a security privacy perspective through
play

A Security & Privacy Perspective through Hyperledger/fabric - PowerPoint PPT Presentation

Sep 06, 2022 •471 likes •707 views

Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems Introduced in 2008

  1. Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016

  2. Blockchain systems • Introduced in 2008 [Bitcoin08] • Open to be used by anyone • Decentralized networks to decide on the order & validity of transactions that are announced in it • Blockchain/Ledger of announced & validated transactions • Mechanism/protocols to extend the ledger • Occasionally, with their own currency (e.g., BTC, ETHER) • Emerging: – Integrated in multiple businesses around the globe – Market sizes of Billions USD – An ecosystem established around them

  3. Blockchain systems: concepts of interest Ledger Ledger Peer Peer Transaction Ledger Ledger Ledger Validating Entities Client Peer Peer End-user Alice Ledger Ledger Peer Peer • Transaction definition • Blockchain / Ledger data structure • Participant identities • Underlying agreement (aka consensus) protocol • Motivation mechanisms for proper functionality of the system 3

  4. Blockchain systems: the example of Bitcoin Ledger Ledger Peer Peer Transaction Ledger Ledger Ledger Validating Entities Client Peer Peer End-user Alice Ledger Ledger Peer Peer • Transactions are payment transactions • Users and validating peers are the same set • Clients use self-generated pseudonyms • Miners “vote” with their computing power the executed result • Motivation for good behavior through the generation of BTC coins 4

  5. Blockchain systems: the example of Ethereum Ledger Ledger Peer Peer Transaction Ledger Ledger Ledger Validating Entities Client Peer Peer End-user Alice Ledger Ledger Peer Peer • Transactions can include any type of code, smart contract • Smart contracts & result are added to the Blockchain • Users and validating peers are the same set • Clients use self generated pseudonyms • Miners “vote” with their computing power • Motivation for good behavior through the generation of ETHER coins 5

  6. Blockchain for enterprise?

  7. Problem: Electronic networks that transfer the ownership of assets between parties according to business rules are inefficient , expensive and vulnerable . Hack Party A’s Records Counter-party Bank records records API-integrations Party C’s Records Auditor records Party B Records System integrations grow x(x-1) with each additional party x

  8. Solution: Blockchain networks — simpler; no centralized control points; spread risk = lowered costs; hardened inside (not just at the perimeter). Party A All Parties have Replicated Ledger Counter-parties Banks Can still have private – permissioned network Digitally Signed / Encrypted Auditors Party C Transactions & Ledger Consensus Algorithm Prevents Double-spend Party B

  9. Blockchain: all we need!  Shared replicated ledger : a peer-to-peer append-only transaction database that is replicated and shared across organizational boundaries/legal entities  Embedded crypto layer : supporting secure authenticated verifiable multi-party transactions via tokenization, digital identity, digital signatures, and other  Business rules (evolving to Smart Contracts): ability to specify business logic, embed it in the transaction database, and couple execution of the logic with transaction processing Business rules derived from contracts trigger actions & workflows Multi-party contracts defined around shared state & state changes Org A Org C Secure authenticated updates to shared state Org B Org D Replicated shared state

  10. Benefits of Blockchain  Reduce costs and complexity  Automate trusted processes  Improve discoverability  Ensure trusted record-keeping "Over decades banks and other firms have built systems for themselves ... and then a collection of processes has emerged between the banks ... to make sure these systems are kept synchronized and are reconciled with each other." "With shared or distributed ledgers perhaps we can imagine a world where participants share this infrastructure, so rather than everyone running their own systems that have to be reconciled, we can have ... an open platform that multiple firms can connect to.“ R. G. Brown

  11. Blockchain: How to decide whether to use it? Very high Performance, Are You Managing No Does Identity Does This Require (sub)Millisecond Contractual Matter? a Market Approach? Transactions? Relationships? Yes 1 Yes Yes Yes Are you working with Do You Need to Keep Does it Require Greater Complex Business Your Transactions Than Two Parties? Logic? Private? No 4 Yes Yes Yes 2 Yes Are You Looking to Reduce Costs? No Consider Are You Looking to Yes Let’s Talk Improve Alternative 3 Discoverability? Approaches By design, no one party can Smart contracts aim to provide When everyone on an exchange Blockchain networks allow each modify, delete, or even append any security superior to traditional can view the same ledger, it is easy participant to create customized record without consensus, making contract law and to reduce other to broadcast an intention (or offer) solutions using their own 1 2 3 4 the system useful for ensuring the transaction costs associated with by appending it. For example, in a proprietary business logic while immutability of contracts and other contracting. trading network, all ask and bids running on the same common legal documents. would be visible to every network ledger. 1 participant. 1

