Publication Search

70,860 articles from 625 journals · 1,760 citations tracked

Showing 1-20 of 45

Analytics

Dadang Iskandar Mulyana; Sopan Adrianto; Sugiyono Sugiyono; Muflikhan Dimas Dwiprayogi

International Journal of Applied Mathematics and Computing 2026 Asosiasi Riset Ilmu Matematika dan Sains Indonesia

The dissemination of personal data through digital media has increased significantly alongside the growing use of Quick Response (QR) Codes for various purposes, such as electronic tickets, certificates, and digital identities. Conventional QR Codes are open and can be easily scanned, copied, or manipulated by unauthorized parties. The personal data referred to in this study includes sensitive information such as full name, identity number (NIK/National ID), date of birth, address, phone number, and email address. This research proposes a layered security system that combines the Advanced Encryption Standard (AES) cryptographic algorithm with steganography using the Discrete Cosine Transform (DCT) method. The process begins with encrypting personal data using AES, converting the encrypted result into a QR Code, and embedding the QR Code into a digital image using DCT, hiding it in the image’s frequency domain. The digital images used are of fixed size and formats that preserve visual quality. System evaluation is carried out by testing the visual quality of the stego image, the success rate of QR Code extraction, and the integrity of the encrypted data. The results are expected to conceal sensitive information visually while maintaining its confidentiality, with potential applications in electronic ID cards, digital certificates, e-tickets, and other confidential documents.

Romy Atmansyah Iswandi; Demonius Sarumaha; Saiful Amir

Modem : Jurnal Informatika dan Sains Teknologi 2026 Asosiasi Profesi Telekomunikasi Dan Informatika Indonesia

This study analyzes the performance of the Dual Modulus RSA algorithm in securing text data using Python. The rapid growth of digital technology has increased the risk of data security threats, making efficient and secure encryption essential. Dual Modulus RSA is a modification of the classic RSA algorithm that uses two different moduli in the encryption and decryption process, thus increasing security levels because attackers must factorize two moduli simultaneously. This research uses an experimental quantitative approach by measuring the execution time of encryption and decryption processes with variations in plaintext length (5, 10, and 15 characters). Implementation was carried out using Python 3 with the time.perf_counter() function for microsecond-precision measurement. The results show that the Dual Modulus RSA algorithm successfully encrypts and decrypts all test plaintexts correctly. Encryption time ranged from 0.0212 ms to 0.0823 ms, while decryption time ranged from 0.0422 ms to 0.0955 ms. There is a positive linear relationship between plaintext length and processing time. Decryption is consistently slower than encryption due to the larger private key exponent (d1=2753, d2=3533) compared to the public exponent (e=17). The main factors affecting performance are exponent size, dual modulus overhead, CPU caching effects, and Python interpretation overhead. This study recommends using Dual Modulus RSA with hybrid encryption for practical implementation to balance security and performance.

Simarmata, Simon; Boru, Meiton

Journal of Information Technology and Computer Science 2026 International Forum of Researchers and Lecturers

Inconsistent terminology across cybersecurity frameworks undermines global governance and interoperability. The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF 2.0) and ISO/IEC 27001:2022 share similar objectives but diverge semantically in defining risk, control, and resilience. This semantic gap causes difficulties in compliance mapping and automated policy translation. Research Objectives: This study aims to analyze the semantic similarity and divergence between NIST and ISO/IEC 27000 terminologies, identify conceptual structures influencing interoperability, and propose an AI-assisted foundation for harmonizing cybersecurity language globally. Methodology: A mixed-method semantic comparative design integrates Natural Language Processing (NLP) and ontology mapping. Using the nist_glossary.csv dataset and ISO vocabularies, terms were normalized and analyzed via cosine similarity using sentence-transformer embeddings. Ontological alignment was visualized through the Semantic Threat Graph (STG) and validated by certified experts using Cohen’s Kappa reliability tests. Results: From 672 term pairs, results show 40.9% high semantic equivalence, 38.8% partial overlap, and 20.3% semantic divergence. Strongest alignment appears in “Protect” and “Identify” domains, while divergences occur in governance and recovery-related terms. Ontology mapping revealed three conceptual clusters—Risk Governance, Technical Safeguards, and Organizational Readiness. Conclusions: Findings confirm a 79.7% total semantic alignment, indicating strong potential for harmonizing global cybersecurity standards. The study contributes an empirical model combining computational linguistics and AI-based ontology mapping to establish semantic interoperability, enabling unified cybersecurity governance and AI-driven compliance automation. Keywords: Semantic Interoperability; Ontology Mapping; Cybersecurity Frameworks; Terminology Alignment; AI Harmonization

