Circle
Events
Blog

Download Publication

Corda Enterprise 4.8 - Security Controls Checklist
Corda Enterprise 4.8 - Security Controls Checklist
Who it's for:
CISOs / CTOs / CIOs 
Security Architects 
Application Developers 
System and Security Administrators

Corda Enterprise 4.8 - Security Controls Checklist

Release Date: 12/15/2021

In this spreadsheet, our Blockchain/Distributed Ledger Working Group delivers a fully implementable security controls checklist for the blockchain framework Corda Enterprise 4.8. These controls are aligned with the NIST Cybersecurity Framework’s controls to proactively prevent, detect and respond to the risks of Fabric 2.0, thus mitigating the business impacts downstream caused by loss of trade, trust, and ownership.

In the accompanying Corda Enterprises 4.8 - Architecture Security Report, we identify the cybersecurity risks of implementing Corda Enterprises 4.8’s architecture as a permissioned blockchain enterprise network for a trade finance business in a cloud-based environment. Steps 1-6 of the section "Threat Model Analysis as per STRIDE Model" explain in detail how this Security Controls Checklist was derived.

Key Takeaways:
  • The description of each identified Corda Enterprise 4.8 vulnerability
  • The description of each control that can be used to mitigate these vulnerabilities
  • How the controls map to NISTv5(SP 800-53 Rev. 5), the standard reference for security controls

Help CSA better understand how we can support the cloud community. Answer a couple of questions to download this resource.

In my current job I work in:

Can we send you updates?

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).

You’ve made safer cloud computing possible.

Download
Provide feedback on this form

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).

Download
Provide feedback on this form

Acknowledgements

Ashish Mehta Headshot
Ashish Mehta
Director at Genese Incubation Management Services Pvt, Ltd
Ashish Mehta

Director at Genese Incubation Management Services Pvt, Ltd

Ashish is co-chair of the CSA Blockchain/Distributed Ledger working group, where he leads and supports the group’s peer-reviewed research papers and coordinates educational and networking webinars with various industry players for the wider CSA community and industry participants. He has represented CSA as a speaker at multiple global events and is he...

Read more

Urmila Nagvekar Headshot
Urmila Nagvekar
Urmila Nagvekar

Urmila Nagvekar is a Certified Information Systems Security Professional (CISSP), with a combined 27 years in Information Technology, Security, and Privacy involving leading Cybersecurity, Information Risk Management, and Data Privacy Programs as business value drivers for Engineering and Geoscience with oil majors.

She has been actively contributing and presenting topics related to Blockchain Security at CSA’s Blockchain/DLT Working ...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?