{"title":"Designing usability/user experience heuristics to evaluate e-assessments administered to children","authors":"Florence Lehnert , Sophie Doublet , Gavin Sim","doi":"10.1016/j.csi.2024.103933","DOIUrl":"10.1016/j.csi.2024.103933","url":null,"abstract":"<div><div>The application of electronic assessments (e-assessments) has increased, particularly among elementary-school-aged children. Paper-based assessments are frequently converted into digital formats for efficiency gains, with little thought given to their user experience (UX) and usability. Individual differences, particularly among young children, can inhibit test-takers from completing the assessment tasks that are not designed to match their needs and abilities. Consequently, studies have raised concerns about the generalizability and fairness of e-assessments. Whereas heuristic evaluation is a standard method for evaluating and enhancing the efficacy of a product with respect to a set of guidelines, more information is needed about its added value when designing e-assessments for children. This paper synthesizes heuristics on the basis of the literature and expert judgments to accommodate children's abilities for interacting with e-assessment platforms. We present a final set of 10 heuristics, validated and refined by applying a heuristic evaluation workshop and collecting 24 expert surveys. The results indicate that the derived heuristics can help evaluate the UX and usability-related aspects of e-assessments with 6- to 12-year-old children. Moreover, the present paper proposes recommendations for a framework for developing usability/UX heuristics that can be used to help researchers develop domain-specific heuristics in the future.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103933"},"PeriodicalIF":4.1,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142532400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Deepa R , Karthick R , Jayaraj Velusamy , Senthilkumar R
{"title":"Performance analysis of multiple-input multiple-output orthogonal frequency division multiplexing system using arithmetic optimization algorithm","authors":"Deepa R , Karthick R , Jayaraj Velusamy , Senthilkumar R","doi":"10.1016/j.csi.2024.103934","DOIUrl":"10.1016/j.csi.2024.103934","url":null,"abstract":"<div><div>This research aims to optimize the interference mitigation and improve system performance metrics, such as bit error rates, inter-carrier interference (ICI), and inter-symbol interference (ISI), by integrating the Redundant Discrete Wavelet Transform (RDWT) with the Arithmetic Optimization Algorithm (AOA). This will increase the spectral efficiency of MIMO<img>OFDM systems for ultra-high data rate (UHDR) transmission in 5 G networks. The most important contribution of this study is the innovative combination of RDWT and AOA, which effectively addresses the down sampling issues in DWT-OFDM systems and significantly improves both error rates and data rates in high-speed wireless communication. Fifth-generation wireless networks require transmission at ultra-high data rates, which necessitates reducing ISI and ICI. Multiple-input multiple-output orthogonal frequency division multiplexing (MIMO<img>OFDM) is employed to achieve the UHDR. The bandwidth and orthogonality of DWT-OFDM (discrete wavelet transform-based OFDM) are increased; however system performance is degraded due to down sampling. The redundant discrete wavelet transform (RDWT) is proposed for eliminating down sampling complexities. Simulation results demonstrate that RDWT effectively lowers bit error rates, ICI, and ISI by increasing the carrier-to-interference power ratio (CIR). The Arithmetic Optimization Algorithm is used to optimize ICI cancellation weights, further enhancing spectrum efficiency. The proposed method is executed in MATLAB and achieves notable performance gains: up to 82.95 % lower error rates and 39.88 % higher data rates compared to the existing methods.</div></div><div><h3>Conclusion</h3><div>The integration of RDWT with AOA represents a significant advancement in enhancing the spectral efficiency of MIMO<img>OFDM systems for UHDR transmission in 5 G networks. The proposed method not only enhances system performance but also lays a foundation for future developments in high-speed wireless communication by addressing down sampling issues and optimizing interference mitigation.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103934"},"PeriodicalIF":4.1,"publicationDate":"2024-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142442192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A novel secure privacy-preserving data sharing model with deep-based key generation on the blockchain network in the cloud","authors":"Samuel B , Kasturi K","doi":"10.1016/j.csi.2024.103932","DOIUrl":"10.1016/j.csi.2024.103932","url":null,"abstract":"<div><div>Cloud computing is currently emerging as a developing technology in which a Cloud Service Provider (CSP) is a third-party organization that provides effective storage of data and facilities to a large client base. Saving information in a cloud offers users the satisfaction of accessing it without the need for direct knowledge of the distribution and management of an infrastructure. The primary objective is to develop a novel, secure, and privacy-preserving data-sharing