Data
Reader small image

You're reading from  Hands-On Cybersecurity with Blockchain.

Product typeBook
Published inJun 2018
Publisher
ISBN-139781788990189
Edition1st Edition
Tools
Hyperledger
Concepts
Blockchain
Right arrow
Author (1)
Rajneesh Gupta
Rajneesh Gupta
author image
Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity." As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.
Read more about Rajneesh Gupta

Right arrow

Chapter 5. Blockchain on the CIA Security Triad

In the previous chapter, we covered the Hyperledger model, its core components, its process, and chaincode programming. In this chapter, we will be covering the fundamental approach to arranging the components of a native blockchain and Hyperledger in the form of the Confidentiality, Integrity, and Availability (CIA) security triad model. This triad model is one of the oldest and most popular security frameworks connected with the blockchain structure. The CIA triad model is a model that helps organizations structure their security posture. We will understand how these three core elements impact the blockchain technology and how we can organize the optimal use of blockchain with this security model.

In this chapter, we will cover the following topics:

  • What is the CIA security triad?
  • Blockchain on confidentiality
  • Blockchain on integrity
  • Blockchain on availability

What is the CIA security triad?

CIA is a framework/model that's used to arrange a list of security controls and systems used by the information security (infosec) team. It is also sometimes referred to as the Availability, Integrity, and Confidentiality (AIC) security triad. The purpose of the triad is to deliver a standard framework to evaluate and deploy information security policies, independent of the underlying technology, network, or system.

Confidentiality

Confidentiality is a way to keep information hidden from unauthorized people. When information that has to be secret remains a secret, you achieve confidentiality. In this current era of digital connectivity, everyone is aggressive enough to know that information that has been kept a secret. Security agencies are a prime example of a company breaking confidentiality so that they can perform forensics and use surveillance footage. Financially motivated cyber criminals do their best to break into security systems and gather confidential...

Understanding blockchain on confidentiality

Every digitally connected technology comes with the cost of security challenges, and these challenges can be about privacy exposure, confidentiality breaches, identity theft, and much more. Blockchain technology is a computing technology that runs over a digital ecosystem and hence it becomes important to pay attention to its fundamental security challenges. Every size of business connected globally allocates an annual budget for cybersecurity so that they can keep their information and critical assets confidential. Let's understand the extent of confidentiality in the current blockchain model and its future roadmap.

Confidentiality in the existing model

As we already know, blockchain technology was introduced with Bitcoin. However, it was never made to be restrictive in nature, as anyone with client software can participate in the block generation process, or mining in the case of Bitcoin. Confidentiality with respect to the blockchain is simply...

Blockchain on integrity

Even with more money being spent on cybersecurity, many organizations are still reluctant to use public cloud solutions. It is a common practice to apply encryption to the data going to the cloud, but encryption can only provide solid confidentiality against internal attacks; it can't protect data from corruption caused by configuration errors, software bugs, or espionage attempts. Although blockchain technology has its own solid approach to achieving immutability with the hashing algorithm and the Merkle tree model for integrity, we have to try and understand how it would practically work with real-world applications and Hyperledger Fabric.

Integrity in the current blockchain network

Integrity is a way of avoiding any tampering with the data. Blockchain uses cryptographic hashing to ensure that the ledger remains tamper-proof. One of the key characteristics of this hashing function is that it is always one-way, which means it is logically impossible to get the data...

Understanding blockchain on availability

Business applications are accessible through networks (public or private), and these applications are sets of code that have value until they are accessible, which is when they are needed. Blockchain is a software application running on the cloud that keeps its value until it is not broken or disturbed. For users, the face of blockchain is simply a decentralized application (dApp), and in order to keep it available all of the time, both the frontend and the backend of the system should run seamlessly.

Availability in the current blockchain network

On-time and reliable access to information resembles availability. Cyberattacks such as DDoS cause huge disruption to internet services and result in websites becoming inaccessible, which costs businesses a lot of money. The decentralized nature of blockchain makes it harder to disrupt these applications.

No single point of failure

Even if one node in the blockchain goes down, the information can be accessed...

Summary

In this chapter, we have studied the impact of the CIA security triad on blockchain technology. Although the Bitcoin blockchain is strong enough to fulfill the CIA security framework, as a blockchain, it is appreciated and adopted by several organizations, and several flavors of blockchain are coming to the market to fulfill specific business models. We have seen how Hyperledger Fabric fits into the CIA security triad and what makes the Hyperledger Fabric system a business-friendly solution. 

