Fuzzy Based Decision-Making Approach for Estimating Usable-Security of Healthcare Web Applications

Usability and security are often considered contradictory in nature. One has a negative impact on the other. In order to satisfy the needs of users with the security perspective, the relationship and trade-offs among security and usability must be distinguished. Security practitioners are working on developing new approaches that would help to secure healthcare web applications as well increase usability of the web applications. In the same league, the present research endeavour is premised on the usable-security of healthcare web applications. For a compatible blend of usability and security that would fulfill the users’ requirments, this research proposes an integration of the Fuzzy AHP-TOPSIS method for assessing usable-security of healthcare web applications. Since the estimation of security-usability accrately is also a decision making problem, the study employs Multiple Criteria Decision Analysis (MCDA) for selecting the most decisive attributes of usability as well as security. Furthermore, this study also pinpoints the highest priority attributes that can strengthen the usable-security of the healthcare web applications. The effectiveness of the suggested method has been tested on the healthcare web applications of local hospitals in Mecca, Saudi Arabia. The results corroborate that Fuzzy AHP-TOPSIS is indeed a reliable technique that will help the developers to design a healthcare web applications that delivers optimum usable-security.     

Estimating Security Risk of Healthcare Web Applications: A Design Perspective

In the recent years, the booming web-based applications have attracted the hackers’ community. The security risk of the web-based hospital management system (WBHMS) has been increasing rapidly. In the given context, the main goal of all security professionals and website developers is to maintain security divisions and improve on the user’s confidence and satisfaction. At this point, the different WBHMS tackle different types of security risks. In WBHMS, the security of the patients’ medical information is of utmost importance. All in all, there is an inherent security risk of data and assets in the field of the medical industry as a whole. The objective of this study is to estimate the security risk assessment of WBHMS. The risks assessment pertains to securing the integrity of the information in alignment with the Health Insurance Portability and Accountability Act. This includes protecting the relevant financial records, as well as the identification, evaluation, and prevention of a data breach. In the past few years, according to the US-based cyber-security firm Fire-eye, 6.8 million data thefts have been recorded in the healthcare sector in India. The breach barometer report mentions that in the year 2019, the data breaches found were up to 48.6% as compared to the year 2018. Therefore, it is very important to assess the security risk in WBHMS. In this research, we have followed the hybrid technique fuzzy analytic hierarchy process-technique for order of preference by similarity to ideal solution (F-AHPTOPSIS) approach to assess the security risk in WBHMS. The place of this empirical database is at the local hospital of Varanasi, U.P., India. Given the affectability of WBHMS for its board framework, this work has used diverse types of web applications. The outcomes obtained and the procedure used in this assessment would support future researchers and specialists in organizing web applications through advanced support of safety and security.     

Network Quality Assessment in Heterogeneous Wireless Settings: An Optimization Approach

The identification of an effective network which can efficiently meet the service requirements of the target, while maintaining ultimate performance at an increased level is significant and challenging in a fully interconnected wireless medium. The wrong selection can contribute to unwanted situations like frustrated users, slow service, traffic congestion issues, missed and/or interrupted calls, and wastefulness of precious network components. Conventional schemes estimate the handoff need and cause the network screening process by a single metric. The strategies are not effective enough because traffic characteristics, user expectations, network terminology and other essential device metrics are not taken into account. This article describes an intelligent computing technique based on Multiple-Criteria Decision-Making (MCDM) approach developed based on integrated Fuzzy AHP-TOPSIS which ensures flexible usability and maximizes the experience of end-users in miscellaneous wireless settings. In different components the handover need is assessed and the desired network is chosen. Further, fuzzy sets provide effective solutions to address decision making problems where experts counter uncertainty to make a decision. The proposed research endeavor will support designers and developers to identify, select and prioritize best attributes for ensuring flexible usability in miscellaneous wireless settings. The results of this research endeavor depict that this proposed computational procedure would be the most conversant mechanism for determining the usability and experience of end-users.     

