UNIT V

Introduction to HyperLedger fabric, mechanism in permissioned Blockchain,

application of Blockchain in Cyber Security, limitation of Blockchain as a
technology.

Introduction To Hyperledger Fabric

History

The most widely recognized applications of blockchain are Bitcoin and Ethereum,
but Ethereum took a different approach and implemented many of the same
characteristics as Bitcoin but added some more features like smart contracts to
create a platform for distributed applications.

Bitcoin and Ethereum are public permissionless blockchains. That means anyone

can join the network and leave at any time.
What is public blockchain??

A public blockchain is permissionless. Anyone can join the network and read,
write, or participate within the blockchain.

Public blockchains have a ledger visible to everyone on the internet. Bitcoin,

Ethereum, and Litecoin are well-known examples of a public blockchain.

What is private blockchain??

A private blockchain is permissioned. Only specific people in the organization

can add new nodes/ blocks.

All the private blockchain solutions will have some form of authorization scheme
to identify nodes/blocks. Hyperledger, R3Corda, Ripple, and Quorum are well-
known private blockchains.

Public blockchains VS Private blockchains

Let's see the difference between them in the following table.

Hyperledger Fabric is one of the popular private blockchain platforms on the
list so far. Let's deep dive into it.

What is Hyperledger ??

Hyperledger is a group of products design by an open-source company called a

Linux Foundation.

Hyperledger serves the various blockchain frameworks including Hyperledger

Fabric, Hyperledger Indy, Hyperledger Besu, Hyperledger Sawtooth, and various
libraries like Hyperledger caliper, Hyperledger explorer.

Hyperledger Fabric
Hyperledger Fabric is an open-source enterprise-grade permissioned distributed
ledger technology (DLT) or a blockchain platform. Hyperledger is basically used
for businesses to set up private and permissioned networks.

Hyperledger is much more complex than any other blockchain stack available
both in terms of creating a smart contract, creating a network, joining the
network, and make it live.

The fabric has a highly modular and configurable architecture. One of the most
important of the platform’s differentiators is its support for pluggable consensus
protocols that enable the platform to be more effectively customized to fit
particular use cases and trust models. Most of the system components are plug-
and-play in fabric. That means, we can deploy our own CA, Consensus
Algorithms, Nodes, Peers, Etc.

Fabric is one of the better performing platforms available today both in terms of
transaction processing and transaction confirmation latency. Fabric can scale up
to 20000 TPS (source).

One of the key features of any business is that only a valid-user user should enter
that business network. We need to have a component that enables user ids and
their authentication. All the users which are becoming part of this network need to
be authenticated. An entity in Hyperledger fabric which authenticates
called Membership Service Provider(MSP). Not only the users even the peer
that is going to get added needs to be authenticated. Each entity whether its user,
peer, nodes, application everyone needs an authentic entry before they get
themselves register into the system. Each entity needs certification. MSP uses
a Certificate Authority to get certificates and give these certificates to various
entries.

Membership Service Provider (MSP)

MSP keeps track of who needs to access what and what privileged is given to and
who all can access the network. MSP monitors all security certificates and access.
A Hyperledger Fabric blockchain network can be governed by one or more
MSPs.

Certificate Authority (CA)

CA issues certificate on request of MSP so that certificates will be given to nodes,

peers, and users.

Consensus

Consensus is completely different in the hyper ledger fabric as compare to other

blockchains like Bitcoin uses Proof of Work (PoW) and Ethereum uses Proof of
Work (PoW)/ Proof of Stake (PoS).

There is no concept of PoW or PoS. Generally, the consensus is driven by

individual nodes who are responsible for authorized a transaction and push into
blockchain those nodes known as endorsers node, and the distribution of blocks
is given to special nodes called Orderers.
After the distribution of blocks, each node receives them and they are committed
by special nodes know as committer nodes. These are three types of nodes that
exist in Hyperledger fabric.

Here, you may have a question why not PoW or PoS?? Because this is
private networks so we already know who is going to push the blocks
and transactions as they all authorized nodes.

Channels

In Fabric, there is the concept of a channel that doesn’t exist in other blockchains.
In a single blockchain network, we can run multiple networks together. Basically,
it provides a facility to create a sub-blockchain network.

Example:- Suppose we have created a blockchain for corporate organizations, it

consists of various departments like HR, Development, Testing, and
Management. In this scenario, the HR department reports data to the management
and its confidential information that should not be visible to other departments.
Here we need to introduce two channels one for all departments and another for
the HR and Management department.

