Security applications could see a boost this year from blockchain -- the technology that drives cryptocurrency such as bitcoin. Cryptocurrencies initially came about as a disruptive financial technology aimed at making global transactions easier, faster and more secure. Fintech applications require locking down data, protecting identities and storing personal data -- all of which are relevant parts of security solutions. Experts note that the decentralized nature of the electronic ledger system could actually improve security solutions.
A blockchain is a series of blocks that record information in hash functions with timestamps. Therefore, the data can’t be edited. Because the information can’t be overwritten, data manipulation is simply impractical and data is, by default, secured. Because all users have a copy of that information in a ledger, it’s easy to detect when it has been changed without authorization. The ledger doesn’t keep track of balances, it only records every transaction broadcast within the Bitcoin network.
The blockchain itself doesn’t provide intrusion detection or threat defense in ways that are most familiar to users. But while its defensive posture differs from that of traditional cybersecurity solutions, it does offer an infrastructure that comprises transparency, event tracking and cryptography, features that some security solutions and implementations on enterprise networks lack.
Ensuring that only interested and authorized parties can access the correct and appropriate data is a common concern. After all, on the blockchain everyone can see everyone else’s transactions. Protecting blockchain network access is therefore fundamental in securing data access. The deployment of blockchain enables authentication of users and devices without password protection. But while the technology was initially built without specific access controls, some blockchain implementations are beginning to address data confidentiality and access control challenges by providing full encryption of blockchain data. That ensures data is inaccessible by unauthorized parties while it’s in transit -- particularly important when data is flowing through untrusted networks.
Because it lets users trust that the transactions stored on the tamper-proof ledger are valid, blockchain can be considered a secure technology. Its use of sequential hashing and cryptography combined with its decentralized structure makes it very off-putting for would-be hackers -- standard databases are far easier targets. The challenge moving forward for blockchain is discovering how it will balance its data immutability with privacy concerns. How does the technology that remembers everything reconcile with the right to be forgotten? Ironically, more security may be the answer, according to a report from Deloitte, which suggests encryption as one solution. If the personal information written in the system is encrypted, then, at the appropriate time, forgetting the keys will ensure that sensitive information is no longer accessible.
Another answer, according to Deloitte, is to use one of the characteristics of the blockchain itself -- by focusing on the value of blockchain, a user can provide unalterable evidence of facts by writing the hash of transactions to it. Meanwhile, the transactions themselves are stored outside of the system. That maintains the integrity of transactions, “while enabling the ability to erase the transactions, leaving only vestigial traces of forgotten information in the blockchain.”
