Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
Block-chain technology produces a structure of data with inherent tYPES Typsecurity qualities. It's based on principles of
1) Cryptography
2) Decentralization
3) Consensus
which ensure trust in transactions.
Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents. The term is derived from the Greek word kryptos, which means hidden.
In block-chain, decentralization refers to the transfer of control and decision-making from a centralized entity (individual, organization, or group thereof) to a distributed network. Decentralized networks strive to reduce the level of trust that participants must place in one another, and deter their ability to exert authority or control over one another in ways that degrade the functionality of the network.
A consensus mechanism is a fault-tolerant mechanism that is used in computer and block-chain systems to achieve the necessary agreement on a single data value or a single state of the network among distributed processes or multi-agent systems, such as with cryptocurrencies. It is useful in record-keeping, among other things.
EG-> Bitcoin for instance, the consensus mechanism is known as Proof-of-Work (PoW), which requires the exertion of computational power in order to solve a difficult but arbitrary puzzle in order to keep all nodes in the network honest.
1) Public blockchains are public, and anyone can join them and validate transactions.
2) Private blockchains are restricted and usually limited to business networks. A single entity, or consortium, controls membership.
3) Permissionless blockchains have no restrictions on processors.
4) Permissioned blockchains are limited to a select set of users who are granted identities using certificates.
When building an enterprise block-chain application, it’s important to consider security at all layers of the technology stack, and how to manage governance and permissions for the network. A comprehensive security strategy for an enterprise block-chain solution includes using traditional security controls and technology-unique controls. Some of the security controls specific to enterprise block-chain solutions include:
- Identity and access management
- Key management
- Data privacy
- Secure communication
- Smart contract security
- Transaction endorsement
When designing a block-chain solution, consider these key questions:
1) What is the governance model for participating organizations or members?
2) What data will be captured in each block?
3) What are the relevant regulatory requirements, and how can they be met?
4) How are the details of identity managed? Are block payloads encrypted? How are the keys managed and revoked?
5) What is the disaster recovery plan for the block-chain participants?
6) What is the minimal security posture for block-chain clients for participation?
7) What is the logic for resolving block-chain block collisions?
To implement a block-chain solution security model, administrators must develop a risk model that can address all business, governance, technology and process risks. Next, they must evaluate the threats to the block-chain solution and create a threat model. Then, administrators must define the security controls that mitigate the risks and threats based on the following three categories:
1) Enforce security controls that are unique to block-chain
2) Apply conventional security controls
3) Enforce business controls for block-chain
Block-chain Clients: The block-chain is implemented as software running on each node of the block-chain network. If this software has design or programming errors, then an attacker can exploit them to attack the block-chain. The Verge and Bitcoin hacks targeted this client code.
Smart Contracts: Smart contracts are programs that run on top of the block-chain. Most of the recent DeFi hacks took advantage of vulnerabilities in smart contracts implementing DeFi functionality.
External Systems: Some organizations – like cryptocurrency exchanges – have external systems linked to the block-chain via smart contracts or APIs. Exploitation of vulnerabilities within these external systems could allow an attacker to attack an account on the block-chain or the block-chain system as a whole.
Bitcoin transactions are recorded in a digital ledger called a blockchain. Block-chain technology and users' constant review of the system have made it difficult to hack bitcoins. Hackers can steal bitcoins by gaining access to bitcoin owners' digital wallets.
In a Sybil attack, hackers create and use many false network identities to flood the network and crash the system. Sybil refers to a famous book character diagnosed with a multiple identity disorder.
Click to edit Phishing is a scamming attempt to attain a user's credentials. Fraudsters send wallet key owners emails designed to look as though they're coming from a legitimate source. The emails ask users for their credentials using fake hyperlinks. Having access to a user's credentials and other sensitive information can result in losses for the user and the block-chain network.text
Block-chains rely on real-time, large data transfers. Hackers can intercept data as it's transferring to internet service providers. In a routing attack, block-chain participants typically can't see the threat, so everything looks normal. However, behind the scenes, fraudsters have extracted confidential data or currencies.
Mining requires a vast amount of computing power, especially for large-scale public block-chains. But if a miner, or a group of miners, could rally enough resources, they could attain more than 50% of a block-chain network's mining power. Having more than 50% of the power means having control over the ledger and the ability to manipulate it.
Note: Private block-chains are not vulnerable to 51% attacks.
I would like to conclude presentation on ‘Block-chain Privacy’ by saying that, a blockchain network is only as secure as its infrastructure. When establishing a blockchain network, you must look for the best platform for deployment. Even though block-chain has inherent features that provide security, known vulnerabilities in the infrastructure can be manipulated by malicious participants. The best approach would be to have an infrastructure with integrated security.
The blockchain is still an emerging technology, and it’s getting better every day. Blockchain researchers are working to patch up security vulnerabilities. We have also witnessed the hard-fork in extreme cases, where they can result in a new version of that blockchain. Considering all things, blockchain is a much better solution to many of the enterprises. But still, it is important to keep developing and improving the blockchain ecosystem to make it as secure as possible.