# A Security Reference Architecture for Blockchains

**Authors:** Ivan Homoliak, Sarad Venugopalan, Qingze Hum, Pawel Szalachowski

arXiv: 1904.06898 · 2019-04-16

## TL;DR

This paper introduces a comprehensive security reference architecture for blockchains, categorizing threats and presenting prevention techniques to enhance blockchain security and privacy.

## Contribution

It proposes a novel security architecture based on threat hierarchies and ISO standards, systematizing blockchain security issues and mitigation strategies.

## Key findings

- Threat categorization based on origin
- Framework for threat-risk assessment
- Overview of prevention and mitigation techniques

## Abstract

Due to their interesting features, blockchains have become popular in recent years. They are full-stack systems where security is a critical factor for their success. The main focus of this work is to systematize knowledge about security and privacy issues of blockchains. To this end, we propose a security reference architecture based on models that demonstrate the stacked hierarchy of various threats (similar to the ISO/OSI hierarchy) as well as threat-risk assessment using ISO/IEC 15408. In contrast to the previous surveys, we focus on the categorization of security incidents based on their origins and using the proposed architecture we present existing prevention and mitigation techniques. The scope of our work mainly covers aspects related to the decentralized nature of blockchains, while we mention common operational security issues and countermeasures only tangentially.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1904.06898/full.md

## Figures

3 figures with captions in the complete paper: https://tomesphere.com/paper/1904.06898/full.md

## References

153 references — full list in the complete paper: https://tomesphere.com/paper/1904.06898/full.md

---
Source: https://tomesphere.com/paper/1904.06898