Hesitant Fuzzy-Sets Based Decision-Making Model for Security Risk Assessment

Security is an important component in the process of developing healthcare web applications. We need to ensure security maintenance; therefore the analysis of healthcare web application's security risk is of utmost importance. Properties must be considered to minimise the security risk. Additionally, security risk management activities are revised, prepared, implemented, tracked, and regularly set up efficiently to design the security of healthcare web applications. Managing the security risk of a healthcare web application must be considered as the key component. Security is, in specific, seen as an add-on during the development process of healthcare web applications, but not as the key problem. Researchers must ensure that security is taken into account right from the earlier developmental stages of the healthcare web application. In this row, the authors of this study have used the hesitant fuzzy-based AHP-TOPSIS technique to estimate the risks of various healthcare web applications for improving security-durability. This approach would help to design and incorporate security features in healthcare web applications that would be able to battle threats on their own, and not depend solely on the external security of healthcare web applications. Furthermore, in terms of healthcare web application's security-durability, the security risk variable is measured, and vice versa. Hence, the findings of our study will also be useful in improving the durability of several web applications in healthcare.     

Security and Privacy Frameworks for Access Control Big Data Systems

In the security and privacy fields, Access Control (AC) systems are viewed as the fundamental aspects of networking security mechanisms. Enforcing AC becomes even more challenging when researchers and data analysts have to analyze complex and distributed Big Data (BD) processing cluster frameworks, which are adopted to manage yottabyte of unstructured sensitive data. For instance, Big Data systems’ privacy and security restrictions are most likely to failure due to the malformed AC policy configurations. Furthermore, BD systems were initially developed toped to take care of some of the DB issues to address BD challenges and many of these dealt with the “three Vs” (Velocity, Volume, and Variety) attributes, without planning security consideration, which are considered to be patch work. Some of the BD “three Vs” characteristics, such as distributed computing, fragment, redundant data and node-to node communication, each with its own security challenges, complicate even more the applicability of AC in BD.
This paper gives an overview of the latest security and privacy challenges in BD AC systems. Furthermore, it analyzes and compares some of the latest AC research frameworks to reduce privacy and security issues in distributed BD systems, which very few enforce AC in a cost-effective and in a timely manner. Moreover, this work discusses some of the future research methodologies and improvements for BD AC systems. This study is valuable asset for Artificial Intelligence (AI) researchers, DB developers and DB analysts who need the latest AC security and privacy research perspective before using and/or improving a current BD AC framework.     

Evaluating the Impact of Software Security Tactics: A Design Perspective

Design architecture is the edifice that strengthens the functionalities as well as the security of web applications. In order to facilitate architectural security from the web application’s design phase itself, practitioners are now adopting the novel mechanism of security tactics. With the intent to conduct a research from the perspective of security tactics, the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution (AHP-TOPSIS) method for selecting and assessing multi-criteria decisions. The adopted methodology is a blend of fuzzy analytic hierarchy process (fuzzy AHP) and fuzzy technique for order preference by similarity ideal solution (fuzzy TOPSIS). To establish the efficacy of this methodology, the results are obtained after the evaluation have been tested on fifteen different web application projects (Online Quiz competition, Entrance Test, and others) of the Babasaheb Bhimrao Ambedkar University, Lucknow, India. The tabulated outcomes demonstrate that the methodology of the Multi-Level Fuzzy Hybrid system is highly effective in providing accurate estimation for strengthening the security of web applications. The proposed study will help experts and developers in developing and managing security from any web application design phase for better accuracy and higher security.     

Semi-Markov modeling of dependability of VoIP network in the presence of resource degradation and security attacks

Nowadays VoIP has become an evolutionary technology in telecommunications. Hence it is very important to study and enhance its dependability attributes. In this paper, an analytical dependability model for VoIP is proposed. The study is focused on analyzing the combined effects of resource degradation and security breaches on the Quality of Service (QoS) of VoIP, to enhance its overall dependability. As a preventive maintenance policy to prevent or postpone software failures which cause resource degradation, software rejuvenation is adopted. The dependability model is analyzed using semi-Markov process which captures the effects of non-Markovian nature of the time spent at various states of the system. The steady-state as well as the time-dependent analysis of the dependability model is presented. The steady-state results are obtained analytically, whereas the time-dependent results are obtained from simulation. Also, the analytical model is validated via simulation. The model analysis using a numerical example indicates the feasibility of our approach. Various dependability attributes such as availability, reliability and confidentiality are also obtained. A comparative study is also done between our proposed model and the existing models.     

