Search results
1 – 10 of 21Joe Garcia, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger and Roberto Maldonado
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software…
Abstract
Purpose
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.
Design/methodology/approach
An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.
Findings
Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.
Practical implications
A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.
Originality/value
Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
Details
Keywords
- Software development
- Blockchain
- Cybersecurity
- Operational flight program
- Secure development environment
- Secure virtual machine
- Zero trust
- Embedded systems
- Mission-critical systems
- OFP
- DevOps
- DevSecOps
- Software support activity
- SSA
- SDE
- Permissioned blockchain
- Cryptocurrency
- Time-limited authorization for developer action
- TADA
- Code signing
- Trusted software guard
- SGX
- Trusted eXecution technology
- TXT
- Trusted platform module
- Self-hosting
- Controlled access blockchain
- CABlock
- Role-based access control
- RBAC
Sanjeev Verma and Ashutosh Sheel
Blockchain is widely applied in e-voting, shared economy areas and other government functioning. Fragmented findings and distributed literature need consolidation for a holistic…
Abstract
Purpose
Blockchain is widely applied in e-voting, shared economy areas and other government functioning. Fragmented findings and distributed literature need consolidation for a holistic view of the research domain. The purpose of this study is to comprehensively reviews the blockchain applications for government organizations and presents the past, present and future trends of blockchain applications for government organizations.
Design/methodology/approach
Systematic review protocol instrumentalized the systematic review of research articles published from 2013 to 2021. Science mapping discerns scientific actors’ trends and performance analysis like most influential authors, documents and sources. Content analysis of selected data set unfolds the past, present and future of blockchain applications for government organizations.
Findings
Blockchain technology offers enormous potential for the transformation of government organizations and public services. The primary areas are cryptocurrency, e-voting, shared economy, smart contracts, financial and health services, tourism, logistics and water sustainability.
Research limitations/implications
This study reviewed only published research in journals and conference proceedings and excluded book reviews, book chapters and editorials from the review set. This study persuades governments and policymakers to invest in blockchain technology for transforming government organizations and public services.
Practical implications
This study highlights the importance of blockchain in government-controlled public departments, enhancing transparency and efficiency in public life.
Social implications
Blockchain technology enhances transparency, traceability and accountability of public records.
Originality/value
This study pioneers in chronologically highlighting the importance of blockchain in government-controlled public departments.
Details
Keywords
Nikolay Andreevich Moldovyan and Dmitriy Nikolaevich Moldovyan
The practical purpose of this research is to propose a candidate for post-quantum signature standard that is free of significant drawback of the finalists of the NIST world…
Abstract
Purpose
The practical purpose of this research is to propose a candidate for post-quantum signature standard that is free of significant drawback of the finalists of the NIST world competition, which consists in the large size of the signature and the public key. The practical purpose is to propose a fundamentally new method for development of algebraic digital signature algorithms.
Design/methodology/approach
The proposed method is distinguished by the use of two different finite commutative associative algebras as a single algebraic support of the digital signature scheme and setting two different verification equation for a single signature. A single public key is computed as the first and the second public keys, elements of which are computed exponentiating two different generators of cyclic groups in each of the algebras.
Findings
Additionally, a scalar multiplication by a private integer is performed as final step of calculation of every element of the public key. The same powers and the same scalar values are used to compute the first and the second public keys by the same mathematic formulas. Due to such design, the said generators are kept in secret, providing resistance to quantum attacks. Two new finite commutative associative algebras, multiplicative group of which possesses four-dimensional cyclicity, have been proposed as a suitable algebraic support.
Originality/value
The introduced method is novel and includes new techniques for designing algebraic signature schemes that resist quantum attacks. On its base, a new practical post-quantum signature scheme with relatively small size of signature and public key is developed.
Details
Keywords
Large-scale practical applications and commercialisation may still be a decade or more away, but their future significance is already moving them to the forefront of US-China…
Details
DOI: 10.1108/OXAN-DB266828
ISSN: 2633-304X
Keywords
Geographic
Topical
Abstract
Details
Keywords
Juliane Welz, Annamaria Riemer, Inga Döbel, Nora Dakkak and Anna Sophie Von Schwartzenberg
The aim of this paper is to gain knowledge in podcast mining as an additional source for Web-based horizon scanning (HS). The paper presents theoretical insights on the potential…
Abstract
Purpose
The aim of this paper is to gain knowledge in podcast mining as an additional source for Web-based horizon scanning (HS). The paper presents theoretical insights on the potential of podcast mining by exploring topics, which may be relevant in the future, and by reflecting the results against a background of HS approaches. The study provides a preliminary overview by presenting an exemplary list of podcast shows for further research.
Design/methodology/approach
The paper uses an exploratory quantitative content analysis, which was conducted on the basis of 30 topics deemed to be relevant in the future and which were identified in the field of applied science. Based on these topics, podcasts and episodes were identified which address future-oriented topics and were discussed in terms of range of content.
Findings
The findings indicate that future-oriented topics are addressed in podcasts. However, differences in dynamics and range of content of the podcasts concerned highlight the necessity of identifying a list of suitable podcasts according to the specific scanning focus and the dynamics of each future-oriented topics.
Originality/value
While a growing number of podcast studies have already noted the importance of podcasts as a key medium, for example, educational processes and media sciences, no detailed explanation of podcast mining as a tool for the purposes of HS has been published. The review therefore makes an original contribution to this field, highlighting areas where future research is needed.
Details
Keywords
The purpose of this paper is to examine the blockchain as a trusted computing platform. Understanding the strengths and limitations of this platform is essential to execute…
Abstract
Purpose
The purpose of this paper is to examine the blockchain as a trusted computing platform. Understanding the strengths and limitations of this platform is essential to execute large-scale real-world applications in blockchains.
Design/methodology/approach
This paper proposes several modifications to conventional blockchain networks to improve the scale and scope of applications.
Findings
Simple modifications to cryptographic protocols for constructing blockchain ledgers, and digital signatures for authentication of transactions, are sufficient to realize a scalable blockchain platform.
Originality/value
The original contributions of this paper are concrete steps to overcome limitations of current blockchain networks.
Details