Journal of Systems Architecture最新文献

{"title":"SECP-AKE: Secure and efficient certificateless-password-based authenticated key exchange protocol for smart healthcare systems","authors":"Zhiqiang Zhao ,&nbsp;Xuexian Hu ,&nbsp;Yining Liu ,&nbsp;Jianghong Wei ,&nbsp;Yuanjun Xia ,&nbsp;Yangfan Liang","doi":"10.1016/j.sysarc.2025.103485","DOIUrl":"10.1016/j.sysarc.2025.103485","url":null,"abstract":"<div><div>Due to the importance and sensitivity of medical data, the security protection and privacy preservation of the Healthcare Internet of Things (IoT) are current research hotspots. However, existing research schemes still suffer from incomplete security properties, imperfect authentication mechanisms, and inadequate privacy preservation. Therefore, this paper presents SECP-AKE, a secure and efficient certificateless-password-based authenticated key exchange protocol for IoT-based smart healthcare, which enables batch authentication, resists physical attacks, and provides strong anonymity. Specifically, using certificateless cryptography, the SECP-AKE protocol enables batch authentication of authorized users and devices while also resolving the key escrow problem. In particular, the SECP-AKE protocol incorporates Physical Unclonable Functions (PUFs) to resist physical attacks, thus enhancing device security and ensuring reliable medical service delivery. Additionally, the design of a pseudonym update mechanism can achieve user unlinkability, thereby providing enhanced privacy preservation. The results from both formal verification using SVO logic and informal security analyses demonstrate that the SECP-AKE protocol is secure and offers more comprehensive security properties. Meanwhile, the use of a well-known automated security verification tool Scyther further evaluates the protocol’s security reliability. Ultimately, comparative experiments on communication overhead and computational overhead demonstrate that the SECP-AKE protocol is efficient and feasible compared to state-of-the-art existing works.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103485"},"PeriodicalIF":3.7,"publicationDate":"2025-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144335670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Is it worth the energy? An in-depth study on the energy efficiency of data augmentation strategies for finetuning-based low/few-shot object detection","authors":"Vladislav Li ,&nbsp;Georgios Tsoumplekas ,&nbsp;Ilias Siniosoglou ,&nbsp;Panagiotis Sarigiannidis ,&nbsp;Vasileios Argyriou","doi":"10.1016/j.sysarc.2025.103484","DOIUrl":"10.1016/j.sysarc.2025.103484","url":null,"abstract":"<div><div>Current methods for low- and few-shot object detection have primarily focused on enhancing model performance for detecting objects. One common approach to achieve this is by combining model finetuning with data augmentation strategies. However, little attention has been given to the energy efficiency of these approaches in data-scarce regimes. This paper seeks to conduct a comprehensive empirical study that examines both model performance and energy efficiency of custom data augmentations and automated data augmentation selection strategies when combined with a lightweight object detector. The methods are evaluated in four different benchmark datasets in terms of their performance and energy consumption, providing valuable insights regarding reaching an optimal tradeoff between these two objectives. Additionally, to better quantify this tradeoff, we propose a novel metric named modified Efficiency Factor that combines both of these conflicting objectives in a single metric and thus enables gaining insights into the effectiveness of the examined models and data augmentation strategies when considering both performance and efficiency. Consequently, it is shown that while some broader guidelines regarding appropriate data augmentation selections can be provided based on the obtained performance and energy efficiency results, in many cases, the performance gains of data augmentation strategies are overshadowed by their increased energy usage, necessitating the development of more energy-efficient data augmentation strategies to address data scarcity.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103484"},"PeriodicalIF":3.7,"publicationDate":"2025-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144321989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive review on hardware implementations of lattice-based cryptographic schemes","authors":"Shaik Ahmadunnisa,&nbsp;Sudha Ellison Mathe","doi":"10.1016/j.sysarc.2025.103486","DOIUrl":"10.1016/j.sysarc.2025.103486","url":null,"abstract":"<div><div>The rise in threats from large-scale quantum computer has driven significant advancements in the field of Post Quantum Cryptography (PQC). In this context, the National Institute of Standards and Technology (NIST) has initiated a call to standardize PQC schemes. Among all the PQC schemes, lattice-based cryptography (LBC) is considered one of the most viable due to its robust security proofs and ease of implementation. In this paper, we survey the mathematical hardness of lattice-based schemes, and provide a comprehensive review of the existing hardware implementations for LBC schemes. Further, we also provide a review of the hardware optimization techniques involved in the existing designs. We give certain approaches for advancing our research to ensure an efficient and secure cryptosystem.