ESTABLISHING BLOCKCHAIN-RELATED SECURITY CONTROLS

Blockchain technology is a secure and relatively new technology of distributed digital ledgers which is based on interlinked blocks of transactions. There is a rapid growth in the adoption of the blockchain technology in different solutions and applications and within different industries throughout the world, such as but not limited to, finance, supply chain, digital identity, energy, healthcare, real estate and government. Blockchain technology has great benefits such as decentralization, transparency, immutability and automation. Like any other emerging technology, the blockchain technology has also several risks and threats associated with its expected benefits which in turns could have a negative impact on individuals, entities and/or countries. This is mainly due to the absence of a solid governance foundation for managing and mitigating such risks and the shortage of published standards to govern the blockchain technology along with its associated applications. In line with the “Dubai blockchain Strategy 2020” and “Emirates blockchain Strategy 2021” initiatives, this thesis aims to achieve the following: first, preservation of the confidentiality, integrity and availability of information and information assets in relevance to blockchain applications and solutions implementation across entities, and second, mitigation and reduction of related information security risks and threats; through the establishment of new information security controls specifically related to the blockchain technology which have not been covered in International and National Information Security Standards which are ISO 27001:2013 Standard and UAE Information Assurance Standards by the Signals Intelligence Agency (formerly known as the National Electronic Security Authority). Finally, Risk Assessment and Risk Treatment have been performed on five blockchain use cases; to determine their involved risks with respective to security controls appropriately. The assessment/analysis results showed that the proposed security controls can mitigate relevant information security risks on the blockchain solutions and applications and consequently protect the information and information assets from unauthorized disclosure, modification, and destruction

Hashing it Out: Blockchain as a Solution for Medicare Improper Payments

Part I highlights the inadequacies and inefficiencies of our Medicare payment system, focusing on the initiatives currently in place and the susceptibilities that persist. Part II offers a broad overview of the development, importance, features, and collateral technologies surrounding blockchain. Part III posits that Congress and HHS, through its various subsidiary agencies, should work in tandem with private stakeholders to create and/or implement a blockchain-based infrastructure to facilitate federal healthcare payments and support future growth of quality-based initiatives. This Note concludes with a recommendation for future agency research focusing on the viability and cost efficiency of a blockchain solution

REGULATORY SANDBOXES ENABLE PRAGMATIC BLOCKCHAIN REGULATION

Since blockchain technology supports digitally-native money, the centralized chokepoints that governments have traditionally targeted to regulate commerce no longer apply to our (digital) property. However, competent regulation furthers basic public policy goals and should enable responsible innovation of this promising technology. This Article discusses pragmatic policies that enable responsible innovation by cultivating regulatory expertise required to write enforceable rules. Responsible innovation is necessary because unlike the early internet, where programmers could manipulate simple colors and text on webpages, these same individuals can now create financial services applications that manipulate actual money—we are faced with an inescapable reality that more is at stake

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Securing, Standardizing, and Simplifying Electronic Health Record Audit Logs Through Permissioned Blockchain Technology

Audit logs perform critical functions in electronic health record (EHR) systems. They provide a chronological record of all operations performed in an EHR, allowing health care organizations to track EHR usage, hold system users accountable for their interactions with patient records, detect anomalous and potentially malicious behavior in the system, protect patient privacy, and develop insight into workflows and interactions among system users. However, several problems exist with the way that current state-of-the-art EHR technology handles audit data. Specifically, current systems complicate the collection and analysis of audit logs because they lack an interoperable audit log structure, spread audit log data from different EHR applications across multiple data repositories, and often fail to record all useful information about events in the EHR. Permissioned blockchain technology offers two opportunities to mitigate these issues. First, smart contracts running on the blockchain can impose an interoperable structure on audit log data, both within single health care organizations and across all organizations participating in the network. Second, the blockchain ledger constitutes a consolidated repository for all audit log data at each organization, simplifying the collection of data for analysis. AuditChain, the prototype system I present in this thesis, leverages Hyperleger Fabric\u27s permissioned blockchain technology to address these issues of audit log interoperability, content, structure, and consolidation. Specifically, AuditChain uses the blockchain ledger and smart contracts to standardize audit log content, simplify access to audit log data, and ensure that audit logs contain all necessary and useful information

LEGAL REMARKS ON THE OVERARCHING COMPLEXITIES OF CRYPTO ANTI-MONEY LAUNDERING REGULATION

ABSTRACT Objective:The paper analyzes money laundering through crypto-assets and offers a legal perspective on how this new technology can be used to commit these felonies. The study intends to shed light on the matter, helping to visualize how future anti money laundering – AML regulation should focus on tackling crypto criminal activity effectively. Methodology: The research adopts an inductive approach, bibliographic and documental research technique, with an exploratory and propositional methodological objective. Results: The paper proposes the following framework of anti-money laundering principles for crypto-focused action: transnational approach for AML action; going beyond basic gatekeeper compliance approach, considering the lack of structural chokepoints in a blockchain protocol; private-sector cooperation and clear AML standards; usage of tracking and reverse-engineering anonymization techniques for the tracing of crypto transaction history; and adoption of a global blacklist for cryptoasset prefixes, preventing money laundering integration. Contributions: The study addresses a topic that is still unfamiliar in the academic world due to its innovation and complexity, as well as elaborates a set of principles to combat money laundering with crypto-assets that could be of great value to companies and financial institutions. KEYWORDS: Crypto-assets; crypto-currencies; bitcoin; blockchain; money laundering. RESUMO Objetivos: O artigo analisa a lavagem de dinheiro através de ativos criptográficos e oferece uma perspectiva jurídica sobre como essa nova tecnologia pode ser usada para cometer tais crimes. O estudo busca esclarecer o assunto, ajudando a visualizar como a futura regulação contra a lavagem de dinheiro cometida através destes ativos deve ser estruturada para assegurar efetividade. Metodologia: A pesquisa adota uma abordagem indutiva, a técnica de pesquisa é bibliográfica e documental, seu objetivo metodológico é exploratório e propositivo. Resultados: O artigo propõe o seguinte conjunto de princípios para o combate à lavagem de dinheiro com criptoativos: a abordagem transacional para combate à lavagem de dinheiro; ir além de uma abordagem focada em intermediários, considerando a falta de pontos de estrangulamento em um protocolo block chain; a cooperação com o setor privado e padrões claros de compliance para prevenção à lavagem de dinheiro; uso de técnicas de rastreamento e de engenharia reversa para processos de ocultação de histórico de transações; e a adoção de listas sujas globais para evitar a fase de integração do processo de lavagem de dinheiro com criptoativos.Contribuições: O estudo aborda um tema ainda muito pouco divulgado no meio acadêmico devido à sua inovação e complexidade, bem como elabora uma proposta de conjunto de princípios para o combate à lavagem de dinheiro com criptoativos que poderá ser de grande valia para empresas e instituições financeiras. PALAVRAS-CHAVE: Criptoativos; criptomoedas; bitcoin; blockchain; lavagem de dinheiro