On the security of the Blockchain Bix Protocol and Certificates

The BIX protocol is a blockchain-based protocol that allows distribution of certificates linking a subject with his public key, hence providing a service similar to that of a PKI but without the need of a CA. In this paper we analyze the security of the BIX protocol in a formal way, in four steps. First, we identify formal security assumptions which are well-suited to this protocol. Second, we present some attack scenarios against the BIX protocol. Third, we provide a formal security proof that some of these attacks are not feasible under our previously established assumptions. Finally, we show how another attack may be carried on.Comment: 16 pages, 1 figur

Secure Bitcoin Wallet

Virtuaalvaluutad ja mobiilne pangandus on tehnoloogilised uuendused, mis on rah- vusvahelises kogukonnas saamas kasvavat tähelepanu oma kättesaadavuse, mugavuse ja kiiruse tõttu. Populaarsuse kasv on kahjuks kaasa toonud ka suurenenud turvariski iden- titeedivarguste näol, tekitades ohu kasutajate anonüümsusele. Riske on võimalik vältida, kasutades krüptograafilisi meetmeid Bitcoini ja teiste hajutatud digitaalsete valuutade vastaste rünnete vähendamiseks sideliinil ning hoiustamisel. See ülevaade koondab erine- vad meetodid ja lahendused selliste rünnete vastu ning uurib nende tõhusust. Lisaks kir- jeldatakse turvalist Bitcoini rahakotti (Secure Bitcoin Wallet), mis on standardne Bitcoini ülekannete klient koos tõhustatud turvaomaduste ja -teenustega.Virtual currencies and mobile banking are technology advancements that are receiving increased attention in the global community because of their accessibility, convenience and speed. However, this popularity comes with growing security concerns, like increasing frequency of identity theft, leading to bigger problems which put user anonymity at risk. One possible solution for these problems is using cryptography to enhance security of Bitcoin or other decentralised digital currency systems and to decrease frequency of attacks on either communication channels or system storage. This report outlines various methods and solutions targeting these issues and aims to understand their effectiveness. It also describes Secure Bitcoin Wallet, standard Bitcoin transactions client, enhanced with various security features and services

A decision-making model to guide securing blockchain deployments

Satoshi Nakamoto, the pseudo-identity accredit with the paper that sparked the implementation of Bitcoin, is famously quoted as remarking, electronically of course, that “If you don’t believe it or don’t get it, I don’t have time to try and convince you, sorry” (Tsapis, 2019, p. 1). What is noticeable, 12 years after the famed Satoshi paper that initiated Bitcoin (Nakamoto, 2008), is that blockchain at the very least has staying power and potentially wide application. A lesser known figure Marc Kenisberg, founder of Bitcoin Chaser which is one of the many companies formed around the Bitcoin ecosystem, summarised it well saying “…Blockchain is the tech - Bitcoin is merely the first mainstream manifestation of its potential” (Tsapis, 2019, p. 1). With blockchain still trying to reach its potential and still maturing on its way towards a mainstream technology the main question that arises for security professionals is how do I ensure we do it securely? This research seeks to address that question by proposing a decision-making model that can be used by a security professional to guide them through ensuring appropriate security for blockchain deployments. This research is certainly not the first attempt at discussing the security of the blockchain and will not be the last, as the technology around blockchain and distributed ledger technology is still rapidly evolving. What this research does try to achieve is not to delve into extremely specific areas of blockchain security, or get bogged down in technical details, but to provide a reference framework that aims to cover all the major areas to be considered. The approach followed was to review the literature regarding blockchain and to identify the main security areas to be addressed. It then proposes a decision-making model and tests the model against a fictitious but relevant real-world example. It concludes with learnings from this research. The reader can be the judge, but the model aims to be a practical valuable resource to be used by any security professional, to navigate the security aspects logically and understandably when being involved in a blockchain deployment. In contrast to the Satoshi quote, this research tries to convince the reader and assist him/her in understanding the security choices related to every blockchain deployment.Thesis (MSc) -- Faculty of Science, Computer Science, 202

