Publication Peer Review

Hyperledger Fabric 2.0 Architecture Security Report
Hyperledger Fabric 2.0 Architecture Security Report

Hyperledger Fabric 2.0 Architecture Security Report

The Hyperledger Fabric 2.0 Architecture Security Report is an accompanying document to the Hyperledger Fabric 2.0 Security Controls Checklist. To participate in the peer review of the Controls Checklist, visit this link.

As the foundational platform replacing the Internet of Information with the Internet of Value (Carter 2019), Blockchain technology is being rapidly adopted (Global Blockchain Business Council, 2020)(Hoffman et al., 2020) (Gartner, 2020) by Enterprises to bring traceability and transparency to external business workflows instilling trust and efficiency in an untrusted and competitive business environment (IBM 2020). Considering that many of these external business workflows involve transactions and custody of value in the form of digital assets(European Commission 2020) or other high-value data, Cybersecurity attributes such as Privacy, Confidentiality, Integrity, and Availability certainly take center stage in the blockchain space (Birge et al., 2018).[1] A compromise of any of those attributes can result in a High Business Impact viz., Loss of Trade, Loss of Ownership and or Loss of Trust between the stakeholders (Chia et al., 2019).

In this Hyperledger Fabric 2.0 (Fabric 2.0) Architecture Security Report, targeted for Security and Risk Management Leaders and Regulators in the Financial Industry, we have aimed to mitigate the above mentioned Business Impact in two-ways:

  1. We first identify Fabric 2.0’s architectural risks to Cybersecurity attributes (Privacy, Confidentiality, Integrity, Availability) (Angelis et al., 2019) while being implemented as a Permissioned Blockchain Enterprise Network for a Trade Finance Business Use Case in a Cloud-based Environment. We deliver a fully implementable “Security Controls Checklist” aligned with NIST Cybersecurity Framework’s Controls to proactively Prevent, Detect and Respond to the above-identified risks thus mitigating the Business Impacts downstream to the Trade Finance Business Workflow caused by Loss of Trade, Loss of Trust and Loss of Ownership
This report being part of Cloud Security Alliance (CSA) a Cloud environment was deliberately selected to house the Fabric network to leverage the CSA’s expertise to securely manage the Physical Infrastructure of the Fabric 2.0 Permissioned Blockchain Network.

Request to Participate

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).