Abstract
The notion that blockchains offer decentralized, “trustless” guarantees of security through technology is a fundamental misconception held by many advocates. This misconception hampers participants from understanding the security differences between public and private blockchains and adopting blockchain technology in suitable contexts. This paper introduces the notion of “people security” to argue that blockchains hold inherent limitations in offering accurate security guarantees to people as participants in blockchain-based infrastructure, due to the differing nature of the threats to participants reliant on blockchain as secure digital infrastructure, as well as the technical limitations between different types of blockchain architecture. This paper applies a sociotechnical security framework to assess the social, software, and infrastructural layers of blockchain applications to reconceptualize “blockchain security” as “people security.” A sociotechnical security analysis of existing macrosocial level blockchain systems surfaces discrepancies between the social, technical, and infrastructural layers of a blockchain network, the technical and governance decisions that characterize the network, and the expectations of, and threats to, participants using the network. The results identify a number of security and trust assumptions against various blockchain architectures, participants, and applications. Findings indicate that private blockchains have serious limitations for securing the interests of users in macrosocial contexts, due to their centralized nature. In contrast, public blockchains reveal trust and security shortcomings at the micro and meso-organizational levels, yet there is a lack of suitable desktop case studies by which to analyze sociotechnical security at the macrosocial level. These assumptions need to be further investigated and addressed in order for blockchain security to more accurately provide “people security”.
Highlights
Blockchain is forecast to be “future of financial and cybersecurity” and has the potential to “revolutionize applications and redefine the digital economy” (Singh and Singh, 2016; Underwood, 2016)
Security issues are present at the micro(individual) and meso- levels and unknown at the macrosocial level as there is a lack of suitable desktop case studies by which to analyze security in broader, social applications
Security via decentralization is not an objective, as they are centrally administered by design and users do not have a participatory role in system design or governance
Summary
Blockchain is forecast to be “future of financial and cybersecurity” and has the potential to “revolutionize applications and redefine the digital economy” (Singh and Singh, 2016; Underwood, 2016). Blockchains hold great promise to re-instate “trust” in society by enabling coordination without trust (Shahaab et al, 2020) If this is the case, it is imperative to develop blockchains into functional, digital institutional infrastructure with transparent governance, security, and operational rules. By adopting a sociotechnical security analysis framework, this paper argues that both public and private blockchains have social, technical, and infrastructure layer security shortcomings. For private blockchains, these trust and security issues are evident in macrosocial (societal) applications. Given the sociotechnical nature of blockchain-based systems, this sociotechnical security approach is termed “people security.” These findings are important as the sociotechnical trust and security gaps of different types of blockchains, across different applications are underexplored, despite the increasing prominence of blockchain-based systems in organizations and society Given the sociotechnical nature of blockchain-based systems, this sociotechnical security approach is termed “people security.” These findings are important as the sociotechnical trust and security gaps of different types of blockchains, across different applications are underexplored, despite the increasing prominence of blockchain-based systems in organizations and society
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
