Block Chain Development discussion 6b

mohan.cark
BLCN532_Chapter_11.pdf
Home>Computer Science homework help>Block Chain Development discussion 6b

Professor Michael Solomon

BLCN 532 Blockchain development

Chapter 11

Chapter 11

• Hyperledger Fabric Security

• Security design goals

• Hyperledger Fabric architecture

• Network bootstrap and governance

• Strong identities

• Chaincode security

• Quantum computing

• General Data Protection Regulation (GDPR) considerations

Key Security

Design Goals

• Existing members

• Determine how to add new members

• Determine how to update config/smart contracts

• Ledger and chaincode can be scoped

• General purpose language used for chaincode

• Guaranteed transaction integrity

• Align with industry standards

• Consensus separate from transaction validation

• Universal pluggability

Hyperledger Fabric

Architecture

FABRIC CA OR MEMBERSHIP

PROVIDER

PEER SMART CONTRACT / CHAINCODE

LEDGER PRIVATE DATA ORDERING SERVICE

Hyperledger Fabric Architecture

Network Bootstrap

and Governance

The first step toward security

Creating the network

Adding new members

Deploying and updating chaincode

Data model

Strong Identities

Practical considerations in managing users

Bootstrapping Fabric CA

Register Default Fabric roles

Enroll Revoking identities

Chaincode Security

Sharing chaincode with other peers

Installing chaincode

Encrypting chaincode

Attribute-based access control

Common Security Threats

• Spoofing

• Tampering

• Repudiation

• Replay attacks

• Information disclosure

• Denial of Service

• Elevation of privileges

• Ransomware

Transaction Privacy

Channels

Private data

Encrypting transaction data

Quantum Computing

Hyperledger Fabric cryptography Elliptic curve cryptography

Digitally signs transactions

Options to plug in alternate provider

Quantum computing

Emerging technology

Possibly may break existing cryptography

15-30 years away from maturity

GDPR Considerations

European Union’s General Data Protection Regulation (EU

GDPR)

Comprehensive regulations to

protect personal data privacy

Hyperledger Fabric can provide for private data

However, immutability can cause issues

• GDPR requires support to delete data

Summary

• Hyperledger Fabric Security

• Security design goals

• Hyperledger Fabric architecture

• Network bootstrap and governance

• Strong identities

• Chaincode security

• Quantum computing

• General Data Protection Regulation (GDPR) considerations