Blockchain Applications in Cybersecurity Solutions E-Book
53,95 €
Mehr erfahren.
- Herausgeber: Bentham Science Publishers
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Applications of Blockchain in Cybersecurity Solutions is a comprehensive guide to blockchain applications in computer security. it presents the concepts and practical techniques that are useful in creating and designing decentralized cybersecurity software through 9 carefully edited chapters.
Topics covered in the book include
- An introduction to the use of blockchain technology in cybersecurity
- Attack surfaces in blockchains
- Anti-counterfeit solutions in blockchains
- blockchain based access control systems
- Multi-chain security deployment over smart contracts
- Cybersecurity as a decentralized service
The book is an essential primer for computer science students and researchers, and a quick reference for IT professionals on blockchain based cybersecurity.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 272
Veröffentlichungsjahr: 2009
Ähnliche
BENTHAM SCIENCE PUBLISHERS LTD.
End User License Agreement (for non-institutional, personal use)
This is an agreement between you and Bentham Science Publishers Ltd. Please read this License Agreement carefully before using the ebook/echapter/ejournal (“Work”). Your use of the Work constitutes your agreement to the terms and conditions set forth in this License Agreement. If you do not agree to these terms and conditions then you should not use the Work.
Bentham Science Publishers agrees to grant you a non-exclusive, non-transferable limited license to use the Work subject to and in accordance with the following terms and conditions. This License Agreement is for non-library, personal use only. For a library / institutional / multi user license in respect of the Work, please contact: [email protected].
Usage Rules:
All rights reserved: The Work is the subject of copyright and Bentham Science Publishers either owns the Work (and the copyright in it) or is licensed to distribute the Work. You shall not copy, reproduce, modify, remove, delete, augment, add to, publish, transmit, sell, resell, create derivative works from, or in any way exploit the Work or make the Work available for others to do any of the same, in any form or by any means, in whole or in part, in each case without the prior written permission of Bentham Science Publishers, unless stated otherwise in this License Agreement.You may download a copy of the Work on one occasion to one personal computer (including tablet, laptop, desktop, or other such devices). You may make one back-up copy of the Work to avoid losing it.The unauthorised use or distribution of copyrighted or other proprietary content is illegal and could subject you to liability for substantial money damages. You will be liable for any damage resulting from your misuse of the Work or any violation of this License Agreement, including any infringement by you of copyrights or proprietary rights.Disclaimer:
Bentham Science Publishers does not guarantee that the information in the Work is error-free, or warrant that it will meet your requirements or that access to the Work will be uninterrupted or error-free. The Work is provided "as is" without warranty of any kind, either express or implied or statutory, including, without limitation, implied warranties of merchantability and fitness for a particular purpose. The entire risk as to the results and performance of the Work is assumed by you. No responsibility is assumed by Bentham Science Publishers, its staff, editors and/or authors for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products instruction, advertisements or ideas contained in the Work.
Limitation of Liability:
In no event will Bentham Science Publishers, its staff, editors and/or authors, be liable for any damages, including, without limitation, special, incidental and/or consequential damages and/or damages for lost data and/or profits arising out of (whether directly or indirectly) the use or inability to use the Work. The entire liability of Bentham Science Publishers shall be limited to the amount actually paid by you for the Work.
General:
Any dispute or claim arising out of or in connection with this License Agreement or the Work (including non-contractual disputes or claims) will be governed by and construed in accordance with the laws of Singapore. Each party agrees that the courts of the state of Singapore shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this License Agreement or the Work (including non-contractual disputes or claims).Your rights under this License Agreement will automatically terminate without notice and without the need for a court order if at any point you breach any terms of this License Agreement. In no event will any delay or failure by Bentham Science Publishers in enforcing your compliance with this License Agreement constitute a waiver of any of its rights.You acknowledge that you have read this License Agreement, and agree to be bound by its terms and conditions. To the extent that any other terms and conditions presented on any website of Bentham Science Publishers conflict with, or are inconsistent with, the terms and conditions set out in this License Agreement, you acknowledge that the terms and conditions set out in this License Agreement shall prevail.Bentham Science Publishers Pte. Ltd. 80 Robinson Road #02-00 Singapore 068898 Singapore Email: [email protected]
FOREWORD
Currently, there is an increase in the number of social media platforms that we use, and most of them have so-called weak and unreliable passwords. During social media interactions, large quantities of metadata are collected, and hackers can take advantage of this and create havoc. In contrast to end-to-end encryption, blockchain technology can be used to develop a standard security protocol. As part of a unified API framework, it can also be used to enable cross-messaging capabilities by securing private messaging.
