Reply is the place to meet an incredible variety of enthusiastic, passionate, ideas-driven people, who want to make a difference and an impact.Would you like to know more?
The shift from traditional networks to Software-Defined Networks (SDN) is quickening due to more flexible, efficient and cost-effective platforms. But most of the SDN development work on features, not security, these SDN are at risk from new attack vectors which were simply not possible before with traditional networks. In traditional networks, hosts/servers on the network would primarily be at risk from attack, but now with SDN, new APIs and therefore vulnerabilities exist for the network itself.
To demonstrate this problem, once a single rogue element such as a switch or compute element, injected by a hacker, is accepted by a SDN, the hacker may be able to view, copy, alter, disrupt communications on the network.
Therefore any security solution must be able to scale and have the performance to allow dozens of valid elements in without delay, whilst rejecting a single rogue element from a hacker.
This means that a holistic security system is needed to counter these threats to Software-Defined Networks and be able to operate in a way which does not impact its performance or scalability, and be able to generate alerts and a forensically auditable log about everything which happens on the network.
Imagine a solution which protects against rogue elements from entering the Software-Defined Network, in a scalable way, meaning many thousands of valid elements can enter at the same time as a single rogue element is rejected.
Imagine a solution where anything which happens on the SDN is captured in a forensically auditable and unchangeable log – the blockchain! No longer could hackers attempt to cover their tracks by also hacking into the log server and changing the history of events, due to the fact the blockchain and its records exist in many thousands of places at once so any alteration would be rejected by the blockchain peers.
Imagine a solution which keeps the Software-Defined Network safe from attack, and which gives the potential to set up automatic, programmable rules on what is - and what is not - acceptable on the SDN at any time and by whom.
Securechain accomplishes all of the above, and has potential to enhance SDN security in many other ways too, including protecting the SDN controller itself.
Securechain brings security, scalability and auditability to Software-Defined Networks.
Securechain is built on the Ethereum blockchain, the same programmable blockchain which is being considered for use by Microsoft, the R3 and Samsung/IBM. The rising popularity of this blockchain is due to its unique features:
SDN security is in its infancy at present, and so many of the challenges shown above have not been fully addressed by the industry.
The advantages of Securechain over traditional security approaches is that its inherent programmability can be technology and vendor agnostic, and so can interface with any SDN vendor and across vendors’ different technology and APIs.
Because Securechain is blockchain-based, it runs everywhere and cannot be taken down. Its rules for accessing or rejecting elements cannot be tampered with without changing the blockchain, and as the records are stored in the blockchain, it provides for an unchangeable, forensically auditable record of events.
Two basic use-cases are shown below, to aid understanding of the Securechain operation.
Property: a Blockchain accelerator manages the change of property ownership, in other words the transfer of ownership of any digital or physical asset (e.g. vehicles, equity, houses, etc.). Through the registration of a transaction in the Blockchain register, the identity of the seller and the buyer, the unique identifier of the asset and the time stamp associated with the transaction are guaranteed and cannot be modified.
Voting: in contexts that require a high level of transparency and security, such as voting in public ballots (e.g. to express a preference in a survey), the Blockchain technology relies on crypto currencies to guarantee both the legal certainty of the vote and the transparency of the process.
IoT (Internet of Things): things rely on the use of the Blockchain technology to manage the authentication and integrity of messaging between themselves, in order to guarantee the use of a safe and reliable IoT network.
Ticketing: ticketing and couponing systems are highly complex. Furthermore, the risk of distributing counterfeit tickets is a major problem even for the more advanced and modern systems. Through the use of a web platform that exploits the specific features of Blockchain technology, it’s possible to create a secure and interoperable couponing/ticketing solution that still ensures the best possible end user experience.
Secure Authentication: Authentichain is a new authentication system developed using Blockchain Technology. With Authentichain, it is possible to manage a private network of smart devices that are mutually authenticated and verified. It is also possible to easily extend the network and connect it to other networks (e.g. service providers, specialised technical support, etc.) while guaranteeing the actual identity of the parties involved and the traceability of access.
Insurances: over the years, complexity and costs related to the management of insurance processes have undermined the profitability of companies and inhibited the distribution of innovative insurance products. A platform was developed which, by integrating with the Ethereum Blockchain, facilitates the setting and enforcement of smart contracts for travel insurance. Insurechain is a solution that facilitates the automation of premium calculations, the management of appraisals and the settlement of certain types of claims, ensuring end-user transparency.