ESTABLISHING BLOCKCHAIN-RELATED SECURITY CONTROLS

Blockchain technology is a secure and relatively new technology of distributed digital ledgers which is based on interlinked blocks of transactions. There is a rapid growth in the adoption of the blockchain technology in different solutions and applications and within different industries throughout the world, such as but not limited to, finance, supply chain, digital identity, energy, healthcare, real estate and government. Blockchain technology has great benefits such as decentralization, transparency, immutability and automation. Like any other emerging technology, the blockchain technology has also several risks and threats associated with its expected benefits which in turns could have a negative impact on individuals, entities and/or countries. This is mainly due to the absence of a solid governance foundation for managing and mitigating such risks and the shortage of published standards to govern the blockchain technology along with its associated applications. In line with the “Dubai blockchain Strategy 2020” and “Emirates blockchain Strategy 2021” initiatives, this thesis aims to achieve the following: first, preservation of the confidentiality, integrity and availability of information and information assets in relevance to blockchain applications and solutions implementation across entities, and second, mitigation and reduction of related information security risks and threats; through the establishment of new information security controls specifically related to the blockchain technology which have not been covered in International and National Information Security Standards which are ISO 27001:2013 Standard and UAE Information Assurance Standards by the Signals Intelligence Agency (formerly known as the National Electronic Security Authority). Finally, Risk Assessment and Risk Treatment have been performed on five blockchain use cases; to determine their involved risks with respective to security controls appropriately. The assessment/analysis results showed that the proposed security controls can mitigate relevant information security risks on the blockchain solutions and applications and consequently protect the information and information assets from unauthorized disclosure, modification, and destruction

A Consensus Algorithm Based on Risk Assessment Model for Permissioned Blockchain

Blockchain technology enables stakeholders to conduct trusted data sharing and exchange without a trusted centralized institution. These features make blockchain applications attractive to enhance trustworthiness in very different contexts. Due to unique design concepts and outstanding performance, blockchain has become a popular research topic in industry and academia in recent years. Every participant is anonymous in a permissionless blockchain represented by cryptocurrency applications such as Bitcoin. In this situation, some special incentive mechanisms are applied to permissionless blockchain, such as mined native cryptocurrency to solve the trust issues of permissionless blockchain. In many use cases, permissionless blockchain has bottlenecks in transaction throughput performance, which restricts further application in the real world. A permissioned blockchain can reach a consensus among a group of entities that do not establish an entire trust relationship. Unlike permissionless blockchains, the participants must be identified in permissioned blockchains. By relying on the traditional crash fault-tolerant consensus protocols, permissioned blockchains can achieve high transaction throughput and low latency without sacrificing security. However, how to balance the security and consensus efficiency is still the issue that needs to be solved urgently in permissioned blockchains. As the core module of blockchain technology, the consensus algorithm plays a vital role in the performance of the blockchain system. Thus, this paper proposes a new consensus algorithm for permissioned blockchain, the Risk Assessment-based Consensus protocol (RAC), combined with the decentralized design concept and the risk-node assessment mechanism to address the unbalance issues of performance in speed, scalability, and security.Comment: 32 pages, 11 figure

Research on the Application of Blockchain in SMEs Credit Risk

The credit of an enterprise is related to its own development. This paper mainly discusses the relationship between the credit risk of small and medium enterprises (SMEs) and the application degree of blockchain. 64 listed companies with block chain technology as the core theme are selected to analyze their comprehensive financial data. Factor analysis is used to quantitatively evaluate the application degree of blockchain in SMEs, and then the Logistic model is used to evaluate the credit risk of SMEs. Finally, combining the application degree of blockchain in small and medium-sized enterprises and the credit risk assessment of these two groups of data. It confirms the conclusion that the higher the degree of blockchain application, the closer the supply chain finance relationship, and the better the credit status

Trends in Banking 2017 and onwards

The changing nature of the relationship between a retail bank and its customers is examined, particularly with respect to new financial concepts, debt and regulation. The traditional image of a bank is portrayed as a physical building a classical Doric portico. This image conveys concepts of service, soundness, strength, stability and security ("five-S"). That "five-S" concept is changing, and the evidence for changes that affect customers directly is considered. A fundamental legal problem associated with those changes is highlighted: a bank is no longer solely responsible for the safeguard of customer monies. A solution to this problem is proposed: banks should be jointly liable with perpetrators of criminal activity in the event of frauds as an encouragement to recognise and mitigate fraud.Comment: Proceedings 29th SASE Conference, Lyon France, June-July 201

Risks associated with Logistics 4.0 and their minimization using Blockchain

Currently we are saying that we are at the dawn of the fourth revolution, which is marked by using cyber-physical systems and the Internet of Things. This is marked as Industry 4.0 (I4.0). With Industry 4.0 is also closely linked concept Logistics 4.0. The highly dynamic and uncertain logistic markets and huge logistic networks require new methods, products and services. The concept of the Internet of Things and Services (IoT&S), Big Data/Data Mining (DM), cloud computing, 3D printing, Blockchain and cyber physical system (CPS) etc. seem to be the probable technical solution for that. However, associated risks hamper its implementation and lack a comprehensive overview. In response, the paper proposes a framework of risks in the context of Logistics 4.0. They are here economic risks, that are associated e.g. with high or false investments. From a social perspective, risks the job losses, are considered too. Additionally, risks can be associated with technical risks, e.g. technical integration, information technology (IT)-related risks such as data security, and legal and political risks, such as for instance unsolved legal clarity in terms of data possession. It is therefore necessary to know the potential risks in the implementation process.Web of Science101857

Sustainable Development Report: Blockchain, the Web3 & the SDGs

This is an output paper of the applied research that was conducted between July 2018 - October 2019 funded by the Austrian Development Agency (ADA) and conducted by the Research Institute for Cryptoeconomics at the Vienna University of Economics and Business and RCE Vienna (Regional Centre of Expertise on Education for Sustainable Development).Series: Working Paper Series / Institute for Cryptoeconomics / Interdisciplinary Researc

Racing to Regulation: A Comparative Analysis of Virtual Currency Regulation in Alaska And the Proposed Alaska Money Services Act Carlos Manzano

The emergence of virtual currencies has revolutionized the financial industry by creating an alternative form of payment that seeks to insulate individuals from government and bank influence. Yet, federal regulation of virtual currency has remained limited. Many state legislators have rushed to fill the gap by enacting laws regulating virtual currency use and transmission. This state-by-state approach has led to significant variation between state regulatory regimes, creating a regulatory spectrum of lenient to strict regulatory approaches. In March 2017, Alaska House Representatives Zach Fansler and Sam Kito proposed the Alaska Money Services Act to require licensing for virtual currency activity. The bill’s proposed requirements lean towards the strict side of the regulatory spectrum, bringing the potential to drive virtual currency businesses away from Alaska. This Note proposes that Alaska legislators enact virtual currency legislation that adequately balances technological innovation with consumer protection through several recommendations, including: (1) enacting virtual currency-specific legislation rather than importing regulation into existing and outdated laws, (2) clearly defining the legislation’s scope, (3) collaborating with stakeholders in enacting legislation, (4) including an on-ramp to ensure emerging startups are not overly burdened, (5) tailoring the level of regulation to the level of risk a virtual currency business poses to Alaska consumers by tiering requirements to transmission volume, (6) requiring only relevant information in the application, and (7) reducing agency discretion to revoke licenses