The Security Reference Architecture for Blockchains: Towards a Standardized Model for Studying Vulnerabilities, Threats, and Defenses
Ivan Homoliak, Sarad Venugopalan, Qingze Hum, Daniel Reijsbergen,, Richard Schumi, Pawel Szalachowski
TL;DR
This paper introduces a standardized security reference architecture for blockchains, organizing security concerns into a layered model to better understand threats, defenses, and dependencies across blockchain systems.
Contribution
It proposes the first comprehensive layered security architecture for blockchains, integrating threat analysis and a standard risk assessment model tailored to blockchain security.
Findings
Defined four-layer blockchain security architecture
Identified key threats and countermeasures at each layer
Provided a design methodology for blockchain security
Abstract
Blockchains are distributed systems, in which security is a critical factor for their success. However, despite their increasing popularity and adoption, there is a lack of standardized models that study blockchain-related security threats. To fill this gap, the main focus of our work is to systematize and extend the knowledge about the security and privacy aspects of blockchains and contribute to the standardization of this domain. We propose the security reference architecture (SRA) for blockchains, which adopts a stacked model (similar to the ISO/OSI) describing the nature and hierarchy of various security and privacy aspects. The SRA contains four layers: (1) the network layer, (2) the consensus layer, (3) the replicated state machine layer, and (4) the application layer. At each of these layers, we identify known security threats, their origin, and countermeasures, while we also…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.