Computer Standards & Interfaces最新文献_第9页

Improving efficiency and security of Camenisch–Lysyanskaya signatures for anonymous credential systems 提高匿名凭证系统的卡梅尼施-利辛斯卡亚签名的效率和安全性

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-07-08 DOI: 10.1016/j.csi.2024.103886

Jia-Chng Loh, Fuchun Guo, Willy Susilo

{"title":"Improving efficiency and security of Camenisch–Lysyanskaya signatures for anonymous credential systems","authors":"Jia-Chng Loh, Fuchun Guo, Willy Susilo","doi":"10.1016/j.csi.2024.103886","DOIUrl":"10.1016/j.csi.2024.103886","url":null,"abstract":"<div><p>Camenisch–Lysyanskaya signature scheme with randomizability, namely CL signatures, at CRYPTO’04 has been well adopted for many privacy-preserving constructions, especially in the context of anonymous credential systems. Unfortunately, CL signatures suffer from linear size drawbacks. The signature size grows linearly based on the signing messages, which decreases the interest in practice, as each user may have multiple attributes (messages). Its standard EUF-CMA security was first proven under an interactive assumption. While the interactive assumption is not desirable in cryptography, Fuchsbauer et al. revisited its security at CRYPTO’18 by proving the scheme under the discrete logarithm (Dlog) assumption in the algebraic group model (AGM) that idealizes the adversary’s computation to be algebraic, yet the reduction loss is non-tight. In this work, we propose a new variant of CL signatures, namely CL+ signatures, that improves efficiency and security. The proposed CL+ signatures possess randomizability without the linear size drawback, such that signature size is a constant of three group elements. Besides, we prove the security of CL+ signatures can be tightly reduced to the DLog problem in AGM with only a loss factor of 3. Lastly, we show how CL+ signatures can also be instantiated to anonymous credential systems.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103886"},"PeriodicalIF":4.1,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000552/pdfft?md5=1c1214ab7bbdb123b5edc48b58eb293e&pid=1-s2.0-S0920548924000552-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141693217","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient multi-party PSI and its application in port management 高效的多方 PSI 及其在港口管理中的应用

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-07-06 DOI: 10.1016/j.csi.2024.103884

Mengyan Qiao , Lifei Wei , Dezhi Han , Huafeng Wu

{"title":"Efficient multi-party PSI and its application in port management","authors":"Mengyan Qiao , Lifei Wei , Dezhi Han , Huafeng Wu","doi":"10.1016/j.csi.2024.103884","DOIUrl":"10.1016/j.csi.2024.103884","url":null,"abstract":"<div><p>Private Set Intersection (PSI) technology is a cryptographic tool that allows the parties holding private data to determine the intersection of sets in a joint computation without revealing any additional privacy information. As a critical component of secure multi-party computation, this technology has been widely used in the security domain of artificial intelligence and data mining. With the emergence of the era of multi-source data sharing, protocols for private set intersection computation applicable to multiple participants have also emerged. However, the performance of existing multi-party private set intersection (MPSI) protocols is suboptimal when some participants use devices with limited communication or computational capabilities, such as mobile devices. To overcome the above issues, we design a cloud-aided multi-party private set intersection protocol (Cloud-Aided-MPSI) based on oblivious programmable pseudorandom functions (OPPRF) and oblivious key–value stores (OKVS). Due to the protocol efficiently outsourcing partial computational and communication tasks to cloud servers, our performance has been further enhanced compared to existing work. Through the Cloud-Aided-MPSI protocol, we propose a port scheduling protocol for coordinated management scenarios of ships arriving and departing from ports. The protocol effectively addresses the privacy protection concerns of port management when scheduling the arrival and departure of ships. We analyze the performance of this protocol.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103884"},"PeriodicalIF":4.1,"publicationDate":"2024-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141639251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Fast bicriteria streaming algorithms for submodular cover problem under noise models 噪声模型下亚模态覆盖问题的快速双标准流算法

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-29 DOI: 10.1016/j.csi.2024.103883

