Efficient attribute-based strong designated verifier signature scheme based on elliptic curve cryptography.

In an attribute-based strong designated verifier signature, a signer who satisfies the access structure signs the message and assigns it to a verifier who satisfies the access structure to verify it, which enables fine-grained access control for signers and verifiers. Such signatures are used in scenarios where the identity of the signer needs to be protected, or where the public verifiability of the signature is avoided and only the designated recipient can verify the validity of the signature. To address the problem that the overall overhead of the traditional attribute-based strong designated verifier signature scheme is relatively large, an efficient attribute-based strong designated verifier signature scheme based on elliptic curve cryptography is proposed, as well as a security analysis of the new scheme given in the standard model under the difficulty of the elliptic curve discrete logarithm problem (ECDLP). On the one hand, the proposed scheme is based on elliptic curve cryptography and uses scalar multiplication on elliptic curves, which is computationally lighter, instead of bilinear pairing, which has a higher computational overhead in traditional attribute-based signature schemes. This reduces the computational overhead of signing and verification in the system, improves the efficiency of the system, and makes the scheme more suitable for resource-constrained cloud end-user scenarios. On the other hand, the proposed scheme uses LSSS (Linear Secret Sharing Schemes) access structure with stronger access policy expression, which is more efficient than the "And" gate or access tree access structure, making the computational efficiency of the proposed scheme meet the needs of resource-constrained cloud end-users.

Analysis of healthcare data security with DWT-HD-SVD based-algorithm invisible watermarking against multi-size watermarks.

In the modern day, multimedia and digital resources play a crucial role in demystifying complex topics and improving communication. Additionally, images, videos, and documents speed data administration, fostering both individual and organizational efficiency. Healthcare providers use tools like X-rays, MRIs, and CT scans to improve diagnostic and therapeutic capacities, highlighting the importance of these tools in contemporary communication, data processing, and healthcare. Protecting medical data becomes essential for maintaining patient confidentiality and service dependability in a time when digital assets are crucial to the healthcare industry. In order to overcome this issue, this study analyses the DWT-HD-SVD algorithm-based invisible watermarking in medical data. The main goal is to verify medical data by looking at a DWT-based hybrid technique used on X-ray images with various watermark sizes (256*256, 128*128, 64*64). The algorithm's imperceptibility and robustness are examined using metrics like Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity Index (SSIM) and are analyzed using Normalized Connection (NC), Bit Error Rate (BER), and Bit Error Rate (BCR) in order to evaluate its resistance to various attacks. The results show that the method works better with smaller watermark sizes than it does with larger ones.

Segurança da informação

Um dos oito princípios orientadores da transformação digital no setor de saúde promovidos pela Organização Pan-Americana da Saúde é o da segurança da informação. Esta sinopse de políticas apresenta conceitos chave, linhas de ação recomendadas e indicadores para monitoramento, com o objetivo de avançar nessa área.

IT-Related Barriers and Facilitators to the Implementation of a New European eHealth Solution, the Digital Survivorship Passport (SurPass Version 2.0): Semistructured Digital Survey.

BACKGROUND: To overcome knowledge gaps and optimize long-term follow-up (LTFU) care for childhood cancer survivors, the concept of the Survivorship Passport (SurPass) has been invented. Within the European PanCareSurPass project, the semiautomated and interoperable SurPass (version 2.0) will be optimized, implemented, and evaluated at 6 LTFU care centers representing 6 European countries and 3 distinct health system scenarios: (1) national electronic health information systems (EHISs) in Austria and Lithuania, (2) regional or local EHISs in Italy and Spain, and (3) cancer registries or hospital-based EHISs in Belgium and Germany. OBJECTIVE: We aimed to identify and describe barriers and facilitators for SurPass (version 2.0) implementation concerning semiautomation of data input, interoperability, data protection, privacy, and cybersecurity. METHODS: IT specialists from the 6 LTFU care centers participated in a semistructured digital survey focusing on IT-related barriers and facilitators to SurPass (version 2.0) implementation. We used the fit-viability model to assess the compatibility and feasibility of integrating SurPass into existing EHISs. RESULTS: In total, 13/20 (65%) invited IT specialists participated. The main barriers and facilitators in all 3 health system scenarios related to semiautomated data input and interoperability included unaligned EHIS infrastructure and the use of interoperability frameworks and international coding systems. The main barriers and facilitators related to data protection or privacy and cybersecurity included pseudonymization of personal health data and data retention. According to the fit-viability model, the first health system scenario provides the best fit for SurPass implementation, followed by the second and third scenarios. CONCLUSIONS: This study provides essential insights into the information and IT-related influencing factors that need to be considered when implementing the SurPass (version 2.0) in clinical practice. We recommend the adoption of Health Level Seven Fast Healthcare Interoperability Resources and data security measures such as encryption, pseudonymization, and multifactor authentication to protect personal health data where applicable. In sum, this study offers practical insights into integrating digital health solutions into existing EHISs.