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103486"},"PeriodicalIF":3.7,"publicationDate":"2025-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144321803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Lightweight and anonymous certificateless signcryption scheme for multi-receiver","authors":"Qingqing Xie,&nbsp;Liangqing Song","doi":"10.1016/j.sysarc.2025.103482","DOIUrl":"10.1016/j.sysarc.2025.103482","url":null,"abstract":"<div><div>This paper proposes an innovative certificateless signcryption scheme, which achieves lightweight computation and anonymity for both the sender and the receiver. By replacing the bilinear operation with elliptic curve scalar multiplication, the proposed scheme significantly reduces computational overhead, making it suitable for resource-limited devices. Furthermore, the scheme achieves the anonymity of both sender and receiver, by embedding the sender’s real identity within the set of disguises and concealing the receiver’s identity through pseudonyms. It also supports multiple receivers. It achieves a signcryption time of 1.134 ms, an unsigncryption time of 0.542 ms, and a ciphertext size of 280 bytes. Compared with some existing schemes that achieve sender or receiver anonymity and involve no pairing operations, the cost of signcryption and unsigncryption is reduced by 50% and 86% at most respectively. Through a formal security proof, we demonstrate that the proposed scheme ensures confidentiality and unforgeability.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103482"},"PeriodicalIF":3.7,"publicationDate":"2025-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144321801","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Synchronous VS asynchronous reconfiguration of Memory Bandwidth Management Schemes: A comparative analysis","authors":"Andrea Serafini ,&nbsp;Alessandro Biasci ,&nbsp;Bruno Morelli ,&nbsp;Paolo Valente ,&nbsp;Andrea Marongiu","doi":"10.1016/j.sysarc.2025.103483","DOIUrl":"10.1016/j.sysarc.2025.103483","url":null,"abstract":"<div><div>Memory bandwidth contention may severely inflate the execution time of tasks co-running on modern Commercial Off-The-Shelf (COTS) multicores. An effective and widely deployed solution to mitigate the problem is <em>bandwidth regulation</em>, a technique to limit the available memory bandwidth for those cores that are not executing time-critical <em>tasks</em>. The granularity at which time-critical activities can be identified at the core level can be in fact even finer than a whole task, and just span smaller <em>memory-critical section</em> (MCS) therein. As the co-presence of MCS and non-critical task portions in the system dynamically changes over time, <em>bandwidth regulators</em> require more or less frequent <em>reconfiguration</em> of their parameters. Similar <em>reconfiguration techniques</em> thus represent a central component of dynamic <em>Memory Bandwidth Management Schemes</em> (MBMS). In particular, the overhead and latency of such a component determine the feasibility and control granularity of the overall bandwidth-regulation solution. The literature extensively covers low-level bandwidth regulation mechanisms and – to some extent – their integration in wider MBMSs, yet no in-depth analysis is currently available of the impact of <em>reconfiguration techniques</em>. This paper addresses this issue by proposing a comparative analysis of the two basic approaches to <em>reconfiguring</em> bandwidth regulators in a system: <em>synchronous</em> and <em>asynchronous</em> schemes. The analysis, performed on a real-world setup with both synthetic and real-world benchmarks, shows that the asynchronous technique improves the control granularity of a bandwidth regulator by a factor of up to 19x, moving from the <em>ms</em> to the <span><math><mi>μ</mi></math></span><em>s</em> scale.