ADD-on, Usage-based Consumption and Value Co-creation, it is worth considering the "White Label" and "Revenue Sharing" models, which can simplify access to the increasingly saturated market of IoT services for end users. Conclusions and directions for further research. The development of IoT BM should be based on an analysis of the entire life cycle of the product and service provided by the smart device. The BM development should start from identifying the need to be met by the value proposition. The importance of the analysis of the state of satisfaction and other characteristics of this need determines the expediency of introducing the need component, described by a set of specific attributes, into the BM templates. These attributes' values, together with the participant resources, provide the basis for the content of the value proposition and affect the revenue model choice. The chosen revenue model has to comply with the value proposition, value model and the functionality of the IoT device. The IoT business model is to be dynamic and evolve towards increased capitalisation of information value, from the "Digital Add-on as a Service" or "Product as a Service" models to the "Performance as a Service", "Data/Information as a Service" and "Answer (Solution) as a Service" models. Successful participants in the IoT ecosystem can simultaneously apply a system of mutually agreed business models targeting different user segments. The IoT business model reflects the entire IoT ecosystem; accordingly, the formation and implementation of IoT business models in Ukraine should take into account the specifics of the national business ecosystem with the widest possible involvement of stable resources (in particular, IoT platforms) beyond the ecosystem of the Ukrainian segment of IoT. Keywords: Internet of Things (IoT), business model, IoT sensor, value proposition, revenue model.

Authentication and authorization techniques are essential for any kind of secure transaction over the Internet. It enables and empowers mechanisms to implement highly secure systems such as digital financial transition systems, hospitality management systems, and defence organizations. Most of the work on these techniques has been done based on single-user authorization. It is less secure than the multi-user authorization technique. Multi-party settings require the authorization of the majority user pool, the work is still in its nascent stage. Hence the presented work includes a multi-user authentication technique based on the approach of arithmetic greatest common divisor. This method aims to significantly enhance the security and reliability of the authorization process. Additionally, the proposed work also presented innovative encryption and decryption techniques for the security of data transformation using a modified N prime RSA algorithm. Furthermore, this work also discussed the application of the proposed methodology in the hospitality industry to ensure the security of customer data. The results of this work indicate that the suggested techniques enhance the security of data transformation and improve the time efficiency of key generation, encryption, and decryption techniques.

Wireless sensor network research enriched with diverse applications from industry to daily life. Widespread of sensor-based applications mandated for user authentication and secure communication. However, sensor nodes are limited energy and resources and hence secure communication for sensor nodes became a challenging task. This paper presents a fast encryption scheme for secure communication in wireless sensor networks. The proposed scheme consists of three phases namely registration, network deployment, and data transmission. In this work, a Gaussian transposition cipher for the generation of strong key. This cipher uses Gaussian noise, modified rail fence cipher and transposition. Fast encryption has achieved using XOR-based encryption and hence the proposed scheme incurs low computational cost. The proposed scheme resistant to various security attacks.

AbstractThe most contemporary development in information technology is the Internet of Things (IoT), which integrates the digital world with the real world. It makes it possible for things and people to communicate via the Internet. Blockchain is one of the popular topics of interest right now, and it can be used in most IoT applications. The blockchain's salient characteristics, like decentralization, data integrity, confidentiality, protection, and openness, are the main reasons for implementing it in healthcare services. Hence, this paper introduces an effective approach for storing IoT‐based healthcare data storage in the blockchain. The procedures in this suggested paradigm are as follows: user authentication, user trust verification, and optimal key storage in the blockchain. Wearable sensors are inserted in or adhered to a patient's body and used by IoT networks to gather healthcare data. These details are supplied into the verification structure constructed by adaptive dilated long short term memory with attention network (AD‐LSTM‐AN). Once the user's authentication is confirmed, then the user's trust level is computed. The same AD‐LSTM‐AN‐based verification structure is used to verify the historical data that has been stored and retrieved by the user, together with their previous transactions, in this phase. The healthcare data are then sent to the hybrid elliptic curve cryptography with attribute‐based encryption (HECC‐ABE) cryptography schemes for data encryption once the authentication of the person who attempts to store the data is confirmed. An adaptive final position‐based golden eagle‐Harris hawks optimization (AFP‐GEHHO) algorithm is used for optimizing the keys of the encrypted data. The blockchain platform stores the encrypted data of the authorized user with a high level of trust. The same process is done in reverse order whenever a user needs to recover information that is saved in the blockchain to retrieve the initially stored healthcare data. The effectiveness of secure data storage in blockchain is tested through experimental simulations. Throughout the analysis, the designed model achieves 96% in terms of accuracy. Thus, the developed model shows more secure and effective, has less error and reduces the time and memory requirements compared to existing approaches.