Evaluating modern intrusion detection methods in the face of Gen V multi-vector attacks with fuzzy AHP-TOPSIS.

The persistent evolution of cyber threats has given rise to Gen V Multi-Vector Attacks, complex and sophisticated strategies that challenge traditional security measures. This research provides a complete investigation of recent intrusion detection systems designed to mitigate the consequences of Gen V Multi-Vector Attacks. Using the Fuzzy Analytic Hierarchy Process (AHP) and the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS), we evaluate the efficacy of several different intrusion detection techniques in adjusting to the dynamic nature of sophisticated cyber threats. The study offers an integrated analysis, taking into account criteria such as detection accuracy, adaptability, scalability, resource effect, response time, and automation. Fuzzy AHP is employed to establish priority weights for each factor, reflecting the nuanced nature of security assessments. Subsequently, TOPSIS is employed to rank the intrusion detection methods based on their overall performance. Our findings highlight the importance of behavioral analysis, threat intelligence integration, and dynamic threat modeling in enhancing detection accuracy and adaptability. Furthermore, considerations of resource impact, scalability, and efficient response mechanisms are crucial for sustaining effective defense against Gen V Multi-Vector Attacks. The integrated approach of Fuzzy AHP and TOPSIS presents a strong and adaptable strategy for decision-makers to manage the difficulties of evaluating intrusion detection techniques. This study adds to the ongoing discussion about cybersecurity by providing insights on the positive and negative aspects of existing intrusion detection systems in the context of developing cyber threats. The findings help organizations choose and execute intrusion detection technologies that are not only effective against existing attacks, but also adaptive to future concerns provided by Gen V Multi-Vector Attacks.

Securing Internet-of-Medical-Things networks using cancellable ECG recognition.

Reinforcement of the Internet of Medical Things (IoMT) network security has become extremely significant as these networks enable both patients and healthcare providers to communicate with each other by exchanging medical signals, data, and vital reports in a safe way. To ensure the safe transmission of sensitive information, robust and secure access mechanisms are paramount. Vulnerabilities in these networks, particularly at the access points, could expose patients to significant risks. Among the possible security measures, biometric authentication is becoming a more feasible choice, with a focus on leveraging regularly-monitored biomedical signals like Electrocardiogram (ECG) signals due to their unique characteristics. A notable challenge within all biometric authentication systems is the risk of losing original biometric traits, if hackers successfully compromise the biometric template storage space. Current research endorses replacement of the original biometrics used in access control with cancellable templates. These are produced using encryption or non-invertible transformation, which improves security by enabling the biometric templates to be changed in case an unwanted access is detected. This study presents a comprehensive framework for ECG-based recognition with cancellable templates. This framework may be used for accessing IoMT networks. An innovative methodology is introduced through non-invertible modification of ECG signals using blind signal separation and lightweight encryption. The basic idea here depends on the assumption that if the ECG signal and an auxiliary audio signal for the same person are subjected to a separation algorithm, the algorithm will yield two uncorrelated components through the minimization of a correlation cost function. Hence, the obtained outputs from the separation algorithm will be distorted versions of the ECG as well as the audio signals. The distorted versions of the ECG signals can be treated with a lightweight encryption stage and used as cancellable templates. Security enhancement is achieved through the utilization of the lightweight encryption stage based on a user-specific pattern and XOR operation, thereby reducing the processing burden associated with conventional encryption methods. The proposed framework efficacy is demonstrated through its application on the ECG-ID and MIT-BIH datasets, yielding promising results. The experimental evaluation reveals an Equal Error Rate (EER) of 0.134 on the ECG-ID dataset and 0.4 on the MIT-BIH dataset, alongside an exceptionally large Area under the Receiver Operating Characteristic curve (AROC) of 99.96% for both datasets. These results underscore the framework potential in securing IoMT networks through cancellable biometrics, offering a hybrid security model that combines the strengths of non-invertible transformations and lightweight encryption.