Questions

After understanding how the CIA security triad system works for both native blockchain and Hyperledger Fabric, it is important to cover certain questions, such as the following:

  1. How do Hyperledger and other projects fit into the CIA security triad?
  2. What are some widely used methods to enhance dApp availability?

Further reading

To explore the CIA security triad in a blockchain context in greater detail, readers can use the following links:

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 9 of 17
Next Chapter
You have been reading a chapter from
Hands-On Cybersecurity with Blockchain.
Published in: Jun 2018Publisher: ISBN-13: 9781788990189
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity." As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.
Read more about Rajneesh Gupta

Other recommended products

Related to this chapter

Learn Bitcoin and Blockchain

Learn Bitcoin and Blockchain

Blockchain and Bitcoin are currently the talk of the town. This book will start with an introduction to the fundamental concepts of Blockchain and it will take you through its various features and challenges. By the end of this book, you will learn to implement the Blockchain technology for securing your cryptocurrency.

BookAug 201894 pages
Preventing Digital Extortion

Preventing Digital Extortion

In today’s digital age, hacking into data, encrypting it, and making it inaccessible is becoming more and more commonplace. Irrespective of the scale of your business, such an attack can prove very costly. If you want to save yourself from such cyber extortion, it is important to gain insights into various attacks and their impact on your business. This book gives you a brief overview of the process and will also teach you to mitigate and eliminate such attacks.

BookMay 2017360 pages
Solidity Programming Essentials

Solidity Programming Essentials

Solidity is a new contract-oriented programming language popular for creating smart contracts and distributed applications. Writing smart contracts targeting Ethereum and other blockchain platforms is an emerging skill. This book will enable you to write robust, secure, object-oriented contracts that extend blockchain with business functionality.

BookApr 2018222 pages
Foundations of Blockchain

Foundations of Blockchain

Blockchain technology is a combination of three popular concepts: cryptography, peer-to-peer networking, and game theory. This book is for anyone who wants to dive into blockchain from first principles and learn how decentralized applications and cryptocurrencies really work. Learn blockchain from first concepts to algorithms explained in Python.

BookJan 2019372 pages
Managing Mission - Critical Domains and DNS

Managing Mission - Critical Domains and DNS

Managing your organization's naming architecture and mitigating risks within complex naming environments is very important. This book will start with the basic anatomies of domain name servers and the request mechanism of DNS servers. You will also cover different factors associated with DNS servers such as security, strategy, and DNS queries.

BookJun 2018368 pages
Hyperledger Cookbook

Hyperledger Cookbook

The book not only implements Hyperledger Fabric, but also shows you how to build and model a blockchain network with Composer. You will master several business blockchain technologies under the Hyperledger umbrella, including Sawtooth, Iroha, decentralized Identity Hyperledger Indy, and Ethereum smart contract machine Burrow etc.

BookApr 2019310 pages
Blockchain across Oracle

Blockchain across Oracle

Blockchain across Oracle is a professional orientation for Oracle developers to get up to speed with the details and implications of the Blockchain across Oracle. Learn everything from Blockchain concepts, through to working with Oracle Blockchain Cloud Service, expert guidance on the effects of the Blockchain on key markets, and the impact to Oracle customers.

BookOct 2018530 pages
Oracle Blockchain Services Quick Start Guide

Oracle Blockchain Services Quick Start Guide

Blockchain empowers enterprises to scale out in a unique way, allowing them to build and manage blockchain business networks. This book offers an exploration of distributed ledger technology, blockchain, and Hyperledger fabric along with blockchain-as-a-service (BaaS).

BookSep 2019350 pages
Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

The adoption of blockchain for the value chain, insurance, and healthcare domain is flourishing. However, one of the key challenges faced in blockchain development is securing them. The book will cover essential architectural considerations, system and network security, various operational configurations to Ethereum and Hyperledger fabric network.

BookApr 2020244 pages
Blockchain for Decision Makers

Blockchain for Decision Makers

This book will cover use-cases on how blockchain is currently being used in the industry - catering to key decision-makers within an organization. It also addresses the real problems and technical difficulties in implementing blockchain, and the various blockchain strategies being adopted by popular organizations all over the world.

BookSep 2019184 pages
Hands-On Bug Hunting for Penetration Testers

Hands-On Bug Hunting for Penetration Testers

Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.

BookSep 2018250 pages
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

This book provides you with a comprehensive understanding of Industrial IoT security; and practical methodologies to implement safe, resilient cyber-physical systems. It will help you develop a strong foundation and deeper insights on the entire gamut of securing connected industries, from the edge to the cloud.

BookJul 2018324 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages