Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Blockchain based Security Architectures - A Review

622 views

Published on

From my session on #Blockchain based #Cybersecurity Architectures presented in the Malabar Cybersecurity Summit organised by RedTeam Hacker Academy in Calicut. This presentation navigates through the fundamental concepts of Blockchain, Tamper Evidence properties of Blockchain Data Structure, Blockchain Architectures, Possibilities of Immutable Ledger, Importance of Blockchain for Digital Identities, IoT Security etc.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Blockchain based Security Architectures - A Review

  1. 1. Blockchain and Cybersecurity Emerging Frontiers of Trust Machines
  2. 2. Estonia sues Gemalto for 152 m euros over ID card flaws Estonian police are seeking to recover 152 million euros ($178 mln) in a lawsuit filed on Thursday against digital security firm Gemalto, following a recall last year when security flaws were found in citizen ID cards produced by the firm. The vulnerabilities to hacker attacks found in government- issued ID cards supplied by the Franco-Dutch company marked an embarrassing setback for Estonia, which has billed itself as the world’s most digitalised “e-government”. Most of its 1.3 million people use electronic ID cards to access public services digitally. Estonia’s Police and Border Guard Board (PPA) said in a statement Gemalto had created private key codes for individual cards, leaving the government IDs vulnerable to external cyber attack, rather than embedding it on the card’s chip as promised.
  3. 3. e-Estonia Cybersecurity Architecture
  4. 4. Mirai botnet infected numerous IoT devices (primarily older routers and IP cameras), then used them to flood DNS provider Dyn with a DDoS attack.
  5. 5. –Alex Momot, CEO of REMME “By removing much of the human element from data storage, blockchains significantly mitigate the risk of human error, which is the largest cause of data breaches”
  6. 6. Blockchain for Cybersecurity Digital Identity Protection Digital Record Protection Decentralised Certificates Digital Device Protection Privacy Preserving Contracts Zero Knowledge Proofs
  7. 7. What is Blockchain ?
  8. 8. Why Blockchain is a secure alternative to traditional database architectures Transactions can be suppressed in traditional databases Participants have to trust database owners Risk is concentrated on each database owner Data visibility in a traditional database is local only Expensive data security and integration cost in traditional databases
  9. 9. Blockchain and Traditional Internet
  10. 10. Origin of Blockchain Technology • Double Spending is prevented with peer to peer network • No mint or trusted third parties • Participants can be anonymous • New coins are made from hashcash style proof of work • The proof of work also powers the network to prevent double spending
  11. 11. Blockchain Visualisation
  12. 12. Blockchain and Cryptography
  13. 13. What is in a Blockchain Node Decided Valid Blocks Decided Invalid Blocks Undecided Blocks Insufficient voted Blocks
  14. 14. Blockchain Feature Highlights
  15. 15. Characteristics of Blockchain
  16. 16. Blockchain Architecture Models
  17. 17. Blockchain and Cybersecurity A blockchain provides a mechanism to distribute digital information and decentralise security
  18. 18. Blockchain & Economy Centralised Systems Decentralised Networks Distributed Architecture
  19. 19. Dimensions of Decentralisation
  20. 20. Blockchain Technology Decentralisation Cryptographic Encryption Tamper Evidence Consensus based control
  21. 21. Blockchain for Security : Possibilities Cryptographically secure digital identity for users, connected devices and central servers Invisible and locked down control systems with micro segmentation and fine grained access control Best in class encryption for secure access to connected devices Immutable and tamper evident logs stored securely on the Blockchain for instant access and analysis
  22. 22. Secure Messaging using Blockchain Startups like Obsidian are using blockchain to secure private information exchanged in chats, messaging apps and through social media. Obsidian’s messenger uses blockchain to secure users’ metadata. The user will not have to use email or any other authentication method to use the messenger. The metadata is randomly distributed throughout a ledger and thus will not be available for gathering in one single point, from which it could be compromised. Elsewhere, engineers at the Defense Advanced Research Projects Agency (DARPA) are reportedly experimenting with blockchain to create a messaging service that is secure and impenetrable to foreign attacks.