Qureshi, UmmeAmmara; Doshi, Bhumika; More, Aditya; Joshi, Kashyap; Kumar, Kapil

Journal of Computing Theories and Applications 2026 Universitas Dian Nuswantoro

Fully Homomorphic Encryption (FHE) enables computation on encrypted data with end-to-end confidentiality; however, its practical adoption remains limited by substantial computational costs, including long encryption and decryption times, high memory consumption, and operational latency. Zero-Knowledge Proofs (ZKPs) complement FHE by enabling correctness verification without revealing sensitive information, although they do not support encrypted computation independently. This study integrates both techniques to enable encrypted computation with verifiably consistent results. A prototype system is implemented in Python using Microsoft SEAL for homomorphic encryption and PySNARK for Zero-Knowledge Proof verification. Experiments are conducted on standard consumer-grade hardware (Intel i5, 8 GB RAM, Ubuntu 22.04) using datasets ranging from 100 MB to 1 GB. The evaluation focuses on encryption and decryption time, homomorphic computation latency, memory usage, and proof generation overhead. Experimental results show that integrating ZKPs introduces a moderate and stable runtime overhead of approximately 15–20%, as analyzed in Section 4, while enabling verification without plaintext disclosure. Ciphertext expansion remains a notable limitation, with observed growth of approximately 30–40× relative to plaintext size, consistent with prior FHE implementations. Despite these overheads, the system demonstrates feasible scalability for datasets up to 1 GB on mid-level hardware. Overall, the results indicate that the integrated FHE+ZKP approach provides a practical balance between confidentiality, verifiability, and performance, supporting its applicability to privacy-preserving scenarios such as secure cloud computation, encrypted data analytics, and confidential data processing under realistic resource constraints.

Rusma Riansyah; Dimas Aqila Aptanta; Hafiz Aryanda; Muhammad Farhan; Ibnu Rusydi

Neptunus: Jurnal Ilmu Komputer Dan Teknologi Informasi 2026 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

The rapid expansion of internet usage has led to a significant increase in cybersecurity threats, particularly phishing attacks delivered through malicious links. Phishing links are designed to imitate legitimate websites in order to deceive users and steal sensitive information. This study presents the implementation of a phishing link detection website based on SSL validation and URL scoring mechanisms. The proposed system integrates heuristic-based URL analysis with real-time SSL certificate validation obtained through the SSL handshake process. Digital certificates are verified using RSA-based digital signature verification issued by trusted Certificate Authorities (CAs). In addition, the SHA-256 hash algorithm is employed to generate certificate fingerprints and URL hashes to ensure data integrity and uniqueness. The system also evaluates HTTPS usage, domain and certificate consistency, certificate validity period, and RSA public key strength. All validation results are processed using a URL scoring system to generate a security score ranging from 0 to 100, which classifies links into safe, suspicious, or dangerous categories. Experimental results demonstrate that the proposed website is capable of effectively identifying phishing indicators and providing transparent cryptographic evidence in real time. This approach can assist users in making informed decisions and improving protection against phishing threats in web environments.