There is concept of private data collection to resolved this issue

without creating a new channel.

Chaincode(smart contracts)
A smart contract in a hyperledger is known as a chaincode. Henceforth we will
refer to smart contract as Chaincode. As the name suggests it's a contract
between the network organizations, how they will agree to use business logic.
Basically, here we write the business logic.

Chaincode enables us to interact with a blockchain database. Currently,

hyperledger fabric supports chaincode development in the following languages
Go, Nodejs, or Java.

Chaincode runs in a secured Docker container isolated from the endorsing peer
process. Chaincode manages ledger state through transactions submitted by
applications.

Let's see the chaincode example. Suppose we have data of cars with fields Car-
Name, Model, Owner, and Color. We will write a chaincode using above mention
languages. Here we have to write two methods one is to push data into the
blockchain and another to retrieve it. chaincode APIs provide putState() and
getState() method so we can write contract in efficient way.

Endorsers

We have seen what are endorsers so, in a single organization, we can define
multiple endorsers, based on this we can have a different type of endorsement
policies. Endorsement policy defines how endorsers will endorse a transaction.
Let’s see with an example suppose we have two endorsers peer. We can have a
policy so that any one of them can validate the transaction or we can have a
policy both endorsers need to sign and validate the transaction then only it will be
accepted. Based on endorsement policy our transaction will be accepted or
rejected.

Orderers

These are special types of nodes in hyperledger fabric. also known as ordering
services. The main function of orders is to maintain the ledger state by
distributing blocks to committing nodes/peers.

Orderers maintain the list of organizations that are allowed to create channels.
Orderers also controls basic access for channels, restricting who can read and
write data to them, and who can configure them. Based on our defined policies
only authorized entities can modify a configuration element in a channel.

Configuration transactions are processed by the orderer. Suppose if we want to

modify the current running fabric network then we can do this with the help of the
ordering service. The orderer validates the update request against the existing
configuration, generates a new configuration transaction, and packages it into a
block that is relayed to all peers on the channel.

There are three types of ordering services available in fabric.

1. Raft (recommended): Raft is a crash fault-tolerant ordering service based on
an implementation of raft protocol. This is a consensus algorithm. Raft follows
a “leader and follower” model, where a leader node is elected and its
decisions are replicated by the followers. Raft ordering services are easier to
set up and manage than Kafka-based ordering services. You can follow
this link to understand the working mechanism of Raft consensus.
2. Kafka: Kafka and Raft are fault taulorent systems. deprecated in the fabric 2.x
3. Solo: Here we only have a single orderer node. deprecated in the fabric 2.x

Let's dive into the transaction flow and architecture of Fabric

1. The first application (Client) creates a transaction request and submits a
proposal to a given node (Endorsing peer).
2. Endorsing peer executes a Chaincode (smart contract) and creates an RWset.
Then endorsing node sends a signed proposal response back to the client
application.
3. The application sends transactions and signatures to the ordering service.
4. The ordering service creates blocks of transactions and broadcasts them to a
blockchain network.
5. All nodes including those who created the transaction receive a block from the
ordering service.
6. Committing peer in the node validates the block and commits the block into
the ledger.

RWSet (Read and write) set is generated by Endorser and used by

committer to validate the transaction.

Summary

We have discussed key concepts such as public and private blockchains,

hyperledger fabric, membership service providers, certificate authority,
consensus, channel, chaincode, endorsers, orderers, and the transaction flow.

How does Blockchain work to improve cybersecurity?

Blockchain chaining process
The blocks in a Blockchain ledger are arranged in an order and composed together to execute transactions. A block consists
of a header and a body. All the blocks are timestamped and signed by their creators. The blocks form a chain by defining a
pointer to the previous block. The header contains a cryptographic hash of the previous block, ensuring the immutability of
the last block.
Distributed Architecture
A distributed network is operational resilient as it has no single point of failure. Risk is dispersed among multiple nodes and
an attack on any single node or a few nodes would not compromise the ledger. Thus, decentralization makes the Blockchain
network a less appealing target for ransomware attacks. In contrast, the centrally stored information is more susceptible to
attacks than the information stored at multiple nodes.
A ransomware attack requires to compromise on all or most nodes in the network. However, restoring full service after the
nodes has been compromised will not be instantaneous; there might be some latency effects on the network recovery.
Consensus validation mechanism
The consensus mechanism is used to validate new blocks of data confers. A prescribed member of nodes needs to reach a
consensus on whether the new data block is valid and eligible for the shared ledger. The consensus mechanism implements
a continuous check on the integrity of past transactions and new data blocks.
A hacker would need to co-opt the consensus mechanism by compromising enough nodes to manipulate the validation
process and tamper with the ledger. The Blockchain network helps prevent such attacks by implementing sufficient nodes
and leveraging network rules to obtain a consensus among nodes.
Encryption
Multiple forms of encryption are implemented at different levels, providing layered protection against cybersecurity threats.
Cryptographic algorithms include asymmetric key algorithms and hash functions (SHA-256).
The linked lists and blocks are encrypted using hashes and digital signatures based on public/ private key encryption.