model that utilizes deep-based key generation on blockchain in the cloud. Data communication is done using multiple entities. The research aims to develop a collaborative data-sharing method in the cloud for the authentication scheme for cloud security on blockchain and smart contracts. Initialization, registration, key generation, authentication of data sharing, and validation are carried out here. The proposed data-sharing model involves a revenue distribution model that depends on Multiple Services (MS) models to improve multiple cloud services. The security parameters namely passwords, hashing functions, key interpolation, and encryption are used for preserving the Data privacy and here the SpinalNet is used for generating keys. Furthermore, the devised SpinalNet_Genkey obtained a value of 45.001 MB, 0.002, and 0.003 sec for memory usage, revenue, and computation cost.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103932"},"PeriodicalIF":4.1,"publicationDate":"2024-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142422181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Integrating deep learning and data fusion for advanced keystroke dynamics authentication","authors":"Arnoldas Budžys, Olga Kurasova, Viktor Medvedev","doi":"10.1016/j.csi.2024.103931","DOIUrl":"10.1016/j.csi.2024.103931","url":null,"abstract":"<div><div>By enhancing user authentication protocols, especially in critical infrastructures vulnerable to complex cyberthreats, we present an advanced approach that integrates a deep learning-based model and data fusion techniques applied to analyze keystroke dynamics. With the growing need for robust security measures, especially in critical infrastructure environments, traditional authentication mechanisms often fail to cope with advanced threats. Our approach focuses on the unique behavioral biometric characteristics of keystrokes, which offers promising opportunities to improve user authentication processes. We have developed a data fusion-based methodology that utilizes the unique features of keystroke dynamics combined with deep learning techniques to improve user authentication systems. Using the capabilities of data fusion and deep learning, the proposed methodology not only captures the complex behavioral biometrics inherent in keystroke dynamics but also addresses the challenges posed by varying password lengths and typing styles. We conducted extensive experiments on several fixed-text datasets, including the Carnegie Mellon University dataset, the KeyRecs dataset, and the GREYC-NISLAB dataset, with a total of approximately 54,000 password records. Comprehensive experiments on various datasets with different password lengths have shown that our approach is scalable and accurate for user authentication, which significantly improves the security of critical infrastructure. By using interpolation-based data fusion techniques to standardize the keystroke data to a uniform length and employing a Siamese neural network with a triplet loss function, the best equal error rate of 0.13281 was achieved for the unseen fused data. The integration of deep learning and data fusion effectively generalizes to different user profiles, demonstrating its adaptability and accuracy in authenticating users in different scenarios. The findings are crucial for improving security in sensitive applications, ranging from accessing personal devices to protecting critical infrastructure.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103931"},"PeriodicalIF":4.1,"publicationDate":"2024-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142358060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A privacy-preserving traceability system for self-sovereign identity-based inter-organizational business processes","authors":"Amal Abid , Saoussen Cheikhrouhou , Slim Kallel , Mohamed Jmaiel","doi":"10.1016/j.csi.2024.103930","DOIUrl":"10.1016/j.csi.2024.103930","url":null,"abstract":"<div><div>Blockchain is a potential technology for collaborating organizations, notably for executing their Inter-Organizational Business Processes (IOBPs). While Blockchain’s transparency and decentralized characteristics address the lack-of-trust issue in IOBPs, many existing Blockchain solutions share this data on the ledger, often at the expense of serious privacy concerns. Alternatively, Self-Sovereign Identity (SSI) systems are revolutionary Blockchain-based solutions that provide complete data control. Unlike traditional Blockchain solutions, many SSI systems do not record the exchange of transactional data between entities on the ledger in order to comply with privacy regulations. However, this can imply a gap in cases where legal traceability is required for audit purposes. To address traceability issues in SSI-based IOBP, this paper leverages Zero-Knowledge Proof (ZKP) and Fully Homomorphic Encryption (FHE) to provide an efficient privacy-preserving traceability solution. The purpose of this paper is to achieve traceability that strikes a balance between privacy and transparency. This paper also provides a proof-of-concept implementation and a comparative evaluation. The evaluation shows that the proposed ZKP approach provides better financial cost and performance results compared to traditional Blockchain-based traceability solutions.