Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Blockchain Security: 3 Ways to Secure Your Blockchain


Blockchain Security: 3 Ways to Secure Your Blockchain
From just another buzzword a few years back, to one of the most pursued technologies across the globe, Blockchain has come a long way. And it is here to stay.

Improved data security, faster transactions and cost savings are some of the many reasons that make Blockchain so attractive.

So what is Blockchain really about?

Blockchain Simplified

In the Blockchain ecosystem, a “block” refers to a “data container” of digital records (also known as “transactions”). These blocks are linked together in a chronological order to form a continuous chain, hence the term “Blockchain.”

Each block contains a timestamp and all the blocks are interlinked with each other using “hashes” generated by cryptographic algorithms. Any changes made to the information recorded in a particular block is not rewritten. Rather, it is stored in a new block which indicates that “A changed to B” at a specific date and time.

A new block does not merely contain a list of new records but also contains the block’s timestamp and a unique digital (cryptographic) signature of the previous block. As old blocks are preserved forever and new blocks are added to the chain irreversibly, altering and manipulating the data in a particular block without detection becomes virtually impossible.

Since the blocks are distributed (and maintained) across multiple computers at the same time, Blockchain is also known as a “distributed ledger”.

Unlike traditional approaches, Blockchain eliminates the need for any centralized control instead, all the transactions (records) are decentralized and verified by the Blockchain participants themselves in the distributed ledger, thereby bringing in a sense of “trust” in the data.

How Blockchain Works

In a Blockchain network, whenever a new transaction (record) is created, a new block is automatically generated stating the date and the time (known as a “timestamp”) when the record was entered in the block.

Whenever a new transaction is recorded, or an existing transaction is updated, another new block gets created (with its own timestamp) and so on, thereby creating a single, forward pathway of increasing blocks.

Each new block is automatically linked to its previous block, all the way to the originating block, using the previous block’s “hash”.

Every time a new block is created, it is broadcasted in real-time to all Internet-connected computers that participate in the Blockchain network. These computers are known as “nodes.”

Nodes are primarily responsible for maintaining the most updated (current) copy of the transaction logs (history) which play a crucial role in maintaining the integrity of the Blockchain network as no Node can ever make any changes to an existing block, without regenerating all its previous blocks.

While creating a new block, the Node uses the hash of the previous block, its own Private Encryption (Crypto) Key and the Public Crypto Key of the next Node that is a participant in the Blockchain network. Without its Private Key, no node can create a new record (block).

The Current Blockchain Application Landscape

Blockchain the underlying technology behind the world’s first cryptocurrency, the “Bitcoin”, has disrupted the IT landscape in a manner that was not witnessed since the advent of the Internet.

While the Financial Services industry has been the most prominent industry to harness the power of Blockchain, there are diverse sets of Blockchain platforms today that have cross-industry use cases. Below are some industry-leading examples:

1. Ethereum

Specializing in the execution of “Smart Contracts” (contracts that automatically execute when certain conditions are met from all the interested parties), Ethereum is a public Blockchain platform that allows Software Developers to build decentralized applications on it and use the platform’s cryptocurrency the “Ether” for financial transactions. As on date, Ether is the world’s second largest cryptocurrency by value.

2. Ripple

Specifically designed for cross-border financial transactions, Ripple uses a consensus process that allows for payments, exchanges and remittances in a distributed process through its cryptocurrency the “XRP”, which is the world’s third largest cryptocurrency today.

3. Hyperledger

Founded by the linux Foundation in 2015, Hyperledger is a collaborative, open source hub for Software Developers to build diverse Blockchain frameworks and platforms to advance cross-industry Blockchain technologies.

Hyperledger Fabric is one of the most prominent Blockchain projects in the Hyperledger suite, which like other Blockchains, employs a distributed ledger, uses smart contracts and allows Blockchain participants to seamlessly manage their transactions.

However, Hyperledger Fabric is contrastingly different from other Blockchains. While other Blockchains are open, permission-less systems that allow unknown identities (Nodes) to participate in the network (by requiring protocols like ‘Proof of Work’ to validate transactions and secure the network), Hyperledger Fabric is a private and “permissioned” Blockchain network that needs its participants to enroll only through a Membership Service Provider (MSP).

Gemalto’s Blockchain Solution has been seamlessly integrated and successfully tested with Hyperledger Fabric.

How Gemalto Secures Blockchain

A Hyperledger Fabric network consists of three key participants Peers, Orderers and Users. To ensure foolproof verifiability from a trusted authority, the MSP’s Fabric Certificate Authority (CA) adopts the traditional Public Key Infrastructure (PKI) hierarchical model and issues a unique digital identity in the form of a X.509 digital certificate to each network participant.

These identities are pivotal to the “trust factor” of the entire Blockchain network as they determine the participants’ access to the information in the network and the exact permission each participant has over the network’s resources.

Integrated within Hyperledger Fabric, Gemalto’s SafeNet Hardware Security Modules (HSMs) play the critical role in generating and protecting the crypto key pairs for the participants’ digital identities and the transactions that they perform in the Hyperledger Fabric network.

Here is a quick architectural overview of a Hyperledger Fabric Blockchain network using SafeNet HSMs:

Blockchain Security: 3 Ways to Secure Your Blockchain

To ensure Blockchain security, Gemalto secures the entire network in the following 3 ways:

1. Ensuring Strong Identities and Authentication

Gemalto provides strong identities to devices and participants that use permissioned Blockchains like the Hyperledger Fabric where the identities of all participants are known.

For devices that are a part of the Blockchain network, Gemalto’s PKI solutions provide digital identities (certificates) that play a critical role in providing strong authentication and data encryption.

For human participants, Gemalto’s SafeNet Authentication Service (SAS) delivers a customize

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images