Integrating Blockchain Technology into Healthcare Through an Intelligent Computing Technique

The blockchain technology plays a significant role in the present era of information technology. In the last few years, this technology has been used effectively in several domains. It has already made significant differences in human life, as well as is intended to have noticeable impact in many other domains in the forthcoming years. The rapid growth in blockchain technology has created numerous new possibilities for use, especially for healthcare applications. The digital healthcare services require highly effective security methodologies that can integrate data security with the available management strategies. To test and understand this goal of security management in Saudi Arabian perspective, the authors performed a numerical analysis and simulation through a multi criteria decision making approach in this study. The authors adopted the fuzzy Analytical Hierarchy Process (AHP) for evaluating the effectiveness and then applied the fuzzy Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) technique to simulate the validation of results. For eliciting highly corroborative and conclusive results, the study referred to a real time project of diabetes patients’ management application of Kingdom of Saudi Arabia (KSA). The results discussed in this paper are scientifically proven and validated through various analysis approaches. Hence the present study can be a credible basis for other similar endeavours being undertaken in the domain of blockchain research.     

Enhancing Blockchain Security Using Ripple Consensus Algorithm

In the development of technology in various fields like big data analysis, data mining, big data, cloud computing, and blockchain technology, security become more constrained. Blockchain is used in providing security by encrypting the sharing of information. Blockchain is applied in the peer-to-peer (P2P) network and it has a decentralized ledger. Providing security against unauthorized breaches in the distributed network is required. To detect unauthorized breaches, there are numerous techniques were developed and those techniques are inefficient and have poor data integrity. Hence, a novel technique needs to be implemented to tackle the new breaches in the distributed network. This paper, proposed a hybrid technique of two fish with a ripple consensus algorithm (TF-RC). To improve the detection time and security, this paper uses efficient transmission of data in the distributed network. The experimental analysis of TF-RC by using the metric measures of performance in terms of latency, throughput, energy efficiency and it produced better performance.     

How Might Classroom Time Be Used Given WWW-Based Lectures?

This paper investigates how traditional lecture time might be used given the availability of effective web-based courseware for delivering materials typically presented in the classroom. After providing an overview of web-based educational materials, the effectiveness of two teaching approaches is compared using a product design lecture on visual prototyping. One group of students prepared for class using web-based materials and then received a lecture-style second coverage of the topic in class (web+class lecture). The other group of students prepared for class using the same web-based materials and then worked with the faculty, applying only a small portion of the subject matter, on illustrative examples (web+limited experience). The two groups then completed an assignment based on the subject matter. The average grade performance of the web+limited experience group was 10.8% higher than for the web+class lecture group. An achieved significance level of 0.001 provides very strong evidence to reject the hypothesis that the two groups performed equally. Analysis of how the two student groups used the web-lecture resource showed that the form of class instruction had a strong influence on student motivation for independent study. The average time spent in web-based preparation by the web+limited experience group was 1.6 times greater than the average preparation time for the web+class lecture group. Sixty percent of the web+class lecture group prepared less than the least prepared student in the web+limited experience group. These findings suggest that, if codified materials are primarily delivered using a medium such as the WWW, traditional classroom time might be liberated for potentially higher value-added activities such as mentoring and experiential activities.     