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103930"},"PeriodicalIF":4.1,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142422180","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"DBAC-DSR-BT: A secure and reliable deep speech recognition based-distributed biometric access control scheme over blockchain technology","authors":"Oussama Mounnan , Larbi Boubchir , Otman Manad , Abdelkrim El Mouatasim , Boubaker Daachi","doi":"10.1016/j.csi.2024.103929","DOIUrl":"10.1016/j.csi.2024.103929","url":null,"abstract":"<div><div>Speech recognition systems have been widely employed in several fields including biometric access control. In such systems, handling sensitive data represents a real threat and risk to security and privacy, namely in the central environment. This paper proposes an innovative solution that integrates speech recognition power as a biometric modality with the decentralized and tamper-resistant nature of blockchain technology aims at designing, implementing, and evaluating an access control system that not only leverages the unique characteristics of speech recognition through the AutoEncoding Generative Adversarial Network (AE-GAN) model for user authentication but also ensures the enforcement of access policies and voice templates storage through two distinct Smart Contracts. The first smart contract aims at storing the ID of encrypted templates matched to the hash of the public address and encrypted attributes. While the second smart contract incorporates the security policy and takes charge of generating an access token if the conditions have been satisfied. Which makes it easier to upgrade specific components without affecting the entire system. Moreover, this architecture delegates the extraction features, conversion into template, encryption, and similarity calculation functions of encrypted templates using homomorphic encryption to an API to provide more security, privacy, scalability and interoperability and reduce the overhead within the blockchain. This API interacts with the smart contract using Oracle services that ensure the interaction between on-chain and off-chain, which provide a reliable, fine-grained, and robust scheme. The simulation of this proposed scheme proves its robustness, efficiency, and performance in terms of security, reliability, and resistance to several attacks.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103929"},"PeriodicalIF":4.1,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142358059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shiyang Li , Wenjie Yang , Futai Zhang , Xinyi Huang , Rongmao Chen
{"title":"Practical two-party SM2 signing using multiplicative-to-additive functionality","authors":"Shiyang Li , Wenjie Yang , Futai Zhang , Xinyi Huang , Rongmao Chen","doi":"10.1016/j.csi.2024.103928","DOIUrl":"10.1016/j.csi.2024.103928","url":null,"abstract":"<div><div>Threshold signatures are important tools for addressing issues related to key management, certificate management, and cryptocurrencies. Among them, two-party SM2 signatures have received considerable interest recently. In this paper, we propose a fast and secure online/offline two-party SM2. By employing the re-sharing technique, we have successfully made the online phase of the signing process non-interactive while achieving nearly optimal computational efficiency. Additionally, in the offline phase, there is just a single call to the multiplicative-to-additive functionality based on Paillier encryption. Our protocol is existentially unforgeable under adaptive chosen message attacks in the random oracle model in the presence of a static adversary. Experimental results demonstrate that our proposed scheme outperforms previous similar schemes by approximately a factor of 2 in online computation and a factor of 3 in online communication. Our scheme can be applied in scenarios such as Certificate Authority (CA) and the signing of blockchain transactions to provide them with a more secure and flexible implementation method, enhancing the security and reliability of the systems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103928"},"PeriodicalIF":4.1,"publicationDate":"2024-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142314788","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Fengmei Tang , Yumei Li , Yudi Zhang , Willy Susilo , Bingbing Li
{"title":"Real-time privacy-preserved auditing for shared outsourced data","authors":"Fengmei Tang , Yumei Li , Yudi Zhang , Willy Susilo , Bingbing Li","doi":"10.1016/j.csi.2024.103927","DOIUrl":"10.1016/j.csi.2024.103927","url":null,"abstract":"<div><p>Health providers need to share patient information across healthcare networks efficiently and securely to improve medical and health services. Timely data synchronization among relevant parties is crucial for effectively containing and preventing the worsening of the condition. However, ensuring rapid information sharing while maintaining the security of sensitive patient data remains a pressing concern. In this paper, we introduce a cloud storage integrity auditing scheme that can protect auditors from procrastinating and preserve the privacy of sensitive information. Our proposed system requires healthcare institutions to encrypt sensitive patient data before uploading it to the cloud. It mandates the use of a data sanitizer for the secure processing of encrypted data blocks. Auditors must verify data integrity and promptly submit their audit results to the blockchain within a predefined time frame. Leveraging the time-sensitive nature of blockchain technology, healthcare institutions can monitor auditor compliance within the allotted validation timeframe. We conducted comprehensive security analysis and performance evaluations to demonstrate the feasibility and effectiveness of our solution in addressing the challenges of secure and timely cloud storage in healthcare settings.