Information security is paramount.

In today’s organizations information is distributed and replicated by various computer systems, each with different levels of security, all of which being subject to hacking or social engineering attacks. In many cases, security flaws lie outside computer systems, where human aspects such as ignorance, neglect, apathy, disinterest, and deceit are at the root of the problem. Attacks may be aimed at information theft, denials of service, and destruction or disguised alteration of data.

In this sense, the need arises to define information security policies, which conceptually follow the CIA triad (“Confidentiality”, “Integrity”, and “Availability”), where confidentiality determines the rules of access to information; integrity determines the validity and authenticity of the information; and availability determines the access to information. These policies go through all layers of the organization, instituting processes and practices that promote and maintain security. But organizations tend to lose heart in fulfilling them, because they require knowledge and willingness, need time and dedication, impose continuous monitoring, and constitute a substantial cost. The situation has gotten so serious that, according to Privacy Rights Clearinghouse, more than 10 billion records have been compromised since 2005. And these are only the ones that have been noticed and made public.

In contrast, there is a publicly accessible system that has withstood all kinds of attacks since its inception. This system is called Bitcoin. With billions of dollars in Bitcoins stored inside its blockchain, with open access and made accessible to anyone, there has been no attack to date that has compromised the system. It’s the peculiar characteristics of the Bitcoin blockchain that exhibit new security qualities in a somewhat counterintuitive way.

Project Goal

In these terms, BlockBase meets the following requirements:

  1. Confidentiality
    BlockBase promotes the confidentiality of data by encrypting it in advance by default. It is only through specific configuration that a given information field may remain unencrypted. System administrators and the system itself are incapable of reading the encrypted data.
    It provides different levels of access to data through the use of multiple cryptographic layers stacked on top of each other, starting from the bottom — at the record level — to the top — at the database level. It also facilitates an easy search and retrieval of data without disclosure of information.
  2. Integrity
    BlockBase records all changes to the structure of data and to the data itself and enforces digitally signing of changes, assuring their authenticity and non-repudiation. BlockBase allows an unlimited number of users of different nature and purpose, without compromising the integrity of their data.
  3. Availability
    BlockBase is scalable and resilient to technical faults, natural disasters, human errors, and hacking attacks. It allows for an unlimited number of users of a distinct nature and purpose, without compromising their availability.

Architecture

Participation and Consensus

Article written by Ricardo Pinto — Lead Architect at BlockBase

The power of Blockchain applied to Databases — www.blockbase.network