Optimal Confidential Mechanisms in Smart City Healthcare

Smart City Healthcare (SHC²) system is applied in monitoring the patient at home while it is also expected to react to their needs in a timely manner. The system also concedes the freedom of a patient. IoT is a part of this system and it helps in providing care to the patients. IoT-based healthcare devices are trustworthy since it almost certainly recognizes the potential intensifications at very early stage and alerts the patients and medical experts to such an extent that they are provided with immediate care. Existing methodologies exhibit few shortcomings in terms of computational complexity, cost and data security. Hence, the current research article examines SHC² security through Light Weight Cipher (LWC) with Optimal S-Box model in PRESENT cipher. This procedure aims at changing the sub bytes in which a single function is connected with several bytes’ information to upgrade the security level through Swam optimization. The key contribution of this research article is the development of a secure healthcare model for smart city using SHC² security via LWC and Optimal S-Box models. The study used a nonlinear layer and single 4-bit S box for round configuration after verifying SHC² information, constrained by Mutual Authentication (MA). The security challenges, in healthcare information systems, emphasize the need for a methodology that immovably concretes the establishments. The methodology should act practically, be an effective healthcare framework that depends on solidarity and adapts to the developing threats. Healthcare service providers integrated the IoT applications and medical services to offer individuals, a seamless technology-supported healthcare service. The proposed SHC² was implemented to demonstrate its security levels in terms of time and access policies. The model was tested under different parameters such as encryption time, decryption time, access time and response time in minimum range. Then, the level of the model and throughput were analyzed by maximum value i.e., 50 Mbps/sec and 95.56% for PRESENT-Authorization cipher to achieve smart city security. The proposed model achieved better results than the existing methodologies.     

Task-Attribute-Based Access Control Scheme for IoT via Blockchain

As a new form of network, the Internet of things (IoT) is becoming more widely used in people’s lives. In this paper, related theoretical research and practical applications of the IoT are explored. The security of the IoT has become a hot research topic. Access controls are methods that control reasonable allocations of data and resources and ensure the security of the IoT. However, most access control systems do not dynamically assign users’ rights. Additionally, with some access control systems, there is a risk of overstepping other user’s authority, and there may exist a central authority that is a single point of failure. Therefore, to solve these problems, this paper proposes a Task-Attribute-Based Access Control scheme for the IoT via blockchain that combines the access control technologies of both the IoT and blockchain. This model, which merges the advantages of task-based access controls and attribute-based access controls, is perfectly integrated with blockchain technology. This model uses hash functions and digital signature algorithms to ensure the authenticity and integrity of the data, and it can dynamically allocate users’ minimum privileges and thus perfectly solves the single point of failure problem. The model is implemented using a Geth client and solidity code, and the simulation results demonstrate the effectiveness of the model.     

An Intelligent Two Phase Fuzzy Decision Tree Based Clustering Model for Design of Computer Aided Detection/Diagnosis (CADe/CADx) System

Automated computer aided detection/diagnosis (CADe/CADx) system plays a key role in decision making process and work as a recommender system for researchers. Nowadays, CADe/CADx systems are getting popular due to their strong ability to extract complex relations present in unprocessed data set. In this research article, we present an intelligent two phase classification model for the design of CADe/CADx system. In order to design an intelligent CAD system, the primary challenge lies in identifying important attributes. The presence of irrelevant and redundant attributes in the data can have adverse impact over classifier accuracy. An efficient dimensionality reduction technique aims at achieving lower computational cost with reduced storage requirement by choosing problem specific relevant or significant attributes. The secondary challenge is to provide unambiguous and comprehensible rule base for accurate predictions. The contribution of work can be stated twofold: first, to attain reasonably good classification accuracy with possible speed up, linear discriminant analysis and some popular correlation coefficients (Fisher, Phi and Point bi-serial) are being used to identify significant attributes. Second, to generate comprehensible and understandable rule set a fuzzy decision tree based clustering approach is used. The performance of proposed model is verified on twelve famous UCI data sets.     

Synthesis of a web-based dimensional verification system for styling processes

A design methodology is proposed for a web-based collaborative system applicable to styling processes in the distributed environment. By using the developed system, design reviewers of new products are able to confirm geometric shapes, inspect dimensional information of products through measured point data and exchange views with other design reviewers on the internet. Functional requirements for the design of this web-based dimensional verification system are suggested. ActiveX-server architecture and OpenGL plug-in methods using ActiveX controls realize the proposed system. Visualization and dimensional inspection of the measured point data are conducted directly on the web; conversion of point data into a CAD file or VRML form is not required in the styling process. Dimensional verification results and design modification ideas are uploaded through markups and/or XML files during the collaboration processes. The XML files, allowing information sharing on the web, are independent of the platform. It is possible to diversify the information sharing capability among design collaborators. The validity and effectiveness of the developed system are confirmed by case studies.     

