Proponents of the distributed ledger technology known as blockchain consider it to be one of the best ways to secure transactions. I don’t know about you, but hearing that anything is the “best” immediately makes me skeptical. How exactly does blockchain provide more security than traditional transaction processes? Let’s take a look.
Security by the blocks
A blockchain, as the name implies, is a chain of digital “blocks” that contain records of transactions. Each block is connected to all the blocks before and after it. This makes it difficult to tamper with a single record because a hacker would need to change the block containing that record as well as those linked to it to avoid detection. This alone might not seem like much of a deterrence, but blockchain has some other inherent characteristics that provide additional means of security.
The records on a blockchain are secured through cryptography. Network participants have their own private keys that are assigned to the transactions they make and act as a personal digital signature. If a record is altered, the signature will become invalid and the peer network will know right away that something has happened. Early notification is crucial to preventing further damage.
Unfortunately for those ambitious hackers, blockchains are decentralized and distributed across peer-to-peer networks that are continually updated and kept in sync. Because they aren’t contained in a central location, blockchains don’t have a single point of failure and cannot be changed from a single computer. It would require massive amounts of computing power to access every instance (or at least a 51 percent majority) of a certain blockchain and alter them all at the same time. There has been some debate about whether this means smaller blockchain networks could be vulnerable to attack, but a verdict hasn’t been reached. In any case, the bigger your network is, the more tamper-resistant your blockchain will be.
At a glance, blockchains have some desirable features that would help to secure your transaction data. However, there are other conditions and requirements to consider when you want to use a blockchain for business.
It’s important to be aware of this fact when evaluating whether the technology you’ve chosen will have the security you require. Today, there are two main types of blockchain, public and private, with a number of variations. Public and private blockchains differ in a couple of key ways that can affect the level of security they provide.
The most obvious difference is that public blockchains use computers connected to the public internet to validate transactions and bundle them into blocks to add to the ledger. Any computer connected to the internet can join the party. Private blockchains, on the other hand, typically only permit known organizations to join. Together, they form a private, members-only “business network.” This difference has significant implications in terms of where the (potentially confidential) information moving through the network is stored and who has access to it. Just from that, you can probably see how a public blockchain might not be right for enterprise. Another important and related difference is that public blockchains are typically designed around the principle of anonymity, whereas private blockchains use identity to confirm membership and access privileges, and so the participants in the network know exactly who they are dealing with.
The other main way public and private blockchains differ is how transactions are verified. Basically, for a transaction to be added to a blockchain, network participants must agree that it is the one and only version of the truth. That is done through consensus, which means agreement. Bitcoin is probably the most well-known example of a public blockchain and it achieves consensus through “mining.” In Bitcoin mining, computers on the network (or ‘miners’) try to solve a complex cryptographic problem to create a proof of work. The drawback is that this requires an enormous amount of computational power, especially for large-scale public blockchains.
Alternatively, a private blockchain consists of a permissioned network in which consensus can be achieved through a process called “selective endorsement,” where known users verify the transactions. The advantage of this for businesses is that only participants with the appropriate access and permissions can maintain the transaction ledger. There are still a few issues with this method, including threats from insiders, but many of them can be solved with a highly secure infrastructure.
A blockchain network is only as secure as its infrastructure
When establishing a private blockchain, you must decide the best platform for deployment. Even though blockchain has inherent properties that provide security, known vulnerabilities in your infrastructure can be manipulated by those with ill intent. Ideally, you should have an infrastructure with integrated security that can:
Prevent anyone — even root users and administrators — from accessing sensitive information
Deny illicit attempts to change data or applications within the network.
Carefully guard encryption keys using the highest-grade security standards so they can never be misappropriated.
With these capabilities, your blockchain network will have the added protection it needs to prevent attacks from within and without. To learn more about the only fully integrated enterprise-ready blockchain platform designed to accelerate the development, governance and operation of a multi-institution business network, check out IBM Blockchain Platform.
Technology innovations like IoT, autonomous systems and mobile solutions invariably bring with them increased risks and security threats. Today’s news cycle features a constant stream of stories on hackers commandeering household nanny-cams, smart thermostats and video-enabled doorbells. The expansion of the Internet of Things has dramatically increased the attack surface. As the number of connected […]
IBM recently wrapped up a very bustling week in San Francisco at THINK 2019 full of client conversations — through sessions and in the expo hall — and how technology will transform enterprises with data, AI, cloud, blockchain and more. In my blog post prior to THINK, I wrote about how blockchain is becoming more […]
Many experts say that a password-based login is an insecure approach to online interactions and that multi-factor schemes add friction that reduce user adoption and productivity. Obtaining assured authentication of a person’s identity while adhering to new data privacy laws and regulations presents a minefield of security and customer experiences issues that are costly and […]