A Security Reference Architecture for Blockchains

Homoliak, Ivan; Venugopalan, Sarad; Hum, Qingze; Szałachowski, Paweł

doi:10.1109/blockchain.2019.00060

Cited by 30 publications

(20 citation statements)

References 77 publications

(113 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As for the adversarial influence in DLT networks, previous studies, e.g., [6], [7], [23], [24], [25], [26], [27], have confirmed that prominent DLT solutions such as Bitcoin [28] and Ethereum [23] are vulnerable to Denial of Service, Eclipse Attacks, BGP highjacks, Man-in-the-Middle (MITM) attacks, network partitioning, etc. The consequences of adversarial influences are non-trivial and range from transaction dropping to double spending.…”

Section: Related Workmentioning

confidence: 92%

“…In addition to high resource consumption, the process of node synchronization (i.e., bootstrapping) becomes a point of centralization, as it depends in part on a set of well known nodes that are assumed to be both available and honest. Today's client implementations rely on a list of well known addresses [6] that may not always be available or may even exhibit Byzantine behavior. One could work around the issue of unavailable seeds by manually adding bootstrap peers, but manually added nodes may also exhibit malicious behavior, making a new node vulnerable to various types of attacks, from denial of service to Eclipse attacks [7], [8].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Aurora: a probabilistic algorithm for distributed ledgers enabling trustless synchronization and transaction inclusion verification

Benčić,

Žarko

2021

Preprint

View full text Add to dashboard Cite

A new node joining a blockchain network first synchronizes with the network to verify ledger state by downloading the entire ledger history. We present Aurora, a probabilistic algorithm that identifies honest nodes for transient or persistent communication in the presence of malicious nodes in a blockchain network, or ceases operation if it is unable to do so. The algorithm allows a node joining the network to make an informed decision about its next synchronization step or to verify that a transaction is contained in a valid ledger block without downloading the entire ledger or even the header chain. The algorithm constructs a Directed Acyclic Graph on the network topology to select a subset of nodes including a predefined number of honest nodes with a given probability. It is evaluated on a Bitcoin-like network topology using an open-source blockchain simulator. We investigate algorithm performance and analyze its communication complexity. Our results show that the algorithm facilitates trustless interactions of resource-constrained nodes with a blockchain network containing malicious nodes to enable a leaner initial blockchain download or an efficient and trustless transaction inclusion verification. Moreover, the algorithm can be implemented without any changes to the existing consensus protocol.

show abstract

Section: Related Workmentioning

confidence: 92%

Section: Introductionmentioning

confidence: 99%

Aurora: a probabilistic algorithm for distributed ledgers enabling trustless synchronization and transaction inclusion verification

Benčić,

Žarko

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Validation and the consensus process is carried out by special peer nodes called "miners". [24], [22], [25].…”

Section: Consensusmentioning

confidence: 99%

“…since all the nodes have a replica of the ledger. Therefore, blockchain enhances the security in the network [22], [25].…”

Section: Enhanced Securitymentioning

confidence: 99%

Blockchain-based Roaming and Offload Service Platform for Local 5G Operators

Weerasinghe

Hewa

Dissanayake

et al. 2021

2021 IEEE 18th Annual Consumer Communications &Amp; Networking Conference (CCNC)

View full text Add to dashboard Cite

5G is the latest generation of mobile networks which will be deployed based on network softwarization concept. It will enable Local 5G Operator (L5GO) concept which is one of the most prominent versatile applications of the 5G in the near future. The unique locality features of L5GOs will be useful in many use cases such as smart cities, industrial internet and healthcare. The popularity of L5GOs will trigger more and more number of roaming and offloading opportunities between mobile users. However, existing static and the operator-assisted roaming and offloading procedures are inefficient for L5GO ecosystem. To address these challenges, we propose a blockchain / Distributed Ledger Technology (DLT) based service platform for the L5GOs to facilitate efficient roaming and offload services. We introduce several novel features, namely, universal wallet for subscribers, service quality based L5GO rating system, user-initiated roaming process and the roaming fraud prevention system. Blockchain-based smart contract scheme is proposed to establish dynamic and automated agreements between operators. A prototype of the proposed platform is emulated with the Ethereum blockchain platform and Rinkeby Testnet to evaluate the performance and justify the feasibility of the proposal.

show abstract

“…This article is based on our previous work outlining the security reference architecture [10]. We substantially modify and extend it by the following:…”

mentioning

confidence: 99%

The Security Reference Architecture for Blockchains: Toward a Standardized Model for Studying Vulnerabilities, Threats, and Defenses

Homoliak

Venugopalan

Reijsbergen

et al. 2021

IEEE Commun. Surv. Tutorials

Self Cite

View full text Add to dashboard Cite

Blockchains are distributed systems, in which security is a critical factor for their success. However, despite their increasing popularity and adoption, there is a lack of standardized models that study blockchain-related security threats. To fill this gap, the main focus of our work is to systematize and extend the knowledge about the security and privacy aspects of blockchains and contribute to the standardization of this domain.We propose the security reference architecture (SRA) for blockchains, which adopts a stacked model (similar to the ISO/OSI) describing the nature and hierarchy of various security and privacy aspects. The SRA contains four layers: (1) the network layer, (2) the consensus layer, (3) the replicated state machine layer, and (4) the application layer. At each of these layers, we identify known security threats, their origin, and countermeasures, while we also analyze several cross-layer dependencies. Next, to enable better reasoning about security aspects of blockchains by the practitioners, we propose a blockchain-specific version of the threat-risk assessment standard ISO/IEC 15408 by embedding the stacked model into this standard. Finally, we provide designers of blockchain platforms and applications with a design methodology following the model of SRA and its hierarchy.

show abstract

A Security Reference Architecture for Blockchains

Cited by 30 publications

References 77 publications

Aurora: a probabilistic algorithm for distributed ledgers enabling trustless synchronization and transaction inclusion verification

Aurora: a probabilistic algorithm for distributed ledgers enabling trustless synchronization and transaction inclusion verification

Blockchain-based Roaming and Offload Service Platform for Local 5G Operators

The Security Reference Architecture for Blockchains: Toward a Standardized Model for Studying Vulnerabilities, Threats, and Defenses

Contact Info

Product

Resources

About