  12. Enterprise blockchain ? Not quiet there yet… • Strong identity management • Auditable user-behavior • Accountability of individual users and validating entities • Transactional privacy of blockchain users • Anonymity & unlinkability of transactions of the same user • Confidentiality of the contract to be executed w.r.t. validating entities • Access control in contract invocation • Scalability & performance • Proof-of- work systems need to be substituted by something more “ energy-efficient ” • Need to sustain large number of transactions per time unit • Scale to large number of nodes • Support for auditing 12

  13. Open (-sourced) Blockchain : Enterprise Blockchain born within IBM One of Hyperledger candidates

  14. Hyperledger-fabric model Permission Issuer Ledger Transaction Ledger Peer Peer (defining contracts) Client Ledger Ledger Ledger End-user Validating Entities Peer Peer Alice Transaction (invoking contracts) Ledger Ledger Peer Peer Client End-user Bob • Permissioned system • Transactions can implement arbitrary (business) logic via chain-codes • Distinct roles of users , and validators • Users deploy chaincodes and invoke them through deploy & invoke transactions • Validators evaluate the effect of a transaction and reach consensus over the new version of the ledger • Ledger = total order of transactions + hash (global state) • Pluggable consensus protocol , currently PBFT & Sieve 14

  15. Security & privacy features Each user has control over the degree to which its transaction activity will Privacy of user- participation be shared with its environment Contract logic can be confidential, i.e., concealable to unauthorized entities Contract Privacy Users can be accounted for the transactions they create, cannot frame Accountability other users for their transactions, or forge other users’ transactions. Non-repudiation Auditors are able to access & verify any transaction they are legally Auditability authorized to 15

  16. Security and privacy mechanisms Privacy of user- participation Auditable mechanisms to grant users { credentials to ( anonymously ) Membership authenticate their transactions and Services secure their connection to the network. Contract Privacy Accountability Non-repudiation Auditable mechanisms to enable users to { Contract conceal their contracts and associated Confidentiality transactions to unauthorized nodes , while Mechanisms guaranteeing correctness. Auditability 16

  17. Adversarial model Membership Management Ledger Transaction Ledger Peer Peer (defining contracts) Client Ledger Ledger Ledger End-user Validating Entities Peer Peer Alice Ledger Ledger Peer Peer Client End-user Transaction Bob (invoking contracts) • Permission issuer / membership service is assumed honest • Users: - have access to raw ledger data - may try to escalate their read/invoke access rights • Validators: Up to f number of byzantine nodes • All entities assumed trusted to not reveal confidential information that are given access to. 17

  18. Membership Membership Ledger Ledger auditors Peer Peer Client Ledger Ledger Ledger Validating Entities Peer Peer End-user Ledger Ledger Peer Peer User registration Peer registration Nominal Anonymous Nominal credentials credential credential  Users prove identity and issue two types of credentials • Transaction certificates (anonymous) • Enrollment certificates (nominal)  Peers only issue enrollment certificates  Nominal credentials contain encryption & signing keys Membership  Auditors can audit certificates and ownership Management 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CLUSIT and Information Security & Privacy Osservatorio introduce their perspective Gabriele

CLUSIT and Information Security & Privacy Osservatorio introduce their perspective Gabriele

IT Security: CLUSIT and Information Security & Privacy Osservatorio introduce their perspective Gabriele Faggioli November 27 th , 2017 Clusit Osservatori Politecnico of Milan CLUSIT , the Italian Association for Information Security,

813 views • 17 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

FAKULTT FR !NFORMATIK Faculty of Informatics S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks Pedro Moreno-Sanchez Blockchain Summer School BDLT19 Vienna, Sep 2nd 2019 Blockchain Research

1.41k views • 73 slides
Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and

Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and

Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and data usage control public Frank Wagner / Use cases from the perspective of Deutsche Telekom's Group Privacy 24.09.2010 1

464 views • 15 slides
Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much easier if there were someone we could all TRUST with our data Be8er data mining -- using MORE data, while respec@ng users PRIVACY

888 views • 35 slides
Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

CS 563 - Advanced Computer Security: Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Consider the difference between security and privacy Discuss work