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103927"},"PeriodicalIF":4.1,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000965/pdfft?md5=415902120bc5d079b282f17d38c9e44f&pid=1-s2.0-S0920548924000965-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142270690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yongjun Ren , Long Chen , Yongmei Bai , Jiale Ye , Yekang Zhao
{"title":"Blockchain-based cross-domain query integrity verification mechanism for outsourced database","authors":"Yongjun Ren , Long Chen , Yongmei Bai , Jiale Ye , Yekang Zhao","doi":"10.1016/j.csi.2024.103926","DOIUrl":"10.1016/j.csi.2024.103926","url":null,"abstract":"<div><div>With the growth of cloud computing, more and more organizations are outsourcing data to cloud platforms for flexibility and cost-effectiveness. However, this also poses the risk of data tampering or forgery, especially in the case of cross-domain queries, where the integrity of the query results needs to be ensured and cross-domain authentication is performed at the same time. Traditional approaches rely on centralized third-party authentication authorities, which increases complexity and potential security risks. To address these issues, we propose a blockchain-based Cross-domain Query Integrity Verification (CQIV) mechanism for outsourced databases. The mechanism leverages the decentralization and non-tamperability of the blockchain to achieve efficient cross-domain authentication and query integrity verification without the need for a third-party certification authority. By constructing a cuckoo filter on the blockchain, the authentication efficiency is improved and the storage cost is reduced. In addition, Dynamically Adjustable Capacity Cuckoo Filter (DACF) is designed to optimize query efficiency. Finally, the effectiveness and practicality of the mechanism are verified by comprehensive security analysis and performance evaluation.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103926"},"PeriodicalIF":4.1,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142314787","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shenando Stals , Lynne Baillie , Ryan Shah , Jamie Iona Ferguson , Manuel Maarek
{"title":"Evaluating and validating the Serious Slow Game Jam methodology as a mechanism for co-designing serious games to improve understanding of cybersecurity for different demographics","authors":"Shenando Stals , Lynne Baillie , Ryan Shah , Jamie Iona Ferguson , Manuel Maarek","doi":"10.1016/j.csi.2024.103924","DOIUrl":"10.1016/j.csi.2024.103924","url":null,"abstract":"<div><div>We present an evaluation of a Serious Slow Game Jam (SSGJ) methodology as a mechanism for co-designing serious games in the application domain of cybersecurity, to evaluate how the SSGJ methodology contributed to improving the understanding of cybersecurity for different demographics. The aim of this study was to evaluate how the SSGJ contributed to improving the understanding of cybersecurity for young persons between the ages of 11 and 16 years old who had no formal training or education in cybersecurity, and to validate and compare these results to previous work where the same SSGJ methodology was used with a different target demographic (i.e.,M.Sc. students with no formal training or education in secure coding). To this end, we engaged 23 participants between the ages of 11 and 16 years old for 5 consecutive days over a one-week period, in a multidisciplinary SSGJ involving domain-specific, pedagogical, and game design knowledge, and encouraged engagement in-between scheduled events of the SSGJ. Findings show improved confidence of participants in their knowledge of cybersecurity, for both demographics, after undertaking the Serious Slow Game Jam (from 41.2% to 76.5% for young persons, and from 12.5% to 62.5% for M.Sc. students). Free-text answers specifically indicate an improved understanding of cybersecurity in general, and one specific security vulnerability, attack or defence for a quarter of young persons, and the trichotomy of security vulnerabilities, attacks, and defences for three quarters of the M.Sc. students. Also, confidence in knowledge of game design improved for both demographics (from 47.1% to 82.4% for young persons and from 12.5% to 75% for M.Sc. students). The SSGJ methodology also successfully engaged both demographics of participants in-between scheduled days. Finally, two serious games in the application domain of cybersecurity are presented that were co-designed during the SSGJ with participants and produced as an output of the SSGJs.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103924"},"PeriodicalIF":4.1,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142532401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}