Even though the blockchain is not infallible, it has evolved to become one of the most foolproof means of transacting in the world of digital networks. Since the technology is designed and intended to ensure information integrity, it has been praised for its effectiveness. There are many sectors that can benefit from it if it is used properly. As blockchain has the potential to be practical for many utilisations, it can be implemented for many uses in a variety of ways. The most practical use of this kind of system would be to use its integrity assurance to build cybersecurity solutions for many other technologies as well. This book is a good step in that direction.
The book “Applications of Blockchain in Cybersecurity Solutions,” edited by Dr. Rashmi Agrawal and Dr. Neha Gupta, is a comprehensive book on Blockchain Technologies. The authors have tried their best to present the concepts and techniques to every extent. Practical applications of blockchain in cybersecurity are also well presented in some chapters.
PREFACE
The concept of a blockchain can be defined as a linked set of records maintained in a decentralized environment. The records in the blockchain are publicly accessible but cryptographically protected. An interesting property of the blockchain is that once some information has been recorded, it is impossible to alter the information after it was recorded. An example of a blockchain can be seen as a chain of blocks containing time-stamped digital documents in such a way that they cannot be backdated or modified in any way. The time-stamped digital documents are kept as a collection of records and are grouped into a set of blocks, which are chronologically linked by date and time.
Each time the blockchain needs to be updated; a new block is created and appended to the existing blockchain. Each block in the blockchain contains a hash of the previous block, a collection of records of its own, and the hashed value records, also known as Merkle trees, that correspond to the block before it. Depending on the nature of the blockchain, the information inside each block differs. For instance, when it comes to bitcoin, the blockchain is supposed to store the complete details about a transaction, namely the sender, the receiver and the number of coins, whereas a blockchain used for medical records is supposed to store the complete health history of a patient over time. As blockchains are distributed, efficient hashing techniques are used to ensure their integrity and robustness. Eleven chapters of this book are devoted to demonstrating the benefits and applications of blockchain.
“Introduction to Blockchain Technology”, in the first chapter, briefly explains what blockchain technology is all about. The chapter focuses on the nuances of blockchain technology, the protocol stack, and the most common consensus mechanisms used. Additionally, recent advances, challenges, and future trends of blockchain are discussed in this chapter.
The second chapter discusses the relationship between cybersecurity and blockchain. Blockchain technology plays a crucial role in strengthening cybersecurity in various industries due to its decentralized nature. Through this chapter, the readers will get to know how blockchain technology is helping in providing cybersecurity to the different sectors of industries with its advantages and disadvantages of blockchain. The author also explores the role of blockchain in cybersecurity and the future benefits of blockchain technology to strengthen cybersecurity.
A majority of specialists are working on the acceptance of blockchain to safeguard IoT (Internet of Things) devices, systems, and information. Chapter 3 will examine the methods proposed by previous analysts through which blockchain can carry the expense of security. The chapter will illustrate the subjective investigation of supporting information to assess the relevance of Blockchain innovation in the present cybersecurity industry.
Chapter 4 is on “Attack Surfaces in Blockchain”. Attacks are believed to be caused by the blockchain cryptographic architecture, the bottom-line architecture, and the substance in which they are applied. Progressive defense research is believed to be the primary threat. Current research suggests that other attacks on the blockchain can be launched without being able to withstand traditional defenses, a few of which may be used to deliver other attacks. Delineating these attacks and examining their countermeasures reveal the direction of new research that should be pursued to foster safer and more competent use of blockchains.
