Chapter Eight - Privacy Requirements in Cybersecurity Applications of Blockchain

Abstract Blockchain has promise as an approach to developing systems for a number of applications within cybersecurity. In Blockchain-based systems, data and authority can be distributed, and transparent and reliable transaction ledgers created. Some of the key advantages of Blockchain for cybersecurity applications are in conflict with privacy properties, yet many of the potential applications have complex requirements for privacy. Privacy-enabling approaches for Blockchain have been introduced, such as private Blockchains, and methods for enabling parties to act pseudonymously, but it is as yet unclear which approaches are suitable in which applications. We explore a set of proposed uses of Blockchain within cybersecurity and consider their requirements for privacy. We compare these requirements with the privacy provision of Blockchain and explore the trade-off between security and privacy, reflecting on the effect of using privacy-enabling approaches on the security advantages that Blockchain can offer.

[1]  Gareth W. Peters,et al.  Understanding Modern Banking Ledgers Through Blockchain Technologies: Future of Transaction Processing and Smart Contracts on the Internet of Money , 2015, ArXiv.

[2]  Juan Carlos De Martin,et al.  Blockchain for the Internet of Things: A systematic literature review , 2016, 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA).

[3]  Jong Hyuk Park,et al.  Block-VN: A Distributed Blockchain Based Vehicular Network Architecture in Smart City , 2017, J. Inf. Process. Syst..

[4]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[5]  Stephen J. Schultze,et al.  Trust Darknet: Control and Compromise in the Internet's Certificate Authority Model , 2013, IEEE Internet Computing.

[6]  Wei Jiang,et al.  Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control , 2016, Journal of Medical Systems.

[7]  Mario Gerla,et al.  Securing Vehicle to Vehicle Communications using Blockchain through Visible Light and Acoustic Side-Channels , 2017, ArXiv.

[8]  Neal Leavitt,et al.  Internet Security under Attack: The Undermining of Digital Certificates , 2011, Computer.

[9]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[10]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[11]  Nick Szabo,et al.  Formalizing and Securing Relationships on Public Networks , 1997, First Monday.

[12]  Nsw Roads and Maritime Services Intelligent Transport Systems (ITS) , 2016 .

[13]  Philip Zimmermann,et al.  Pretty good privacy: public key encryption for the masses , 1995 .

[14]  Guido Governatori,et al.  Evaluation of Logic-Based Smart Contracts for Blockchain Systems , 2016, RuleML.

[15]  Srilekha Mudumbai,et al.  Certificate-based authorization policy in a PKI environment , 2003, TSEC.

[16]  D. Upton,et al.  Improving data transparency in clinical trials using blockchain smart contracts , 2016, F1000Research.

[17]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).