Quantify Cyber Risk Now

header ads

Blockchain Redefining Database Security | Lucideus Research

“Instead of waiting for someone to steal my identity, I am going to auction it on eBay” - Stann Rapp

Data is quickly becoming one of the most valuable resources in the world, whereas it’s security is the major concern in the 21st century. Every data i.e. either financial or personal is at risk. Quotation by Stann Rapp exactly portrays the major concern as there is a tremendous increase in the number of cases of frauds, hacking and unauthorised personnel access of data, which marks a significant risk for all business. The dependency of using internet and technology has resulted in new revenue streams and business models for any organisation either small-scale industry or MNC’s which are totally depended on some kind of data is at high risk. The emerging question is, how secure can a data be in a traditional storage (client-server architecture) and what is the breakthrough in all this data tampering and data security.

Cyber Security has been a hot-button issue and hacking dominated the information security news from the beginning of 2018. Everything from the US presidential elections to yahoo mail accounts being targeted by cyber criminals and state-sponsored hackers, it makes total sense the world has become more sensitive about protecting its data. This is it when block chains come into role play for data management security. Let’s start this article with, what Blockchain is and why it is being considered as one of the biggest breakthroughs in data security.

Most of the people know that the technology behind bitcoins refers to blockchains but the concept is far beyond the crypto-currency. The traditional way for any transaction that occurs, people use a trusted middleman such as a bank to make any transaction to take place. Whereas blockchains allow consumers and suppliers to connect directly and remove the presence of a third party. Blockchains use cryptography to keep exchanges for securing and provides a decentralised database architecture which can be referred to as “digital ledger”, that everyone on the network can seeThe basic concept in layman terms is that it is a chain of computers that must approve an exchange before it can be verified and recorded to proceed further.

It's not the data itself but its the structure of the database which is being changed from centralized architecture i.e. a client-server architecture to a decentralized architecture which does not need a middleman but just peer-to-peer connectivity.

There is no central storage system for the data as compared to client-server architecture. In terms of security, if someone had to access the server with the information, any data can be added, changed or removed talking in terms of reliability, if the number of request increases, the server can also break down. If there is any problem in the central storage no information can be derived unless the problem on the server is solved which you can relate to while trying to pay your college fee through commercial bank online and on high traffic in the network, server breakdown and keeps the client waiting to be fixed. The Data transfer rates can be low if the nodes are located in different countries.

In decentralized network – data is distributed between the nodes of the network. If something is added, deleted or edited, it will be reflected on all the computers on the network. The system in the decentralized network is self-sufficient and self-regulating that it will protect all the data from deliberate attacks or any accidental changes in the information as it contains the timestamp and rather then updating the data, it will make a new chin if any changes occur.

Let's get deep into blockchains from a developers perspective which will explain the concept of the chains and the data storage.

We will create a simple blockchain using JS and implement it to store the data and show how encryption and data security actually takes place.

We begin by implementing a genesis block – a genesis block acts as a parent block that will be the index 0, and other children will be further index and will be created if we change the data i.e. add, remove, modify or edit the data.

Step 1: We create a class MyBlock – this class notes down the index, timestamp, data and the previous hash value which will be blank as it is a genesis block but still it needs some form of security as it is the basic building block. Inside a constructor, we give all the parameters that note down the data. We use SHA256 encryption to store the hash value for the block so we call the encryption from other JS file for encrypted values which have been called in the first line of the code.

Step 2: After we define the parameters required to create a blockchain, we need to create a class that will create a block after the genesis block and it has been implemented by the following code given below. Class Blockchain will refer the beginning of the genesis block and defines the parameters it uses to store the data

creategenesisBlock – creates the block
getLatestBlock – shows the current value of the block

addBlock – makes a new block that will refer to its previous block by storing its hash value

As a timestamp is required to store the time when the data was changed, the variable utcDate stores the date which is returned as a string value. We named our object myCoins (reference to BitCoins) and each block here represents some form of data, i.e. name, age, work, designation and value which stores how many myCoins a person has as we have changed the data for Name, age and value, it will represents data for one person which has changed its parameters and shows how it has been formed into a chain and will show at what time did it all reflect.

The concept goes like this, We have a genesis block, which marks the index 0 and is the basic building block for all the data, as the data begins to be stored, it will form a new block with index =1 and this index will store the timestamp, that represents at what time the block was generated , and its data.

Index 1- shows that the data belonged to “Sahil Tanwar” whose Age was “25” and myCoin value was 2, but when this index was updated, rather then changing the value on the same index, the updating occurs in a new block, which shows that in index 2 – the name changed from “Sahil Tanwar” to “Ankur Chauhan” whose Age was “24” and myCoin value was “8”. As we continue to update the data, it does not reflects on the same node, as any change which is being made will form a new chain and will update the data in a new index which will keep the track for all the data and it makes the data recovery easier. We notice that a hash value is being passed in each of the indexes, therefore that hash value is the only way to connect to the block “n” and the block “n-1” as the block “n” contains the hash value of the block “n-1” whereas the block “n-1” will contain the hash value for the block “n-2” and the chain continues. Each block is hence connected with its corresponding hash values.

As discussed in the centralized database architecture, once the data is changed, it does not keep the record of the previous data and just updates on the server side, while here each data is stored in the block of the chain. It can be seen from the blockchain that how when the name was updated from the chain, along with the age and the myCoin value, a new block was formed and hence shows how every time data is secured and keeps track of the previous blocks, it’s just Like a linked list whose current hash stores the pointer to the previous block and continues the chain.

People might think that if one block is attacked, then other remaining blocks can be accessed, but this is where things change. As this is a basic structure of a blockChain in simple terms, as a developer, we can take control of how many blocks can be created, how strong the encryption can be and how long will it take for the formation of the new block. Suppose your hash value is returned as:

Normal Hash – 4530834jklsdf sd9923kjwdf807234jkldsjkf

By introducing a difficulty level, the Hash can introduce a greater length by introducing a “0” concept i.e. we can tamper how much 0’s we would require before the hashing and this will make it slower to access the data and hence more secure, its all depended on the developer how strong his system can be and hence can manipulate the results as:

Stronger hash - 000004530834jklsdf sd9923kjwdf807234jkldsjkf (taking more time to access the data and making it more secure & introducing how many blocks can be added to control new blocks to be forming one after another)

Conclusion: By developing a small Blockchain, it can be concluded that as no trusted middleman is required to transfer any data, a blockchain can improve everything from data integrity and digital identities and can prevent DDoS attacks. It basically is filling the gaps that we have left without poor implementation of security and lack of trustworthiness. Not only it's securing the data but in a controlled environment one can control the blocks which he will be creating, therefore, no middleman requirement will make the peer-to-peer connection stronger. If all the database follows the blockchain strategy then the data leakage can be handled and can make data security stronger and hard for the attacker to access all the data from the server as no controlled server presence makes it close to impossible to get all the data. Secure data that is equivalent to secure identity and bringing down the theft of personal data hence redefining the cybersecurity.

Post a comment