Article navigation
Purpose

This study aims to present a policy-aligned steganographic traceability framework for public-sector information governance, enabling document-level accountability through format-independent watermarking integrated into existing institutional structures.

Design/methodology/approach

The framework integrates General Deterrence Theory, ISO/IEC 27001 and the NIST Insider Threat Framework with a three-layer architecture (governance, integration and embedding). Fast Fourier transform phase-modulation watermarking treats files as one-dimensional signals, encoding identity via a 96-bit payload composed of a 32-bit user-id hash, a 32-bit timestamp and a 32-bit document-id hash. Imperceptibility was tested on PDF, DOCX, CSV and TXT; robustness was evaluated under noise, compression, format conversion, XOR masking, tail cropping and block reordering.

Findings

Imperceptibility tests yielded NC = 1.000 (SNR 18.4–27.4 dB) across all four formats. Watermarks remained intact under 1%–5% noise, format conversion, compression and XOR 0x5A on DOCX-XML and TXT but failed under tail cropping (=10%) and block reordering. CSV showed format-specific brittleness under XOR. Multi-user identity recovery achieved zero collision across five distinct user payloads.

Research limitations/implications

The evaluation is based on controlled simulations rather than actual field deployments. Therefore, longitudinal pilot studies and cross-jurisdictional research are necessary.

Practical implications

A five-level adoption maturity model and a stakeholder matrix, encompassing ministries, chief information security officer offices, legal and ethics units and national cyber-incident authorities, provide policymakers with a concrete implementation roadmap.

Social implications

Document-level accountability enhances citizen trust, supports proportional whistle-blower protection and aligns practices with rule-of-law imperatives.

Originality/value

This study conceptualises steganographic watermarking as a governance tool rather than merely a technical artefact, thereby integrating individuals, processes and policies within the framework of public-sector information governance.

Licensed re-use rights only
You do not currently have access to this content.
Don't already have an account? Register

Purchased this content as a guest? Enter your email address to restore access.

Pay-Per-View Access
$41.00
Rental

or Create an Account

Close Modal
Close Modal