Identity-based network security for commercial blockchain services

While blockchain services hold great promise to improve many different industries, there are significant cybersecurity concerns which must be addressed. In this paper, we present experimental test bed results for a novel method of user identity management for cloud-based blockchain applications. Using a BlackRidge Technology endpoint on a Windows host, we insert cryptographic identity tokens on the first packet to request a new session. A corresponding gateway appliance in the cloud enforces security policy, blocking unauthorized access at or below the transport layer. Results of penetration testing a sample Hyperledger 1.0 application are discussed. We also demonstrate network segmentation and traffic separation, which allows multiple organizations to share blockchain infrastructure and facilitates compliance auditing.

[1]  Alan G. Labouseur,et al.  An API honeypot for DDoS and XSS analysis , 2017, 2017 IEEE MIT Undergraduate Research Technology Conference (URTC).

[2]  Amy Nordrum Wall street occupies the blockchain - Financial firms plan to move trillions in assets to blockchains in 2018 , 2017, IEEE Spectrum.

[3]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[4]  Casimer DeCusatis,et al.  Advanced Intrusion Prevention for Geographically Dispersed Higher Education Cloud Networks , 2017, REV.

[5]  Morgen E. Peck,et al.  Blockchains: How they work and why they'll change the world , 2017, IEEE Spectrum.

[6]  Casimer DeCusatis,et al.  Autonomic security for zero trust networks , 2017, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).