The Rivest-Shamir-Adleman (RSA) algorithm, known for its slow single-precision multiplication (spm) and overall running time, is not commonly employed to encrypt user data directly. As a result, several researchers have developed various RSA-based cryptosystems to enhance the algorithm's performance while maintaining security. This paper presents a comparative analysis of different variants of the RSA cryptosystem, focusing on five specific cryptosystems: RSA, Somsuk-RSA, Modified-RSA (MRSA), Easy Simple Factoring-RSA (ESF-RSA), and Phony-RSA. The methodology involves evaluating the theoretical running time and memory usage through single-precision multiplication (spm) measurements, while the actual running time is estimated using Maple programming. The research has two primary objectives. Firstly, they examined each algorithm of the RSA variants and analysed them according to the proposed methodology. Secondly, to determine which cryptosystem consumes the most time and memory for key generation, encryption, and decryption. The results indicate that ESF-RSA and RSA are the fastest in terms of key generation, ESF-RSA is the quickest for encryption, and Phony-RSA excels in decryption speed. Additionally, ESF-RSA demonstrates the lowest memory usage, whereas MRSA requires the highest memory allocation for all processes.

<strong>Abstract:&nbsp;</strong> A cloud environment is a collection of resources used to provide on-demand services to cloud clients. Access to the cloud environment is supplied through internet services, and data kept in the cloud environment is more accessible to both internal and external invaders. At the moment, cloud security experts are unable to provide a more dependable, safe, and effective intrusion detection system (IDS) for identifying intruders in data transfer.&nbsp;For fulfilling this requirement, in this paper a novel deep learning (DL) model namely Wavelet Kernel including Multi-Layer Perceptron Neural Network (WKMLPNN) based IDS is proposed for identifying the attacks while performing cloud data transmission.&nbsp;Additionally, to offer cloud secure storage, Improved Elliptical Curve Cryptography (IECC) is proposed with a novel key generation mechanism. Initially, the cloud user or data owner (DO) is registered with the Cloud Service Provider (CSP) for uploading their data to the cloud. Then at the CSP end, the authenticity of the DO is checked by implementing the Secure Hash Algorithm 256 (SHA-256) technique. After successful authentication, the DO is allowed to upload their data to the cloud. The CSP receives the data from the DO and then the intrusion present in the received data is identified using novel IDS (WKMLPNN). The presented IDS follows three operations such as preprocessing, optimal feature selection using Time factor incorporated Gravitational Search Algorithm (TGSA) and WKMLPNN applied classification for identifying the intrusions present in the data. If the received data contain the intrusion, the data will be avoided and not stored in the cloud, otherwise, the data will be stored in the cloud securely using the IECC algorithm. Finally, if the cloud users request CSP for data retrieval, the authenticity of the user is again checked using the SHA-256 algorithm. If the user is an authenticated one, the retrieval permission is granted for him, otherwise, the permission is denied for the user. The simulation results reveal that the presented approach outperforms existing strategies for intrusion categorization and encryption.

Cloud-based email is one of the services offered by cloud computing, and the number of users continues to grow year after year. Because of its working environment, cloud computing raises concerns about security and privacy. User authentication in cloud computing is now predicated on the user's credentials, which are typically username and password. User authentication in cloud computing is currently predicated on the credentials possessed by the user, which are primarily username and password. With the growing usage of cloud emails and numerous allegations of large-scale email leakage occurrences, a security attribute known as forward secrecy has become desirable and necessary for both users and cloud email service providers to strengthen the security of their communications. However, due to the failure of email systems to meet both security and practicality requirements at the same time. A fine-grained revocation capacity is available to an email user. A security key will be provided by the user to prevent hacking of such email addresses. The MAES(Modified Advanced Encryption Standard) algorithm encrypts files and a user's email ID to safeguard their data from a third party or hackers to address this issue more efficiently. This proposed hybrid security method secures the content of emails before they are sent through email using an Advanced Cipher Technique (ACT). The study suggests employing substitution and permutation to secure email content, with the fronts offered by email systems acting as keys.

