The rise of Software-Defined Networks means that there are new ways for hackers to enter a network or system.

Securechain is the solution that introduces security gateway into SDN, whilst creating a forensically auditable and unchangeable log of events.

blockchain TECHNOLOGY


The shift from traditional networks to Software-Defined Networks (SDN) is quickening due to more flexible, efficient and cost-effective platforms. But most of the SDN development work on features, not security, these SDN are at risk from new attack vectors which were simply not possible before with traditional networks. In traditional networks, hosts/servers on the network would primarily be at risk from attack, but now with SDN, new APIs and therefore vulnerabilities exist for the network itself.

To demonstrate this problem, once a single rogue element such as a switch or compute element, injected by a hacker, is accepted by a SDN, the hacker may be able to view, copy, alter, disrupt communications on the network.

Therefore any security solution must be able to scale and have the performance to allow dozens of valid elements in without delay, whilst rejecting a single rogue element from a hacker.

This means that a holistic security system is needed to counter these threats to Software-Defined Networks and be able to operate in a way which does not impact its performance or scalability, and be able to generate alerts and a forensically auditable log about everything which happens on the network.

Imagine a solution which protects against rogue elements from entering the Software-Defined Network, in a scalable way, meaning many thousands of valid elements can enter at the same time as a single rogue element is rejected.


Imagine a solution where anything which happens on the SDN is captured in a forensically auditable and unchangeable log – the blockchain!  No longer could hackers attempt to cover their tracks by also hacking into the log server and changing the history of events, due to the fact the blockchain and its records exist in many thousands of places at once so any alteration would be rejected by the blockchain peers.

Imagine a solution which keeps the Software-Defined Network safe from attack, and which gives the potential to set up automatic, programmable rules on what is - and what is not - acceptable on the SDN at any time and by whom.

Securechain accomplishes all of the above, and has potential to enhance SDN security in many other ways too, including protecting the SDN controller itself.


Securechain brings security, scalability and auditability to Software-Defined Networks.

Securechain is built on the Ethereum blockchain, the same programmable blockchain which is being considered for use by Microsoft, the R3 and Samsung/IBM. The rising popularity of this blockchain is due to its unique features:

  1. Quick block-time (ca. 15sec, compared to the Bitcoin blockchain of ca. 10min);
  2. The ability to run code within the blockchain, which can be called instantaneously to run particular instructions (this is not possible on Bitcoin blockchain);
  3. Blockchain-based auditable and unchangeable logs and, in addition, external programs can interface with blockchain data for reporting or other purposes.

The current scenario - Critical aspects

SDN security is in its infancy at present, and so many of the challenges shown above have not been fully addressed by the industry.

The advantages of Securechain over traditional security approaches is that its inherent programmability can be technology and vendor agnostic, and so can interface with any SDN vendor and across vendors’ different technology and APIs.

Because Securechain is blockchain-based, it runs everywhere and cannot be taken down. Its rules for accessing or rejecting elements cannot be tampered with without changing the blockchain, and as the records are stored in the blockchain, it provides for an unchangeable, forensically auditable record of events.

The use cases developed and solution architecture

Two basic use-cases are shown below, to aid understanding of the Securechain operation.

    One basic use-case is adding a device to the Software Defined Network. The first thing to happen would be the admin panel or trusted entity sends the request to the Blockchain from a whitelisted ‘Command Wallet’ to the ‘SDN Wallet’. This request is then stored in the blockchain, which acts as the sole gateway into the SDN. The code interfacing the blockchain with the outside world is polling for new instructions and once it has seen a valid request, it will process its contents. In this scenario the transaction/request has come from a whitelisted wallet, with a valid instruction, so the instruction can be implemented and the valid network element added. NB - In practice, this code would reside within the Ethereum Blockchain itself, but is shown here externally for ease of understanding. The network will inform the SDN controller to allow the device to start functioning and the element will then be part of the SDN.
    The second use-case is the rejection of a rogue element. In this case, a hacker with a valid instruction, but with a wallet address that is not whitelisted, and/or without the correct code within, is sending a message to the Blockchain to attempt to add a rogue device. Because this instruction has originated from a hacker, the system rejects it, and the device is not added to the SDN. At the same time, an alert is sent to the network admin to warn them of the hack, providing key details of the including wallet ID of the hacker and timestamp. In addition the rogue request is stored forever in the blockchain, which allows for a security audit at a later date free of the possibility of tamper.
That's mine 0

That's mine

Property: a Blockchain accelerator manages the change of property ownership, in other words the transfer of ownership of any digital or physical asset (e.g. vehicles, equity, houses, etc.). Through the registration of a transaction in the Blockchain register, the identity of the seller and the buyer, the unique identifier of the asset and the time stamp associated with the transaction are guaranteed and cannot be modified.​​

Ballotchain 0


Voting: in contexts that require a high level of transparency and security, such as voting in public ballots (e.g. to express a preference in a survey), the Blockchain technology relies on crypto currencies to guarantee both the legal certainty of the vote and the transparency of the process.

Blokcom 0


IoT (Internet of Things): things rely on the use of the Blockchai​n technology to manage the authentication and integrity of messaging between themselves, in order to guarantee the use of a safe and reliable IoT network.

Cloudchain 0


Ticketing: ticketing and couponing systems are highly complex. Furthermore, the risk of distributing counterfeit tickets is a major problem even for the more advanced and modern systems. Through the use of a web platform that exploits the specific features of Blockchain technology, it’s possible to create a secure and interoperable couponing/ticketing solution that still ensures the best possible end user experience.

Authentichain 0


Secure Authentication: Authentichain is a new authentication system developed using Blockchain Technology. With Authentichain, it is possible to manage a private network of smart devices that are mutually authenticated and verified. It is also possible to easily extend the network and connect it to other networks (e.g. service providers, specialised technical support, etc.) while guaranteeing the actual identity of the parties involved and the traceability of access.

Insurechain 0


Insurances: over the years, complexity and costs related to the management of insurance processes have undermined the profitability of companies and inhibited the distribution of innovative insurance products. A platform was developed which, by integrating with the Ethereum Blockchain, facilitates the setting and enforcement of smart contracts for travel insurance. Insurechain is a solution that facilitates the automation of premium calculations, the management of appraisals and the settlement of certain types of claims, ensuring end-user transparency.