What are the use cases of Blockchain for cybersecurity?

Secure private messaging

A vast amount of metadata is collected through social media platforms and most of the users protect their services and data
with weak and unreliable passwords. Many messaging companies are switching to Blockchain to provide end-to-end
encryption and secure users’ data.
Blockchain is used to create a standard security protocol. It forms a unified API framework to enable cross-messenger
communication capabilities.
The world has witnessed numerous attacks on social media platforms like Twitter and Facebook, causing data breaches and
providing user information in the wrong hands. Blockchain technology prevents such cyberattacks.
IoT security
Hackers increasingly use devices like thermostats and routers to obtain access to the system. The vulnerable edge devices
like Smart switches provide hackers easy access to the overall home automation system.
Blockchain efficiently secures such vulnerable systems and devices by decentralizing their administration. Blockchain
combined with AI and IoT technology enables devices to make security decisions on their own. The independence of central
authority makes the IoT devices more secure and allows them to detect and act on suspicious commands from unknown
networks.
Secure DNS and DDoS
A Domain Name System (DNS) is a centralized system that makes it convenient for attackers to infiltrate the connection
between IP address and the name of a website. DNS attack renders the website cashable, inaccessible and redirectable to
other scam websites.
On the other hand, a DDoS attack occurs when a targetted resource such as a server or a website is denied service or
access. Such attacks overload the site, dramatically slow down or shut down the resource system.
Fortunately, Blockchain technology eliminates such attacks by decentralizing the DNS entries. Decentralization removes the
vulnerable single-point entry exploited by the attackers.
Provenance of software
MD5 message-digest cryptographic algorithm is widely used to implement security and verify activities, including firmware
updates, patches, and installers, to prevent malware entry. The MD5 algorithm compares the new software identity to
hashes available on the vendor website. It is not a complete foolproof algorithm and suffers from extensive vulnerabilities as
the hashes available on the provider’s site may already be compromised.
Blockchain technology comes as a savior in such cases. Blockchain permanently records the hashes and doesn’t allow
mutability. Hence, Blockchain proves to be more efficient in verifying software identity by comparing to hashes stored in the
ledger.
Verification of cyber-physical infrastructures
System misconfiguration, data tampering and component failure have ruined the integrity of data generated from cyber-
physical systems. The capabilities of Blockchain in maintaining data integrity and performing verification help authenticate
the status of any cyber-physical infrastructure. Data generated on the physical infrastructure components via Blockchain is
more assuring to the entire chain of custody.
Reduced human safety adversity caused by cyberattacks
Automated military vehicles, weapons and equipment operate on a closed network and facilitate data transmission from
sensors to remote-control databases. Hackers try to break the security and gain access to networks such as Car Area
Network (CAN). Even if a single point of the network gets compromised, the attacker gets complete control over the
automotive functions. Such occurrences would lead to the nation’s insecurity and will directly impact human safety.
Through data verification done by the Blockchain technology over any data that goes in the system, such adversities are
effectively prevented.