  23. 23. Redesigning Public Key Infrastructure CertCoin is one of the first implementations of blockchain-based PKI. The project removes central authorities altogether and uses the blockchain as a distributed ledger of domains and their public keys. Start-up REMME gives each device its own specific SSL certificate based on the blockchain, which prevents intruders from faking certificates. Guardtime has been using blockchains to create a Keyless Signature Infrastructure (KSI), a replacement for PKI.
  24. 24. Decentralised Certificate Management
  25. 25. Blockchain based Public Key Infrastructure Certificate authority centralisation creates a single point of failure Key verification through consensus
  26. 26. Decentralised Key Management
  27. 27. Guardtime The company takes away the need to use keys for verification. Instead, they distribute every piece of data to nodes throughout the system. If someone tries to alter the data, the system analyses the whole mass of chains, compares them to the metadata packet and then excludes any that don’t match up. This means that the only way to wipe the entire blockchain out is to destroy every single separate node. If just one node remains running with the correct data, the whole system can be restored, even if all of the other nodes are compromised. Guardtime’s system works in such a way that it’s always able to detect when a change has been made to the data and is constantly verifying the changes. This ensures that there is no discrete way to tamper with blocks in the chain and the data remains uncompromised.
  28. 28. Guardtime Component Architecture
  29. 29. Guardtime Logical Architecture
  30. 30. Blockchain based Identity Management StartUp Ecosystem
  31. 31. Attack Vectors on Industrial IoT Systems
  32. 32. Attacks on IoT Devices Physical attacks Micro probing Side channel attacks Timing analysis, Power analysis Electromagnetic analysis Environmental attacks Cryptoanalysis attacks Ciphertext attacks, plain text attacks Software attacks Network attacks Denial of Service Node Subversion, Node Malfunction
  33. 33. Five common large scale cyber attacks on IoT Botnets Man in the middle attack Data & Identity theft Social Engineering Denial of Service
  34. 34. History of Industrial IoT Attacks
  35. 35. Top Ten IoT Security Attacks
  36. 36. Lifecycle of Remote Access Attack on IoT Devices
  37. 37. Security Reference Architecture for IoT
  38. 38. Emerging dynamics of IoT
  39. 39. Industrial IoT Landscape
  40. 40. IoT Security Spending Statistics
  41. 41. Economics of IoT Security
  42. 42. Blockchain Usecases for IoT Security • Identity and authentication • Data Integrity and Privacy • Autonomous P2P Transactions • Critical Infrastructure Protection
  43. 43. Blockchain for IoT Security : Possibilities Track connected devices in the network Authenticate users and devices Maintain data securely Remove single point of failure Build trust between IoT processes Reduce cost by eliminating intermediaries
  44. 44. Why Blockchain for IoT Security Very often physical objects are used or maintained by multiple parties Multiple parties need to agree on acceptable usage Disputes between parties require some record of what occurred in order to resolve the disputes Effects of the environment may also factor into the agreement between parties
  45. 45. IoT Platforms and Blockchain IBM provides its Watson IoT platform with an option to manage IoT data in a private blockchain ledger, which is integrated into Big Blue’s cloud services. Ericsson’s Blockchain Data Integrity service provides fully auditable, compliant and trustworthy data to app developers working within GE’s Predix PaaS platform.
  46. 46. Blockchain as a Distributed Ledger Technology for IoT Transactions
  47. 47. IoT Blockchain Integration Lifecycle
  48. 48. Blockchain Network for IoT Security
  49. 49. Blockchain Smart Contracts for IoT Security
  50. 50. IOTA Will Power Kontakt.io's Location Solution to Enable Secure Sale and Sharing of Telemetry Data Kontakt.io, the IoT (Internet of Things) location provider announced a collaboration with the IOTA Foundation to integrate IOTA’s next-generation distributed ledger technology with Kontakt’s location platform. The integration will enable tamper-proof and chargeable readings of smart sensor data. This will equip healthcare operators and supply chain firms which monitor environmental conditions for compliance reasons with fully transparent ways of storing and reporting on telemetry data. By leveraging mechanisms of Distributed Ledger Technology, the Kontakt.io and IOTA solution is going to ensure that device-to-device and device- to-cloud communication of telemetry streams are encrypted and the data itself is unalterable.

×