Secure UAV adhoc network with blockchain technology.

Recent advances in aerial robotics and wireless transceivers have generated an enormous interest in networks constituted by multiple compact unmanned aerial vehicles (UAVs). UAV adhoc networks, i.e., aerial networks with dynamic topology and no centralized control, are found suitable for a unique set of applications, yet their operation is vulnerable to cyberattacks. In many applications, such as IoT networks or emergency failover networks, UAVs augment and provide support to the sensor nodes or mobile nodes in the ground network in data acquisition and also improve the overall network performance. In this situation, ensuring the security of the adhoc UAV network and the integrity of data is paramount to accomplishing network mission objectives. In this paper, we propose a novel approach to secure UAV adhoc networks, referred to as the blockchain-assisted security framework (BCSF). We demonstrate that the proposed system provides security without sacrificing the performance of the network through blockchain technology adopted to the priority of the message to be communicated over the adhoc UAV network. Theoretical analysis for computing average latency is performed based on queuing theory models followed by an evaluation of the proposed BCSF approach through simulations that establish the superior performance of the proposed methodology in terms of transaction delay, data secrecy, data recovery, and energy efficiency.

Developing a Novel Ontology for Cybersecurity in Internet of Medical Things-Enabled Remote Patient Monitoring.

IoT has seen remarkable growth, particularly in healthcare, leading to the rise of IoMT. IoMT integrates medical devices for real-time data analysis and transmission but faces challenges in data security and interoperability. This research identifies a significant gap in the existing literature regarding a comprehensive ontology for vulnerabilities in medical IoT devices. This paper proposes a fundamental domain ontology named MIoT (Medical Internet of Things) ontology, focusing on cybersecurity in IoMT (Internet of Medical Things), particularly in remote patient monitoring settings. This research will refer to similar-looking acronyms, IoMT and MIoT ontology. It is important to distinguish between the two. IoMT is a collection of various medical devices and their applications within the research domain. On the other hand, MIoT ontology refers to the proposed ontology that defines various concepts, roles, and individuals. MIoT ontology utilizes the knowledge engineering methodology outlined in Ontology Development 101, along with the structured life cycle, and establishes semantic interoperability among medical devices to secure IoMT assets from vulnerabilities and cyberattacks. By defining key concepts and relationships, it becomes easier to understand and analyze the complex network of information within the IoMT. The MIoT ontology captures essential key terms and security-related entities for future extensions. A conceptual model is derived from the MIoT ontology and validated through a case study. Furthermore, this paper outlines a roadmap for future research, highlighting potential impacts on security automation in healthcare applications.

Strategic dilemmas when managing cyber attacks.

Cyber attacks have a significant business impact, with the potential to escalate into crises if poorly managed. A recurring pattern is strategic dilemmas that cannot be resolved satisfactorily. Some dilemmas are more pronounced, others less so, and therefore often catch decision-makers unprepared, leaving only bad options for decision-making. Something that all dilemmas have in common is that the associated decisions can have a lasting impact on relationships with stakeholders. This paper introduces four recurring dilemmas; shows the typical considerations; lists options for mitigating these dilemmas; and describes the basic requirements for implementing mitigations. The dilemmas and options, in turn, are rooted in the organisation-specific design of: cyber security incident management and response; IT service continuity and disaster recovery management; business continuity management; and crisis management and communication.

GSB: GNGS and SAG-BiGRU network for malware dynamic detection.

With the rapid development of the Internet, the continuous increase of malware and its variants have brought greatly challenges for cyber security. Due to the imbalance of the data distribution, the research on malware detection focuses on the accuracy of the whole data sample, while ignoring the detection rate of the minority categories' malware. In the dataset sample, the normal data samples account for the majority, while the attacks' malware accounts for the minority. However, the minority categories' attacks will bring great losses to countries, enterprises, or individuals. For solving the problem, this study proposed the GNGS algorithm to construct a new balance dataset for the model algorithm to pay more attention to the feature learning of the minority attacks' malware to improve the detection rate of attacks' malware. The traditional malware detection method is highly dependent on professional knowledge and static analysis, so we used the Self-Attention with Gate mechanism (SAG) based on the Transformer to carry out feature extraction between the local and global features and filter irrelevant noise information, then extracted the long-distance dependency temporal sequence features by the BiGRU network, and obtained the classification results through the SoftMax classifier. In the study, we used the Alibaba Cloud dataset for malware multi-classification. Compared the GSB deep learning network model with other current studies, the experimental results showed that the Gaussian noise generation strategy (GNGS) could solve the unbalanced distribution of minority categories' malware and the SAG-BiGRU algorithm obtained the accuracy rate of 88.7% on the eight-classification, which has better performance than other existing algorithms, and the GSB model also has a good effect on the NSL-KDD dataset, which showed the GSB model is effective for other network intrusion detection.