Ibnu Rusydi; Laila Ali Putri; Maria Ulfa

Saturnus: Jurnal Teknologi dan Sistem Informasi 2026 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

This research presents the development of a transaction data protection mechanism for a bouquet sales application by utilizing the Advanced Encryption Standard (AES) algorithm. The rapid growth of digital commerce has led to an increase in online transactions, which in turn raises serious concerns regarding the security of sensitive transaction data. Information such as customer identities, order details, delivery addresses, and payment data are vulnerable to unauthorized access, data leakage, and manipulation if not properly secured. To address these issues, this study applies the AES-128 encryption algorithm using a 128-bit secret key to secure transaction data before it is stored in the system database. The encryption process follows the standard AES workflow, including key expansion, initial transformation, multiple encryption rounds, and a final transformation stage. Decryption is restricted exclusively to authorized users who possess the correct encryption key. The research methodology includes system analysis, AES integration into the application, and functional testing of the encryption and decryption processes. Data integrity is validated by comparing the original plaintext with the decrypted output, while system performance is evaluated based on processing time and decryption accuracy. Experimental results indicate that the average encryption and decryption time remains under 10 milliseconds per transaction, without affecting system performance. The findings confirm that AES-128 effectively enhances transaction data confidentiality and integrity in the bouquet sales application

Salsabila Putri Hati Siregar; Nur Aisyah Pandia; Putri Ramadani; Ibnu Rusydi

Polygon : Jurnal Ilmu Komputer dan Ilmu Pengetahuan Alam 2026 Asosiasi Riset Ilmu Matematika dan Sains Indonesia

Data security is a critical aspect in the digital era due to the increasing exchange of sensitive information through electronic media. One widely used approach to protect data confidentiality is cryptography, particularly asymmetric encryption algorithms. This study aims to analyze the implementation of the Rivest–Shamir–Adleman (RSA) algorithm as a data security mechanism through an encryption and decryption process. The research method used is an experimental approach by implementing the RSA algorithm in a text-based data security simulation. The stages include key generation, encryption, and decryption processes, followed by analysis of the correctness and effectiveness of the algorithm in maintaining data confidentiality. The results show that the RSA algorithm is capable of converting plaintext into unreadable ciphertext and successfully restoring it to its original form through the decryption process using the correct private key. This confirms that RSA provides a high level of security based on the difficulty of factoring large prime numbers. The implication of this study is that the RSA algorithm can be effectively applied to secure sensitive data transmission in information systems, especially in environments requiring strong authentication and confidentiality.

Siti Fadiyah Nabila; Maisyarah Maisyarah; Zahara Vonna; Salsabila Arifa Hasibuan; Silfia Rahmadani Sitorus +2 more

Polygon : Jurnal Ilmu Komputer dan Ilmu Pengetahuan Alam 2026 Asosiasi Riset Ilmu Matematika dan Sains Indonesia

Information security is an essential aspect of digital communication, particularly in the exchange of text-based messages through open networks. Messages transmitted without protection are vulnerable to interception and unauthorized modification. One classical cryptographic technique that remains relevant as a foundational learning tool is the Caesar Cipher algorithm. This study aims to implement the Caesar Cipher algorithm for message encryption and decryption and to analyze its effectiveness and security level. The research method employed is a descriptive approach through literature review and a case study by applying character-shift techniques to text messages. The results indicate that the Caesar Cipher algorithm successfully transforms plaintext into ciphertext and restores it back to its original form through the decryption process. Although the algorithm is simple and easy to implement, it has significant limitations in terms of security due to its small key space and vulnerability to brute-force attacks. Therefore, Caesar Cipher is not suitable for protecting sensitive data but remains valuable as an introductory model for understanding basic cryptographic concepts.

