A Study on Blockchain Architecture Design Decisions and Their Security Attacks and Threats

【Author】 Ahmadjee, Sabreen; Mera-Gomez, Carlos; Bahsoon, Rami; Kazman, Rick

【Source】ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY

【影响因子】3.685

【Abstract】Blockchain is a disruptive technology intended to implement secure decentralised distributed systems, in which transactional data can be shared, stored, and verified by participants of the system without needing a central authentication/verification authority. Blockchain-based systems have several architectural components and variants, which architects can leverage to build secure software systems. However, there is a lack of studies to assist architects in making architecture design and configuration decisions for blockchain-based systems. This knowledge gap may increase the chance of making unsuitable design decisions and producing configurations prone to potential security risks. To address this limitation, we report our comprehensive systematic literature review to derive a taxonomy of commonly used architecture design decisions in blockchain-based systems. We map each of these decisions to potential security attacks and their posed threats. MITRE's attack tactic categories and Microsoft STRIDE threat modeling are used to systematically classify threats and their associated attacks to identify potential attacks and threats in blockchain-based systems. Our mapping approach aims to guide architects to make justifiable design decisions that will result in more secure implementations.

【Keywords】Blockchain; security threat classification; architecture decision; design decisions

【发表时间】2022 APR

【收录时间】2022-06-07

【文献类型】综述

【主题类别】

区块链治理-技术治理-实体分类