Editorial: STAP Journal of Security Risk Management
By Mohammad Amin Almaiah
PDFAbstract
Dear Readers, It is with great pleasure that we introduce to you our upcoming journal, " STAP Journal of Security Risk Management." This journal is dedicated to exploring the advancements in the field of cybersecurity and providing a platform for researchers and scholars to exchange ideas, fostering progress in the area of security and risk management. On behalf of the editorial team, I extend our heartfelt gratitude and a warm welcome to the scholars, experts, researchers, and readers who support and follow our journal. Purpose of the Journal The STAP Journal of Security Risk Management aims to promote the development of cybersecurity fields, enhance the research level of cybersecurity technologies, and strengthen academic exchanges on an international scale. We are committed to building an open, inclusive, and innovative platform for researchers in the field of cybersecurity to present their findings, share experiences, and exchange ideas.
Cyber Risk Management in the Internet of Things: Frameworks, Models, and Best Practices
By Mohammed Almaayah, Rejwan Bin Sulaiman
PDFAbstract
This paper contributes to the ongoing discourse by identifying key risks associated with IoT devices and environments and proposing strategies to mitigate them. The study focuses on three main objectives: (1) identifying the primary security threats affecting IoT devices, (2) outlining best practices for mitigating these risks, and (3) exploring the role of cyber risk management in securing IoT ecosystems. By addressing these aspects, the paper aims to support stakeholders in implementing more robust security frameworks, ensuring confidentiality, integrity, and safety in IoT deployments. Based on an analysis of 35 previous studies, it is evident that a variety of complementary risk management frameworks and models are available to support the secure deployment and operation of IoT devices. These frameworks have been developed for both governmental and commercial use, enabling organizations to tailor their risk management strategies to specific IoT contexts. Among the reviewed studies, seven utilized the ISO framework for risk management in IoT environments, while six applied the NIST framework. Additionally, three studies implemented the OCTAVE framework to assess and mitigate risks. Notably, nine studies each employed a distinct risk management model, including ELK Stack, PDCA Cycle, Cyber Kill Chain (CKC), CSRF, CRAMM, COBIT 5, IoTSRM2, and the Cyber Value at Risk (CVaR) model. These diverse approaches highlight the growing recognition of the need for structured, adaptable, and sector-specific risk management strategies in the rapidly evolving IoT landscape.
A Comprehensive Review of Security and Privacy Challenges and Solutions in Autonomous Driving Systems
By Mohammed Amin, Youakim Badr, Qais Al-Na’amneh, Mahmoud Aljawarneh, Rahaf Hazaymih, Shahid Munir Shah
PDFAbstract
The rapid evolution of immersive technologies such as Augmented Reality (AR) and Virtual Reality (VR) has transformed sectors ranging from entertainment and healthcare to education and industrial operations. However, the increasing integration of these technologies into daily life introduces a new landscape of cybersecurity and privacy challenges. This review paper provides a comprehensive comparative analysis of security threats associated with AR and VR systems, emphasizing the unique vulnerabilities that arise from their distinct architectures and user interaction models. We examine emerging attack vectors such as sensor spoofing, man-in-the-room attacks, data leakage through AR overlays, VR hijacking, and unauthorized motion tracking. The paper also explores crosscutting issues like biometric data misuse, identity theft in virtual spaces, and spatial-temporal data inference. A critical comparison is made between the threat surfaces of AR—where the virtual is overlaid on the physical—and VR—where users are fully immersed in synthetic environments. In parallel, we evaluate a range of mitigation strategies and defense mechanisms, including secure sensor integration, encryption protocols, context-aware access control, and privacy-preserving rendering techniques. The paper concludes by identifying key research gaps and proposing a roadmap for developing holistic and resilient security frameworks tailored to the future of immersive technologies.
Adaptive and Context-Aware Authentication Framework Using Edge AI and Blockchain in Future Vehicular Networks
By Aitizaz Ali
PDFAbstract
The rise of connected and autonomous vehicles (CAVs) within intelligent transportation systems has introduced new demands for real-time, scalable, and privacy-preserving authentication mechanisms. Traditional authentication methods, such as Public Key Infrastructure (PKI), are often insufficient in highly dynamic vehicular environments due to their reliance on static credentials and centralized control. This paper proposes an adaptive and context-aware authentication framework that integrates Edge Artificial Intelligence (AI) with blockchain technology to secure vehicular communication. The framework leverages edge- based AI models to assess driver behavior and contextual signals in real time, generating dynamic trust scores for authentication. These scores are verified and recorded through a permissioned blockchain, ensuring tamper-proof identity validation and decentralized access control. The proposed system addresses key challenges including low latency, dynamic trust evaluation, and conditional privacy. Through detailed architectural design and security analysis, this work highlights the potential of hybrid AI-blockchain models to enhance the security, scalability, and accountability of future vehicular networks.
Secure IoT-Based Smart Agriculture System Using Wireless Sensor Networks for Remote Environmental Monitoring
By Mahmood A. Al-Shareeda, Laith Badr Najm, Ali Ahmed Hassan, Sajjad Mushtaq, Hussein Abdul Ali
PDFAbstract
Designing and implementing a secure IoT-based smart agriculture system that uses wireless sensor networks (WSNs) for real-time monitoring to keep the best environment and irrigates automatically. The proposed system is based on the ESP32 microcontroller and incorporates sensors for soil moisture, temperature, humidity, pH, and total dissolved solids (TDS), enabling precise agricultural resource management. The system is powered by solar energy to ensure continuous operation in remote areas or off the grid. Via Transport Layer Security (TLS), data is securely transmitted to the cloud, and device authentication is tokenized through Blynk IoT-a firm favorite among the Internet of Things community with its platform for control. You can control your irrigation and watch over the environment in real time with a mobile application, which means that a person needs only be present half of the time, avoiding waste for both water and electricity. Experimental results demonstrate a high accuracy in environment-sensing that leads to efficient water utilization, and stable, secure communication. The system is a low-cost, scalable solution for modernizing farming operations while addressing potential cybersecurity risks in an IoT agricultural environment.