Blockchain technology offers a data format that has built-in security. It is built on cryptography, decentralisation, and consensus concepts to ensure trust in transactions. Decentralization is enabled by blockchain technology, which allows members to participate in a distributed network. Since all transactions are transparent and visible to all users on the network, a single user cannot alter the transaction. However, blockchain differs significantly from other systems in terms of security. The blockchain is vulnerable to so many attacks nowadays. The purpose of Chapter 5, “Review of Anti Counterfeit Solutions in Block Chains”, is to examine the effective anti-counterfeit measures taken by blockchain technology or the patches for and related vulnerabilities offered by researchers to reduce the impact of these attacks.
Due to the increasing number of connections, the popularity of cloud services, and advances in the Internet of Things (IoT), a decentralized approach to trust is becoming more common. In the research community, blockchain technology is receiving considerable attention because it provides a distributed ledger. This technology, however, does not provide cybersecurity in its entirety. Thus, the objective of this chapter is to provide a comprehensive overview of the proposed methods and factors for achieving cybersecurity in blockchain-based systems.
The objective of the Sixth chapter, “Preserving the Privacy of Wearable IoT Device Data Using Blockchain,” is to provide the solution for the above-mentioned problems using Blockchain technology.
The cloud environment is a way to use faraway servers accommodated on the internet for data storage, data control, and information processing, more readily than a private computer or native server. There are still many challenges in the cloud environment, including authenticity, confidentiality, and integrity.
Chapter 7 discusses Blockchain-Based Access Control Systems. The need for secure and distributed access control architecture to overcome the single point of failure problem of a centralized entity becomes a big challenge when coupled with scalability and lightweight features. It is possible to achieve this through the use of Blockchain technology, which has recently been used to provide access control services. IoT device management would be used to manage distribution, heterogeneity, scalability, the ability to tolerate failure, security and privacy aspects of IoT devices at scale in the near future as it is useful.
“Multi-chain Deployment over Smart Contracts” is covered in Chapter 8. As the greatest enabling technology for blockchains, smart contracts are considered to be the best. As a result, blockchain ecosystems become self-governing, transparent, consent-based, and credible. Blockchains can operate without human intervention due to a compilation of smart contracts. These smart contracts are set up so they can be deployed at the predefined blockchain nodes. This can be done through the callbacks either from the blockchain system, the other smart contracts, or even the participants' information systems. As smart contracts, both the operations on the blockchain and the rules that govern the applications can usually be predetermined. While the use cases and real-world functions of this technology differ from one another, some principles remain the same: immutability, transparency, redundancy, and security.
The title of Chapter 9 is “Blockchain for Decentralized Services: On Improving Security and Performance of Distributed IPFS-based Web Applications”. Blockchain technology, with its associated decentralization, is used to develop decentralized application platforms. The Interplanetary File System (IPFS) is built on top of a distributed system consisting of a group of nodes that shares the data and takes advantage of blockchain to permanently store the data. The IPFS is very useful in transferring remote data. This work focuses on applying blockchain technology to the IPFS to improve its security and performance
List of Contributors
Introduction to Blockchain Technology
N. Devi1,*,P.L. Rani1,A.R.G. Gokul1Abstract
A blockchain is a linked set of records maintained in a decentralized environment. The records in blockchain are publicly available but cryptographically secured. The interesting property exhibited by blockchain is that once some information is recorded, it is infeasible to modify the information. Blockchain is generated as a chain of blocks that contains time-stamped digital documents so that it is infeasible to back date them or tamper the documents. These time-stamped digital documents are stored as a collection of records and grouped as a set of blocks, chronologically linked in order of time.
A new block is created and appended to the existing blockchain, whenever there is a need for updating the blockchain. Every block in the blockchain comprises of a hash of the preceding block, collections of records of its own, and the hashed value records known as merkle tree. The information inside the blocks varies depending on the nature of blockchain. For example, when the nature of blockchain is bitcoin, they are supposed to store the details about a transaction viz., sender, receiver and amount of coins where as blockchain used for medical records stores the complete health history of a patient over time. Since blockchain is stored in a distributed way, efficient hashing techniques are used to ensure the integrity and robustness of blockchain. This chapter describes the nuances of blockchain technology along with the protocol stack and the most common consensus mechanisms. Furthermore, recent advances, challenges and future trends of blockchain are discussed.
