Pitfalls of open architecture

Bui, Thanh; Rao, Siddharth Prakash; Antikainen, Markku; Aura, Tuomas

doi:10.1145/3301417.3312495

Cited by 11 publications

(9 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In most blockchain applications users use a piece of software, called a wallet, to store their private keys securely. Public keys and associated addresses can also be stored in the wallet [23]. Keys can be stored in an off-line wallet which is the most secure type; however, it is inconvenient to use, and it is commonly used as a backup.…”

Section: Key Managementmentioning

confidence: 99%

“…[3], Privacy violation; [9], On-line wallet: Bypass credential validation [23], Compromised key [63].…”

Section: Single-keymentioning

confidence: 99%

“…Single-Key: Compromise the availability, Online-Wallet: Server flooding [72]. resource-consuming procedure [99], Untrustworthy external calls [72], Untrustworthy data feeds [12], Disturbing external oracle [12], Compromise the availability, temporary shutdown of token trading [26] Elevation of Privileges Public: Splitting mining power [110] Crafting malicious Payload into high privilege extension [88], Bypass credential validation [23];…”

Section: Single-keymentioning

confidence: 99%

“…A Study on Blockchain Architecture Design Decisions and their Security Attacks and Threats1:29 Privacy violation [9], Change contracts owner [75], stealfront end login information [103], Compromised private key [3], Transaction spoofing [173], Identity theft, Gain access to the storage [168] Transaction manipulation [140], Alter out-going data [51], Fake transaction, Identity theft, Change contract owner, Malicious external oracle [169] Transaction manipulation [140], Malicious external oracle [169] Privacy violation [9], Transaction graph analysis [57], Sensitive data exposure [9], Eavesdropping [3], Steal-front end login information [103], Bypass credential validation [23], Compromised private key [3], Untractability violation [9], Transaction pattern exposure [57], leakage of confidential information [7] Transaction manipulation [140], Change contract owner, Gain access to the storage [168], Bypass credential validation [23]…”

Section: Impactmentioning

confidence: 99%

See 3 more Smart Citations

A Study on Blockchain Architecture Design Decisions and Their Security Attacks and Threats

Ahmadjee

Mera‐Gómez

Bahsoon

et al. 2022

ACM Trans. Softw. Eng. Methodol.

View full text Add to dashboard Cite

Blockchain is a disruptive technology intended to implement secure decentralised distributed systems, in which transactional data can be shared, stored, and verified by participants of the system without needing a central authentication/verification authority. Blockchain-based systems have several architectural components and variants, which architects can leverage to build secure software systems. However, there is a lack of studies to assist architects in making architecture design and configuration decisions for blockchain-based systems. This knowledge gap may increase the chance of making unsuitable design decisions and producing configurations prone to potential security risks. To address this limitation, we report our comprehensive systematic literature review to derive a taxonomy of commonly used architecture design decisions in blockchain-based systems. We map each of these decisions to potential security attacks and their posed threats. MITRE’s attack tactic categories and Microsoft STRIDE threat modeling are used to systematically classify threats and their associated attacks to identify potential attacks and threats in blockchain-based systems. Our mapping approach aims to guide architects to make justifiable design decisions that will result in more secure implementations.

show abstract

Section: Key Managementmentioning

confidence: 99%

“…[3], Privacy violation; [9], On-line wallet: Bypass credential validation [23], Compromised key [63].…”

Section: Single-keymentioning

confidence: 99%

Section: Single-keymentioning

confidence: 99%

Section: Impactmentioning

confidence: 99%

See 2 more Smart Citations

A Study on Blockchain Architecture Design Decisions and Their Security Attacks and Threats

Ahmadjee

Mera‐Gómez

Bahsoon

et al. 2022

ACM Trans. Softw. Eng. Methodol.

View full text Add to dashboard Cite

show abstract

“…The most advanced feature was the absolute "cold storage", with storage temperature very dissimilar from a coin casting procedure (Jokić, 2019;Langschaedel, 2015). Electronic fraud with "Electrum wallet" and Bitcoin were the reason to revert to a modern gold coin (Biryukov, 2019;Bui, 2019;Voleth, 2019). Of course, archaic electrum was a gold coin and this wallet falsifies Greek History.…”

Section: Electrum Naming Confusionmentioning

confidence: 99%

ELECTRUM-G, A Tangible Coin Actualization Schema: Patents for Casting, Forensics and Trade Options

Zisopoulos

Spinthiropoulos

Georganakis

2020

BER

View full text Add to dashboard Cite

Our interdisciplinary research concluded with a new member of the ancient Electrum family of golden coins: the ELECTRUM-G coin. It is golden representing an actual value with metal abnormalities to give a universal traceable RID and a modern engravement and other forgery fighting attributes and associated electronics. Other ELECTRUM-G characteristics are ; A tangible item with the form of a coin or sphere; there is a coin engravement with a QR code pointing the Electrum Ecosystem (www.electrum.gr). Four different patents are prepared for the project needs: a unique QR code stamping; a RID code casting; a two-layer gold foundry with RID intermediate layer; and a professional electronics simple spectrometer to read and report the RID code. Two Electrum narrative examples are given for ELECTRUM-G use and forensics, a nouvelle with the happy Electrum traveler and the lyrics of a song defining the “thin line between love and hate”. Finally, as inspired scientists we reverse the ELECTRUM Universe with an old story of “Stop RFID” and the beast (665+1) endangerment. Our research and product headlines faced also two contradictory intra-co-operating design aspects: the personal interest of the Electrum-G coin owner and the Public interest of civil and national security.

show abstract