Bich-Ngan T. Nguyen , Phuong N.H. Pham , Canh V. Pham , Vaclav Snasel

引用次数: 0

Metric cake shop: A serious game for supporting education on ISO/IEC/IEEE 15939:2017 – Systems and software engineering – Measurement process in the context of an undergraduate software engineering course 公制蛋糕店：支持 ISO/IEC/IEEE 15939:2017 - 系统和软件工程 - 本科软件工程课程中的测量过程教育的严肃游戏

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-24 DOI: 10.1016/j.csi.2024.103879

Ivan García , Carla Pacheco , Itahí López , Jose A. Calvo-Manzano , Brenda L. Flores-Rios

{"title":"Metric cake shop: A serious game for supporting education on ISO/IEC/IEEE 15939:2017 – Systems and software engineering – Measurement process in the context of an undergraduate software engineering course","authors":"Ivan García , Carla Pacheco , Itahí López , Jose A. Calvo-Manzano , Brenda L. Flores-Rios","doi":"10.1016/j.csi.2024.103879","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103879","url":null,"abstract":"<div><p>The educational use of serious games has increased in recent years and their pedagogical benefits have been widely documented, especially for teaching specialized knowledge on Software Engineering at undergraduate level. The results achieved by several studies in this area show that it has been possible to increase the student interest and motivation in learning complex topics that tend to be difficult to understand when knowledge is imparted through traditional lectures, as is the case with software process standards. In this regard, the ISO/IEC/IEEE 15939:2017 standard describes a software measurement process, one of the main topics that must be addressed in any curriculum for undergraduate degree programs in Software Engineering. However, despite their relevance in industry, many students are leaving university without basic software measurement skills. With the aim of identifying serious games for teaching the software measurement process at undergraduate level, a Systematic Literature Review was conducted in order to collect, classify and analyze information which enabled the authors of this study to propose a serious game that improves the understanding and education on the ISO/IEC/IEEE 15939:2017 standard. The results from an empirical evaluation involving Computer Science undergraduates provided evidence that positive learning experiences occurred when playing the created serious game.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103879"},"PeriodicalIF":4.1,"publicationDate":"2024-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141483958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Agile governance practices by aligning CMMI V2.0 with portfolio SAFe 5.0 将 CMMI V2.0 与组合 SAFe 5.0 相结合的敏捷管理实践

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-22 DOI: 10.1016/j.csi.2024.103881

Valeria Henriquez , Jose A. Calvo-Manzano , Ana M. Moreno , Tomas San Feliu

引用次数: 0

Leveraging complex event processing for monitoring and automatically detecting anomalies in Ethereum-based blockchain networks 利用复杂事件处理监控和自动检测基于以太坊的区块链网络中的异常情况

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-22 DOI: 10.1016/j.csi.2024.103882

Jesús Rosa-Bilbao , Juan Boubeta-Puig , Jesús Lagares-Galán , Mark Vella

{"title":"Leveraging complex event processing for monitoring and automatically detecting anomalies in Ethereum-based blockchain networks","authors":"Jesús Rosa-Bilbao , Juan Boubeta-Puig , Jesús Lagares-Galán , Mark Vella","doi":"10.1016/j.csi.2024.103882","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103882","url":null,"abstract":"<div><p>Blockchain is a relatively recent technology that provides immutability, traceability and transparency of information, thus building trust in the digital society. Blockchain networks generate a large amount of logs which capture and describe data flowing through the network in the form of transactions, blocks and events. Monitoring these blockchain data from the off-chain world is needed to detect anomalies with the aim of mitigating the risks that may arise as a result of using blockchain technology. However, the real-time monitoring of these logs by off-chain systems has become a challenge from the beginning of 2018 when the blockchain networks reached a high number of daily transactions. In this paper, we propose a portable, maintainable and easily configurable architecture integrating blockchain and complex event processing technologies that allows for both the real-time monitoring of logs generated in Ethereum Virtual Machine (EVM)-compatible blockchain networks and the automatic detection of anomalies in these networks by matching event patterns. This architecture was tested by using vast amounts of blockchain data already publicly registered in Ethereum and Polygon networks. The results demonstrate that the proposed architecture is able to automatically detect anomalies which occur in different blockchain networks, making analytics of blockchain data possible by off-chain systems.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103882"},"PeriodicalIF":4.1,"publicationDate":"2024-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000515/pdfft?md5=894c93d9ed7ae669b6deb8fe4431f790&pid=1-s2.0-S0920548924000515-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141483952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ISH: Isogeny-based Secret Handshakes with friendly communication costs ISH：基于同源性的秘密握手，通信成本友好