Wahyudi, Eko Nur; Handoko, Widiyanto Tri; Lestariningsih, Endang

Nusantara: Jurnal Pengabdian kepada Masyarakat 2026 Pusat Riset dan Inovasi Nasional

This community service activity aimed to enhance the security and efficiency of halal certification mentoring services at the Aurum First Sunrise community in Surakarta. The main challenge faced by the partner was the risk of sensitive SME data leakage such as ID cards, recipes, and supply chain information, due to the lack of an adequate document security mechanism. The core solution implemented was Technology Implementation in the form of a Cryptographically-based Document Management Information sistem (utilizing the Light Weight PDAC algorithm) integrated with digital access rights management and user Training. Evaluation demonstrated successful implementation, evidenced by an increase in the average satisfaction of SMEs regarding data security to 97.8%, confirming enhanced trust. Furthermore, digitalization successfully improved the efficiency of the mentoring team, reflected by a satisfaction score of 85.0%. In conclusion, this service successfully transformed the partner into a secure, efficient, and credible mentoring institution, significantly supporting SMEs in accessing halal certification.

Sarah Triana; Fiky Anggara; Agata Febrianti Nadia Sa'o; Lolintiani Evarista Lobatuka; Sarmila Sarmila

Modem : Jurnal Informatika dan Sains Teknologi 2026 Asosiasi Profesi Telekomunikasi Dan Informatika Indonesia

Steganography is a method to hide confidential messages in digital media so that they are not detected by unauthorized parties. Unlike cryptography which protects the content of messages through encryption, steganography hides the message itself. One popular technique is the Least Significant Bit (LSB), which replaces the least important bit on the pixel with a secret message bit. However, conventional LSB methods such as 1-bit or 3-bit have limitations due to the compromise between insertion capacity and visual quality of the media. This study proposes an LSB-based video steganography method with an adaptive multi-bit embedding approach. This technique determines the number and position of bits that are dynamically inserted based on the local brightness and texture levels of each video frame, with Laplacian operators used to analyze both high and low textured areas. The process includes frame and audio extraction, frame-by-frame embedding, inserted video reconstruction, and decoding using video cover references. The evaluation was carried out quantitatively using the Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity Index (SSIM) metrics, as well as qualitatively through visual comparison. The results showed that the adaptive multi-bit method was able to maintain visual quality with a PSNR of 45.23 dB and SSIM of 0.9424, and increased the insertion capacity by up to 2–3 times compared to the 1-bit adaptive method. Thus, this approach effectively balances imperceptibility and insertion capacity on dynamic video steganography systems.  

Annida Akmalia Anddini; Fiky Anggara; Aqhlia Nur Fahma; Nur Diva Riski Irvan; Aufa Nabith Fadlu Ramanda

Modem : Jurnal Informatika dan Sains Teknologi 2026 Asosiasi Profesi Telekomunikasi Dan Informatika Indonesia

This research aims to enhance the imperceptibility of secret messages in video steganography to prevent detection by third parties. Unlike cryptography, which focuses on securing the message content, this method seeks to conceal the very existence of the message by maintaining a visual quality nearly identical to the original video. The proposed approach utilizes an adaptive multi-bit scheme based on the Least Significant Bit (LSB) technique, which intelligently analyzes the local characteristics of each frame, including brightness, texture, and motion. This strategy allows for higher data insertion in areas with high visual tolerance while limiting bits in sensitive areas to prevent distortion. Evaluation results using PSNR and SSIM metrics indicate that while increasing message capacity (from 1-bit to 3-bit) reduces the PSNR from 51.80 dB to 39.44 dB, the method remains highly effective in preserving visual integrity. Overall, this technique proves to be more secure and superior to traditional LSB in balancing storage capacity with high-quality video output.

Maulani Rizqi; Intan Nadilah; Ahmadil Hamdi; Nikken Prima Puspita; I Gede Adhitya Wisnu Wardhana

Pemberdayaan Masyarakat: Jurnal Aksi Sosial 2025 Lembaga Pengembangan Kinerja Dosen

This community service activity aims to increase the understanding of students at State Senior High School 2 Mataram regarding information security by introducing the concepts of coding and cryptography in digital messages. The rapid use of messaging applications among teenagers makes students increasingly vulnerable to cyber threats, necessitating education on how data protection works in online communication. This program is implemented using a descriptive method consisting of planning, implementation, and evaluation stages. The material covered includes basic cryptography concepts, end-to-end encryption mechanisms, and the practical process of the Diffie–Hellman key exchange thru the interactive simulation "Alice and Bob." Learning is designed contextually and participatively so that students can connect theory with the digital applications they use every day. The evaluation results showed an improvement in students' understanding, reflected in their active participation, ability to answer questions, and adequate post-test scores. This activity not only strengthens digital security literacy but also raises students' awareness of the importance of protecting personal data in online communication. This program is expected to be the beginning of more sustainable digital security learning development in the school environment.

