Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications

Shi Cho Cha, Chuang Ming Shiung, Wen Wei Li, Chun Neng Peng, Yi Hsuan Hung, Kuo Hui Yeh*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations, related stakeholders need a means to assess the trustworthiness of the applications involved within. It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy. Therefore, this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications. The framework divides itself into different implementation domains, i.e., organization security, application security, consensus mechanism security, node management and network security, host security and perimeter security, and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains. In addition, a case study, including a security testing and risk evaluation on each stack of a specific organization, is demonstrated as an implementation instruction of our proposed risk management framework. According to the best of our knowledge, this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can contribute to the adoption of permissioned blockchain-enabled technologies. Furthermore, application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.

Original languageEnglish
Pages (from-to)2731-2755
Number of pages25
JournalComputers, Materials and Continua
Volume73
Issue number2
DOIs
StatePublished - 2022

Keywords

  • Permissioned blockchain
  • blockchain risk evaluation
  • blockchain security

Fingerprint

Dive into the research topics of 'Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications'. Together they form a unique fingerprint.

Cite this