INTRODUCTION
A blockchain [1] is a decentralized distributed ledger of records that is cryptographically secured and accessible unlimitedly to all. It possesses a fascinating characteristic: when an information is stored inside a blockchain, it is infeasible to modify the recorded information. The blockchain is generated as a
chain of blocks that contains time-stamped digital documents.. These time-stamped digital documents are stored as a collection of records and grouped as a set of blocks. These blocks are then linked together in chronological order of time in a continuous line. To update, a new block is created and appended to the existing blockchain, thus, providing blockchain, a non-destructive way to track data changes over time. Every block in the blockchain comprises hash of the preceding block, collections of records of its own, and the hashed value records known as Merkle tree. The information stored inside the blockchain depends on the type of blockchain. For example, the blockchain used in bitcoin records the information of a transaction viz., number of coins, contributor and receiver whereas the blockchain used for medical records stores the complete health history of a patient over time. Since blockchain is stored in a distributed way, efficient hashing techniques are used to ensure the integrity and robustness of the blockchain. The main characteristics of blockchain are depicted in Fig. (1). This section describes the nuances of blockchain technology.
Fig. (1)) Different Aspects of Blockchain.Block
A block in a blockchain is a collection of various items such as the hash of its preceding block, the Merkle root and its own records as shown in Fig. (2). A Merkle tree for a block is formed by placing the hash of the individual records of that block as the leaf nodes and the non-leaf nodes are the combined hash of their own children. Using hash ensures data integrity and also helps in ensuring the correctness of the data at any given time. A hash function accepts an input of any length and converts it into a fixed length. The hash function may produce a 32-bit or 64-bit or 128-bit or 256-bit fixed length called a hash. Hash functions protects the data integrity. If a trusted hash of the data is provided, it is possible to compute the hash of the data and verify the two values. If they match, then the data has not been changed since the original hash is formed.
Fig. (2)) Block in a Blockchain.The first block is called a genesis block and is created at the beginning with the set of records and its Merkle root.
Merkle trees are the basic blocks of blockchain technology. It is a structure that permits verification of the consistency of content in a secure and efficient way. Bitcoin and Ethereum use Merkle trees. A Merkle tree produces a fingerprint of the summary of all the transactions in a block. It enables a user to verify whether a transaction is part of a block. Repeated hashing of pairs of nodes is performed from the bottom up, until only one hash is left as depicted in Fig. (3). This hash is referred to as the Merkle Root, or the Root Hash. The hashes of individual transactions, Transaction IDs are considered as leaf nodes for the construction of Merkle Tree. The hash of the previous hashes forms the non leaf nodes in the Merkle Tree. The trees are binary and hence, it is mandatory to have an even number of leaf nodes. In case of odd transaction numbers, the last hash will be replicated once to form an even number of leaves.
Fig. (3)) Sample Merkle Tree.In blockchain, once the block is created, it is computationally infeasible to change the record in that block as the hash of this block is stored in the succeeding block with its hash value stored in the next block and so on. This dependency between the new and the old blocks in the blockchain ensures data integrity and also ensures that there is no possibility for unauthorized data modification. If one wants to change an information recorded in a particular block x, then the change is recorded in a new block showing that x is changed to y at a particular date and time. This helps to keep track of the data that changes over time.
Distributed Ledger
A blockchain is analogous to a financial ledger that can be programmed to record and track anything of value from financial transactions to medical records or even land titles [2]. Storing only the hash values of the block in the consecutive block is not enough to ensure data security. In order to improve data security, blockchain is designed to be decentralised and distributed among all the peers connected in the network. This decentralisation reduces the ability for data tampering, thus creating trust. A Peer-To-Peer (P2P) network of computing resources is used to run this ledger. Each peer in the network has a copy of the blockchain and creates a consensus by regularly performing Proof-of-Work(PoW). PoW is a mechanism which is used to ensure genuineness of transactions and to append new blocks to the chain. So the security of the blockchain depends on the complex hashing technique and PoW.