Maulani Rizqi; Intan Nadilah; Ahmadil Hamdi; Nikken Prima Puspita; I Gede Adhitya Wisnu Wardhana

Pemberdayaan Masyarakat: Jurnal Aksi Sosial 2025 Lembaga Pengembangan Kinerja Dosen

This community service activity aims to increase the understanding of students at State Senior High School 2 Mataram regarding information security by introducing the concepts of coding and cryptography in digital messages. The rapid use of messaging applications among teenagers makes students increasingly vulnerable to cyber threats, necessitating education on how data protection works in online communication. This program is implemented using a descriptive method consisting of planning, implementation, and evaluation stages. The material covered includes basic cryptography concepts, end-to-end encryption mechanisms, and the practical process of the Diffie–Hellman key exchange thru the interactive simulation "Alice and Bob." Learning is designed contextually and participatively so that students can connect theory with the digital applications they use every day. The evaluation results showed an improvement in students' understanding, reflected in their active participation, ability to answer questions, and adequate post-test scores. This activity not only strengthens digital security literacy but also raises students' awareness of the importance of protecting personal data in online communication. This program is expected to be the beginning of more sustainable digital security learning development in the school environment.

Ratih Adinda Destari

Neptunus: Jurnal Ilmu Komputer Dan Teknologi Informasi 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

The exchange of information in the digital era has become a general need for society. However, the information sent often has a public or confidential nature. Therefore, security is needed so that confidential information remains safe. Cryptography is a field of knowledge used to secure information using encryption and decryption processes. One of the cryptographic methods used is the permutation method, which changes the layout, sequence, or structure of data into a form that is difficult to understand without knowledge of the exact key. Implementing cryptography using the permutation method in Android-based applications can increase the security and privacy of user data, as well as protect sensitive information from unauthorized access. This research aims to implement permutation method cryptography in Android-based applications to protect the confidentiality or privacy of user data. By using the permutation method, the sequence of bits or characters in the data is scrambled so that it is difficult for unauthorized parties to understand. The research results show that the implementation of permutation method cryptography in Android applications can provide a higher level of security in maintaining data confidentiality. However, it is worth considering that simple permutation methods may not be secure enough to deal with more sophisticated attacks. Therefore, choosing a stronger cryptographic method needs to be considered to achieve a higher level of security. In conclusion, implementing cryptography using the permutation method in Android-based applications can increase the security and privacy of user data. The permutation method is able to randomize the sequence of bits or characters in the data so that it is difficult for unauthorized parties to understand. However, for a higher level of security, it is necessary to consider stronger cryptographic methods.

Dhymaz Haiqal Azhari; Achmad Fauzi; Herman Sembiring

Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

MP3 audio files are often used in a variety of fields, but they are prone to security risks such as eavesdropping and illegal access. This study proposes a super encryption method by combining the algorithms of Rivest Shamir Adleman (RSA) and ElGamal to improve the protection of audio data. RSA was chosen for its efficiency and ease of implementation, while ElGamal offers a high level of security through discrete logarithmic complexity. The combination of the two is expected to address the weaknesses of each algorithm and strengthen file security. The system is developed using the Python programming language with the Visual Studio Code environment. The encryption process is done in layers: MP3 files are first encrypted with RSA, and then the results are encrypted again with ElGamal. The decryption is done in reverse order. Tests are conducted with various MP3 file sizes to measure the effectiveness and performance of the system. The results show that this method is able to secure audio files so that they cannot be accessed without the private keys of both algorithms. Although processing times are increased compared to single encryption, the level of security obtained is much higher. This approach can be an effective solution for protecting digital audio data, particularly MP3 format, and could potentially be applied to a wide range of other data types that require a high level of security.

