Jay Barach^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-23, 2026, DOI:10.32604/cmc.2025.071705 - 09 December 2025

Abstract Human Resource (HR) operations increasingly rely on cloud-based platforms that provide hiring, payroll, employee management, and compliance services. These systems, typically built on multi-tenant microservice architectures, offer scalability and efficiency but also expand the attack surface for adversaries. Ransomware has emerged as a leading threat in this domain, capable of halting workflows and exposing sensitive employee records. Traditional defenses such as static hardening and signature-based detection often fail to address the dynamic requirements of HR Software as a Service (SaaS), where continuous availability and privacy compliance are critical. This paper presents a Moving Target Defense… More >

Daskshnamoorthy Manivannan^*

Journal on Internet of Things, Vol.7, pp. 71-97, 2025, DOI:10.32604/jiot.2025.072809 - 24 December 2025

Abstract Attribute-Based Encryption (ABE) secures data by tying decryption rights to user attributes instead of identities, enabling fine-grained access control. However, many ABE schemes are unsuitable for Internet of Things (IoT) due to limited device resources. This paper critically surveys ABE schemes developed specifically for IoT over the past decade, examining their evolution, strengths, limitations, and access control capabilities. It provides insights into their security, effectiveness, and real-world applicability, highlights the current state of ABE in securing IoT data and access, and discusses remaining challenges and open issues. More >

Dakshnamoorthy Manivannan^*

Computer Systems Science and Engineering, Vol.49, pp. 533-555, 2025, DOI:10.32604/csse.2025.072267 - 08 December 2025

Abstract Attribute-based Encryption (ABE) enhances the confidentiality of Electronic Health Records (EHR) (also known as Personal Health Records (PHR)) by binding access rights not to individual identities, but to user attribute sets such as roles, specialties, or certifications. This data-centric cryptographic paradigm enables highly fine-grained, policy-driven access control, minimizing the need for identity management and supporting scalable multi-user scenarios. This paper presents a comprehensive and critical survey of ABE schemes developed specifically for EHR/PHR systems over the past decade. It explores the evolution of these schemes, analyzing their design principles, strengths, limitations, and the level of More >

Daskshnamoorthy Manivannan^*

Journal of Cyber Security, Vol.7, pp. 505-531, 2025, DOI:10.32604/jcs.2025.072810 - 28 November 2025

Abstract Attribute-Based Encryption (ABE) secures data by linking decryption rights to user attributes rather than user identities, enabling fine-grained access control. While ABE is effective for enforcing access policies, integrating it with Searchable Encryption (SE)—which allows searching encrypted data without decryption—remains a complex challenge. This paper presents a comprehensive survey of ABE schemes that support SE proposed over the past decade. It critically analyzes their strengths, limitations, and access control capabilities. The survey offers insights into the security, efficiency, and practical applicability of these schemes, outlines the current landscape of ABE-integrated SE, and identifies key challenges More >

Siraj Un Muneer¹, Ihsan Ullah¹, Zeshan Iqbal^2,*, Rajermani Thinakaran³

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 4959-4975, 2025, DOI:10.32604/cmc.2025.068566 - 23 October 2025

Abstract The complexity of cloud environments challenges secure resource management, especially for intrusion detection systems (IDS). Existing strategies struggle to balance efficiency, cost fairness, and threat resilience. This paper proposes an innovative approach to managing cloud resources through the integration of a genetic algorithm (GA) with a “double auction” method. This approach seeks to enhance security and efficiency by aligning buyers and sellers within an intelligent market framework. It guarantees equitable pricing while utilizing resources efficiently and optimizing advantages for all stakeholders. The GA functions as an intelligent search mechanism that identifies optimal combinations of bids More >

Xuezhi Wen^1,2, Eric Danso^1,2,*, Solomon Danso¹

Journal of Cyber Security, Vol.7, pp. 439-462, 2025, DOI:10.32604/jcs.2025.070587 - 17 October 2025

