Blockchain technology and cyber security

Blockchain, represented by virtual currency, is attracting attention in the efforts of financial institutions and “FinTech” (finance x IT) companies, but concerns about cybercrime are also increasing. Here we consider both the benefits and the risks.

What is “blockchain”?

“Blockchain” is a technology that allows strangers to trust shared records of events.

This shared record or ledger is distributed to all computer-based network participants to verify transactions, requiring no third-party intermediary. This enables faster, cheaper, and more reliable transaction processing.

Blockchain Security Audit can be roughly divided into a header containing metadata such as the reference number of each block, the time it was generated, and a return link to a previous block, and a digital asset or command such as the amount of transactions executed and the address of the counterparty. Consists of content containing a validated list of sentences.

Bitcoin is an example of applying blockchain as an underlying technology. Bitcoin is a “virtual currency” that has a unit different from that of legal currency, is electronically traded over the Internet, and is used as a means of payment for transferring funds and paying for purchases of goods.

Deloitte has been building a blockchain software platform, Rubix, in Toronto, Canada. In October 2015, the company announced a partnership with Colu, a blockchain-related development startup in Tel Aviv, Israel. Colu’s strength lies in its ability to build a metadata layer on top of basic transactions via blockchain to provide value-added services.

In addition, Deloitte is also supporting “FinTech” using blockchain in Europe and China.

Security issues when using blockchain

Blockchain has various advantages like this, but the technology to securely manage the architecture in an encrypted distributed environment is still under development. Deloitte cites the following points as security issues when actually using blockchain.

How do you apply security to your application and prioritize privacy protection?

- Who will access the ledger and how will access be controlled?

- How will software/application updates be agreed upon and implemented?

- Have you considered the customer’s approach to the application in advance?

- How do you engage with your customers?

As for specific Security audit for blockchain full node/privacy measures, there are two possible trends: the flow of reducing the risks inherent in blockchain technology, and the flow of applying blockchain technology to reduce risks.

Efforts on Blockchain Security in the United States

In the United States, on December 1, 2015, the Department of Homeland Security (DHS) launched an open call for research proposals on blockchain security/privacy measures.

Looking at the application guidelines for “Applicability of Blockchain to Identity Management with Respect for Privacy” among the themes for public offering, the first phase will analyze the current state of public blockchain introduction and identify the three major requirements of the Information Security Principles. (confidentiality, integrity, availability), non-repudiation, provenance, privacy concepts (e.g. pseudonymity on public blockchains, selective disclosure). In the second phase, the concepts and techniques developed in the first phase are applied to the realm of identity management (eg, assertion and verification of identity information such as attributes) and implemented in prototypes. In the third phase, it plans to develop commercial/government applications. Government applications envision emergency personnel qualifications as a pioneer in physical and logical access control, attribute registration used to share employment, organization affiliation, etc., and commercial applications envision digital contracts. there is

Regarding “Blockchain Applications for Homeland Security Analytics”, the first phase is designing and prototyping an ecosystem to support blockchain audit technology applications for data analytics that will dramatically improve DHS’ mission and operations. I do. In the second phase, we will extend the prototype developed in the first phase for the blockchain management ecosystem, implementing the prototype and algorithms in a demonstration environment with data reflecting the proposed Homeland Security application and use cases. do. The third phase plans to develop commercial/governmental applications of blockchain technology that will dramatically transform how governments manage, share and analyze data.

In this way, technology development to balance the accelerator and brake of blockchain has just started overseas.