&#x0D; &#x0D; &#x0D; &#x0D; The vast growth in electronic trading and monetary transactions results to increase the importance of E-commerce applications rapidly. In order to accomplish the fully functioning, reliable, scalable, secure, efficient and user-friendly E-commerce applications, sufficient system analysis and design processes are important. Shopping over the internet requires offering secure payment method.&#x0D; Providing security for each individual online consumer at the same time (particularly for large websites) is a time-consuming effort that can result in a variety of issues, including response delays, customer orders being lost, and system freeze or crash, all of which impair system performance.&#x0D; This work seeks to present a new multi-agent system prototype structure that solves the challenge of security while avoiding issues that might degrade system performance. By creating integrated system taking into account the three parties the e-commerce, the e-bank and the customer, the main concentration is to create an archeticture that helps in decreasing the website traffic and supportng the security with effective performance. To simulate the real systems a recommendation system is created based on the customer behaviors to increase system performance in helping the customers to find their favorite products and solve problems like cold start, sparsity of user‐item matrix, scalability, and changes in user interest.&#x0D; This is done by creating a commercial environment (e-commerce and e-bank websites) and a software agent that is installed on the client's device to handle the purchase and ciphering procedures without the need for the consumer to intervene. The security process involve preprocessing phase followed by a modified lightweight AES employing chaotic tent map to generate encryption key.&#x0D; &#x0D; &#x0D; &#x0D;

Purpose Until now, a lot of research has been done and applied to provide security and original data from one user to another, such as third-party auditing and several schemes for securing the data, such as the generation of the key with the help of encryption algorithms like Rivest–Shamir–Adleman and others. Here are some of the related works that have been done previously. Remote damage control resuscitation (RDCR) scheme by Yan et al. (2017) is proposed based on the minimum bandwidth. By enabling the third party to perform the verification of public integrity. Although it supports the repair management for the corrupt data and tries to recover the original data, in practicality it fails to do so, and thus it takes more computation and communication cost than our proposed system. In a paper by Chen et al. (2015), using broadcast encryption, an idea for cloud storage data sharing has been developed. This technique aims to accomplish both broadcast data and dynamic sharing, allowing users to join and leave a group without affecting the electronic press kit (EPK). In this case, the theoretical notion was true and new, but the system’s practicality and efficiency were not acceptable, and the system’s security was also jeopardised because it proposed adding a member without altering any keys. In this research, an identity-based encryption strategy for data sharing was investigated, as well as key management and metadata techniques to improve model security (Jiang and Guo, 2017). The forward and reverse ciphertext security is supplied here. However, it is more difficult to put into practice, and one of its limitations is that it can only be used for very large amounts of cloud storage. Here, it extends support for dynamic data modification by batch auditing. The important feature of the secure and efficient privacy preserving provable data possession in cloud storage scheme was to support every important feature which includes data dynamics, privacy preservation, batch auditing and blockers verification for an untrusted and an outsourced storage model (Pathare and Chouragadec, 2017). A homomorphic signature mechanism was devised to prevent the usage of the public key certificate, which was based on the new id. This signature system was shown to be resistant to the id attack on the random oracle model and the assault of forged message (Nayak and Tripathy, 2018; Lin et al., 2017). When storing data in a public cloud, one issue is that the data owner must give an enormous number of keys to the users in order for them to access the files. At this place, the knowledge assisted software engineering (KASE) plan was publicly unveiled for the first time. While sharing a huge number of documents, the data owner simply has to supply the specific key to the user, and the user only needs to provide the single trapdoor. Although the concept is innovative, the KASE technique does not apply to the increasingly common manufactured cloud. Cui et al. (2016) claim that as the amount of data grows, distribution management system (DMS) will be unable to handle it. As a result, various proven data possession (PDP) schemes have been developed, and practically all data lacks security. So, here in these certificates, PDP was introduced, which was based on bilinear pairing. Because of its feature of being robust as well as efficient, this is mostly applicable in DMS. The main purpose of this research is to design and implement a secure cloud infrastructure for sharing group data. This research provides an efficient and secure protocol for multiple user data in the cloud, allowing many users to easily share data. Design/methodology/approach The methodology and contribution of this paper is given as follows. The major goal of this study is to design and implement a secure cloud infrastructure for sharing group data. This study provides an efficient and secure protocol for multiple user data in cloud, allowing several users to share data without difficulty. The primary purpose of this research is to design and implement a secure cloud infrastructure for sharing group data. This research develops an efficient and secure protocol for multiple user data in the cloud, allowing numerous users to exchange data without difficulty. Selection scheme design (SSD) comprises two algorithms; first algorithm is designed for limited users and algorithm 2 is redesigned for the multiple users. Further, the authors design SSD-security protocol which comprises a three-phase model, namely, Phase 1, Phase 2 and Phase 3. Phase 1 generates the parameters and distributes the private key, the second phase generates the general key for all the users that are available and third phase is designed to prevent the dishonest user to entertain in data sharing. Findings Data sharing in cloud computing provides unlimited computational resources and storage to enterprise and individuals; moreover, cloud computing leads to several privacy and security concerns such as fault tolerance, reliability, confidentiality and data integrity. Furthermore, the key consensus mechanism is fundamental cryptographic primitive for secure communication; moreover, motivated by this phenomenon, the authors developed SSDmechanismwhich embraces the multiple users in the data-sharing model. Originality/value Files shared in the cloud should be encrypted for security purpose; later these files are decrypted for the users to access the file. Furthermore, the key consensus process is a crucial cryptographic primitive for secure communication; additionally, the authors devised the SSD mechanism, which incorporates numerous users in the data-sharing model, as a result of this phenomena. For evaluation of the SSD method, the authors have considered the ideal environment of the system, that is, the authors have used java as a programming language and eclipse as the integrated drive electronics tool for the proposed model evaluation. Hardware configuration of the model is such that it is packed with 4 GB RAM and i7 processor, the authors have used the PBC library for the pairing operations (PBC Library, 2022). Furthermore, in the following section of this paper, the number of users is varied to compare with the existing methodology RDIC (Li et al., 2020). For the purposes of the SSD-security protocol, a prime number is chosen as the number of users in this work.