A Blockchain-Based Architecture for Securing Industrial IoTs Data in Electric Smart Grid

There are numerous internet-connected devices attached to the industrial process through recent communication technologies, which enable machine-to-machine communication and the sharing of sensitive data through a new technology called the industrial internet of things (IIoTs). Most of the suggested security mechanisms are vulnerable to several cybersecurity threats due to their reliance on cloud-based services, external trusted authorities, and centralized architectures; they have high computation and communication costs, low performance, and are exposed to a single authority of failure and bottleneck. Blockchain technology (BC) is widely adopted in the industrial sector for its valuable features in terms of decentralization, security, and scalability. In our work, we propose a decentralized, scalable, lightweight, trusted and secure private network based on blockchain technology/smart contracts for the overhead circuit breaker of the electrical power grid of the Al-Kufa/Iraq power plant as an industrial application. The proposed scheme offers a double layer of data encryption, device authentication, scalability, high performance, low power consumption, and improves the industry’s operations; provides efficient access control to the sensitive data generated by circuit breaker sensors and helps reduce power wastage. We also address data aggregation operations, which are considered challenging in electric power smart grids. We utilize a multi-chain proof of rapid authentication (McPoRA) as a consensus mechanism, which helps to enhance the computational performance and effectively improve the latency. The advanced reduced instruction set computer (RISC) machines ARM Cortex-M33 microcontroller adopted in our work, is characterized by ultra-low power consumption and high performance, as well as efficiency in terms of real-time cryptographic algorithms such as the elliptic curve digital signature algorithm (ECDSA). This improves the computational execution, increases the implementation speed of the asymmetric cryptographic algorithm and provides data integrity and device authenticity at the perceptual layer. Our experimental results show that the proposed scheme achieves excellent performance, data security, real-time data processing, low power consumption (70.880 mW), and very low memory utilization (2.03% read-only memory (RAM) and 0.9% flash memory) and execution time (0.7424 s) for the cryptographic algorithm. This enables autonomous network reconfiguration on-demand and real-time data processing.     

Data security: a cryptographic approach

This paper is a review of the subject of data security. The probabilistic as well as the computational complexity approaches to this subject have been discussed. Ciphers examined in some depth include block random ciphers, stream ciphers, the DES cipher adopted by the National Bureau of Standards, USA, the RSA computational complexity cipher, the Merkle and the Hellman trap-doorKnapsack cipher.     

How do investors react to the data breaches news? Empirical evidence from Facebook Inc. during the years 2016–2019

We examine in this paper the effect of data breaches on Facebook share prices from 2016 until 2019. This analysis revealed counterintuitive results regarding stock price using a sample of multiple firms in the extant literature. The findings indicate that there is no significant effect of data breaches on the share price of Facebook. In comparison, data breaches of other publicly traded U.S. companies resulted in a cumulative average abnormal return on the event day and the following day. In addition, the other factors found in the literature about data breaches do not seem to hold for Facebook's case. This paper proposes the explanation of the possibility that the stock prices have already factored in data breaches. Hence, the reactions are only found in the context of surprisingly new data breaches.     

Analysis of digital technologies as antecedent to care service transparency and orchestration

Digital technologies adoption includes the Internet of Things, Artificial Intelligence, has become a topic of utmost interest over the last decade. Healthcare sectors across the developed countries have already started adopting digital technologies in their service delivery scapes. However, in developing countries like India, the healthcare service sector has yet to take full advantage of such digital technology-enabled platforms to transform itself while catering to patients, managers, physicians, and healthcare practitioners. Thus, there is a need for a conceptual understanding with an overarching goal of clarifying the outcomes of digital technologies adoption on healthcare services and its orchestration. This paper analyses the impact of digitized healthcare technology adoption on the transparency and orchestration aspect of care services empirically. The theoretical relationships between digital technologies adaptation with care service transparency and orchestration have been validated here and also analyze path linkages through Structural Equation Modelling (SEM). The results of SEM highlight the fact that the adoption of digitized technology platforms can achieve care service-orchestration. This study results, supporting the hypotheses for achieving care service orchestration, might pave the way and motivate potential sets of hospitals, characterized by decision dilemma, waiting at the verge of digital technology adoption in the healthcare context, especially in the Indian subcontinental context.