Search icon Close icon
Search icon
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Securing Blockchain Networks like Ethereum and Hyperledger Fabric

You're reading from  Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Product type Book
Published in Apr 2020
Publisher Packt
ISBN-13 9781838646486
Pages 244 pages
Edition 1st Edition
Languages
Concepts
Author (1):
Alessandro Parisi Alessandro Parisi
Profile icon Alessandro Parisi
LinkedIn
Alessandro Parisi has been an IT professional for over 20 years, acquiring significant experience as a Security Data Scientist, and as an Artificial Intelligence Cybersecurity and Blockchain specialist. He has experience of operating within organizational and decisional contexts characterized by high complexity. Over the years, he has helped companies to adopt Artificial Intelligence and Blockchain DLT technologies as strategic tools in protecting sensitive corporate assets. He holds a Master Degree in Economics and Statistics.
See other products by Alessandro Parisi

Table of Contents (15) Chapters

Preface Section 1: Blockchain Security Core Concepts
Introducing Blockchain Security and Attack Vectors Cryptography Essentials Blockchain Security Assumptions Section 2: Architecting Blockchain Security
Trustless Blockchain Networks Securing Hyperledger Fabric Section 3: Securing Decentralized Apps and Smart Contracts
Decentralized Apps and Smart Contracts Preventing Threats for DApps and Smart Contracts Section 4: Preserving Data Integrity and Privacy
Exploiting Blockchain as an Attack Vector Analyzing Privacy and GDPR Compliance Issues Other Books You May Enjoy

Securing Hyperledger Fabric

In this chapter, we will learn about Hyperledger Fabric, one of the most well known industrial examples of distributed ledger technology (DLT). Although DLT solutions are inspired by blockchain, they nonetheless show peculiar and distinctive characteristics. We will, therefore, analyze the differences between blockchain and DLTs, examining the pros and cons of these technologies. After introducing the Hyperledger architecture, we will analyze the security aspects related to the digital identities associated with the members participating in the DLT, and we will examine the security of chaincode, the equivalent of smart contracts in Hyperledger. Finally, we will learn how to protect Hyperledger from security and privacy threats by using the product's features.

The topics covered in the chapter are listed here:

  • Permissioned blockchains and DLTs
    • ...

Permissioned blockchains and DLTs

As anticipated in Chapter 1, Introducing Blockchain Security and Attack Vectors, when we speak generically of blockchain, we actually refer to differing types of technologies united by the fact of storing transaction information within a shared ledger. However, these differences take on significant importance, both in terms of implementation and security.

Therefore, it is important to explore the different characteristics of blockchain-based technologies, with particular regard to public and private (also known as permissioned) blockchains. This will allow us to fully understand the characteristics of Hyperledger Fabric, which represents one of the most popular permissioned blockchain implementations.

So, let's first clarify the distinction between public and private blockchains.

...

Getting to know Hyperledger Fabric

Hyperledger Fabric is a permissioned blockchain managed by a consortium of companies. The project has been hosted and promoted by the Linux Foundation since December 2015, since the Linux Foundation together with 30 sponsoring companies (including IBM) decided to create an enterprise-class open source blockchain. Other major companies of the caliber of Intel, Accenture, and Huawei have subsequently joined the project, and their number currently exceeds 250 members.

Hyperledger Fabric is designed to provide high flexibility and extensibility, both at an architectural and application level. The modular architecture extends to the consensus mechanism, thus allowing specific consensus algorithms to be adopted on the basis of the different use cases, simply by choosing the most suitable component to implement the consensus mechanism of choice. The...

Hyperledger strong identities

Of central importance in the permissioned blockchain model adopted by Hyperledger Fabric is the management of the digital identities of the members of the network. This ensures not only security but trust in transactions between trusted counterparties. In Hyperledger Fabric, the creation, maintenance, and revocation of digital identities is entrusted to a specific component, known as the Membership Service Provider (MSP). The MSP component manages digital identities in the form of cryptographically signed certificates. In Hyperledger Fabric, there is a default MSP, known as Fabric CA, which has the task of issuing certificates in X.509 format to be associated with members authorized to participate in the network.

