Vol.73, No.2, 2022, pp.2731-2755, doi:10.32604/cmc.2022.029161
OPEN ACCESS
ARTICLE
Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications
  • Shi-Cho Cha1, Chuang-Ming Shiung1, Wen-Wei Li1, Chun-Neng Peng1, Yi-Hsuan Hung1, Kuo-Hui Yeh2,3,*
1 Department of Information Management, National Taiwan University of Science and Technology, Taiwan, China
2 Department of Information Management, National Dong Hwa University, Hualien, Taiwan, China
3 Department of Computer Science and Engineering, National Sun Yat-Sen University, Kaohsiung, Taiwan, China
* Corresponding Author: Kuo-Hui Yeh. Email:
Received 26 February 2022; Accepted 20 April 2022; Issue published 16 June 2022
Abstract
As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations, related stakeholders need a means to assess the trustworthiness of the applications involved within. It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy. Therefore, this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications. The framework divides itself into different implementation domains, i.e., organization security, application security, consensus mechanism security, node management and network security, host security and perimeter security, and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains. In addition, a case study, including a security testing and risk evaluation on each stack of a specific organization, is demonstrated as an implementation instruction of our proposed risk management framework. According to the best of our knowledge, this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can contribute to the adoption of permissioned blockchain-enabled technologies. Furthermore, application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.
Keywords
Permissioned blockchain; blockchain security; blockchain risk evaluation
Cite This Article
S. Cha, C. Shiung, W. Li, C. Peng, Y. Hung et al., "Trustworthiness evaluation for permissioned blockchain-enabled applications," Computers, Materials & Continua, vol. 73, no.2, pp. 2731–2755, 2022.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.