Research on blockchain evaluation methods under the classified protection of cybersecurity

ZHU Yan; ZHANG Yi; WANG Di; QIN Bo-han; GUO Qian; FENG Rong-quan; ZHAO Zhang-jie

doi:10.13374/j.issn2095-9389.2019.12.17.007

Volume 42 Issue 10

Oct. 2020

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Engineering > 2020 > 42(10): 1267-1285

ZHU Yan, ZHANG Yi, WANG Di, QIN Bo-han, GUO Qian, FENG Rong-quan, ZHAO Zhang-jie. Research on blockchain evaluation methods under the classified protection of cybersecurity[J]. Chinese Journal of Engineering, 2020, 42(10): 1267-1285. doi: 10.13374/j.issn2095-9389.2019.12.17.007

Citation:

ZHU Yan, ZHANG Yi, WANG Di, QIN Bo-han, GUO Qian, FENG Rong-quan, ZHAO Zhang-jie. Research on blockchain evaluation methods under the classified protection of cybersecurity[J]. Chinese Journal of Engineering, 2020, 42(10): 1267-1285. doi: 10.13374/j.issn2095-9389.2019.12.17.007

Citation:

ZHU Yan, ZHANG Yi, WANG Di, QIN Bo-han, GUO Qian, FENG Rong-quan, ZHAO Zhang-jie. Research on blockchain evaluation methods under the classified protection of cybersecurity[J]. Chinese Journal of Engineering, 2020, 42(10): 1267-1285. doi: 10.13374/j.issn2095-9389.2019.12.17.007

PDF( 1224 KB)

Research on blockchain evaluation methods under the classified protection of cybersecurity

doi: 10.13374/j.issn2095-9389.2019.12.17.007

1.
School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing 100083, China
2.
Institute of Software Chinese Academy of Sciences, Beijing 100190, China
3.
School of Mathematics Sciences, Peking University, Beijing 100871, China
4.
Beijing Information Security Test and Evaluation Center, Beijing 100101, China

More Information

Corresponding author: E-mail: zhuyan@ustb.edu.cn
Received Date: 2019-12-17
Publish Date: 2020-10-25

Abstract

Abstract

A blockchain is a cryptographic distributed database and network transaction accounting system. In the current era of major technological changes, blockchain technology, with its cryptographic structure, peer-to-peer (P2P) network, consensus mechanism, smart contract and other mechanisms, is decentralized, tamper-proof, and traceable and has become a hot spot in the development of informatization. Classified protection is one of the basic policies of information security in China. The implementation of the information security level protection system can not only guide various industries in performing security management in accordance with the equivalent security standards, but also ensure that supervision and evaluation institutions follow the laws and regulations, which is of significance to network security. As the application of blockchain technology in various industries is becoming more extensive, it is necessary to simultaneously promote the national classified protection of blockchain security assessment, which contributes to the sustainable and healthy development of blockchains in China. According to the revised assessment methods of grade protection, in addition to the status of universality requirements, evaluation specifications should be formulated for specific technologies and fields (such as cloud computing, mobile Internet, Internet of Things, industrial control, and big data). In view of the particularity of blockchain technology, China has initiated the formulation of blockchain evaluation specifications, but has not applied the level protection standards to the formulation of blockchain evaluation specifications. Therefore, the assessment requirements and enforcement proposals are specified for the blockchain’s core technologies, such as P2P network, distributed ledger, consensus mechanism, and smart contracts, according to the application and data security layer requirements at Level 3. Moreover, the current running data of blockchains and their security audit mechanism based on the log workflow were summarized and analyzed respectively in compliance with the control points specified in classified protection 2.0. Our investigation indicates that blockchains can satisfy the requirements of evaluation items in three aspects, namely, software fault tolerance, resource control, and backup and recovery. However, further improvements are needed for other aspects, including security audit, access control, identification and authentication, and data integrity.
- blockchain,
- classified protection of cybersecurity,
- peer-to-peer network,
- consensus mechanism,
- assessment and analysis

FullText(HTML)

References(53)