But before we find out about the details of identity management, we need to focus on how to carefully design our network of trusted counterparts...

Hyperledger chaincode security

Smart contracts, which in Hyperledger Fabric take the name of chaincodes, are programs containing instructions regarding transactions and are characterized by self-execution, meaning that when a trigger event occurs, the instructions contained in the smart contract are executed. In Hyperledger Fabric, chaincodes can be programmed using standard programming languages.

Please note that chaincodes do not have direct access to the transaction ledger, and only after their execution will the transactions be added to the ledger.

Chaincodes can be deployed by peer nodes, even in multiple versions of the same program.

In the next section, we'll see how the installation and deployment of chaincodes is carried out.

Installing and deploying chaincodes

...

Preventing common threats with Hyperledger

Hyperledger Fabric manages some of the most common threats by leveraging its own architectural security model. Obviously, this does not exempt those who administer the platform from adopting the appropriate perimeter measures (firewall, routing, and so on) to safeguard the security of network infrastructures.

Common security threats can relate to the following:

  • The identity of the participants: A typical attack consists of using stolen user credentials to authenticate on the system as an authorized user. The management of the X.509 digital certificates, made possible by Fabric CA, limits this type of attack, provided that the CRL is constantly updated and shared with all the member organizations.
  • Data integrity and confidentiality: Hyperledger Fabric's transaction management mechanisms, combined with the use of cryptography, is...

Summary

In this chapter, we have seen the differences between permissionless (public) and permissioned (private) blockchains and the main implications of different consensus mechanisms and transaction management. We also addressed the various architectural, application-related, and security-related aspects of Hyperledger Fabric, one of the most popular enterprise-class permissioned blockchains, highlighting the advantages of adopting a modular architecture with Hyperledger Fabric. Special attention was paid to trusted execution environments and preserving transaction privacy by exploiting multi-channel functionality and private data.

In the next chapter, our journey continues with an analysis of the security of decentralized apps and smart contracts in the Ethereum environment.

lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 15
Next Chapter arrow right
You have been reading a chapter from
Securing Blockchain Networks like Ethereum and Hyperledger Fabric
Published in: Apr 2020 Publisher: Packt ISBN-13: 9781838646486
© 2020 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (1)

Profile icon Alessandro Parisi
LinkedIn
Alessandro Parisi has been an IT professional for over 20 years, acquiring significant experience as a Security Data Scientist, and as an Artificial Intelligence Cybersecurity and Blockchain specialist. He has experience of operating within organizational and decisional contexts characterized by high complexity. Over the years, he has helped companies to adopt Artificial Intelligence and Blockchain DLT technologies as strategic tools in protecting sensitive corporate assets. He holds a Master Degree in Economics and Statistics.
See other products by Alessandro Parisi

