Security Think Tank: Too soon to dismiss blockchain in cyber security
By Maxine Holt
Blockchain is distributed ledger technology. The premise of blockchain is that everyone involved in the chain has the same version of the truth at the same time. Each block in the chain builds on the previous and each has a unique identifier.Blockchain technology is finding its way into more and more areas of global business, yet the use of blockchain in the world of cyber security is still nascent. Many of the most developed use cases involve financial transactions.
However, due to the inherent security attributes of decentralised, redundant ledgers, hashing/encryption, and other privacy-preserving techniques used by blockchains, security-related applications are also significant. Early forays have focused on identity, data, and the internet of things (IoT).
Identity and access management focuses on validating that someone is who they claim to be, a fact that attackers are keenly aware of when they target the credentials of privileged users in an organisation, such as systems administrators or C-level executives, to gain access to key digital assets.
A blockchain-based system could be used to track identities, entitlements, entitlement assignment, and access events, with any attempts at change, such as the privilege escalation, flagged and checked against policies before it is allowed.
From a data perspective, blockchain can be used to store data in a distributed manner. Today, data storage is often centralised, and cyber attacks frequently focus on accessing data in one location. Using distributed ledger technology lowers the risk if an attacker were to access the data – even if they were to get in, there’s less data to steal than with centralised data storage.
The internet of things is growing rapidly despite persistent concerns about the security of endpoints and the mission criticality of many IoT applications.
Blockchain’s peer-to-peer (P2P) architecture and intrinsic security technologies – including the encryption/hashing of data, redundant and immutable ledgers, robustness of data to compromised nodes, and use of hardware wallets and chip-level trusted execution environments – bring the potential to increase IoT security. These characteristics enable the development of networks of trusted devices – whether in private or public blockchain deployments.
Enterprise blockchain adoption in security is in its infancy and several enterprises have adopted a “wait and watch” approach owing to the ongoing development of blockchain technology, the need for significant investment, and the lack of a specialised workforce.
However, Ovum has developed a series of questions to consider for blockchain use in security: Does the use case require a database? Would there be several users updating the database? Is there a need for the users to establish trust between each other? Are there any issues with the involvement of a central or third party? And do the transactions have dependencies between each other?
If the answer to all of the above questions is “yes”, then this is a good use case for blockchain in security – or in any other potential use case. In the cyber security world, blockchain should not be dismissed as emerging technology that has little value; instead, organisations should consider maintaining a watching brief and exploring possibilities.