Blockchain technology and related security risks: towards a seven-layer perspective and taxonomy

Mollajafari, Sepideh and Bechkoum, Kamal ORCID: 0000-0001-5857-2763 (2023) Blockchain technology and related security risks: towards a seven-layer perspective and taxonomy. Sustainability, 15 (18). Art 13401. doi:10.3390/su151813401

[img]
Preview
Text (Published version)
13223 BECHKOUM Kamal (2023) Blockchain technology and related security article.pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (3MB) | Preview

Abstract

Blockchain technology can be a useful tool to address issues related to sustainability. From its initial foundation based on cryptocurrency to the development of smart contracts, blockchain technology promises significant business benefits for various industry sectors, including the potential to offer more trustworthy modes of governance, reducing the risks for environmental and economic crises. Notwithstanding its known benefits, and despite having some protective measures and security features, this emerging technology still faces significant security challenges within its different abstract layers. This paper classifies the critical cybersecurity threats and vulnerabilities inherent in smart contracts based on an in-depth literature review and analysis. From the perspective of architectural layering, each layer of the blockchain has its own corresponding security issues. In order to have a detailed look at the source of security vulnerabilities within the blockchain, a seven-layer architecture is used, whereby the various components of each layer are set out, highlighting the related security risks and corresponding countermeasures. This is followed by a taxonomy that establishes the inter-relationships between the vulnerabilities and attacks in a smart contract. A specific emphasis is placed on the issues caused by centralisation within smart contracts, whereby a “one-owner” controls access, thus threatening the very decentralised nature that blockchain is based upon. This work offers two main contributions: firstly, a general taxonomy that compiles the different vulnerabilities, types of attacks, and related countermeasures within each of the seven layers of the blockchain; secondly, a specific focus on one layer of the blockchain namely, the contract layer. A model application is developed that depicts, in more detail, the security risks within the contract layer, while enlisting the best practices and tools to use to mitigate against these risks. The findings point to future research on developing countermeasures to alleviate the security risks and vulnerabilities inherent to one-owner control in smart contracts.

Item Type: Article
Article Type: Article
Uncontrolled Keywords: Blockchain; Ethereum; Smart contract vulnerabilities; Centralisation; One-owner control
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software > QA76.9 Other topics > QA76.9.B56 Blockchains
Divisions: Schools and Research Institutes > School of Business, Computing and Social Sciences
Research Priority Areas: Applied Business & Technology
Depositing User: Rhiannon Goodland
Date Deposited: 27 Sep 2023 15:44
Last Modified: 16 May 2024 13:18
URI: https://eprints.glos.ac.uk/id/eprint/13223

University Staff: Request a correction | Repository Editors: Update this record

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter Google+ YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.