Other recommended products

Related to this chapter
Left arrow icon
Foundations of Blockchain
Foundations of Blockchain
Blockchain technology is a combination of three popular concepts: cryptography, peer-to-peer networking, and game theory. This book is for anyone who wants to dive into blockchain from first principles and learn how decentralized applications and cryptocurrencies really work. Learn blockchain from first concepts to algorithms explained in Python.
Jan 2019 12 hours 24 minutes
Learn Bitcoin and Blockchain
Learn Bitcoin and Blockchain
Blockchain and Bitcoin are currently the talk of the town. This book will start with an introduction to the fundamental concepts of Blockchain and it will take you through its various features and challenges. By the end of this book, you will learn to implement the Blockchain technology for securing your cryptocurrency.
Aug 2018 3 hours 8 minutes
Ethereum Cookbook
Ethereum Cookbook
Ethereum is an open-source, public, Blockchain-based distributed computing platform, and operating system featuring smart contract functionality which builds decentralized applications. If you want to get started with Ethereum and Solidity or you are among the many developers already working with this platform, this book is your one-stop guide.
Aug 2018 13 hours 28 minutes
Oracle Blockchain Services Quick Start Guide
Oracle Blockchain Services Quick Start Guide
Blockchain empowers enterprises to scale out in a unique way, allowing them to build and manage blockchain business networks. This book offers an exploration of distributed ledger technology, blockchain, and Hyperledger fabric along with blockchain-as-a-service (BaaS).
Sep 2019 11 hours 40 minutes
Blockchain for Decision Makers
Blockchain for Decision Makers
This book will cover use-cases on how blockchain is currently being used in the industry - catering to key decision-makers within an organization. It also addresses the real problems and technical difficulties in implementing blockchain, and the various blockchain strategies being adopted by popular organizations all over the world.
Sep 2019 6 hours 8 minutes
Mastering Blockchain
Mastering Blockchain
Blockchain is a distributed database that enables permanent, transparent, and secure storage of data. The blockchain technology is the backbone of cryptocurrency and it is gaining popularity with people who work in the finance, government, and arts sectors. This book is an up-to-date, one-stop guide to this leading technology and its implementation in the real world.
Mar 2018 21 hours 52 minutes
Blockchain for Business 2019
Blockchain for Business 2019
Blockchain has the potential to change the world and has become the hottest field in the tech sector now. Blockchain for Business is a comprehensive guide that enables you to fully understand the far-reaching applications beyond Bitcoin and empowers you to make fully-informed decisions.
Jan 2019 8 hours 36 minutes
Mastering Blockchain Programming with Solidity
Mastering Blockchain Programming with Solidity
With this book, you will learn to write production-ready smart contracts for the Ethereum blockchain. Finally, with the help of comprehensive examples, you will learn how to add security to smart contracts and then delve into the various security considerations that must be paid attention to.
Aug 2019 16 hours 12 minutes
Mastering Blockchain
Mastering Blockchain
Blockchain is a distributed database that enables permanent, transparent, and secure storage of data. Mastering Blockchain is a comprehensive guide to this leading, cutting-edge technology and its implementation in the real world.
Mar 2017 18 hours 0 minutes
Blockchain Quick Reference
Blockchain Quick Reference
This book applies the core principles and ideas of Blockchain in your existing applications. You will understand the key areas of Blockchain architecture along with the challenges faced with an easy-to-follow guide. You will not only be able to solve current and future problems around Blockchain but also build efficient decentralized applications.
Aug 2018 11 hours 40 minutes
Building Blockchain Projects
Building Blockchain Projects
This is a project-based guide to teach you what Blockchain is, how it maintains data integrity, and how to create real-world Blockchain projects using Ethereum. With interesting real-world projects, you will know about bitcoin, generating smart and secure contracts with Ethereum, building end-to-end applications for Blockchain.
Apr 2017 8 hours 52 minutes
Blockchain Quick Start Guide
Blockchain Quick Start Guide
Blockchain technology is giving birth to new business models, inspiring communities to build economies on a decentralized network. This book will be your practical guide to get you up and running with concepts of building your very own Blockchain network. You will get a thorough understanding of how a decentralized network is built and deployed.
Dec 2018 7 hours 24 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Et al.
Et al.
Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.
Aug 2023 7 hours 40 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Mastering Tableau 2023
Mastering Tableau 2023
This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.
Aug 2023 22 hours 48 minutes
Building AI Applications with ChatGPT APIs
Building AI Applications with ChatGPT APIs
This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.
Sep 2023 8 hours 36 minutes
Building AI Applications with ChatGPT APIs
Building AI Applications with ChatGPT APIs
This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.
Sep 2023 8 hours 36 minutes
Data Engineering with AWS
Data Engineering with AWS
Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.
Oct 2023 21 hours 12 minutes
Modern Data Architecture on AWS
Modern Data Architecture on AWS
Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.
Aug 2023 14 hours 0 minutes
Practical Guide to Applied Conformal Prediction in Python
Practical Guide to Applied Conformal Prediction in Python
Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.
Dec 2023 8 hours 0 minutes
TinyML Cookbook
TinyML Cookbook
With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.
Nov 2023 22 hours 8 minutes
Right arrow icon