Blockchain can enable more sweeping data security and management in the cloud
Blockchain is inextricably linked to cryptocurrency in many people’s minds – but there’s far more to the technology than that. Essentially a system of information containers where data is encrypted and stored in a public or private network, blockchain is virtually tamper-proof. This inherent inviolability creates new opportunities for strengthening data security in the public cloud.
Why data security is an issue in the public cloud
The centralization of major cloud servers enables a unified security approach that protects the entire company from external threats by managing security functions on a company-wide scale – but it also presents a security challenge. Operating a unified security solution means that all the security capabilities are concentrated in one appliance, creating the possibility of a single point of failure.
Cloud computing often involves the outsourcing of trust to a provider, with security becoming a shared responsibility between the customer and the cloud provider. However, almost all cloud security failures are the customer’s fault. With poor authorization controls, data can be widely exposed, leaving organizations susceptible to breaches. The rise of regulations such as GDPR means compliance on public servers is likely to increase cloud costs and reduce cloud control. In response, developers are redefining the infrastructure of cloud computing with solutions like edge computing.
How blockchain enhances security
Blockchain involves a shared database containing groups of transactions called blocks, which encrypt and store data. As each time-stamped block joins the filled block before it, another block joins behind it when it becomes filled with data, forming what is known as a blockchain. The most common application is as a distributed ledger wherein all participants share an immutable ledger that can only be accessed by members with permission.
Blockchain can help prevent fraud and unauthorized actions by creating a record that cannot be changed and is encrypted end-to-end. It also mitigates privacy issues by anonymizing personal data and using permissions to control access. Storing information across a network of computers rather than a single server also makes it less vulnerable to hacking.
Where blockchain security meets the cloud
Current public blockchain infrastructure is not scalable for big data storage and management, but sharing the data on a cloud platform can increase blockchain’s scalability, making it a convenient service that provides stronger security through decentralization, transparency and immutability.
Blockchain distributes its data transactions across participating computer networks in a digital ledger that has no central control point. Each node in this decentralized network has a complete copy of the ledger, so data loss in cloud storage is not an issue. If one server fails, the system continues to function, offering faster disaster management.
Furthermore, there is no need for a trusted third party because users rely only on a decentralized, immutable ledger that keeps you informed of all activity on the network. Instead of trusting the provider, users trust the technology itself to verify transactions.
The inherent transparency of blockchain prevents suspicious or covert activity. Its sequential storage feature verifies each transaction as it happens, creating not just a robust chain of blocks but also a series of transaction records that verify ownership and identity. Only users with the encryption key can access or read the data, making it very difficult for hackers to compromise the data.
A key issue with cloud storage is preventing data tampering. In its 2022 Top Cloud Threats report, the Cloud Security Alliance (CSA) ranked insecure interfaces and APIs as the second-biggest problem with cloud security – up from the seventh-biggest issue in 2019. Blockchain offers a means to monitor transaction history that highlights any attempts to interfere with the data. Each block contains a hash that’s unique to the block, as well as the previous block's hash, making it very easy to identify attempts to tamper with the data.
Given the fact that blockchain data is encrypted, decentralized and checked by all the participating networks, altering a transaction that has been recorded on a ledger would invalidate the signatures and alert the networks. So once a transaction is recorded on a ledger, it is almost impossible to alter it without the networks noticing because the signatures will be invalidated.
To hack the blockchain, the multiple network nodes that confirm each legitimate transaction would have to be hacked simultaneously – something that is currently virtually impossible. Malicious nodes could be added to the network to create a 51% attack, which requires a malicious user to gain majority control of a given blockchain network. This would allow them to interrupt the recording of new blocks by preventing other network participants from completing blocks.
However, private blockchain networks are not vulnerable to such attacks because participants must be invited and validated by either the network starter or by rules set by the network starter. Businesses who set up a private blockchain, will generally set up a permissioned network. The Linux Foundation’s Hyperledger Fabric, a modular blockchain framework and the de facto standard for enterprise blockchain platforms, is an example of a permissioned blockchain framework implementation.
Once you decide to deploy a blockchain solution to the cloud, you first need to select the blockchain network participants (the blockchain consortium). You can then start setting up the network on the cloud. Deploying the blockchain network and its component parts via Kubernetes clusters is an emerging approach to cloud security, offering a neat solution to blockchain’s inherent complexity and the difficulty of integrating it into the existing infrastructure.
Using this open-source container orchestration platform for blockchain means environments can be scaled quickly because it enables automatic scaling, deployment and management of containerized infrastructure. High availability can be maintained by keeping multiple containers running for key services.
Deploying blockchain networks via Kubernetes clusters also enables service interoperability between organizations with different architectures, simplifies deployments and adds the capacity to upgrade. Used with Hyperledger Fabric, Kubernetes offers a powerful, secure platform for processing blockchain transactions. The advantages of this approach mean it may soon become the standard of adoption for blockchain in the cloud.
Kubernetes is a powerful platform for companies seeking to scale securely, but it helps to rely on an expert cloud partner to leverage it to full effect. SecuredTouch is just one of many companies DoiT has collaborated with to harness benefits of Kubernetes that go beyond blockchain and cloud security. We helped SecuredTouch migrate its production to GKE for optimizing resource utilization and costs to support the delivery of its fraud detection platform to a rapidly expanding portfolio of customers. Other companies we have supported with Kubernetes include Alcide, Bringg and eToro.
Where next with blockchain security and the cloud
Blockchain may address many of the security weaknesses of the public cloud but, like any complex technology, it presents its own security issues. These vulnerabilities are the result of human error, with developers introducing them in software such as web services and smart contracts, and they can take the form of anything from logic bugs and reentrancy issues to integer overflows.The CSA has identified a draft list of almost 200 attacks, weaknesses and vulnerabilities in blockchain technology, many of which have yet to be fully documented or even understood.
Blockchain is also a relatively new technology, so it will involve investment in learning and onboarding for companies seeking to use it to enhance their security in the cloud. For example, developers will need to learn how to write decentralized apps for blockchain to enable, and business leaders will also need to familiarize themselves with the new approach.
Nonetheless, embracing blockchain is expected to have a broad range of largely beneficial effects on business. in a March 2022 TechRepublic Premium survey, 64% of respondents said that they believe blockchain will affect their industry in some way, and most of that group forecast a positive impact.
Enabling enhanced IT efficiency, flexibility and scalability, the promise of the cloud remains as true as it ever was – but so does the challenge of security. An expert cloud partner can carry out a security assessment of your architecture and guide you on the best approach to harnessing the cloud securely to achieve your business goals.