Conclusion
One important point to accept is that cybercrime is ever-evolving and lucrative. Thus, no cyber defense system can be
regarded as 100 % secure. A cybersecurity system that is deemed most effective today may not retain its efficacy tomorrow.
But at the present moment, when every organization is looking forward to adopting a cybersecurity solution that is Secure,
Vigilant and Resilient, then Blockchain has a lot to offer. Blockchain-powered cybersecurity controls and standards can build
stronger technical infrastructure to protect organizations from cyber attacks. This may also require combining Blockchain
with other deep technologies like AI(artificial intelligence), IoT and ML.
Rethinking Cybersecurity Through
Blockchain
Cybersecurity spending has increased exponentially in the
past decade, with no signs of slowing. Worldwide,
organizations plan to allocate more than $1 trillion
between 2017 and 2021 to protect themselves from online
threats, according to one industry report.1
Despite that staggering investment, criminal hackers are
still exploiting both publicly known and unknown
vulnerabilities, and intercepting device, application, and
network communications. CB Insights calculated that
about 6 billion confidential files were stolen between 2017
and 2018. Other industry research shows that the number
and cost of cyberattacks have increased.
These sophisticated assaults often outwit traditional
security methods, including authentication, key
management, cryptography, and privacy challenges. With
a large percentage of employees working from home due
to the coronavirus pandemic, vulnerabilities are growing in
new ways. So, instead of building more powerful tools,
many businesses are rethinking the systems that created
these vulnerabilities in the first place.
A new cybersecurity approach
Blockchain offers a different path toward greater security,
one that is less traveled and not nearly as hospitable to
cybercriminals. This approach reduces vulnerabilities,
provides strong encryption, and more effectively verifies
data ownership and integrity. It can even eliminate the
need for some passwords, which are frequently described
as the weakest link in cybersecurity.
The principal advantage of blockchain is its use of a
distributed ledger. A dispersed public key infrastructure
model reduces many risks associated with centrally stored
data by eliminating the most obvious targets. Transactions
are recorded across every node in the network, making it
difficult for attackers to steal, compromise, or tamper with
data, unless a vulnerability exists at the platform level.
Another traditional weakness is eliminated through
blockchain’s collaborative consensus algorithm. It can
watch for malicious actions, anomalies, and false positives
without the need for a central authority. One pair of eyes
can be fooled, but not all of them. That strengthens
authentication and secures data communications and
record management.
Although blockchain contains many nontraditional
features, it does take advantage of one of the most
important cybersecurity tools: encryption. The distributed
ledger can utilize public key infrastructure to secure
communication, authenticate devices, validate
configuration changes, and discover confidential devices
in an internet of things (IoT) ecosystem. Through
encryption and digital signatures, a blockchain system can
shield connected thermostats, smart doorbells, security
cameras, and other vulnerable edge devices. A recent
Palo Alto Networks report said that 98% of IoT device
traffic was unencrypted and described it as “low-hanging
fruit for attackers.”2
Also, this technology can be a weapon against distributed
denial-of-service (DDoS) attacks. A blockchain-based
domain name system (DNS) — the protocol for directing
internet traffic — can remove the single point that allows
these attacks to succeed. In 2016, a large portion of the
internet went down because of a DDoS attack on the
servers of one DNS host.3
Blockchain challenges
Organizations from multinational corporations to
governments are clamoring to adopt blockchain-based
cybersecurity, viewing it as the next big thing. But it’s not
as simple as updating an existing toolkit.
This intertwining of blockchain and cybersecurity is still an
evolving approach. Not all research ideas on digital
identities, decentralized storage, securing edge devices,
and smart contracts align with business needs. Without
careful consideration, implementation can become
impractical or even impossible. Here are some hurdles
that organizations may encounter when considering
blockchain as part of their cybersecurity strategy.
Data Privacy
In the public blockchain, anyone can see and retrieve data
in transactions. That’s a concern for businesses that want
to closely control what information is publicly available.
Permissioned blockchain can help mitigate many of those
privacy issues. An enterprise blockchain platform can
create a permissioned network that allows only trusted
parties to participate in or view transactions and to vote on
decisions.
Scalability
Scalability can become a constraint when implementing
blockchain, mostly due to block size and response times.
In this technology, every node stores, processes, and
maintains transactions in a block to ensure security and
privacy. But as the number of transactions increases,
small and medium-sized businesses struggle to
accommodate a growing number of transactions in a
block. Those increases can also slow the validation
process. With limited computing and storage resources,
scalability is at odds with decentralization.
Regulations
Organizations are still trying to understand how
blockchain’s structure and complexity fit within the
evolving data privacy, compliance, and regulatory
landscape. Europe’s General Data Protection Regulation
(GDPR) and similar laws allow individuals to demand that
their data be deleted; these laws also create a “right to be
forgotten” in certain cases. Since blockchain prevents
parties from modifying or deleting data, the technology
risks violating government rules.
Interoperability
Some blockchain platforms use a varied ecosystem for
their smart contract logic, transaction schemes, and
consensus models. Weak interoperability limits scalability.
From the developer perspective, roadblocks can also be
created from platform misconfiguration, communication
mistrust, specification errors in application development,
and cross-chain smart contract logic problems.
Thankfully, open protocols, multichain frameworks, and
algorithms are taking root in blockchain and mitigating this
issue. Business communications organization GS1 has
published global standards for blockchain interoperability,
and it is working with Microsoft and IBM on incorporating
those standards into their enterprise blockchain
applications. The Enterprise Ethereum Alliance is also
developing business standards.
Technology risks
Blockchain offers several benefits, such as efficiency,
optimization, reduced costs, and improved security.
However, the technology also introduces new risks into
systems when not carefully managed. These risks include:

 Improper key management and access

control. Unlike with traditional means, end users are
completely responsible for managing their digital
assets. Private keys are mapped with user ownership,
so unauthorized access or theft of cryptographic keys
may lead to a total and irreversible loss.
 Unintended forks and chain split attacks. During
the smart contracts upgrade process, there is a
chance that some nodes may not support the changes
made during the consensus phase. That can lead to a
new chain splitting from the old and introduce
blockchain-specific risks, such as replay, double
spend, and 51% attacks. In those cases, unauthorized
parties could block, reverse, or repeat transactions.
 Inadequate encryption scheme selection and
insecure operations. Transmitting or storing
sensitive data using cryptographic algorithms isn’t
enough to protect against man-in-the-middle attacks.
A number of factors could make blockchain vulnerable
to this type of intrusion, including inadequate
encryption, weak or incorrect keys, key management
errors, incorrect cryptographic implementation, or
improper verification of digital signatures or
certificates.
 Application programming interface (API)
integration. Third parties are required for API
integration, whether it’s a private or public blockchain.
That leads to trust issues and unintentional leakage of
sensitive data.
Blockchain benefits
Even with potential barriers, the combination of blockchain
and cybersecurity has intrigued executives and
technology experts. In a 2019 Infosys research report,
one-third of respondents cited blockchain use in
developing security solutions as a top cybersecurity
trend.4 It tied for third among all topics and ranked even
higher than increased demand for cybersecurity jobs.
Here are some of the factors that make blockchain
promising and ways it should be managed:

 Data protection and privacy. The technology

provides selective access to transactions and
information in the distributed ledger with minimal
governance. Also, blockchain doesn’t give
cyberattackers traditional data protection targets and
the ability to undercut privacy challenges. Overall, that
makes it harder to access or modify information in
blockchain ecosystems.
 Smart contract security. Blockchain components like
smart contracts, applications, APIs, digital assets, and
wallets must be tested for access control,
authentication, data security, and business logic
 validation. This provides greater confidence among
participants in the permissioned chains.
 Public key infrastructure management. Asymmetric
cryptographic keys and digital signatures are core
aspects of blockchain security. In its implementation,
the public key defines the digital identity to node
participants. However, the private key authorizes the
actions, including securely encrypting, signing, and
verifying transactions. Asymmetric cryptography in
blockchain provides benefits similar to those of
traditional encrypted transactions.

Even with these advantages, companies should continue

following security best practices, such as rate limitations,
encrypting sensitive configuration files, and weeding out
vulnerabilities in the development process. The authors of
a related 2019 World Economic Forum paper warned
about blockchain’s hype and its “exaggerated security
expectations.”5
“Many have believed its cryptographic foundation to be
the ultimate answer to security,” according to the paper.
“As a result, they have failed to implement the security
controls required for trust in a blockchain to emerge.” The
technology is perceived as either inherently insecure or
unhackable, the authors wrote, while the “truth lies
somewhere in the middle.”
Although usage is still limited, this intertwining of
blockchain and cybersecurity isn’t happening only at the
fringes. It’s already seen as an important tool in places
where security is paramount.
The U.S. government’s Defense Advanced Research
Projects Agency is experimenting with the use of
blockchain to create a more secure platform for
transmitting messages and processing transactions. This
is part of the agency’s efforts to create an unhackable
code for the U.S. Department of Defense (DOD). The
technology immediately flags attempts to tamper with data
and even provides intelligence on the attacker.
The DOD’s 2019 Digital Modernization Strategy report
described blockchain as a way to “not only reduce the
probability of compromise, but also impose significantly
greater costs on an adversary to achieve it.” The U.S.
military is already moving in that direction by contracting
with blockchain-based data platform provider Fluree.6
Government officials in India announced last year that
they were creating a national plan to implement
blockchain for several uses, including cybersecurity. And
the Saudi Arabian government and GE Ventures have
invested in the startup Xage, which is using blockchain to
boost cybersecurity in industrial IoT devices, according to
CB Insights.
The use of blockchain to enhance cybersecurity has been
gaining traction worldwide. However, the recent economic
and logistics disruptions caused by the COVID-19
pandemic provide enterprises fresh incentives to find
innovative solutions.7
Businesses now seek greater visibility and security from
their networks and supply chains, even as the economy
heads toward recession.8 Digitization and resilience are
imperative in a more difficult and unpredictable world.
Companies want to combine security and visibility with
privacy and good governance. For many companies, the
answers will be found in blockchain.