Introduction This article is a study in anxiety with regard to social online spaces (SOS) conceived of as dark. There are two possible ways to define ‘dark’ in this context. The first is that communication is dark because it either has limited distribution, is not open to all users (closed groups are a case example) or hidden. The second definition, linked as a result of the first, is the way that communication via these means is interpreted and understood. Dark social spaces disrupt the accepted top-down flow by the ‘gazing elite’ (data aggregators including social media), but anxious users might need to strain to notice what is out there, and this in turn destabilises one’s reception of the scene. In an environment where surveillance technologies are proliferating, this article examines contemporary, dark, interconnected, and interactive communications for the entangled affordances that might be brought to bear. A provocation is that resistance through counterveillance or “sousveillance” is one possibility. An alternative (or addition) is retreating to or building ‘dark’ spaces that are less surveilled and (perhaps counterintuitively) less fearful. This article considers critically the notion of dark social online spaces via four broad socio-technical concerns connected to the big social media services that have helped increase a tendency for fearful anxiety produced by surveillance and the perceived implications for personal privacy. It also shines light on the aspect of darkness where some users are spurred to actively seek alternative, dark social online spaces. Since the 1970s, public-key cryptosystems typically preserved security for websites, emails, and sensitive health, government, and military data, but this is now reduced (Williams). We have seen such systems exploited via cyberattacks and misappropriated data acquired by affiliations such as Facebook-Cambridge Analytica for targeted political advertising during the 2016 US elections. Via the notion of “parasitic strategies”, such events can be described as news/information hacks “whose attack vectors target a system’s weak points with the help of specific strategies” (von Nordheim and Kleinen-von Königslöw, 88). In accord with Wilson and Serisier’s arguments (178), emerging technologies facilitate rapid data sharing, collection, storage, and processing wherein subsequent “outcomes are unpredictable”. This would also include the effect of acquiescence. In regard to our digital devices, for some, being watched overtly—through cameras encased in toys, computers, and closed-circuit television (CCTV) to digital street ads that determine the resonance of human emotions in public places including bus stops, malls, and train stations—is becoming normalised (McStay, Emotional AI). It might appear that consumers immersed within this Internet of Things (IoT) are themselves comfortable interacting with devices that record sound and capture images for easy analysis and distribution across the communications networks. A counter-claim is that mainstream social media corporations have cultivated a sense of digital resignation “produced when people desire to control the information digital entities have about them but feel unable to do so” (Draper and Turow, 1824). Careful consumers’ trust in mainstream media is waning, with readers observing a strong presence of big media players in the industry and are carefully picking their publications and public intellectuals to follow (Mahmood, 6). A number now also avoid the mainstream internet in favour of alternate dark sites. This is done by users with “varying backgrounds, motivations and participation behaviours that may be idiosyncratic (as they are rooted in the respective person’s biography and circumstance)” (Quandt, 42). By way of connection with dark internet studies via Biddle et al. (1; see also Lasica), the “darknet” is a collection of networks and technologies used to share digital content … not a separate physical network but an application and protocol layer riding on existing networks. Examples of darknets are peer-to-peer file sharing, CD and DVD copying, and key or password sharing on email and newsgroups. As we note from the quote above, the “dark web” uses existing public and private networks that facilitate communication via the Internet. Gehl (1220; see also Gehl and McKelvey) has detailed that this includes “hidden sites that end in ‘.onion’ or ‘.i2p’ or other Top-Level Domain names only available through modified browsers or special software. Accessing I2P sites requires a special routing program ... . Accessing .onion sites requires Tor [The Onion Router]”. For some, this gives rise to social anxiety, read here as stemming from that which is not known, and an exaggerated sense of danger, which makes fight or flight seem the only options. This is often justified or exacerbated by the changing media and communication landscape and depicted in popular documentaries such as The Social Dilemma or The Great Hack, which affect public opinion on the unknown aspects of internet spaces and the uses of personal data. The question for this article remains whether the fear of the dark is justified. Consider that most often one will choose to make one’s intimate bedroom space dark in order to have a good night’s rest. We might pleasurably escape into a cinema’s darkness for the stories told therein, or walk along a beach at night enjoying unseen breezes. Most do not avoid these experiences, choosing to actively seek them out. Drawing this thread, then, is the case made here that agency can also be found in the dark by resisting socio-political structural harms. 