TITAN: Combining a bidirectional forwarding graph and GCN to detect saturation attack targeted at SDN.

The decoupling of control and forwarding layers brings Software-Defined Networking (SDN) the network programmability and global control capability, but it also poses SDN security risks. The adversaries can use the forwarding and control decoupling character of SDN to forge legitimate traffic, launching saturation attacks targeted at SDN switches. These attacks can cause the overflow of switch flow tables, thus making the switch cannot forward benign network traffic. How to effectively detect saturation attack is a research hotspot. There are only a few graph-based saturation attack detection methods. Meanwhile, the current graph generation methods may take useless or misleading information to the attack detection, thus decreasing the attack detection accuracy. To solve the above problems, this paper proposes TITAN, a bidirecTional forwardIng graph-based saturaTion Attack detectioN method. TITAN defines flow forwarding rules and topology information, and designs flow statistical features. Based on these definitions, TITAN generates nodes of the bi-forwarding graph based on the flow statistics features and edges of the bi-forwarding graph based on the network traffic routing paths. In this way, each traffic flow in the network is transformed into a bi-directional forwarding graph. Then TITAN feeds the above bidirectional forwarding graph into a Graph Convolutional Network (GCN) to detect whether the flow is a saturation attack flow. The experimental results show that TITAN can effectively detect saturation attacks in SDNs with a detection accuracy of more than 97%.

INNBC DApp, a decentralized application to permanently store biomedical data on a modern, proof-of-stake (POS), blockchain such as BNB Smart Chain.

BACKGROUND: A blockchain can be described as a distributed ledger database where, under a consensus mechanism, data are permanently stored in records, called blocks, linked together with cryptography. Each block contains a cryptographic hash function of the previous block, a timestamp, and transaction data, which are permanently stored in thousands of nodes and never altered. This provides a potential real-world application for generating a permanent, decentralized record of scientific data, taking advantage of blockchain features such as timestamping and immutability. IMPLEMENTATION: Here, we propose INNBC DApp, a Web3 decentralized application providing a simple front-end user interface connected with a smart contract for recording scientific data on a modern, proof-of-stake (POS) blockchain such as BNB Smart Chain. Unlike previously proposed blockchain tools that only store a hash of the data on-chain, here the data are stored fully on-chain within the transaction itself as "transaction input data", with a true decentralized storage solution. In addition to plain text, the DApp can record various types of files, such as documents, images, audio, and video, by using Base64 encoding. In this study, we describe how to use the DApp and perform real-world transactions storing different kinds of data from previously published research articles, describing the advantages and limitations of using such a technology, analyzing the cost in terms of transaction fees, and discussing possible use cases. RESULTS: We have been able to store several different types of data on the BNB Smart Chain: raw text, documents, images, audio, and video. Notably, we stored several complete research articles at a reasonable cost. We found a limit of 95KB for each single file upload. Considering that Base64 encoding increases file size by approximately 33%, this provides us with a theoretical limit of 126KB. We successfully overcome this limitation by splitting larger files into smaller chunks and uploading them as multi-volume archives. Additionally, we propose AES encryption to protect sensitive data. Accordingly, we show that it is possible to include enough data to be useful for storing and sharing scientific documents and images on the blockchain at a reasonable cost for the users. CONCLUSION: INNBC DApp represents a real use case for blockchain technology in decentralizing biomedical data storage and sharing, providing us with features such as immutability, timestamp, and identity that can be used to ensure permanent availability of the data and to provide proof-of-existence as well as to protect authorship, a freely available decentralized science (DeSci) tool aiming to help bring mass adoption of blockchain technology among the scientific community.

Securing cloud data using secret key 4 optimization algorithm (SK4OA) with a non-linearity run time trend.