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103483"},"PeriodicalIF":3.7,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144313789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A secure data sharing scheme based on searchable public key encryption for authorized multi-receiver","authors":"Huan Li ,&nbsp;Lunzhi Deng ,&nbsp;Yating Gu ,&nbsp;Na Wang ,&nbsp;Yanli Chen ,&nbsp;Siwei Li","doi":"10.1016/j.sysarc.2025.103489","DOIUrl":"10.1016/j.sysarc.2025.103489","url":null,"abstract":"<div><div>To ensure data confidentiality, data sharers usually choose to encrypt the data before uploading it to cloud storage. Data sharing is an important way to realize the value of data. Therefore, how to share encrypted data stored in the cloud among authorized users is a pressing issue that needs to be addressed. Public key encryption schemes with keyword search provide an effective solution to this problem. In this paper, we first analyze Yang et al.’ scheme Yang et al. (2023), and point out that the scheme does not realize the indistinguishability of ciphertext and trapdoor. Then, we propose a new data sharing scheme with searchable public key encryption for authorized multi-receiver (SDS-SPKE), which not only realizes the search function, but also realizes the key update, user revocation. Additionally, we provide the security proofs of the scheme, which reveals that our scheme realizes the indistinguishability of ciphertext and trapdoor, and solves the problem of single-key-exposure. Finally, we compare the performance of SDS-SPKE with five other searchable encryption schemes, and the experimental results show that our scheme offers superior efficiency.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103489"},"PeriodicalIF":3.7,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144307666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DTB+: An enhanced data management strategy for efficient RMW reduction in IMR drives","authors":"Fangxing Yu ,&nbsp;Chi Zhang ,&nbsp;Menghan Li ,&nbsp;Zhike Li ,&nbsp;Shiqiang Nie ,&nbsp;Weiguo Wu","doi":"10.1016/j.sysarc.2025.103479","DOIUrl":"10.1016/j.sysarc.2025.103479","url":null,"abstract":"<div><div>The emerging Interlaced Magnetic Recording (IMR) technology not only achieves higher storage density than SMR, but also significantly reduces rewrite overhead by dividing tracks into bottom and top tracks and organizing them in an interlaced fashion. However, frequent updates to the bottom track can trigger a large number of Read-Modify-Write (RMW) operations during high disk space utilization, which can severely degrade the I/O performance. Addressing this issue, this paper proposes an interlaced translation layer named DTB+ to improve the write performance of IMR disks. Firstly, a workload-sensitive track heat analysis mechanism is introduced to intelligently place data to reduce track rewrite probability. Simultaneously, the zero-incremental cost region is selectively used to construct a twin-buffer architecture to reduce RMW operations. In addition, an adaptive space allocation engine based on reinforcement learning was developed to flexibly allocate and reclaim space within the twin-buffer, improving disk resource utilization. Finally, establish a flexible evicted-data transfer zone to delay the writeback operations of interference data, further reducing the additional overhead. Experimental results indicate that compared with the state-of-the-art studies, DTB+ can reduce RMWs by 63.00% and additional I/O operations by 57.41%, decrease the average write latency by 37.77%, and lower the tail latency by 53.95%.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103479"},"PeriodicalIF":3.7,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144280196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Mul_STK: Efficient and privacy-preserving query with spatio-temporal-keyword multiple attributes in cloud computing","authors":"Lu Xing ,&nbsp;Haiyong Bao ,&nbsp;Menghong Guan ,&nbsp;Jing Wang ,&nbsp;Qinglei Kong ,&nbsp;Hong-Ning Dai ,&nbsp;Cheng Huang","doi":"10.1016/j.sysarc.2025.103490","DOIUrl":"10.1016/j.sysarc.2025.103490","url":null,"abstract":"<div><div>With the explosive growth of spatio-temporal-keyword data and the popularity of cloud computing, data owners often encrypt and outsource massive data to cloud servers to provide secure query services. To improve query efficiency, cloud servers typically optimize the organization of massive spatio-temporal data for efficient keyword-based query. However, for the multi-attribute query, the existing works lack an integrated coding theory, which cannot realize a parallelized and efficient query. Moreover, the existing serialized query for each attribute is inefficient and leads to users’ privacy leakage. To address these issues, we propose a privacy-preserving and efficient multi-attribute query scheme in cloud computing for massive data scenarios (Mul_STK), which can realize the following two guarantees for outsourced computing. Firstly, to realize the parallelized and efficient query with multiple attributes, we design a multi-attribute unified encoding technique to encode multiple attributes into unified vectors and construct an STK-BH tree structure. We further design an efficient filtration-verification query algorithm based on the STK-BH tree to fully utilize the characteristics of multi-dimensional attributes and realize parallelized dynamic pruning query. Secondly, to realize a secure multi-attribute query, three secure atomic predicate encryption protocols are constructed based on techniques of improved symmetric homomorphic encryption (iSHE), advanced encryption standard (AES), and lightweight matrix encryption. In addition, we combine these secure protocols with the efficient filtration-verification algorithm to propose Mul_STK, which guarantees the balance between efficiency and privacy-preservation in cloud computing environments. Security analysis and experiments show that Mul_STK achieves high query efficiency in cloud computing while ensuring data privacy, query privacy, and access pattern privacy.