Abstract Cloud-based intrusion detection systems increasingly face sophisticated adversarial attacks such as evasion and poisoning that exploit vulnerabilities in traditional machine learning (ML) models. While deep learning (DL) offers superior detection accuracy for high-dimensional cloud logs, it remains vulnerable to adversarial perturbations and lacks interpretability. Conversely, Hidden Markov Models (HMMs) provide probabilistic reasoning but struggle with raw, sequential cloud data. To bridge this gap, we propose a Deep Learning-Enhanced Ensemble Hidden Markov Model (DL-HMM) framework that synergizes the strengths of Long Short-Term Memory (LSTM) networks and HMMs while incorporating adversarial training and ensemble learning. Our architecture… More >

Tajinder Kumar¹, Purushottam Sharma^2,*, Xiaochun Cheng^3,*, Sachin Lalar⁴, Shubham Kumar⁵, Sandhya Bansal⁶

CMC-Computers, Materials & Continua, Vol.83, No.1, pp. 719-738, 2025, DOI:10.32604/cmc.2025.060836 - 26 March 2025

Abstract With cloud computing, large chunks of data can be handled at a small cost. However, there are some reservations regarding the security and privacy of cloud data stored. For solving these issues and enhancing cloud computing security, this research provides a Three-Layered Security Access model (TLSA) aligned to an intrusion detection mechanism, access control mechanism, and data encryption system. The TLSA underlines the need for the protection of sensitive data. This proposed approach starts with Layer 1 data encryption using the Advanced Encryption Standard (AES). For data transfer and storage, this encryption guarantees the data’s… More >

Sarah Mustafa Eljack^1,*, Mahdi Jemmali^2,3,4, Mohsen Denden^6,7, Mutasim Al Sadig¹, Abdullah M. Algashami¹, Sadok Turki⁵

CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 1461-1479, 2024, DOI:10.32604/cmc.2023.040919 - 30 January 2024

Abstract In the cloud environment, ensuring a high level of data security is in high demand. Data planning storage optimization is part of the whole security process in the cloud environment. It enables data security by avoiding the risk of data loss and data overlapping. The development of data flow scheduling approaches in the cloud environment taking security parameters into account is insufficient. In our work, we propose a data scheduling model for the cloud environment. The model is made up of three parts that together help dispatch user data flow to the appropriate cloud VMs.… More >

Lihong Guo^*, Jie Yang, Haitao Wu

CMC-Computers, Materials & Continua, Vol.76, No.2, pp. 1929-1946, 2023, DOI:10.32604/cmc.2023.039170 - 30 August 2023

Abstract Attribute-based encryption (ABE) is a technique used to encrypt data, it has the flexibility of access control, high security, and resistance to collusion attacks, and especially it is used in cloud security protection. However, a large number of bilinear mappings are used in ABE, and the calculation of bilinear pairing is time-consuming. So there is the problem of low efficiency. On the other hand, the decryption key is not uniquely associated with personal identification information, if the decryption key is maliciously sold, ABE is unable to achieve accountability for the user. In practical applications, shared… More >

Abdullah M. Basahel¹, Mohammad Yamin¹, Sulafah M. Basahel², E. Laxmi Lydia^3,*

CMC-Computers, Materials & Continua, Vol.74, No.2, pp. 4319-4336, 2023, DOI:10.32604/cmc.2023.033497 - 31 October 2022

Abstract Cloud Computing (CC) is the preference of all information technology (IT) organizations as it offers pay-per-use based and flexible services to its users. But the privacy and security become the main hindrances in its achievement due to distributed and open architecture that is prone to intruders. Intrusion Detection System (IDS) refers to one of the commonly utilized system for detecting attacks on cloud. IDS proves to be an effective and promising technique, that identifies malicious activities and known threats by observing traffic data in computers, and warnings are given when such threats were identified. The… More >