Disruptive Power of Blockchain on the Insurance Industry

Kindlustus on olnud globaalse majanduse võtmekomponendiks oma lisatasude suuruse, investeerimismahtude ja ennekõike oma isikliku ja äririski katva sotsiaalse ja majandusliku rolli tõttu. Aastate jooksul on antud sektoris olnud püsiv reform, kuid sellele vaatamata on kindlustuse tööstusharu jäänud suuremalt jaolt samaks oma ärimudeli ja toimimise osas. Seda sektorit domineerivad vahendajad, kes mängivad võtmerolli kliendi vajaduste mõistmises ja viivad selle kokku kindlale sihtgrupile mõeldud kindlustustootega. PwC poolt tehtud uuring raportis „Kindlustus 2020: Muutuse pööramine võimaluseks“ [1] võtab arvesse sotsiaalsed, tehnoloogilised, keskkondlikud, majanduslikud ja poliitilised faktorid ning viitab sellele, et kindlustuse sektoril on vajadus muutuda agentuuripõhisest jaotusmudelist kasutusepõhiseks ärimudeliks. Antud uurimustöö uurib plokiahela tehnoloogiat ja selle häirivat mõju kindlustussektorile hinnates praegust äriprotsessi ja –mudelit ning seda, kuidas see tehnoloogia suudab antud mudeleid täiustada. Uurimustöö järeldusena pakutakse uut protsessi suunda kindlustuse tööstusharule rõhutades kliendile pakutavat parema väärtusega teenust, kus on kasutusel plokiahela tehnoloogia. Võtmesõnad: plokiahela tehnoloogia, kindlustuse äriprotsess, jaotatud peaarvetehnoloogiaThe insurance industry has been a key component of the global economy by the amount of premiums it generates, the scale of its investment and more fundamentally, the essential social and economic role it plays in covering personal and business risk. Over the years, there have been a growing reform in this sector but despite some of these reforms, the insurance industry has remained much the same in its business model and operations. The sector has been dominated by intermediaries who play the key role of understanding and matching the need of the customer with specific tailored insurance product. A research conducted by PwC in a report titled “Insurance 2020: Turning change into opportunity” [1], takes into account STEEP (Social, Technology, Environmental, Economic and Political) drivers all points to the need of the insurance sector to evolve from the agency- based distribution model to an usage based business model. This paper examines the blockchain technology and its disruptive power in the insurance sector by evaluating the current business process and model in the industry and how this technology can improve this model. This paper concludes by proposing a new process flow for the insurance industry placing emphasis on better values service to the customer using blockchain technology

Association between Patient Outcomes and Joint Commission International (JCI) Accreditation in Italy: An Observational Study

Quality in healthcare is a constantly debated topic and has not found a clear definition to date. If we consider the possible quality standards related to health services, the Joint Commission identifies the main criteria that health organizations must respect in order to guarantee patient safety. The Joint Commission International \u2013 founded in 1994 by the JC \u2013 also accredits organizations in countries other than the USA and Canada to ensure better minimum quality levels. The study investigates the possibility of obtaining a better outcomes of the health structures accredited in Italy by the Joint Commission International compared to the other the other health organizations of the Italian system considering the mortality index as an indicator recognized by the literature as a summary indicator of outcome. The National Outcome Program (PNE) created by the Italian Ministry of Health allows comparative effectiveness researches based on relative risk. This study performs the analysis based on the results of the past three years available and on the volume of activities provided. Given a p-value significance index <0.05, the analysis highlights the absence of a significant difference between accredited and non-accredited structures. The study contributes to the literature on health system outcomes and performance and has relevance considering researches in health tourism and health mobility policies fields

The Rise and Fall of Trust Based Intermediated Securites: An Economic Jurisprudential Approach to Trust Based Intermediated Securities

There has been a discussion for some years regarding the place of intermediated securities, how they should be legally underpinned and their technological basis. A particularly important source that formed a large portion of the inspiration of this thesis was Intermediated Securities: Legal Problems and Practical Issues edited by Louise Gullifer and Jennifer Payne at the University of Oxford.1 This key book provided a selection of papers outlining some theoretically and practically nuanced debates. While this book was exceptionally thought provoking, there was a particular issue that was apparent to the author. In short, this was a focus on the black letter law. There were questions that remained, particularly regarding why there was an insistence on utilising trust for underpinning intermediated securities in the UK when there has been significant strides in technology that could facilitate a more efficient mode of intermediation. This thesis therefore, seeks to answer this question. It hypothesises that, in combination with the recent advancements in technology, trust is an outmoded legal regime for intermediated securities. In particular, the thesis shows that technology has obfuscated the proprietary reasons underlying the use of trust, with investors able to hold full ownership of their shares and intermediaries acting as simple facilitators akin to agents. In order to highlight this change, the thesis undertakes an economic analysis of the law, especially using transaction cost analysis. Through this analysis, the efficiencies of the trust system vis-à-vis a new modality will be shown to be significantly diminished or eliminated. Therefore, this thesis presents a novel contribution to this field. Through undertaking an economic analysis of the current law and differing legal modalities, the thesis provides an innovative analysis and solution to the problems that permeate the intermediated securities system