DBKnot: A Transparent and Seamless, Pluggable Tamper Evident Database

Database integrity is crucial to organizations that rely on databases of important data. They suffer from the vulnerability to internal fraud. Database tampering by internal malicious employees with high technical authorization to their infrastructure or even compromised by externals is one of the important attack vectors. This thesis addresses such challenge in a class of problems where data is appended only and is immutable. Examples of operations where data does not change is a) financial institutions (banks, accounting systems, stock market, etc., b) registries and notary systems where important data is kept but is never subject to change, and c) system logs that must be kept intact for performance and forensic inspection if needed. The target of the approach is implementation seamlessness with little-or-no changes required in existing systems. Transaction tracking for tamper detection is done by utilizing a common hashtable that serially and cumulatively hashes transactions together while using an external time-stamper and signer to sign such linkages together. This allows transactions to be tracked without any of the organizations’ data leaving their premises and going to any third-party which also reduces the performance impact of tracking. This is done so by adding a tracking layer and embedding it inside the data workflow while keeping it as un-invasive as possible. DBKnot implements such features a) natively into databases, or b) embedded inside Object Relational Mapping (ORM) frameworks, and finally c) outlines a direction of implementing it as a stand-alone microservice reverse-proxy. A prototype ORM and database layer has been developed and tested for seamlessness of integration and ease of use. Additionally, different models of optimization by implementing pipelining parallelism in the hashing/signing process have been tested in order to check their impact on performance. Stock-market information was used for experimentation with DBKnot and the initial results gave a slightly less than 100% increase in transaction time by using the most basic, sequential, and synchronous version of DBKnot. Signing and hashing overhead does not show significant increase per record with the increased amount of data. A number of different alternate optimizations were done to the design that via testing have resulted in significant increase in performance

False image injection prevention using iChain

The advances in information and communication technology are consistently beneficial for the healthcare sector. A trend in the healthcare sector is the progressive shift in how data are acquired and the storage of such data in different facilities, such as in the cloud, due to the efficiency and effectiveness offered. Digital images related to healthcare are sensitive in nature and require maximum security and privacy. A malicious entity can tamper with such stored digital images to mislead healthcare personnel and the consequences of wrong diagnosis are harmful for both parties. A new type of cyber attack, a false image injection attack (FIIA) is introduced in this paper. Existing image tampering detection measures are unable to guarantee tamper-proof medical data in real time. Inspired by the effectiveness of emerging blockchain technology, a security framework, image chain (iChain) is proposed in this paper to ensure the security and privacy of the sensitive healthcare images. The practical challenges associated with the proposed framework and further research that is required are also highlighted

Usage of Blockchain to Ensure Audit Data Integrity

Usage of technology to help finance audit process is not a new instance. But since the rise of 4th industrial revolution and emergence of smart technology relatively in a short period of time, adopting technology have its challenges and drawbacks. Data Integrity has been an issue for finance audit process because digital data is easy to tamper. This condition makes audit process become difficult and potential of audit fraud is high. In this study we would like to explore usage blockchain technology as future database engine for AIS. Blockchain as a technology relatively unheard before cryptocurrency albeit its advanced technology in data storage to ensure data integrity. We will explore the advantages and risk in adopting blockchain as well as current state of academics and technology regarding blockchain adoption

Supply Chain Tracing and Anti-Counterfeiting with Distributed Ledger Technology

In recent times, there has been a rampant proliferation of counterfeit products that has left a trail of devastation in the manufacturing sectors. The repercussions of this extend to companies, impacting their brand reputation, revenue streams and overall profitability. Industries like agriculture, banking, electronics, and high-value deliveries uses the emergence of blockchain technology as a powerful tool to discern between authentic and counterfeit items. Its potential as a means to curtail the influx of fake products in the market is substantial. Blockchain technology, at its core, operates as a decentralized and distributed digital ledger system, meticulously recording transactions within interconnected blocks across multiple databases. The inherent security of this technology ensures the immutability of these blocks, rendering them invulnerable to alteration or hacking. By leveraging blockchain technology, consumers can independently verify the authenticity of a product, eliminating the need for reliance on third-party intermediaries. Incorporating recent technological advancements, the utilization of Quick Response (QR) codes offers a robust approach to combat the proliferation of counterfeit goods. The integration of blockchain technology with QR codes serves as a means to uphold the integrity of products. This innovative system securely stores product details and unique codes in the form of blocks,  where QR codes play a pivotal role in collecting and matching these unique codes with entries in the blockchain database. If the QR code matches with entries in the database, the user receives a confirmation of the product's authenticity; otherwise, an alert is triggered, signaling the presence of a counterfeit product