1. Digital Futures and Anxiety of the Dark Fear of the darkI have a constant fear that something's always nearFear of the darkFear of the darkI have a phobia that someone's always there In the lyrics to the song “Fear of the Dark” (1992) by British heavy metal group Iron Maiden is a sense that that which is unknown and unseen causes fear and anxiety. Holding a fear of the dark is not unusual and varies in degree for adults as it does for children (Fellous and Arbib). Such anxiety connected to the dark does not always concern darkness itself. It can also be a concern for the possible or imagined dangers that are concealed by the darkness itself as a result of cognitive-emotional interactions (McDonald, 16). Extending this claim is this article’s non-binary assertion that while for some technology and what it can do is frequently misunderstood and shunned as a result, for others who embrace the possibilities and actively take it on it is learning by attentively partaking. Mistakes, solecism, and frustrations are part of the process. Such conceptual theorising falls along a continuum of thinking. Global interconnectivity of communications networks has certainly led to consequent concerns (Turkle Alone Together). Much focus for anxiety has been on the impact upon social and individual inner lives, levels of media concentration, and power over and commercialisation of the internet. Of specific note is that increasing commercial media influence—such as Facebook and its acquisition of WhatsApp, Oculus VR, Instagram, CRTL-labs (translating movements and neural impulses into digital signals), LiveRail (video advertising technology), Chainspace (Blockchain)—regularly changes the overall dynamics of the online environment (Turow and Kavanaugh). This provocation was born out recently when Facebook disrupted the delivery of news to Australian audiences via its service. Mainstream social online spaces (SOS) are platforms which provide more than the delivery of media alone and have been conceptualised predominantly in a binary light. On the one hand, they can be depicted as tools for the common good of society through notional widespread access and as places for civic participation and discussion, identity expression, education, and community formation (Turkle; Bruns; Cinque and Brown; Jenkins). This end of the continuum of thinking about SOS seems set hard against the view that SOS are operating as businesses with strategies that manipulate consumers to generate revenue through advertising, data, venture capital for advanced research and development, and company profit, on the other hand. In between the two polar ends of this continuum are the range of other possibilities, the shades of grey, that add contemporary nuance to understanding SOS in regard to what they facilitate, what the various implications might be, and for whom. By way of a brief summary, anxiety of the dark is steeped in the practices of privacy-invasive social media giants such as Facebook and its ancillary companies. Second are the advertising technology companies, surveillance contractors, and intelligence agencies that collect and monitor our actions and related data; as well as the increased ease of use and interoperability brought about by Web 2.0 that has seen a disconnection between technological infrastructure and social connection that acts to limit user permissions and online affordances. Third are concerns for the negative effects associated with depressed mental health and wellbeing caused by “psychologically damaging social networks”, through sleep loss, anxiety, poor body image, real world relationships, and the fear of missing out (FOMO; Royal Society for Public Health (UK) and the Young Health Movement). Here the harms are both individual and societal. Fourth is the intended acceleration toward post-quantum IoT (Fernández-Caramés), as quantum computing’s digital components are continually being miniaturised. This is coupled with advances in electrical battery capacity and interconnected telecommunications infrastructures. The result of such is that the ontogenetic capacity of the powerfully advanced network/s affords supralevel surveillance. What this means is that through devices and the services that they provide, individuals’ data is commodified (Neff and Nafus; Nissenbaum and Patterson). Personal data is enmeshed in ‘things’ requiring that the decisions that are both overt, subtle, and/or hidden (dark) are scrutinised for the various ways they shape social norms and create consequences for public discourse, cultural production, and the fabric of society (Gillespie). Data and personal information are retrievable from devices, sharable in SOS, and potentially exposed across networks. For these reasons, some have chosen to go dark by being “off the grid”, judiciously selecting their means of communications and their ‘friends’ carefully. 