IF 4.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-17 DOI: 10.1016/j.csi.2024.103880

Chao Chen , Fangguo Zhang , Zhiyuan An , Jing Zhang

{"title":"ISH: Isogeny-based Secret Handshakes with friendly communication costs","authors":"Chao Chen , Fangguo Zhang , Zhiyuan An , Jing Zhang","doi":"10.1016/j.csi.2024.103880","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103880","url":null,"abstract":"<div><p>Secret handshake schemes allow members from the same organization to authenticate each other anonymously. After its proposal, various schemes have been introduced to achieve advanced privacy protection. Regrettably, all the schemes based on number theoretic assumptions are insecure under quantum computers, and the known post-quantum designs are impractical because of the overhead cost (<span><math><mo>></mo></math></span> 10 MB). To fill the gap, we present the first isogeny-based secret handshake scheme (i.e., <span><math><mi>ISH</mi></math></span>) with a friendly communication cost (67 KB). In particular, we apply the CSI-FiSh signature scheme to generate group keys and credentials. For each zero-knowledge transcript in the credential, we generate a signature for handshake via the Fiat–Shamir paradigm, while it fails anonymous authentication. To fix the issue, we modify the Fiat–Shamir-type signature by embedding the CSIDH ephemeral private key into the challenge space. After verifying the modified signatures, two users recover the right ephemeral private key if they are in the same group, then they can negotiate a session key and authenticate each other. Our scheme is proved secure under the Group Action Inverse Problems (GAIP) in the random oracle model, and deniability, as an attractive property, also holds for <span><math><mi>ISH</mi></math></span>, enabling user’s ability to deny their interactions in the finished handshakes. Via choosing appropriate parameters, the communication cost surpasses all the existing post-quantum secret handshakes.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103880"},"PeriodicalIF":4.1,"publicationDate":"2024-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141483959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Pricing4APIs: A rigorous model for RESTful API pricings Pricing4APIs：RESTful API 定价的严格模型

IF 5 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-06-10 DOI: 10.1016/j.csi.2024.103878

Rafael Fresno-Aranda , Pablo Fernandez , Antonio Gamez-Diaz , Amador Duran , Antonio Ruiz-Cortes

{"title":"Pricing4APIs: A rigorous model for RESTful API pricings","authors":"Rafael Fresno-Aranda , Pablo Fernandez , Antonio Gamez-Diaz , Amador Duran , Antonio Ruiz-Cortes","doi":"10.1016/j.csi.2024.103878","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103878","url":null,"abstract":"<div><p>APIs are increasingly becoming new business assets for organizations and consequently, API functionality and its pricing should be precisely defined for customers. Pricing is typically composed by different plans that specify a range of limitations, e.g., a Free plan allows 100 monthly requests while a Gold plan has 10000 requests per month. In this context, the OpenAPI Specification (OAS) has emerged to model the functional part of an API, becoming a de facto industry standard and boosting a rich ecosystem of vendor-neutral tools to assist API providers and consumers. In contrast, there is no proposal for modeling API pricings (i.e., their plans and limitations) and this lack hinders the creation of tools that can leverage this information. To deal with this gap, this paper presents a pricing modeling framework that includes: (a) <em>Pricing4APIs</em> model, a comprehensive and rigorous model of API pricings, along <em>SLA4OAI</em>, a serialization that extends OAS; (b) an operation to validate the description of API pricings, with a toolset (<em>sla4oai-analyzer</em>) that has been developed to automate this operation. Additionally, we analyzed 268 real-world APIs to assess the expressiveness of our proposal and created a representative dataset of 54 pricing models to validate our framework.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103878"},"PeriodicalIF":5.0,"publicationDate":"2024-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141423423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Testability-driven development: An improvement to the TDD efficiency 可测试性驱动开发：提高 TDD 效率

IF 5 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-05-29 DOI: 10.1016/j.csi.2024.103877