Role of Blockchain in Cybersecurity

Cybersecurity is the practice of protecting systems and networks
from digital attacks which aim to access, change or destroy
digital information either to extort money or sensitive data. With
the increasing reliance on technology and data, it becomes very
important to reinforce security measures to protect digital data
and transactions. Cyberattacks can be carried out using various
malware such as viruses, Trojans, Rootkits, etc. Some common
types of cyberattacks are Phishing, Man in a middle (MITM)
attack, Distributed denial of service (DDoS) attack, SQL
injection, and Ransomware attacks.
Key Cybersecurity Features:
1. Cryptographic checksums.
2. Data backup and data correction codes.
3. Assess threats and risks.
4. Take measures to restrain vulnerabilities in systems.
5. Understanding malicious software.
6. Access control.
7. Authentication.
8. Encryption.
9. Implementing Firewalls.
10. Use of Intrusion Detection and Prevention Systems (IDS and
IPS).

What is Blockchain?
Blockchain is a shared, decentralized, and digital ledger that
records transactions in the form of blocks. This ledger helps to
store information transparently due to its property of
immutability and access to allowed members only.
Key Blockchain Features:
1. Distributed shared ledger.
2. Immutable records.
3. Decentralized consensus mechanisms.
4. Smart contracts.
5. Cryptographic key pair.
6. Identity and access management.
7. Enhanced security.
8. Peer to peer network.
9. Traceability and transparency in transactions.
10. No central authority or need for trusted third-party
involvement.

Possible Blockchain Use Cases For Cybersecurity

1. IoT security: With the increasing application of AI and IoT,

the security of data and systems from hackers has always been
a major concern. Usage of Blockchain for improved security
by using device-to-device encryption to secure communication,
 key management techniques, and authentication is a potential
use case to maintain cybersecurity in the IoT system.
2. The integrity of software downloads: Blockchain can be
utilized to verify updates and installers to prevent malicious
software from infecting the devices. Here, hashes are recorded
in the blockchain and new software identities can be compared
to the hashes to verify the integrity of the downloads.
3. Data transmission protection: By using encryption, the data
in transit will be protected from unauthorized access.
4. Decentralized storage of critical data: With the exponentially
increasing data generated every day, blockchain-based storage
solutions help achieve decentralized storage thus protecting
digital information.
5. Mitigating DDoS Attacks: One of the most popular
cyberattacks today is DDoS attacks where hackers aim to
generate a flood of Internet traffic and thus disrupt the flow of
services. The properties of immutability and cryptography help
Blockchain prove to be an effective solution for these attacks.
6. DNS security: The Domain Name System (DNS) is similar to
a public directory that links domain names to their IP
addresses. Over time, hackers have tried to access the DNS and
exploit these links thus crashing sites. Due to Blockchain’s
properties of immutability and decentralized systems, the DNS
can be stored with enhanced security.
Application of Blockchain in Cybersecurity