Any distributed consensus for validating transaction works by utilising the mechanisms from game theory, cryptography and P2P networks as depicted in Fig. (4) [3]. This distributed consensus bypasses the necessity of the trusted third party for validation process. This safe P2P transaction concept came into light in October 2008 as one of the important functionalities in implementing bitcoins for cashless financial transactions. The details about all the transactions are recorded in the blockchain. This can be viewed as analogous to Google docs where each person holds the latest copy of the document and when one person wants to update the document, he has to reach a common agreement with all other persons. In Google docs, the file is kept in a central place and all are allowed to access and view it, whereas in a distributed ledger, each person in the network owns a copy of the blockchain.
Smart Contract
A smart contract is a defined set of rules agreed upon by two nodes to perform a transaction [4]. These sets of rules are implemented as a tiny computer program stored inside the blockchain. This allows a decentralised control of the transaction. The transaction cannot be completed without satisfying all the set of rules defined in the smart contract. Any association of a third party in the blockchain is removed by the implementation of a smart contract and they are consequently activated when a transaction is being done. Smart contracts are immutable ensuring that no one can intrude the transaction. They are also distributed so that the output of the transactions can be verified by all the peers in the network. Ethereum is the biggest blockchain that uses smart contracts. Smart contracts are written using the solidity programming language.
Fig. (4)) Distributed Consensus.Blockchain Protocol Stack
The blockchain protocol stack [5] presented in Fig. (5) contains blockchain at the bottom level and on top of it, lies the smart contract and other overlay networks followed by protocols and API’s to interact with the application. Digital assets are managed using blockchain based on smart contracts. A smart contract defines a set of rules for mutual agreement among peers. This is entirely different from a legal contract in the way that the smart contract will execute the transaction only when all the peers satisfy the rule mentioned in the contract. This is much superior to the contract laws in providing more secure transactions with minimum coordination costs during the transaction.
Smart contracts are deployed in many scenarios from simple financial transactions like fund transfer from A to B, to more complex transactions involving registration for land ownership, patented rights in IP, handling smart applications. One significant complex smart contract is the Decentralized Autonomous Organizations (DAOs), where smart contracts are deployed for performing a transaction involving a cluster of single-minded persons with common aims and ideas. Today’s digital world embeds contracts into many types of code viz., bar code, QR code, where these codes are kept in public and transparent databases . The databases are protected from any kind of tampering with the help of smart contracts and blockchains. It transits the world into a new era where each process, event, agreement, and task, are recorded digitally and the signature present in the records can be validated easily. Individuals, governments, industries, and automated systems can now liberally communicate and transact with each other without any intermediaries with minimal transaction cost.
Fig. (5)) Blockchain Protocol Stack.Tamper Resistant
The blockchain protocol running on the nodes of a P2P network performs the validation process of a transaction as depicted in Fig. (6) without involving third-party agents [6]. The validation process is done by majority vote consensus. This protocol is responsible for administering all the nodes to participate in validating the transaction through a set of pre-defined governance rules.
Fig. (6)) Validation Process of a transaction that uses blockchain.The pre-defined governance rules of the network oversee how the nodes in the P2P network cooperate with one another to validate the transaction. These rules elucidate
The criteria based on which the transaction is said to be valid.The cost incurred during the transaction.Validating the transaction using game theory and cryptographic techniques.Procedures to update the predefined rules as and when necessary.Consider a bitcoin scenario; the financial transactions are validated through a majority vote with the help of bitcoin protocols instead of validating manually through ledgers stored in servers in a traditional banking application.
CONSENSUS PROTOCOL
A consensus mechanism in a blockchain is a robust mechanism to achieve common agreement on a specific state among the nodes in a P2P network. This mechanism involves a set of predefined rules for synchronizing the nodes during transactions that are trusted and recorded in the blockchain. The purpose of these rules is to assure the validity and legitimacy of the transactions. Some of the widely used consensus mechanisms [7] viz., PoW, PoS, DPoS, pBFT, PoC, PoA, PoR, PoI, PoB, PoET, PoId and PoAu are described in this section.
Proof of Work (PoW)
The process of mining is termed PoW. The nodes denote the miners [8]. Complex mathematical puzzles are decrypted by the miners. This requires extensive computing resources. Various mining techniques viz.
