Abstract
The services supporting the websites, both public and private entities, may support security protocols such as HTTPS or DNSSEC. Public and private entities have a responsibility to ensure the security of their online platforms. Entities in the public domain such as city councils provide their services through their websites. However, each city council has its systems, configurations, and IT teams, and this means they have different standings regarding the security protocols supported. This paper analyzes the status of security protocols on Portuguese city council websites, specifically HTTPS and DNSSEC. The study evaluated 308 city council websites using a script developed for the research, and data was collected from the website of Direcao Geral das Autarquias Locais (DGAL) on December 14, 2022, and the websites were scanned on December 22, 2022. The results of this assessment reveal that around 97% of city council websites use RSA as their encryption algorithm and around 84% use 2048-bit length keys for digital certificate signing. Furthermore, about 53% of the city council websites are still supporting outdated and potentially insecure SSL/TLS versions, and around 95% of the councils are not implementing DNSSEC in their domains. These results highlight potential areas for improvement in cybersecurity measures and can serve as a baseline to track progress toward improving cybersecurity maturity in Portuguese city councils.

Abstract
The General Data Protection Regulation (GDPR) is the regulation that determines the directives inherent to the collection, processing, and protection of personal data in European Union (EU) countries. It was implemented in May 2018 and over the past few years, several public and private companies have been affected by serious penalties. With more than 1500 fines already registered, it is important to have an analysis and insights about them. This paper proposes a detailed analysis of the public records of fines under GDPR, understanding the average fines imposed, the main causes for their application and how they have evolved over time. It is also intended to understand the most affected sectors and point ways to mitigate these penalties. It is concluded that fines under GDPR have an increasing trend over time, both in number of fines and in value, with Industry and Commerce & Media, Telecoms and Broadcasting being the most affected sectors.

Abstract
With the introduction of Industry 4.0 technological concepts, suppliers and manufacturers envision new or improved products and services, cost reductions, and productivity gains. In this context, data exchanges between companies in the same or different activity sectors are necessary, while assuring data security and sovereignty. Thus, it is crucial to select and implement adequate standards which enable the interconnection requirements between companies and also feature security by design. The International Data Spaces (IDS) is a current standard that provides data sharing through data spaces mainly composed of homogeneous rules, certified data providers/consumers, and reliability between partners. Implementing IDS in sectors such as textile and clothing is expected to open new opportunities and challenges. This paper proposes a prototype for the IDS Security Components in the Textile and Clothing Industry context. This prototype assures data sovereignty and enables the interactions required by all participants in this supply chain industry using secure communications. The adoption of IDS as a base model in this activity sector fosters productive collaboration, lowers entry barriers for business partnerships, and enables an innovation environment. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

Abstract
Software-Defined Networking (SDN) is one of the promising and effective approaches to establishing network virtualization by providing a central controller to monitor network bandwidth and transmission devices. This paper studies resource allocation in SDN by mapping virtual networks on the infrastructure network. Considering mapping as a way to distribute tasks through the network, proper mapping methodologies will directly influence the efficiency of infrastructure resource management. Our proposed method is called Effective Initial Mapping in SDN (EIMSDN), and it suggests writing a module in the controller to initialize mapping by arriving at a new request if a sufficient number of resources are available. This would prevent rewriting the rules on the switches when remapping is necessary for an n-time window. We have also considered optimizing resource allocation in network virtualization with dynamic infrastructure resources management. We have done it by writing a module in OpenFlow controller to initialize mapping when there are sufficient resources. EIMSDN is compared with SDN-nR, SSPSM, and SDN-VN in criteria such as acceptance rates, cost, average switches resource utilization, and average link resource utilization.

Abstract
Cloud computing environments provide users with Internet-based services and one of their main challenges is security issues. Hence, using Intrusion Detection Systems (IDSs) as a defensive strategy in such environments is essential. Multiple parameters are used to evaluate the IDSs, the most important aspect of which is the feature selection method used for classifying the malicious and legitimate activities. We have organized this research to determine an effective feature selection method to increase the accuracy of the classifiers in detecting intrusion. A Hybrid Ant-Bee Colony Optimization (HABCO) method is proposed to convert the feature selection problem into an optimization problem. We examined the accuracy of HABCO with BHSVM, IDSML, DLIDS, HCRNNIDS, SVMTHIDS, ANNIDS, and GAPSAIDS. It is shown that HABCO has a higher accuracy compared with the mentioned methods.

Abstract
Cloud Internet of Things (CIoT) environments, as the essential basis for computing services, have been subject to abuses and cyber threats. The adversaries constantly search for vulnerable areas in such computing environments to impose their damages and create complex challenges. Hence, using intrusion detection and prevention systems (IDPSs) is almost mandatory for securing CIoT environments. However, the existing IDPSs in this area suffer from some limitations, such as incapability of detecting unknown attacks and being vulnerable to the single point of failure. In this paper, we propose a novel distributed multi-agent IDPS (DMAIDPS) that overcomes these limitations. The learning agents in DMAIDPS perform a six-step detection process to classify the network behavior as normal or under attack. We have tested the proposed DMAIDPS with the KDD Cup 99 and NSL-KDD datasets. The experimental results have been compared with other methods in the field based on Recall, Accuracy, and F-Score metrics. The proposed system has improved the Recall, Accuracy, and F-Scores metrics by an average of 16.81%, 16.05%, and 18.12%, respectively.