Cloud computing alludes to the on-demand availability of personal computer framework resources, primarily information storage and processing power, without the customer's direct personal involvement. Cloud computing has developed dramatically among many organizations due to its benefits such as cost savings, resource pooling, broad network access, and ease of management; nonetheless, security has been a major concern. Researchers have proposed several cryptographic methods to offer cloud data security; however, their execution times are linear and longer. A Security Key 4 Optimization Algorithm (SK4OA) with a non-linear run time is proposed in this paper. The secret key of SK4OA determines the run time rather than the size of the data as such is able to transmit large volumes of data with minimal bandwidth and able to resist security attacks like brute force since its execution timings are unpredictable. A data set from Kaggle was used to determine the algorithm's mean and standard deviation after thirty (30) times of execution. Data sizes of 3KB, 5KB, 8KB, 12KB, and 16 KB were used in this study. There was an empirical analysis done against RC4, Salsa20, and Chacha20 based on encryption time, decryption time, throughput and memory utilization. The analysis showed that SK4OA generated lowest mean non-linear run time of 5.545±2.785 when 16KB of data was executed. Additionally, SK4OA's standard deviation was greater, indicating that the observed data varied far from the mean. However, RC4, Salsa20, and Chacha20 showed smaller standard deviations making them more clustered around the mean resulting in predictable run times.

Towards secure and efficient integration of blockchain and 6G networks.

The future of communication systems is undergoing a transformative shift towards intelligence, efficiency, and flexibility. Presently, the amalgamation of blockchain technology and the sixth-generation mobile communication network (6G) has garnered significant attention, as their fusion is poised to profoundly impact the digital economy and society at large. However, the convergence of blockchain and 6G networks poses challenges pertaining to security and performance. In this article, we propose an approach based on the design of secure mechanisms and performance optimization to delve into the key issues surrounding the integration of blockchain and 6G networks from both security and performance perspectives. Specifically, we first introduce the application scenarios of 6G networks and blockchain's empowerment of them to highlight the necessity of combining blockchain technology with 6G. Subsequently, in order to ensure the security of communication and data transmission between blockchain and 6G networks, we have investigated the design requirements for security mechanisms. Furthermore, we discuss the efficient realization of the amalgamation between blockchain and 6G networks by proposing a solution based on Directed Acyclic Graph (DAG) for blockchain's asynchronous consensus protocol, alongside optimization strategies for storage and communication to meet the desired characteristics and requirements of 6G networks. Lastly, we provide valuable research directions that serve as references and guidance for the future development of the integration between blockchain and 6G networks.

E2EE enhanced patient-centric blockchain-based system for EHR management.

To secure sensitive medical records in the healthcare clouds, this paper proposes an End-to-End Encryption (E2EE) to enhance a patient-centric blockchain-based system for electronic health record (EHR) management. The suggested system with a focus on the patient enables individuals to oversee their medical records within various involved parties by authorizing or withdrawing permission for access to their records. Utilizing the inter-planetary file system (IPFS) for record storage is chosen due to its decentralized nature and its ability to guarantee the unchangeability of records. Then an E2EE enhancement maintains the medical data integrity using dual level-Hybrid encryption: symmetric Advanced Encryption Standard (AES) and asymmetric Elliptic Curve Cryptography (ECC) cryptographic techniques. The proposed system is implemented using the Ethereum blockchain system for EHR data sharing and integration utilizing a web-based interface for the patient and all users to initiate the EHR sharing transactions over the IPFS cloud. The proposed system performance is evaluated in a working system prototype. For different file sizes between 512 KB to 100 MB, the performance metrics used to evaluate the proposed system were the time consumed for generating key, encryption, and decryption. The results demonstrate the proposed system's superiority over other cutting-edge systems and its practical ability to share secure health data in cloud environments.

Unpacking Sociotechnical Discourses on Telehealth Use and Data Protection: A Path Towards Digital Health Value Creation.

BACKGROUND: Telehealth uptake will remain sub-optimal without consumer trust. Safeguarding the security and privacy of health information plays an important role in building trust and acceptance of telehealth. OBJECTIVES: This study seeks to unpack the sociotechnical discourses on the use of telehealth with a focus on privacy and security in the context of United States health services. METHODS: A search of the media outlets facilitated via the Factiva database was conducted. Using a qualitative method, thematic analysis was performed on the news texts to identify the key themes and provide contextual explanations. RESULTS: The analysis led to the identification of three key themes: 'data protection practice', 'clinical resilience', and 'digital health business value' perspectives. These themes focus on various concepts of telehealth use including data privacy, security, public health emergency, compliance activities in the use of telehealth, meeting stakeholders' needs, reducing costs of service delivery, the potential of telehealth for informed action, and improving users' experience. Among these themes, 'data protection practice' was directly associated with privacy compliance and telehealth use. Other thematic discourses have provided an indirect reflection on the role of privacy compliance, with a greater emphasis placed on health service delivery and market dynamics rather than compliance in practice. CONCLUSION: Our study revealed the importance of the COVID-19 pandemic in telehealth use, highlighting the move towards 'good faith' and responsible use of telehealth.

