Part 6: Blockchain Technology - Security
In Part 6 of this multipart series on blockchain technology, we will continue our discussion on the implications of blockchain technology. Let's get started!
Security. Security risks for blockchain technology are similar to those experience in both public and private networks. The design of the network architecture and access control play crucial roles in reducing the insider threats to the network, by requiring a minimum number of participants or nodes to be properly connected, designated and authorized for participating in a Federated or private blockchain consensus process. Public blockchain are prone to 51% attack and therefore care should be taken to ensure the network has sufficient nodes that are geographically dispersed to prevent any collusion from any one country. Unverified transactions after one to two hours are probably malicious and should be discarded in accordance to the consensus algorithm. Unlike the public blockchains where the recovery of assets through the loss of private keys or theft is nearly impossible, private blockchain must provide mechanism to handle the loss of identification credentials, or roll back of faulty transactions, particularly for systems that manage physical or financial asset.
Access control of users to the private blockchains remain to be the key mechanism to safeguard unauthorized access to the network. Depending on the blockchain technology selected, this may be accomplished through use of identity access management (IAM) solutions or use of X.509 certificates which require centralized key management. The same controls must also be applied to any participating nodes on the same network to prevent rogue transactions from being injected into the network.
This concludes our primer on blockchain technology.