Position: Home page » Blockchain » How to prevent blockchain data leakage
How to prevent blockchain data leakage
Publish: 2021-04-25 19:25:58
1. Private key~
2. In view of the security characteristics and shortcomings of the existing blockchain technology, we need to build a security system around the physical, data, application system, encryption, risk control and other aspects to improve the security performance of the blockchain system as a whole
1. Physical security
the network and host running the blockchain system should be in a protected environment. According to the regulatory requirements of specific business, the protection measures can be used to protect the physical network and host by means of VPN, firewall, physical isolation, etc
2. Data security
in principle, the data exchange between nodes of the blockchain should not be transmitted in clear text. For example, asymmetric encryption can be used to negotiate key, and symmetric encryption algorithm can be used to encrypt and decrypt data. The data provider should also strictly evaluate the sensitivity and security level of the data, decide whether to send the data to the blockchain, whether to desensitize the data, and adopt strict access control measures
3. Application system security
application system security needs to start from the aspects of identity authentication, authority system, transaction rules, anti fraud strategy, etc.
relevant personnel, transaction nodes and transaction data involved in application operation should be controlled in advance and auditable afterwards. Taking financial blockchain as an example, consensus algorithm with stronger fault tolerance, anti fraud and higher performance can be adopted to avoid joint fraud of some nodes
4. Key security
to encrypt the communication data between the blockchain nodes and the key to encrypt the data stored on the blockchain nodes, the plaintext should not exist on the same node, and the private key should be properly saved by the encryption machine. When the key is lost or leaked, the system can identify the relevant records of the original key, such as account control, communication encryption, data storage encryption, etc., and implement response measures to make the original key invalid. The key should also be managed strictly in the life cycle, and should not be permanently valid. It needs to be replaced after reaching a certain time cycle
5. Risk control mechanism
there should be careful detection measures for the network layer, host operation, data access of application system, transaction frequency and other dimensions of the system. For any suspicious operation, alarm, record and verification should be carried out. If illegal operation is found, loss assessment should be carried out, remedial measures should be taken at the technical and business levels, and security measures should be strengthened, And trace the source of illegal operation to prevent further attacks
Article source: white paper on blockchain technology and application development in China
1. Physical security
the network and host running the blockchain system should be in a protected environment. According to the regulatory requirements of specific business, the protection measures can be used to protect the physical network and host by means of VPN, firewall, physical isolation, etc
2. Data security
in principle, the data exchange between nodes of the blockchain should not be transmitted in clear text. For example, asymmetric encryption can be used to negotiate key, and symmetric encryption algorithm can be used to encrypt and decrypt data. The data provider should also strictly evaluate the sensitivity and security level of the data, decide whether to send the data to the blockchain, whether to desensitize the data, and adopt strict access control measures
3. Application system security
application system security needs to start from the aspects of identity authentication, authority system, transaction rules, anti fraud strategy, etc.
relevant personnel, transaction nodes and transaction data involved in application operation should be controlled in advance and auditable afterwards. Taking financial blockchain as an example, consensus algorithm with stronger fault tolerance, anti fraud and higher performance can be adopted to avoid joint fraud of some nodes
4. Key security
to encrypt the communication data between the blockchain nodes and the key to encrypt the data stored on the blockchain nodes, the plaintext should not exist on the same node, and the private key should be properly saved by the encryption machine. When the key is lost or leaked, the system can identify the relevant records of the original key, such as account control, communication encryption, data storage encryption, etc., and implement response measures to make the original key invalid. The key should also be managed strictly in the life cycle, and should not be permanently valid. It needs to be replaced after reaching a certain time cycle
5. Risk control mechanism
there should be careful detection measures for the network layer, host operation, data access of application system, transaction frequency and other dimensions of the system. For any suspicious operation, alarm, record and verification should be carried out. If illegal operation is found, loss assessment should be carried out, remedial measures should be taken at the technical and business levels, and security measures should be strengthened, And trace the source of illegal operation to prevent further attacks
Article source: white paper on blockchain technology and application development in China
3. Because you are already in the reading team, if the team formation interface prompted by the system can't enter, you can't create your own team. If you want to create your own team, you can change the number.
4. Can solve, bit box is a good application proof
5. Absolute privacy encryption means that the addresses of both sender and receiver can not be identified and tracked, the content of the transaction is fully protected, the user's privacy is absolutely protected, but it also increases the chance of abuse by criminals. In reality, in order to meet the regulatory requirements of enterprises, especially the financial system, cryptocurrency, which has complete privacy for the public and indivials, and accountability privacy for regulatory and audit institutions, will graally become the mainstream. Abe / Abbey coin has the ability of different privacy levels, which can meet the needs of indivials in terms of privacy, as well as regulatory or corporate accountability.
6. The distributed architecture and tamper proof features of blockchain technology help to solve the problems of bill authenticity and information opacity. When participants need to check whether the bill has been tampered or transferred, blockchain can provide indisputable proof of consistency
digital currency also makes use of this feature of blockchain. Puyin is a kind of tea standard digital currency developed based on blockchain technology.
digital currency also makes use of this feature of blockchain. Puyin is a kind of tea standard digital currency developed based on blockchain technology.
7. Jinwowo analyzes the security of data when using blockchain Technology: blockchain technology is a kind of technology that supports decentralization in a trustless network environment
it can ensure the security of the communication network of the application system running on the chain by means of digital signature, and use hash chain technology to ensure that the written data can not be changed.
it can ensure the security of the communication network of the application system running on the chain by means of digital signature, and use hash chain technology to ensure that the written data can not be changed.
8. A new type of blockchain has been developed to make the public transactions used for verification contain only part of the information
Cooper takes interest rate swap as an example. Dodd Frank requires both parties to record 140 data fields. However, in the blockchain, other banks can only see specific data points, and they may just display the code of transaction nature and price range
at the same time, the blockchain will store complete transactions, which can only be seen by relevant parties and regulators with monitoring obligations
of course, the most important thing about blockchain is that it can not be tampered with, and the protection of intellectual property rights is very important, such as the recent foreign project of decent, which is a distributed content publishing platform.
Cooper takes interest rate swap as an example. Dodd Frank requires both parties to record 140 data fields. However, in the blockchain, other banks can only see specific data points, and they may just display the code of transaction nature and price range
at the same time, the blockchain will store complete transactions, which can only be seen by relevant parties and regulators with monitoring obligations
of course, the most important thing about blockchain is that it can not be tampered with, and the protection of intellectual property rights is very important, such as the recent foreign project of decent, which is a distributed content publishing platform.
9. In data analysis, how to effectively protect personal privacy and prevent core data leakage has become the primary consideration.
Hot content