2. Is There Room for Privacy Any More When Everyone in SOS Is Watching? An interesting turn comes through counterarguments against overarching institutional surveillance that underscore the uses of technologies to watch the watchers. This involves a practice of counter-surveillance whereby technologies are tools of resistance to go ‘dark’ and are used by political activists in protest situations for both communication and avoiding surveillance. This is not new and has long existed in an increasingly dispersed media landscape (Cinque, Changing Media Landscapes). For example, counter-surveillance video footage has been accessed and made available via live-streaming channels, with commentary in SOS augmenting networking possibilities for niche interest groups or micropublics (Wilson and Serisier, 178). A further example is the Wordpress site Fitwatch, appealing for an end to what the site claims are issues associated with police surveillance (fitwatch.org.uk and endpolicesurveillance.wordpress.com). Users of these sites are called to post police officers’ identity numbers and photographs in an attempt to identify “cops” that might act to “misuse” UK Anti-terrorism legislation against activists during legitimate protests. Others that might be interested in doing their own “monitoring” are invited to reach out to identified personal email addresses or other private (dark) messaging software and application services such as Telegram (freeware and cross-platform). In their work on surveillance, Mann and Ferenbok (18) propose that there is an increase in “complex constructs between power and the practices of seeing, looking, and watching/sensing in a networked culture mediated by mobile/portable/wearable computing devices and technologies”. By way of critical definition, Mann and Ferenbok (25) clarify that “where the viewer is in a position of power over the subject, this is considered surveillance, but where the viewer is in a lower position of power, this is considered sousveillance”. It is the aspect of sousveillance that is empowering to those using dark SOS. One might consider that not all surveillance is “bad” nor institutionalised. It is neither overtly nor formally regulated—as yet. Like most technologies, many of the surveillant technologies are value-neutral until applied towards specific uses, according to Mann and Ferenbok (18). But this is part of the ‘grey area’ for understanding the impact of dark SOS in regard to which actors or what nations are developing tools for surveillance, where access and control lies, and with what effects into the future. 3. Big Brother Watches, So What Are the Alternatives: Whither the Gazing Elite in Dark SOS? By way of conceptual genealogy, consideration of contemporary perceptions of surveillance in a visually networked society (Cinque, Changing Media Landscapes) might be usefully explored through a revisitation of Jeremy Bentham’s panopticon, applied here as a metaphor for contemporary surveillance. Arguably, this is a foundational theoretical model for integrated methods of social control (Foucault, Surveiller et Punir, 192-211), realised in the “panopticon” (prison) in 1787 by Jeremy Bentham (Bentham and Božovič, 29-95) during a period of social reformation aimed at the improvement of the individual. Like the power for social control over the incarcerated in a panopticon, police power, in order that it be effectively exercised, “had to be given the instrument of permanent, exhaustive, omnipresent surveillance, capable of making all visible … like a faceless gaze that transformed the whole social body into a field of perception” (Foucault, Surveiller et Punir, 213–4). In grappling with the impact of SOS for the individual and the collective in post-digital times, we can trace out these early ruminations on the complex documentary organisation through state-controlled apparatuses (such as inspectors and paid observers including “secret agents”) via Foucault (Surveiller et Punir, 214; Subject and Power, 326-7) for comparison to commercial operators like Facebook. Today, artificial intelligence (AI), facial recognition technology (FRT), and closed-circuit television (CCTV) for video surveillance are used for social control of appropriate behaviours. Exemplified by governments and the private sector is the use of combined technologies to maintain social order, from ensuring citizens cross the street only on green lights, to putting rubbish in the correct recycling bin or be publicly shamed, to making cashless payments in stores. The actions see advantages for individual and collective safety, sustainability, and convenience, but also register forms of behaviour and attitudes with predictive capacities. This gives rise to suspicions about a permanent account of individuals’ behaviour over time. Returning to Foucault (Surveiller et Punir, 135), the impact of this finds a dissociation of power from the individual, whereby they become unwittingly impelled into pre-existing social structures, leading to a ‘normalisation’ and acceptance of such systems. If we are talking about the dark, anxiety is key for a Ministry of SOS. Following Foucault again (Subject and Power, 326-7), there is the potential for a crawling, creeping governance that was once distinct but is itself increasingly hidden and growing. A blanket call for some form of ongoing scrutiny of such proliferating powers might be warranted, but with it comes regulation that, while offering certain rights and protections, is not without consequences. For their part, a number of SOS platforms had little to no moderation for explicit content prior to December 2018, and in terms of power, notwithstanding important anxiety connected to arguments that children and the vulnerable need protections from those that would seek to take advantage, this was a crucial aspect of community building and self-expression that resulted in this freedom of expression. In unearthing the extent that individuals are empowered arising from the capacity to post sexual self-images, Tiidenberg ("Bringing Sexy Back") considered that through dark SOS (read here as unregulated) some users could work in opposition to the mainstream consumer culture that provides select and limited representations of bodies and their sexualities. This links directly to Mondin’s exploration of the abundance of queer and feminist pornography on dark SOS as a “counterpolitics of visibility” (288). This work resulted in a reasoned claim that the technological