Should We Better Stick to Pen and Paper? An Empirical Investigation on Functionality, Privacy and Data-Security of Physiotherapy Telehealth Applications.

BACKGROUND: Telehealth and mHealth apps become increasingly popular in health professions such as physiotherapy calling for increased awareness on functionality, privacy, and data security. OBJECTIVES: This work presents a functionality, privacy, and data-security evaluation of four telehealth services commonly used in physiotherapy. METHODS: We examined functionality and features, data protection, privacy implementations and data-security with a questionnaire and performed an in-depth investigation of the services. RESULTS: Privacy and security relevant findings such as use of outdated webservers, problems with certificate renewal as well as questionable GDPR compliance were reported. CONCLUSION: Due to the privacy and security relevant findings in this analysis it can be concluded that there is a need for improvement in design, development, operation as well as regulation of telehealth apps and services.

Customizable Presentation Attack Detection for Improved Resilience of Biometric Applications Using Near-Infrared Skin Detection.

Due to their user-friendliness and reliability, biometric systems have taken a central role in everyday digital identity management for all kinds of private, financial and governmental applications with increasing security requirements. A central security aspect of unsupervised biometric authentication systems is the presentation attack detection (PAD) mechanism, which defines the robustness to fake or altered biometric features. Artifacts like photos, artificial fingers, face masks and fake iris contact lenses are a general security threat for all biometric modalities. The Biometric Evaluation Center of the Institute of Safety and Security Research (ISF) at the University of Applied Sciences Bonn-Rhein-Sieg has specialized in the development of a near-infrared (NIR)-based contact-less detection technology that can distinguish between human skin and most artifact materials. This technology is highly adaptable and has already been successfully integrated into fingerprint scanners, face recognition devices and hand vein scanners. In this work, we introduce a cutting-edge, miniaturized near-infrared presentation attack detection (NIR-PAD) device. It includes an innovative signal processing chain and an integrated distance measurement feature to boost both reliability and resilience. We detail the device's modular configuration and conceptual decisions, highlighting its suitability as a versatile platform for sensor fusion and seamless integration into future biometric systems. This paper elucidates the technological foundations and conceptual framework of the NIR-PAD reference platform, alongside an exploration of its potential applications and prospective enhancements.

A provably lightweight and secure DSSE scheme, with a constant storage cost for a smart device client.

Outsourcing data to remote cloud providers is becoming increasingly popular amongst organizations and individuals. A semi-trusted server uses Searchable Symmetric Encryption (SSE) to keep the search information under acceptable leakage levels whilst searching an encrypted database. A dynamic SSE (DSSE) scheme enables the adding and removing of documents by performing update queries, where some information is leaked to the server each time a record is added or removed. The complexity of structures and cryptographic primitives in most existing DSSE schemes makes them inefficient, in terms of storage, and query requests generate overhead costs on the Smart Device Client (SDC) side. Achieving constant storage cost for SDCs enhances the viability, efficiency, and easy user experience of smart devices, promoting their widespread adoption in various applications while upholding robust privacy and security standards. DSSE schemes must address two important privacy requirements: forward and backward privacy. Due to the increasing number of keywords, the cost of storage on the client side is also increasing at a linear rate. This article introduces an innovative, secure, and lightweight Dynamic Searchable Symmetric Encryption (DSSE) scheme, ensuring Type-II backward and forward privacy without incurring ongoing storage costs and high-cost query generation for the SDC. The proposed scheme, based on an inverted index structure, merges the hash table with linked nodes, linking encrypted keywords in all hash tables. Achieving a one-time O(1) storage cost without keyword counters on the SDC side, the scheme enhances security by generating a fresh key for each update. Experimental results show low-cost query generation on the SDC side (6,460 nanoseconds), making it compatible with resource-limited devices. The scheme outperforms existing ones, reducing server-side search costs significantly.