In cybersecurity, the CIA triad model acts as a reference to

assess the security model of an organization. The triad consists
of-
1. Confidentiality
2. Integrity
3. Availability
Blockchain helps us ensure all these policies are satisfied.
1. Confidentiality: It means to ensure that only interested and
authorized parties access the appropriate data. Full encryption of
blockchain data ensures that the data will not be accessible by
unauthorized parties while flowing through untrusted networks.
Security measures such as access controls should be
implemented directly at the application level so as to prevent
attacks from within the network. Blockchain can provide
advanced security controls by using public key infrastructure to
authenticate parties and encrypt their communication. However
backup storage of private keys in secondary storage poses theft
of private keys as a high risk. To prevent this, key management
procedures such as IETF or RFC and cryptographic algorithms
based on integer factorization problems should be implemented.
2. Integrity: Blockchains built-in characteristics of immutability
and traceability help organizations ensure data integrity.
Consensus model protocols can further help organizations to
implement mechanisms to prevent and control ledger splitting in
the event of a 51% cyber control attack. In Blockchain, with
every new iteration, the previous state of the system is stored
thus providing a fully traceable history log. Smart contracts can
be used to verify and enforce rules between parties preventing
miners from mining blocks of data.
3. Availability: In recent times, cyberattacks attempting to
impact technology services availability are on the surge with
DDoSs being the most common types of attacks. However, in
blockchain-based systems, DDoS attacks are costly as the
attacker attempts to overpower the network with a great number
of small transactions. Blockchains have no single point of failure
which decreases the chances of IP-based DDoS attacks
disrupting the normal operation. Data remains available through
various nodes and thus full copies of the ledger can be accessed
at all times. The combination of multiple nodes and distributed
operation makes the platforms and systems resilient.

Pros of Using Blockchain in Cybersecurity

1. User confidentiality: The public key cryptography in a
Blockchain network helps maintain the confidentiality of the
users.
2. Data transparency and traceability: A history of all these
transactions is maintained and thus can be traced anytime. The
transactions data is digitally signed by members of the
Blockchain network thus maintaining transparency.
3. Secure data storage and processing: Blockchain’s major
feature of immutability and records of any changes to the data
help store the data in a safe and secure manner.
4. No single point failures: Blockchain systems are
decentralized and thus a single node failure doesn’t affect the
entire network. Thus even during DDoS attacks, the system is
not compromised due to the maintenance of multiple copies of
ledgers. This advantage is not possible for Private blockchains.
5. Safe data transfers: The Public Key Infrastructure (PKI) in
Blockchain maintains authentication during data transfers.
Smart contracts help with the automatic execution of
agreements between two parties during a transfer.

Cons of Using Blockchain in Cybersecurity 

1. Reliance on private keys: Blockchains rely heavily on Private

Keys for encryption of data but these private keys cannot be
 recovered once lost. This may lead to losing access to
encrypted data forever.
2. Adaptability and scalability challenges: Blockchain
networks have preset block volume and limits to transactions
per second so it becomes very important to check the
scalability of the network. Integrating Blockchain technology
requires a complete replacement of the current systems and
thus companies may face difficulties in doing so.
3. High operating costs: Blockchain requires high computing
power and storage capabilities. This leads to higher costs as
compared to non-Blockchain applications.
4. Lack of governance: Blockchain concepts aren’t regulated
globally yet. Regulations and frameworks need to be
developed in order to maintain governance in Blockchain
applications.
5. Blockchain literacy: Learning Blockchain technology requires
a profound knowledge of various development, programming
languages, and other tools. Thus in spite of numerous
applications of Blockchain Technology, enough Blockchain
developers are not available in the present scenario.

Real-Life Application Examples 
Following are some prominent examples where Blockchain is
used for Cybersecurity:
1. Barclays (London, England), Traditional Banking: Barclays
have filed a patent to use blockchain to enhance security in
fund transfers. It aims to stabilize cryptocurrency transfers by
using Distributed Ledger Technology (DLT). Thus, blockchain
helps the bank store customer information on a secure
blockchain.
2. CISCO (San Jose, California), IoT: Cisco plans to use
blockchain to secure IoT devices as ledger technology
eliminates single point of failure and encryption helps secure
data.
3. Coinbase (San Francisco, California),
Cryptocurrencies: Coinbase uses encryption to store wallets
and passwords in a secure database. It also undergoes
background checks on employees to ensure that their crypto is
secured.
4. Australian Government (Canberra, Australia): The
Australian government has plans to develop a cybersecurity
network based on DLT. The government has also partnered
with IBM to secure the storage of government documents with
the creation of a blockchain ecosystem.
5. Philips Healthcare (Andover, Massachusetts),
Healthcare: Philips Healthcare has partnered with hospitals all
over the world to create a healthcare ecosystem using
blockchain and AI. This ecosystem will help discover and
analyze various operational, administrative, and medical data.
6. Chinese Military (Beijing, China), Defense and
Military: China’s government and the military are attempting
to secure vital government and military information,
intelligence information using blockchain cybersecurity.
7. Founders Bank (Valletta, Malta), Cryptocurrencies: They
aim to be the world’s first decentralized bank thus being owned
by the buyers and not any central authority. Concepts such as
encryption and distributed ledgers will be used to store and
secure users’ cryptocurrencies.
8. The State of Colorado (Denver, Colorado),
Government: According to a bill passed by the Senate, the
government will consider using Blockchain to secure the
storage of records thus trying to curb the increase in attempted
attacks.
9. J. P. Morgan (New York, NY), Traditional Banking: They
have developed a platform called Quorum which uses
Blockchain to process private transactions. It uses the concepts
of Smart contracts and cryptography to maintain the security of
the transactions.
10. Health Linkages (Mountain View, California): They aim to
use Blockchain to keep patient records secure allowing only
certain personnel to access the records. It will also be used to
maintain a chronological record of major healthcare events
which will help doctors make better decisions.

