Blockchain and Digital Security (initial brief)

Blockchain and Digital Security (initial brief)

By Ron McFarland, Ph.D.

This working paper introduces blockchain and digital security. It essentially addresses the question: “Can Blockchain support cybersecurity?”.

For the organization or the individual, preventing hacking has become increasingly complex. Hackers attempt to steal valuable data such as personally identifiable information (PII), health record information, intellectual property, and other high-value data that an organization or an individual store. Organizations (and even individuals) are looking for better ways of fighting cybercrime and are seeking alternatives that can promise better security (Ocampos, 2020), which may be addressed by blockchain.

Strategies that hackers use include the disruption of services that include the use of DDoS (Distributed Denial of Service) attacks, monitoring network traffic between the sender and receiver, and using advanced ransomware techniques to disrupt communications and steal information.

The internet was not initially envisioned for security. In contrast, university researchers, defense organizations, and governmental agencies supported an open internet design where information could readily be shared between entities. However, this high-trust model has faulted due to the number of bad actors that are now a part of the internet. In contrast, blockchain allows for the distribution of data without duplication and provides an environment of high trust (Ocampos, 2020).

Blockchain technology is reported to be a solution that addresses the growing lack of trust in internet communications and transactions. As a decentralized, digitized public ledger of all cryptocurrency transactions, blockchain purports to provide the solution to cyber defense and risk management that are much needed in today’s digital world.

Blockchain can potentially enhance the lack of trust problem surfaced by today’s internet by preventing fraudulent activities by the use of consensus and verification mechanisms that support operational resilience, the detection of data tampering, data encryption, transaction audibility, data transparency, and immutability (Savaram, 2018). Essentially, blockchain is a distributed database that is used in both public and private applications to verify and secure transactions. In contrast, a more traditional client-server role relies on a central authority to manage and store large volumes of data in databases. Blockchain stores data pertaining to valid transactions is stored on its own block and the block is associated with the block in the position before it, in a chain of blocks. The chain of blocks successively grows as other blocks are appended to the chain (Savaram, 2018).

Because of the way that blockchains are distributed over the network, there is no hackable way to effectively gain access to blocks on the chain. Blockchain technology is, as a result of its inherent structure, is more secure when compared to more traditional ways of storing data, whether on a database or another file structure system (Savaram, 2018).

Blockchains also eliminates the human factor involved in authentication. The blockchain technology allows organizational networks to authenticate devices and users without the need for human intervention, thus reducing the attack surface that the human factor introduces in a network. This can be implemented through the use of a distributed public key infrastructure that is used to authenticate users and devices. Each user and device on the network receive an SSL (Secure Socket Layer) certificate in lieu of a password, which makes it almost impossible for hackers to use fake credentials to gain access to a system.

References

Ocampos, J. (2020, April 20). Contribution of Blockchain to Cybersecurity. Retrieved January 03, 2021, from https://theblockchainland.com/2020/03/23/contribution-blockchain-cybersecurity/

Savaram, S. (2018, January 08). The Role of Blockchain in Cybersecurity. Retrieved January 03, 2021, from https://www.infosecurity-magazine.com/next-gen-infosec/blockchain-cybersecurity/

Leave a Reply

Your email address will not be published. Required fields are marked *