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103490"},"PeriodicalIF":3.7,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144321800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Engineering SRAM-PUF on Arduino microcontroller","authors":"Mario Barbareschi ,&nbsp;Franco Cirillo ,&nbsp;Christian Esposito ,&nbsp;Nicola Mazzocca","doi":"10.1016/j.sysarc.2025.103466","DOIUrl":"10.1016/j.sysarc.2025.103466","url":null,"abstract":"<div><div>The emergence of the Internet of Things (IoT) enables both people and devices to access services, data, and actuator control from remote locations, even spanning thousands of miles. Ensuring authentication, communication integrity, and confidentiality for IoT devices is essential for systems security and still an open challenge too. In this context, Physical Unclonable Functions (PUFs) have gained significant attention due to their ability to generate stable, tamper-resistant, and random fingerprints that can be successfully exploited to provide cryptography keys or to implement authentication schemes. However, PUFs necessitate dedicated hardware, making them costly and available only in specific designs, thereby impeding their broader adoption. In this paper, we enable the usage of static random access memory (SRAM)-based PUF on Arduino UNO device, an open-source board implemented upon an ATMega328P, without requiring special hardware. We analyze SRAM PUF quality parameters and how to reconstruct a reliable cryptography key by engineering a fuzzy extractor. Additionally, we design a secure bootloader as root-of-trust and, as a case study, we detail how to authenticate Arduino Sketches and how to implement an authentication scheme.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103466"},"PeriodicalIF":3.7,"publicationDate":"2025-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144298563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IATS: Information-age aware task scheduling for vehicle-road-cloud cooperative systems","authors":"Sijie Lin ,&nbsp;Liying Li ,&nbsp;Jining Chen ,&nbsp;Peijin Cong ,&nbsp;Tian Wang ,&nbsp;Junlong Zhou","doi":"10.1016/j.sysarc.2025.103480","DOIUrl":"10.1016/j.sysarc.2025.103480","url":null,"abstract":"<div><div>As the Internet of Things (IoT) continues to evolve at an unprecedented pace, smart vehicles can now support various real-time applications like object detection that require timely situational awareness. The freshness of state information is critical for these time-sensitive applications, as it directly affects the timeliness and accuracy of situational awareness. Fresh state information enables smart vehicles to make correct decisions in dynamic environments. However, this aspect is often ignored in prior work. Besides, these applications are typically computation-intensive, posing a challenge to resource-limited smart vehicles. Considering that the state information’s freshness can be characterized using the age of information (AoI) and the vehicle-road-cloud computing architecture is effective in integrating the resources of roadside units and the cloud to assist with processing tasks for vehicles, to minimize the system’s long-term average AoI without violating delay and energy constraints, this paper explores the AoI-aware task scheduling problem in a vehicle-road-cloud cooperative system. To achieve this goal, we first develop an AoI model tailored for smart vehicles within the cooperative system and formulate an AoI optimization problem. In order to tackle the proposed issue, we design a multi-agent reinforcement learning-based task scheduling method that can perform task scheduling in complex, dynamic, and decentralized decision-making environments. The algorithm iteratively trains the network continuously such that all agents obtain the optimal scheduling strategy. Finally, we implement extensive simulations and testbed-based experiments to validate our method. The results indicate that our method reduces the average AoI by 81.91% on average and 95.23% at the highest compared to benchmarking approaches.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103480"},"PeriodicalIF":3.7,"publicationDate":"2025-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144298562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}