Afrizal Ibnu Saputra

Proceeding of the International Conference on Economics, Accounting, and Taxation 2025 Asosiasi Riset Ekonomi dan Akuntansi Indonesia

This study maps the regulatory landscape of financial technology (fintech), focusing on cryptocurrency regulation at both global and Indonesian levels. Cryptocurrency, one of the fastest-growing fintech instruments, functions as a virtual currency secured by cryptography. Despite lacking physical form, it is widely used for investment, transactions, and speculation, with trust supported by blockchain’s transparency and immutability. However, regulatory frameworks remain fragmented across countries. The research applies a bibliometric approach, using Bibliometrix (R Studio) for descriptive analysis and VosViewer for keyword network visualization. Data were retrieved from Scopus with the keywords “cryptocurrency regulation” and “fintech regulation,” covering 2016–2025. Findings reveal 1,178 documents from 484 sources, contributed by 4,693 authors, with an average of 7.43 authors per document and an international collaboration rate of 24.79%. The annual growth rate reaches 44.31%, with an average of 14.01 citations per document. Keyword analysis identifies four main clusters: financial regulation, green finance and sustainability, decentralized finance (DeFi), and blockchain cybersecurity. This study provides a knowledge map of regulatory evolution from conventional finance to blockchain-based fintech, offering insights for academics, regulators, and industry to balance innovation, consumer protection, and financial stability.

Abba, Abubakar; Ahmed, Nisar; Sulaimon, Hakeem Adewale

Journal of Computing Theories and Applications 2025 Universitas Dian Nuswantoro

The widespread use of digital images, driven by low-cost, handheld acquisition devices, has increased the need for robust security measures to safeguard privacy. This demand is further underscored by rising identity theft and other image-related crimes. This study presents a chaos-based experimental evaluation of contemporary image encryption algorithms. Owing to intrinsic properties such as sensitivity to initial conditions and pseudo-randomness, chaos theory has become increasingly prominent in image encryption. Five chaos-based image encryption schemes were selected and applied to a dataset of 26 color images. The evaluation covers both encryption performance and cryptographic security. Decryption quality is measured using Mean Squared Error (MSE), Peak Signal-to-Noise Ratio (PSNR), Structural Similarity Index (SSIM), and DeepEns. Cryptographic security is assessed using entropy, correlation coefficient, Number of Pixel Change Rate (NPCR), Unified Average Changing Intensity (UACI), average and maximum deviation, and histogram analysis. Experimental results indicate that all evaluated schemes demonstrate strong cryptographic security and comparable encryption performance, with broadly similar effectiveness across methods.

Mardhyah Fathania ‘Izzati; Widya Darwin

Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

This research aims to develop a transaction data security system on the web-based Pancadaya Waste Bank application by applying a hybrid cryptographic algorithm that combines Advanced Encryption Standard (AES) and Rivest Shamir Adleman (RSA). The problem faced in the previous system is the weak recording and security of customer transaction data, because the process is still carried out manually so that it is prone to recording errors, loss of important information, and potential misuse of data by unauthorized parties. To answer these problems, this study uses the Rapid Application Development (RAD) method which allows the application development process to be carried out quickly, flexibly, structured, and according to user needs. The research method used was a qualitative approach with interview techniques with the management of the Pancadaya Waste Bank and the Environment Office, as well as an in-depth literature study on the application of hybrid cryptographic algorithms in modern information systems. The system is built using the PHP programming language, MySQL database, and OpenSSL library as the main support for the data encryption and decryption process. The implementation of the algorithm is carried out by encrypting transaction data using AES for efficiency and speed, then the AES key is secured through RSA to ensure a higher level of security while preventing illegal access. The test results showed that the system was able to encrypt and decrypt transaction data in real-time, as well as display transaction results in the form of digital notes on deposit and balance withdrawal activities. In addition, performance tests using GTmetrix showed that the application has excellent speed, stability, and processing efficiency, making it feasible to be widely implemented in Pancadaya Waste Bank operations.

