As an advantageous technique and service,the blockchain has shown great development and application prospects.However,its security has also met great challenges,and many security vulnerabilities and attack issues in b...As an advantageous technique and service,the blockchain has shown great development and application prospects.However,its security has also met great challenges,and many security vulnerabilities and attack issues in blockchain-based services have emerged.Recently,security issues of blockchain have attracted extensive attention.However,there is still a lack of blockchain security research from a full-stack architecture perspective,as well as representative quantitative experimental reproduction and analysis.We aim to provide a security architecture to solve security risks in blockchain services from a full-stack architecture perspective.Meanwhile,we propose a formal definition of the full-stack security architecture for blockchain-based services,and we also propose a formal expression of security issues and defense solutions from a full-stack security perspective.We use ConCert to conduct a smart contract formal verification experiment by property-based testing.The security vulnerabilities of blockchain services in the Common Vulnerabilities and Exposures(CVE)and China Nation Vulnerability Database(CNVD)are selected and enumerated.Additionally,three real contract-layer real attack events are reproduced by an experimental approach.Using Alibaba's blockchain services and Identity Mixer in Hyperledger Fabric as a case study,the security problems and defense techniques are analyzed and researched.At last,the future research directions are proposed.展开更多
This paper is based on a scientific methodology developed by its author(1987)in his doctoral dissertation and later(2004)published in a book.According to this methodology,architecture is understood as a system consist...This paper is based on a scientific methodology developed by its author(1987)in his doctoral dissertation and later(2004)published in a book.According to this methodology,architecture is understood as a system consisting of four basic elements:Environment,Man,Boundaries and Perspectives.As a case study,this methodology was checked and confirmed(in the dissertation and in the cited book)on the example of an oriental-type town hall in Bosnia and Herzegovina,Serbia,Montenegro,Kosovo and Macedonia,and later in all published books,to date.In this paper,the author draws attention to the element of Perspective(in architecture)thus emphasizing its exceptional importance in understanding architecture as a whole.In doing so,this element cannot be separated from the other three elements(Environment,Man,Boundaries)since with them he builds architecture as a single whole.展开更多
基金supported by the National Key Research and Devel-opment Program of China(2018YFB0803403)Fundamental Research Funds for the Central Universities(FRF-AT-20-11)from the Ministry of Education of China。
文摘As an advantageous technique and service,the blockchain has shown great development and application prospects.However,its security has also met great challenges,and many security vulnerabilities and attack issues in blockchain-based services have emerged.Recently,security issues of blockchain have attracted extensive attention.However,there is still a lack of blockchain security research from a full-stack architecture perspective,as well as representative quantitative experimental reproduction and analysis.We aim to provide a security architecture to solve security risks in blockchain services from a full-stack architecture perspective.Meanwhile,we propose a formal definition of the full-stack security architecture for blockchain-based services,and we also propose a formal expression of security issues and defense solutions from a full-stack security perspective.We use ConCert to conduct a smart contract formal verification experiment by property-based testing.The security vulnerabilities of blockchain services in the Common Vulnerabilities and Exposures(CVE)and China Nation Vulnerability Database(CNVD)are selected and enumerated.Additionally,three real contract-layer real attack events are reproduced by an experimental approach.Using Alibaba's blockchain services and Identity Mixer in Hyperledger Fabric as a case study,the security problems and defense techniques are analyzed and researched.At last,the future research directions are proposed.
文摘This paper is based on a scientific methodology developed by its author(1987)in his doctoral dissertation and later(2004)published in a book.According to this methodology,architecture is understood as a system consisting of four basic elements:Environment,Man,Boundaries and Perspectives.As a case study,this methodology was checked and confirmed(in the dissertation and in the cited book)on the example of an oriental-type town hall in Bosnia and Herzegovina,Serbia,Montenegro,Kosovo and Macedonia,and later in all published books,to date.In this paper,the author draws attention to the element of Perspective(in architecture)thus emphasizing its exceptional importance in understanding architecture as a whole.In doing so,this element cannot be separated from the other three elements(Environment,Man,Boundaries)since with them he builds architecture as a single whole.
