Abstract
The first step to realise the true potential of blockchain systems is to explain the associated security risks and vulnerabilities. These risks and vulnerabilities, exploited by the threat agent to affect the valuable assets and services. In this work, we use a security risk management (SRM) domain model and develop a framework to explore two security risks - Sybil and Double-spending - that are observed and considered most concerning security risks within blockchain systems. The framework illustrates the protected assets or assets to secure, the classification of threats that the attacker can trigger using Sybil attack, the identification of threats that cause Double-spending, the vulnerabilities of identified threats, and their countermeasures. We evaluated a newly built framework by exploring Sybil and Double-spending risks in Ethereum-based healthcare applications. We also recognise the various other security and implementation challenges of blockchain that hinder the acceptance of blockchain-enabled solutions. Furthermore, we discuss the permissioned blockchain systems making an appearance in industry-level enterprises and how permissioned blockchain systems control these challenges. We conclude the paper and outline the future work that aims to build an ontology-based blockchain security reference model. The results of this work could help blockchain developers, practitioners, and other associated stakeholders to communicate about Sybil and Double-spending risks, what security countermeasures should be introduced, and what security and implementation challenges are emerging in blockchain systems.
Highlights
Blockchain is a decentralised, distributed, and immutable ledger technology [1]
We focus on the threats of Sybil and Double-spending risks, the assets to secure in blockchain systems, the vulnerabilities, and what are the countermeasures for risk-treatments
We identify the security threats belonging to the Sybil attack in MedRec decentralised applications (dApps), and security threats that could trigger Double-spending in MIStore dApp
Summary
Blockchain is a decentralised, distributed, and immutable ledger technology [1]. Blockchain technology operates over a peer-to-peer (P2P) network and distributes a ledger every time on an entire P2P network when a new block (or transaction) occurs [13], [15]. There exist security risks (e.g., Sybil, Double-spending and others) that appear within the blockchain systems [6]. In previous work [6], we identified the Sybil and Double-spending are the most concerning security risks within blockchain systems. B. CONTRIBUTIONS We follow the security risk management (SRM) domain model [9], [10] and develop a framework (Table 7 & 8) to explore Sybil and Double-spending risks in blockchain systems. Framework based on the SRM domain model to explore Sybil and Double-spending risks of blockchain systems. The rest of the paper is structured as follows: Section 2 provides background and discusses the blockchain, research method, overview of Sybil and Double-spending risks, and related work.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