Sinaga, Rudolf; Frangky Frangky

Systematic Literature Review Journal 2025 International Forum of Researchers and Lecturers

This systematic literature review examines the philosophy of science approaches to user security in distributed devices, such as IoT and Federated Learning. The review was conducted in response to the exponential growth of connected devices and the increasing security threats, including cyberattacks, data breaches, and unauthorized access. As distributed systems become more complex, traditional security approaches, such as cryptography and differential privacy, are often insufficient to address the ethical, philosophical, and contextual challenges that arise in these ecosystems. Distributed devices, especially in IoT and Federated Learning contexts, rely on vast amounts of personal data. This data, often stored or processed in decentralized environments, creates significant risks to user privacy and system integrity. As the number of connected devices grows, security risks multiply, creating challenges in maintaining user trust, privacy, and overall system resilience. Conventional techniques, such as encryption, only focus on technical aspects, often neglecting the deeper philosophical dimensions, such as the nature of knowledge, privacy, and fairness in these systems. These gaps highlight the need for a more nuanced approach that incorporates philosophical perspectives into security frameworks. This study uses a systematic literature review method based on the PICOC (Population, Intervention, Comparison, Outcome, Context) framework to analyze the relevance of epistemology, ontology, and ethics in strengthening system security. By examining the foundational principles of how knowledge is constructed (epistemology), what entities exist in the system (ontology), and the ethical considerations around data and user privacy (ethics), the review provides a comprehensive understanding of how philosophical concepts can be integrated into the design and implementation of security systems in distributed environments. The results reveal that epistemological principles, such as the verification and validation of data sources and models, can significantly improve the reliability and trustworthiness of distributed systems.  

Assaad Essa Omran Murad

Jupiter: Publikasi Ilmu Keteknikan Industri, Teknik Elektro dan Informatika 2025 Asosiasi Riset Ilmu Teknik Indonesia

Wireless Medical Sensor Networks (WMSNs) are a key component of modern Healthcare Internet of Things (IoT) systems, enabling continuous and real-time monitoring of patients’ physiological parameters. These networks support timely medical intervention, improve patient outcomes, and facilitate remote healthcare delivery. However, due to the open and resource-constrained nature of WMSNs, they are highly susceptible to various security threats, particularly during the authentication phase. Existing authentication protocols have been found vulnerable to a range of attacks, including impersonation, session key disclosure, and gateway database compromise, which can lead to severe privacy breaches and potentially life-threatening situations. To address these issues, this paper proposes a secure and lightweight three-factor authentication protocol tailored for WMSNs in healthcare IoT environments. The proposed protocol integrates Elliptic Curve Cryptography (ECC) for strong public key-based security with minimal computational overhead, fuzzy extractors to securely handle biometric information and ensure resistance against biometric template compromise, and session-based randomness to achieve forward secrecy and prevent replay or key-compromise impersonation attacks. Security analysis demonstrates that the proposed protocol successfully mitigates prominent threats such as impersonation attacks, man-in-the-middle attacks, session key leakage, and database compromise. In addition, the protocol ensures mutual authentication between the user, the gateway, and the sensor nodes, while maintaining data confidentiality and integrity. Performance evaluation indicates that the protocol offers significantly reduced computational cost and communication delay compared to existing schemes. Its low energy consumption and minimal storage requirements make it suitable for deployment in resource-constrained medical devices and large-scale IoT healthcare networks. The results highlight the protocol’s scalability, energy efficiency, and robustness, making it a practical and secure solution for safeguarding patient data and ensuring trustworthy communication in WMSNs-based healthcare IoT systems.