structure of dark SOS created a highly political and affective social space that users valued. What also needs to be underscored is that many users also believed that such a space could not be replicated on other mainstream SOS because of the differences in architecture and social norms. Cho (47) worked with this theory to claim that dark SOS are modern-day examples in a history of queer individuals having to rely on “underground economies of expression and relation”. Discussions such as these complicate what dark SOS might now become in the face of ‘adult’ content moderation and emerging tracking technologies to close sites or locate individuals that transgress social norms. Further, broader questions are raised about how content moderation fits in with the public space conceptualisations of SOS more generally. Increasingly, “there is an app for that” where being able to identify the poster of an image or an author of an unknown text is seen as crucial. While there is presently no standard approach, models for combining instance-based and profile-based features such as SVM for determining authorship attribution are in development, with the result that potentially far less content will remain hidden in the future (Bacciu et al.). 4. There’s Nothing New under the Sun (Ecclesiastes 1:9) For some, “[the] high hopes regarding the positive impact of the Internet and digital participation in civic society have faded” (Schwarzenegger, 99). My participant observation over some years in various SOS, however, finds that critical concern has always existed. Views move along the spectrum of thinking from deep scepticisms (Stoll, Silicon Snake Oil) to wondrous techo-utopian promises (Negroponte, Being Digital). Indeed, concerns about the (then) new technologies of wireless broadcasting can be compared with today’s anxiety over the possible effects of the internet and SOS. Inglis (7) recalls, here, too, were fears that humanity was tampering with some dangerous force; might wireless wave be causing thunderstorms, droughts, floods? Sterility or strokes? Such anxieties soon evaporated; but a sense of mystery might stay longer with evangelists for broadcasting than with a laity who soon took wireless for granted and settled down to enjoy the products of a process they need not understand. As the analogy above makes clear, just as audiences came to use ‘the wireless’ and later the internet regularly, it is reasonable to argue that dark SOS will also gain widespread understanding and find greater acceptance. Dark social spaces are simply the recent development of internet connectivity and communication more broadly. The dark SOS afford choice to be connected beyond mainstream offerings, which some users avoid for their perceived manipulation of content and user both. As part of the wider array of dark web services, the resilience of dark social spaces is reinforced by the proliferation of users as opposed to decentralised replication. Virtual Private Networks (VPNs) can be used for anonymity in parallel to TOR access, but they guarantee only anonymity to the client. A VPN cannot guarantee anonymity to the server or the internet service provider (ISP). While users may use pseudonyms rather than actual names as seen on Facebook and other SOS, users continue to take to the virtual spaces they inhabit their off-line, ‘real’ foibles, problems, and idiosyncrasies (Chenault). To varying degrees, however, people also take their best intentions to their interactions in the dark. The hyper-efficient tools now deployed can intensify this, which is the great advantage attracting some users. In balance, however, in regard to online information access and dissemination, critical examination of what is in the public’s interest, and whether content should be regulated or controlled versus allowing a free flow of information where users self-regulate their online behaviour, is fraught. O’Loughlin (604) was one of the first to claim that there will be voluntary loss through negative liberty or freedom from (freedom from unwanted information or influence) and an increase in positive liberty or freedom to (freedom to read or say anything); hence, freedom from surveillance and interference is a kind of negative liberty, consistent with both libertarianism and liberalism. Conclusion The early adopters of initial iterations of SOS were hopeful and liberal (utopian) in their beliefs about universality and ‘free’ spaces of open communication between like-minded others. This was a way of virtual networking using a visual motivation (led by images, text, and sounds) for consequent interaction with others (Cinque, Visual Networking). The structural transformation of the public sphere in a Habermasian sense—and now found in SOS and their darker, hidden or closed social spaces that might ensure a counterbalance to the power of those with influence—towards all having equal access to platforms for presenting their views, and doing so respectfully, is as ever problematised. Broadly, this is no more so, however, than for mainstream SOS or for communicating in the world. References Bacciu, Andrea, Massimo La Morgia, Alessandro Mei, Eugenio Nerio Nemmi, Valerio Neri, and Julinda Stefa. “Cross-Domain Authorship Attribution Combining Instance Based and Profile-Based Features.” CLEF (Working Notes). Lugano, Switzerland, 9-12 Sep. 2019. Bentham, Jeremy, and Miran Božovič. The Panopticon Writings. London: Verso Trade, 1995. Biddle, Peter, et al. “The Darknet and the Future of Content Distribution.” Proceedings of the 2002 ACM Workshop on Digital Rights Management. Vol. 6. Washington DC, 2002. Bruns, Axel. Blogs, Wikipedia, Second Life, and Beyond: From Production to Produsage. New York: Peter Lang, 2008. Chenault, Brittney G. “Developing Personal and Emotional Relationships via Computer-Mediated Communication.” CMC Magazine 5.5 (1998). 