References

[1]	Nakamoto S, Bitcoin: a peer-to-peer electronic cash system[J/OL]. Bitcoin Online (2008-10-31)[2019-12-17] https://bitcoin.org/bitcoin.pdf
[2]	Mettler M. Blockchain technology in healthcare: the revolution starts here // 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom). Munich, 2016: 1
[3]	安瑞, 何德彪, 張韻茹, 等. 基于區塊鏈技術的防偽系統的設計與實現. 密碼學報, 2017, 4(2):199 An R, He D B, Zhang Y R, et al. The design of an anti-counterfeiting system based on blockchain. J Cryptol Res, 2017, 4(2): 199
[4]	田海博, 何杰杰, 付利青. 基于公開區塊鏈的隱私保護公平合同簽署協議. 密碼學報, 2017, 4(2):187 Tian H B, He J J, Fu L Q. A privacy preserving fair contract signing protocol based on block chains. J Cryptologic Res, 2017, 4(2): 187
[5]	Wijaya D A. Extending asset management system functionality in bitcoin platform // 2016 International Conference on Computer, Control, Informatics and its Applications (IC3INA). Tangerang, 2016: 97
[6]	Tian Z H, Wang B L, Ye Z W, et al. The survey of information system security classified protection // Electrical Engineering and Control. Springer, Berlin, Heidelberg, 2011: 975
[7]	夏冰. 網絡安全法和網絡安全等級保護2.0. 北京: 電子工業出版社, 2017 Xia B. Cybersecurity Law and Classified Protection of Cybersecurity 2.0. Beijing: Publishing House of Electronics Industry, 2017
[8]	郭啟全. 網絡安全法與網絡安全等級保護制度培訓教程(2018版). 北京: 電子工業出版社, 2018 Guo Q Q. Book of Cybersecurity Law and Classified Protection of Cybersecurity. Beijing: Publishing House of Electronics Industry, 2018
[9]	鄧若伊, 余夢瓏, 丁藝, 等. 以法制保障網絡空間安全構筑網絡強國——《網絡安全法》和《國家網絡空間安全戰略》解讀. 電子政務, 2017(02):2 Deng R Y, Yu M L, Ding Y, et al. Safeguarding cyberspace security by law and building a cyber power— —Interpretation of cybersecurity law of the People’s Republic of China and National cyberspace security strategy. E-Government, 2017(02): 2
[10]	朱繼鋒, 趙英杰, 楊賀, 等. 等級保護思想的演化. 信息安全與通信保密, 2011(4):70 doi: 10.3969/j.issn.1009-8054.2011.04.029 Zhu J F, Zhao Y J, Yang H, et al. The evolution of classified protection idea. Inform Security Commun Privacy, 2011(4): 70 doi: 10.3969/j.issn.1009-8054.2011.04.029
[11]	馬力, 祝國邦, 陸磊. 《網絡安全等級保護基本要求》(GB/T 22239—2019)標準解讀. 信息網絡安全, 2019, 19(2):77 doi: 10.3969/j.issn.1671-1122.2019.02.010 Ma L, Zhu G B, Lu L. Baseline for classified protection of cybersecurity (GB/T 22239—2019) standard interpretation. Netinfo Security, 2019, 19(2): 77 doi: 10.3969/j.issn.1671-1122.2019.02.010
[12]	高員, 黃曉昆, 李秀偉. 等保2.0時代云計算安全要求及測評實踐. 信息安全研究, 2018, 4(11):987 doi: 10.3969/j.issn.2096-1057.2018.11.004 Gao Y, Huang X K, Li X W. Cloud computing security requirements and measurement practices in the classified protection 2.0Era. J Inform Security Res, 2018, 4(11): 987 doi: 10.3969/j.issn.2096-1057.2018.11.004
[13]	黃鐘, 陳肖, 文書豪, 等. 大數據安全測評框架和技術研究. 通信技術, 2017, 50(8):1810 doi: 10.3969/j.issn.1002-0802.2017.08.038 Huang Z, Chen X, Wen S H, et al. Security testing frame and technology of big data. Commun Technol, 2017, 50(8): 1810 doi: 10.3969/j.issn.1002-0802.2017.08.038
[14]	王寧, 劉志軍. 物聯網安全中的等級保護研究. 信息網絡安全, 2011(6):5 Wang N, Liu Z J. The internet of things security protection level of the research. Netinfo Security, 2011(6): 5
[15]	Wood G. Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper, 2014, 151: 1
[16]	Androulaki E, Barger A, Bortnikov V, et al. Hyperledger fabric: A distributed operating system for permissioned Blockchains // Proceedings of the Thirteenth EuroSys Conference (EuroSys 2018). Porto, 2018: 1
[17]	Kosba A, Miller A, Shi E, et al. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts // 2016 IEEE Symposium on Security and Privacy (SP). San Jose, 2016: 839
[18]	朱巖, 甘國華, 鄧迪, 等. 區塊鏈關鍵技術中的安全性研究. 信息安全研究, 2016, 2(12):1090 Zhu Y, Gan G H, Deng D, et al. Security architecture and key technologies of blockchain. J Inform Security Res, 2016, 2(12): 1090
[19]	Antonopoulos A M. Mastering Bitcoin: Unlocking Digital Cryptocurrencies. California: O'Reilly Media, Inc, 2014
[20]	Ben Mariem S, Casas P, Donnet B. Vivisecting blockchain P2P networks: Unveiling the bitcoin IP network // ACM CoNEXT Student Workshop. Crete, 2018
[21]	Gencer A E, Basu S, Eyal I, et al. Decentralization in bitcoin and ethereum networks // International Conference on Financial Cryptography and Data Security. Berlin, 2018: 439
[22]	Donet J A D, Pérez-Sola C, Herrera-Joancomartí J. The bitcoin P2P network // Proceedings of the 1st Workshop on Bitcoin Research (in Assocation with Financial Crypto 14). Berlin, 2014: 87
[23]	Du M X, Ma X F, Zhang Z, et al. A review on consensus algorithm of blockchain // 2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC). Banff, 2017: 2567
[24]	Gramoli V. From blockchain consensus back to byzantine consensus. Future Generation Comput Syst, 2020, 107: 760 doi: 10.1016/j.future.2017.09.023
