Architecture-Centric Evaluation of Blockchain-Based Smart Contract e-voting for National Elections
Illegal Access to Application Layer Servers
Download 1.05 Mb. Pdf ko'rish
|
5. Architecturecentric-evaluation-of-blockchainbased-smart-contract-Evoting-for-national-electionsInformatics
|
Illegal Access to Application Layer Servers
. The threats of illegal access to e-voting servers at the application layer could be in the form of unauthorised access, password intrusion attack, phishing, and spoofing attacks. The e-voting nodes, vote validation nodes, and endorsing nodes are likely targets because a successful attack on this layer will yield a handsome reward for the attacker [ 44 ]. The Hyperledger Fabric (HF) can mitigate the threat of password intrusion attack, phishing, and spoofing through the use of cryptographic encryption based on either the Secure Hash Algorithm-256 bit (SHA256) and the Elliptic Curve Digital Signature Algorithm (ECDSA) to make tampering impossible. Unauthorised access can also occur at the Application Layer and the Smart Contract Layer. However, this threat can be mitigated because the HF has a certificate authority (CA) that generates X.509 certificates for its members to identify unauthorised access /intrusion of any form either through spoofing and phishing. However, to ensure stronger security at the application layer, additional measures such as the following will still be necessary: • Ensure e ffective real-time monitoring of the system through data encryption storage protection, and proactive security threat detection in the blockchain. The invention by Signorini et al. [ 45 ] (U.S. Patent) enables the detection of security threat within a blockchain or distributed ledger Informatics 2020, 7, 16 16 of 22 system by (i) adding forked chains discarded at a device to a standard blockchain to enhance the structure of the original chain; (ii) inspecting all forked chains that have been added; (iii) anomaly detection based on patterns in the added forked chains in enhanced blockchain, and (iv) a review of all transactions that involved the forked chain in the enhanced blockchain structure. • Prevent both internally- and externally-induced attacks. • Forestall repetitive intrusion attacks. The network administrator must ensure that a list of revoked membership certificates to ensure that members that are once revoked cannot re-join the network. Download 1.05 Mb. Do'stlaringiz bilan baham: 
|