Future of Blockchain Cybersecurity 

Blockchain is a breakthrough in cybersecurity for the digital

world and will help ensure that the CIA triads of cybersecurity
are being followed. The complexity of its implementation may
however lead to some difficulties for application.
Blockchain can be defined as a distributed ledger
technology for storing information in such a manner that
makes it tamper-proof. It works on protocols designed to
make an agreement among different parties who do not
trust each other so that they can work together to achieve
different purposes which benefit the whole group.
Blockchain technology first got its recognition when
Satoshi Nakamoto published a research paper in 2008.
The title of the research paper was ” A peer-to-peer
electronic cash system”.
This article focuses on discussing the advantages and
disadvantages of Blockchain Technology.
Advantages of Blockchain Technology:
This section discusses the advantages of blockchain
technology.
1. Open: One of the major advantages of blockchain
technology is that it is accessible to all means anyone
can become a participant in the contribution to
blockchain technology, one does not require any
permission from anybody to join the distributed network.
2. Verifiable: Blockchain technology is used to store
information in a decentralized manner so everyone can
verify the correctness of the information by using zero-
knowledge proof through which one party proves the
correctness of data to another party without revealing
anything about data.
3. Permanent: Records or information which is stored
using blockchain technology is permanent means one
needs not worry about losing the data because duplicate
copies are stored at each local node as it is a
decentralized network that has a number of trustworthy
nodes.
4. Free from Censorship: Blockchain technology is
considered free from censorship as it does not have
control of any single party rather it has the concept of
 trustworthy nodes for validation and consensus
protocols that approve transactions by using smart
contracts.
5. Tighter Security: Blockchain uses hashing techniques
to store each transaction on a block that is connected to
each other so it has tighter security. It uses SHA 256
hashing technique for storing transactions.
6. Immutability: Data cannot be tampered with in
blockchain technology due to its decentralized structure
so any change will be reflected in all the nodes so one
cannot do fraud here, hence it can be claimed that
transactions are tamper-proof.
7. Transparency: It makes histories of transactions
transparent everywhere all the nodes in the network
have a copy of the transaction in the network. If any
changes occur in the transaction it is visible to the other
nodes.
8. Efficiency: Blockchain removes any third-party
intervention between transactions and removes the
mistake making the system efficient and faster.
Settlement is made easier and smooth.
9. Cost Reduction: As blockchain needs no third man it
reduces the cost for the businesses and gives trust to
the other partner.
Disadvantages of Blockchain Technology:
This section discusses the disadvantages of blockchain
technology.
1. Scalability: It is one of the biggest drawbacks of
blockchain technology as it cannot be scaled due to the
fixed size of the block for storing information. The block
size is 1 MB due to which it can hold only a couple of
transactions on a single block.
2. Immaturity: Blockchain is only a couple-year-old
technology so people do not have much confidence in it,
they are not ready to invest in it yet several applications
of blockchain are doing great in different industries but
still it needs to win the confidence of even more people
to be recognized for its complete utilization.
3. Energy Consuming: For verifying any transaction a lot
of energy is used so it becomes a problem according to
the survey it is considered that 0.3 percent of the world’s
electricity had been used by 2018 in the verification of
transactions done using blockchain technology.
4. Time-Consuming: To add the next block in the chain
miners need to compute nonce values many times so
this is a time-consuming process and needs to be speed
up to be used for industrial purposes.
5. Legal Formalities: In some countries, the use of
blockchain technology applications is banned like
cryptocurrency due to some environmental issues they
are not promoting to use blockchain technology in the
commercial sector.
6. Storage: Blockchain databases are stored on all the
nodes of the network creates an issue with the storage,
increasing number of transactions will require more
storage.
7. Regulations: Blockchain faces challenges with some
financial institution. Other aspects of technology will be
required in order to adopt blockchain in wider aspect.