[25]	Nguyen G T, Kim K. A survey about consensus algorithms used in blockchain. J Inform Process Syst, 2018, 14(1): 101
[26]	Fullmer D, Morse A S. Analysis of difficulty control in bitcoin and proof-of-work blockchains // 2018 IEEE Conference on Decision and Control (CDC). Miami Beach, 2018: 5988
[27]	Taylor D. An Analysis of Bitcoin and the Proof of Work Protocols Energy Consumption, Growth, Impact and Sustainability[Dissertation]. Glasgow: University of Strathclyde, 2018
[28]	Castro M, Liskov B. Practical Byzantine fault tolerance // Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI). New Orleans, 1999: 173
[29]	Borran F, Schiper A. A leader-free byzantine consensus algorithm // International Conference on Distributed Computing and Networking. Berlin, 2010: 67
[30]	Saleh, F. Blockchain without waste: proof-of-stake. Economics Networks eJ. http://dx.doi.org/10.2139/ssrn.3183935
[31]	Bach L M, Mihaljevic B, Zagar M. Comparative analysis of blockchain consensus algorithms // 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). Opatija, 2018: 1545.
[32]	Kiayias A, Koutsoupias E, Kyropoulou M, et al. Blockchain mining games // Proceedings of the 2016 ACM Conference on Economics and Computation. ACM, 2016: 365
[33]	Levine M. Scientific method and the adversary model: Some preliminary thoughts. Am Psychologist, 1974, 29(9): 661 doi: 10.1037/h0037627
[34]	Dey S. A proof of work: Securing majority-attack in blockchain using machine learning and algorithmic game theory. Int J Wireless Microwave Technol, 2018, 8(5): 1 doi: 10.5815/ijwmt.2018.05.01
[35]	Heusser J. SAT solving-An alternative to brute force bitcoin mining[J/OL]. Technical Report(2013-02-03)[2019-12-17]. https://jheusser.github.io/2013/02/03/satcoin.html
[36]	Eyal I, Sirer E G. Majority is not enough: Bitcoin mining is vulnerable. Commun ACM, 2018, 61(7): 95 doi: 10.1145/3212998
[37]	Heilman E, Kendler A, Zohar A, et al. Eclipse attacks on bitcoin’s peer-to-peer network// Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15). Washington D.C., 2015: 129
[38]	Douceur J R. The sybil attack // International Workshop on Peer-to-Peer Systems. Berlin, 2002: 251
[39]	Chohan, Usman W. The double spending problem and cryptocurrencies. Inf Syst Economics eJ, http://dx.doi.org/10.2139/ssrn.3090174
[40]	Decker C, Wattenhofer R. Information propagation in the bitcoin network // IEEE P2P 2013 Proceedings. Trento, 2013: 1
[41]	Decker C, Wattenhofer R. Bitcoin transaction malleability and MtGox // 19th European Symposium on Research in Computer Security. Wroclaw, 2014: 313
[42]	Zhu Y, Guo R Q, Gan G H, et al. Interactive incontestable signature for transactions confirmation in bitcoin blockchain // 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC). Atlanta, 2016: 443
[43]	Gervais A, Karame G O, Wüst K, et al. On the security and performance of proof of work blockchains // Proceedings of the 2016 ACM SIGSAC Cnference on Computer and Communications Security. New York, 2016: 3
[44]	Sekiguchi K, Chiba M, Kashima M. The Securities Settlement System and Distributed Ledger Technology. Bank of Japan Research Laboratory Series, 2018
[45]	Bowden R, Keeler H P, Krzesinski A E, et al. Block arrivals in the Bitcoin blockchain[J/OL]. arXiv preprint(2018-01-23)[2019-12-17]. https://arxiv.org/pdf/1801.07447.pdf
[46]	Son K T, Thang N T, Dong T M, et al. Blockchain technology for data entirety. Sci Research, 2019, 6(6): 68
[47]	Merkle R C. Protocols for public key cryptosystems // 1980 IEEE Symposium on Security and Privacy. Oakland, 1980: 122
[48]	Szydlo M. Merkle tree traversal in log space and time // International Conference on the Theory and Applications of Cryptographic Techniques. Interlaken, 2004: 541
[49]	Jakobsson M, Leighton T, Micali S, et al. Fractal Merkle tree representation and traversal // Cryptographers’ Track at the RSA Conference. San Francisco, 2003: 314
[50]	Delgado-Segura S, Pérez-Solà C, Herrera-Joancomartí J, et al. Bitcoin private key locked transactions. Inform Process Lett, 2018, 140: 37 doi: 10.1016/j.ipl.2018.08.004
[51]	Stanciu N. Importance of event log management to ensure information system security. Metalurgia Int, 2013, 18(2): 144
[52]	Kreps J, Narkhede N, Rao J. Kafka: a distributed messaging system for log processing // Proceedings of the NetDB. Athens, 2011
[53]	Aniello L, Baldoni R, Gaetani E, et al. A prototype evaluation of a tamper-resistant high performance blockchain-based transaction log for a distributed database // 2017 13th European Dependable Computing Conference (EDCC). Geneva, 2017: 151