EduChain: A Blockchain-based Education Data Management System

The predominant centralized paradigm in educational data management currently suffers from several critical issues such as vulnerability to malicious tampering, a high prevalence of diploma counterfeiting, and the onerous cost of certificate authentication. Decentralized blockchain technology, with its cutting-edge capabilities, presents a viable solution to these pervasive problems. In this paper, we illuminate the inherent limitations of existing centralized systems and introduce EduChain, a novel heterogeneous blockchain-based system for managing educational data. EduChain uniquely harnesses the strengths of both private and consortium blockchains, offering an unprecedented level of security and efficiency. In addition, we propose a robust mechanism for performing database consistency checks and error tracing. This is achieved through the implementation of a secondary consensus, employing the pt-table-checksum tool. This approach effectively addresses the prevalent issue of database mismatches. Our system demonstrates superior performance in key areas such as information verification, error traceback, and data security, thereby significantly improving the integrity and trustworthiness of educational data management. Through EduChain, we offer a powerful solution for future advancements in secure and efficient educational data management

Viiteraamistik turvariskide haldamiseks plokiahela abil

Turvalise tarkvara loomiseks on olemas erinevad programmid (nt OWASP), ohumudelid (nt STRIDE), turvariskide juhtimise mudelid (nt ISSRM) ja eeskirjad (nt GDPR). Turvaohud aga arenevad pidevalt, sest traditsiooniline tehnoloogiline infrastruktuur ei rakenda turvameetmeid kavandatult. Blockchain näib leevendavat traditsiooniliste rakenduste turvaohte. Kuigi plokiahelapõhiseid rakendusi peetakse vähem haavatavateks, ei saanud need erinevate turvaohtude eest kaitsmise hõbekuuliks. Lisaks areneb plokiahela domeen pidevalt, pakkudes uusi tehnikaid ja sageli vahetatavaid disainikontseptsioone, mille tulemuseks on kontseptuaalne ebaselgus ja segadus turvaohtude tõhusal käsitlemisel. Üldiselt käsitleme traditsiooniliste rakenduste TJ-e probleemi, kasutades vastumeetmena plokiahelat ja plokiahelapõhiste rakenduste TJ-t. Alustuseks uurime, kuidas plokiahel leevendab traditsiooniliste rakenduste turvaohte, ja tulemuseks on plokiahelapõhine võrdlusmudel (PV), mis järgib TJ-e domeenimudelit. Järgmisena esitleme PV-it kontseptualiseerimisega alusontoloogiana kõrgema taseme võrdlusontoloogiat (ULRO). Pakume ULRO kahte eksemplari. Esimene eksemplar sisaldab Cordat, kui lubatud plokiahelat ja finantsjuhtumit. Teine eksemplar sisaldab lubadeta plokiahelate komponente ja tervishoiu juhtumit. Mõlemad ontoloogiaesitlused aitavad traditsiooniliste ja plokiahelapõhiste rakenduste TJ-es. Lisaks koostasime veebipõhise ontoloogia parsimise tööriista OwlParser. Kaastööde tulemusel loodi ontoloogiapõhine turberaamistik turvariskide haldamiseks plokiahela abil. Raamistik on dünaamiline, toetab TJ-e iteratiivset protsessi ja potentsiaalselt vähendab traditsiooniliste ja plokiahelapõhiste rakenduste turbeohte.Various programs (e.g., OWASP), threat models (e.g., STRIDE), security risk management models (e.g., ISSRM), and regulations (e.g., GDPR) exist to communicate and reduce the security threats to build secure software. However, security threats continuously evolve because the traditional technology infrastructure does not implement security measures by design. Blockchain is appearing to mitigate traditional applications’ security threats. Although blockchain-based applications are considered less vulnerable, they did not become the silver bullet for securing against different security threats. Moreover, the blockchain domain is constantly evolving, providing new techniques and often interchangeable design concepts, resulting in conceptual ambiguity and confusion in treating security threats effectively. Overall, we address the problem of traditional applications’ SRM using blockchain as a countermeasure and the SRM of blockchain-based applications. We start by surveying how blockchain mitigates the security threats of traditional applications, and the outcome is a blockchain-based reference model (BbRM) that adheres to the SRM domain model. Next, we present an upper-level reference ontology (ULRO) as a foundation ontology and provide two instantiations of the ULRO. The first instantiation includes Corda as a permissioned blockchain and the financial case. The second instantiation includes the permissionless blockchain components and the healthcare case. Both ontology representations help in the SRM of traditional and blockchain-based applications. Furthermore, we built a web-based ontology parsing tool, OwlParser. Contributions resulted in an ontology-based security reference framework for managing security risks using blockchain. The framework is dynamic, supports the iterative process of SRM, and potentially lessens the security threats of traditional and blockchain-based applications.https://www.ester.ee/record=b551352

Securing CNN Model and Biometric Template using Blockchain

Blockchain has emerged as a leading technology that ensures security in a distributed framework. Recently, it has been shown that blockchain can be used to convert traditional blocks of any deep learning models into secure systems. In this research, we model a trained biometric recognition system in an architecture which leverages the blockchain technology to provide fault tolerant access in a distributed environment. The advantage of the proposed approach is that tampering in one particular component alerts the whole system and helps in easy identification of `any' possible alteration. Experimentally, with different biometric modalities, we have shown that the proposed approach provides security to both deep learning model and the biometric template.Comment: Published in IEEE BTAS 201