814 views • 43 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned Did you know... 77 percent of all Americans feel their personal health information privacy is very important, and 84 percent said they

769 views • 50 slides
How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and Security Conference Privacy and Security by Choice, not Chance Afternoon Workshop Wednesday February 3, 2016 Victoria, B.C. Canada Gerry Bliss

1.11k views • 63 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director Global Privacy & Security by Design Centre Technion Summer School on Cyber Security Haifa, Israel September 9, 2020 Lets Dispel The Myths

929 views • 55 slides
CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt // http://yxiao.info i i f Outline Outline What is Location Privacy Basic Techniques Private Information Retrieval Probabilistic

415 views • 24 slides
Client-side Web Mining for Community Formation in Peer-to-Peer Environments Kun Liu, Kanishka

Client-side Web Mining for Community Formation in Peer-to-Peer Environments Kun Liu, Kanishka

Client-side Web Mining for Community Formation in Peer-to-Peer Environments Kun Liu, Kanishka Bhaduri, Kamalika Das, Phuong Nguyen and Hillol Kargupta University of Maryland, Baltimore County WebKDD06, August 20, 2006, Philadelphia, PA, USA

547 views • 21 slides
Cloud- and Peer-to-Peer Storage End-user considerations and product overview 4/3/2010 Arjan

Cloud- and Peer-to-Peer Storage End-user considerations and product overview 4/3/2010 Arjan

Cloud- and Peer-to-Peer Storage End-user considerations and product overview 4/3/2010 Arjan Peddemors Objectives Get overview of existing cloud storage and P2P storage concepts and products* outline of basic principles underlying cloud-

300 views • 15 slides
iLab P2P Networks Dirk Haage Chair for Network Architectures and Services Department of

iLab P2P Networks Dirk Haage Chair for Network Architectures and Services Department of

Network Architectures and Services, Georg Carle Faculty of Informatics Technische Universitt Mnchen, Germany iLab P2P Networks Dirk Haage Chair for Network Architectures and Services Department of Computer Science Technische

943 views • 30 slides
Lightweight Emulation to Study Peer-to-Peer Systems Lucas Nussbaum and Olivier Richard

Lightweight Emulation to Study Peer-to-Peer Systems Lucas Nussbaum and Olivier Richard

Introduction P2PLab Conclusion Lightweight Emulation to Study Peer-to-Peer Systems Lucas Nussbaum and Olivier Richard Laboratoire I nformatique et D istribution Laboratoire ID-IMAG MESCAL INRIA Project Grenoble, France Lucas Nussbaum and

617 views • 27 slides
CAMHPRO Peer Certification SB 614 Update & Input Meeting August 11, 2016 870 Market St., Suite

CAMHPRO Peer Certification SB 614 Update & Input Meeting August 11, 2016 870 Market St., Suite

CAMHPRO Peer Certification SB 614 Update & Input Meeting August 11, 2016 870 Market St., Suite 922; San Francisco, Karin Lettau, MS, Director of California CA 94102 (415) 341-9460 Please follow us and like us on Face Book Training

1.06k views • 37 slides
Writing Datomic in Clojure Rich Hickey Datomic, Clojure Overview What is Datomic?

Writing Datomic in Clojure Rich Hickey Datomic, Clojure Overview What is Datomic?

Writing Datomic in Clojure Rich Hickey Datomic, Clojure Overview What is Datomic? Architecture Implementation - Clojure Applied Summary What is Datomic? A new kind of database Bringing data power into the application

1.31k views • 52 slides
Fall 2020 Teaching Scenarios Department Input Summary We received 61 responses. Thank you!

Fall 2020 Teaching Scenarios Department Input Summary We received 61 responses. Thank you!

Fall 2020 Teaching Scenarios Department Input Summary We received 61 responses. Thank you! Scenarios Scenario 1: Fully Remote Scenario 2: Hybrid Scenario 3: Socially Distant On-Campus Scenario 3.5: Half of the UGs each for

397 views • 17 slides
BLOCKCHAIN Technology & Applications #apiconf2018 BLOCKCHAIN Technology & Applications

BLOCKCHAIN Technology & Applications #apiconf2018 BLOCKCHAIN Technology & Applications

edoardo conte BLOCKCHAIN Technology & Applications #apiconf2018 BLOCKCHAIN Technology & Applications edoardo conte BLOCKCHAIN Technology & Applications #apiconf2018 BLOCKCHAIN Technology & Applications edoardo conte The

918 views • 44 slides

More recommend