1 May 2020 &lt;http://www.december.com/cmc/mag/1998/may/chenault.html&gt;. Cho, Alexander. “Queer Reverb: Tumblr, Affect, Time.” Networked Affect. Eds. K. Hillis, S. Paasonen, and M. Petit. Cambridge, Mass.: MIT Press, 2015: 43-58. Cinque, Toija. Changing Media Landscapes: Visual Networking. London: Oxford UP, 2015. ———. “Visual Networking: Australia's Media Landscape.” Global Media Journal: Australian Edition 6.1 (2012): 1-8. Cinque, Toija, and Adam Brown. “Educating Generation Next: Screen Media Use, Digital Competencies, and Tertiary Education.” Digital Culture &amp; Education 7.1 (2015). Draper, Nora A., and Joseph Turow. “The Corporate Cultivation of Digital Resignation.” New Media &amp; Society 21.8 (2019): 1824-1839. Fellous, Jean-Marc, and Michael A. Arbib, eds. Who Needs Emotions? The Brain Meets the Robot. New York: Oxford UP, 2005. Fernández-Caramés, Tiago M. “From Pre-Quantum to Post-Quantum IoT Security: A Survey on Quantum-Resistant Cryptosystems for the Internet of Things.” IEEE Internet of Things Journal 7.7 (2019): 6457-6480. Foucault, Michel. Surveiller et Punir: Naissance de la Prison [Discipline and Punish—The Birth of The Prison]. Trans. Alan Sheridan. New York: Random House, 1977. Foucault, Michel. “The Subject and Power.” Michel Foucault: Power, the Essential Works of Michel Foucault 1954–1984. Vol. 3. Trans. R. Hurley and others. Ed. J.D. Faubion. London: Penguin, 2001. Gehl, Robert W. Weaving the Dark Web: Legitimacy on Freenet, Tor, and I2P. Cambridge, Massachusetts: MIT Press, 2018. Gehl, Robert, and Fenwick McKelvey. “Bugging Out: Darknets as Parasites of Large-Scale Media Objects.” Media, Culture &amp; Society 41.2 (2019): 219-235. Gillespie, Tarleton. Custodians of the Internet: Platforms, Content Moderation, and the Hidden Decisions That Shape Social Media. London: Yale UP, 2018. Habermas, Jürgen. The Structural Transformation of the Public Sphere: An Inquiry into a Category of Bourgeois Society. Trans. Thomas Burger with the assistance of Frederick Lawrence. Cambridge, Mass.: MIT Press, 1989. Inglis, Ken S. This Is the ABC: The Australian Broadcasting Commission 1932–1983. Melbourne: Melbourne UP, 1983. Iron Maiden. “Fear of the Dark.” London: EMI, 1992. Jenkins, Henry. Convergence Culture: Where Old and New Media Collide. New York: New York UP, 2006. Lasica, J. D. Darknet: Hollywood’s War against the Digital Generation. New York: John Wiley and Sons, 2005. Mahmood, Mimrah. “Australia's Evolving Media Landscape.” 13 Apr. 2021 &lt;https://www.meltwater.com/en/resources/australias-evolving-media-landscape&gt;. Mann, Steve, and Joseph Ferenbok. “New Media and the Power Politics of Sousveillance in a Surveillance-Dominated World.” Surveillance &amp; Society 11.1/2 (2013): 18-34. McDonald, Alexander J. “Cortical Pathways to the Mammalian Amygdala.” Progress in Neurobiology 55.3 (1998): 257-332. McStay, Andrew. Emotional AI: The Rise of Empathic Media. London: Sage, 2018. Mondin, Alessandra. “‘Tumblr Mostly, Great Empowering Images’: Blogging, Reblogging and Scrolling Feminist, Queer and BDSM Desires.” Journal of Gender Studies 26.3 (2017): 282-292. Neff, Gina, and Dawn Nafus. Self-Tracking. Cambridge, Mass.: MIT Press, 2016. Negroponte, Nicholas. Being Digital. New York: Alfred A. Knopf, 1995. Nissenbaum, Helen, and Heather Patterson. “Biosensing in Context: Health Privacy in a Connected World.” Quantified: Biosensing Technologies in Everyday Life. Ed. Dawn Nafus. 2016. 68-79. O’Loughlin, Ben. “The Political Implications of Digital Innovations.” Information, Communication and Society 4.4 (2001): 595–614. Quandt, Thorsten. “Dark Participation.” Media and Communication 6.4 (2018): 36-48. Royal Society for Public Health (UK) and the Young Health Movement. “#Statusofmind.” 2017. 2 Apr. 2021 &lt;https://www.rsph.org.uk/our-work/campaigns/status-of-mind.html&gt;. Statista. “Number of IoT devices 2015-2025.” 27 Nov. 2020 &lt;https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/&gt;. Schwarzenegger, Christian. “Communities of Darkness? Users and Uses of Anti-System Alternative Media between Audience and Community.” Media and Communication 9.1 (2021): 99-109. Stoll, Clifford. Silicon Snake Oil: Second Thoughts on the Information Highway. Anchor, 1995. Tiidenberg, Katrin. “Bringing Sexy Back: Reclaiming the Body Aesthetic via Self-Shooting.” Cyberpsychology: Journal of Psychosocial Research on Cyberspace 8.1 (2014). The Great Hack. Dirs. Karim Amer, Jehane Noujaim. Netflix, 2019. The Social Dilemma. Dir. Jeff Orlowski. Netflix, 2020. Turkle, Sherry. The Second Self: Computers and the Human Spirit. Cambridge, Mass.: MIT Press, 2005. Turkle, Sherry. Alone Together: Why We Expect More from Technology and Less from Each Other. UK: Hachette, 2017. Turow, Joseph, and Andrea L. Kavanaugh, eds. The Wired Homestead: An MIT Press Sourcebook on the Internet and the Family. Cambridge, Mass.: MIT Press, 2003. Von Nordheim, Gerret, and Katharina Kleinen-von Königslöw. “Uninvited Dinner Guests: A Theoretical Perspective on the Antagonists of Journalism Based on Serres’ Parasite.” Media and Communication 9.1 (2021): 88-98. Williams, Chris K. “Configuring Enterprise Public Key Infrastructures to Permit Integrated Deployment of Signature, Encryption and Access Control Systems.” MILCOM 2005-2005 IEEE Military Communications Conference. IEEE, 2005. Wilson, Dean, and Tanya Serisier. “Video Activism and the Ambiguities of Counter-Surveillance.” Surveillance &amp; Society 8.2 (2010): 166-180.