Saeed Parsa , Morteza Zakeri-Nasrabadi , Burak Turhan

{"title":"Testability-driven development: An improvement to the TDD efficiency","authors":"Saeed Parsa , Morteza Zakeri-Nasrabadi , Burak Turhan","doi":"10.1016/j.csi.2024.103877","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103877","url":null,"abstract":"<div><p>Test-first development (TFD) is a software development approach involving automated tests before writing the actual code. TFD offers many benefits, such as improving code quality, reducing debugging time, and enabling easier refactoring. However, TFD also poses challenges and limitations, requiring more effort and time to write and maintain test cases, especially for large and complex projects. Refactoring for testability is improving the internal structure of source code to make it easier to test. Refactoring for testability can reduce the cost and complexity of software testing and speed up the test-first life cycle. However, measuring testability is a vital step before refactoring for testability, as it provides a baseline for evaluating the current state of the software and identifying the areas that need improvement. This paper proposes a mathematical model for calculating class testability based on test effectiveness and effort and a machine-learning regression model that predicts testability using source code metrics. It also introduces a testability-driven development (TsDD) method that conducts the TFD process toward developing testable code. TsDD focuses on improving testability and reducing testing costs by measuring testability frequently and refactoring to increase testability without running the program. Our testability prediction model has a mean squared error of 0.0311 and an R<sup>2</sup> score of 0.6285. We illustrate the usefulness of TsDD by applying it to 50 Java classes from three open-source projects. TsDD achieves an average of 77.81 % improvement in the testability of these classes. Experts’ manual evaluation confirms the potential of TsDD in accelerating the TDD process.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103877"},"PeriodicalIF":5.0,"publicationDate":"2024-05-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141322444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

BLPCA-ledger: A lightweight plenum consensus protocols for consortium blockchain based on the hyperledger indy BLPCA-ledger：基于 Hyperledger Indy 的联盟区块链轻量级全体会议共识协议

IF 5 2区计算机科学

Computer Standards & Interfaces Pub Date : 2024-05-28 DOI: 10.1016/j.csi.2024.103876

Faisal Mehmood , Abdullah Ayub Khan , Han Wang , Shahid Karim , Umara Khalid , Feng Zhao

{"title":"BLPCA-ledger: A lightweight plenum consensus protocols for consortium blockchain based on the hyperledger indy","authors":"Faisal Mehmood , Abdullah Ayub Khan , Han Wang , Shahid Karim , Umara Khalid , Feng Zhao","doi":"10.1016/j.csi.2024.103876","DOIUrl":"10.1016/j.csi.2024.103876","url":null,"abstract":"<div><p>An examination of different distributed real-time applications operating on the blockchain platform is conducted. These applications can be broadly classified into three types: permissionless public, permissioned private, and consortium chains. In order for a decentralized network to function independently, consensus mechanisms are needed to facilitate the delivery of transactions and keep track of them in a ledger. But the fundamental idea behind Blockchain technology is the use of several consensus protocols, like Proof of Stake, Proof of Elapsed Time, etc., which requires greater processing power. In order to arrange transactions, it increases the demand for buying more computing units. Furthermore, present consortia blockchain consensus mechanisms lack a policy to collect socio-economic financial levies, including monies for charitable donations, education, and social activities. To collect socio-economic taxes, this study suggests a lightweight Plenum consensus algorithm called \"BLPCA\" for consortium blockchains built on Hyperledger Indy. The Byzantine Fault Tolerance concept combined with optimization is used in the suggested BLPCA systems to manage large-scale decentralized traffic of socioeconomic hierarchy. Because there are no transaction costs, BLPCA encourages government analysts to review funds using fewer resources. By including a multithreading heterogeneous technique, the BLPCA can effectively handle multi-transaction needs and execute this protocol in an industrial setting that operates in real-time. It is observed from the simulations that even in the worst-case network scenario—such as a fork—the suggested consortium blockchain does not crash a single transaction. In order to guarantee node scalability, a high propagation speed is determined. Furthermore, the BLPCA shows an excellent average time while constructing socioeconomic transaction blocks.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103876"},"PeriodicalIF":5.0,"publicationDate":"2024-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141189788","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0