www.bancherul.ro
Publicatie online stiri bancare



Blockchain technology and security - Improving information security in the financial sector

Autor: Bancherul.ro
2017-01-27 08:53

Distributed ledger technology – commonly referred as Blockchain – has emerged as candidate for financial institutions to reform their businesses. The speed and cost of doing business using distributed ledger technology is expected to improve by simplifying back-office operations and lowering the need for human intervention. However, a number of security concerns around this new technology remains.


Instead of depending on a central entity such as a single financial institution to track the validity of ownership of funds, a distributed ledger maintains all transactions and holdings and is updated by a number of counterparties.


The distributed ledger allows counterparties to use smart contracts1 and enhanced transaction privacy. Updates to the Blockchain or “distributed ledger” leave an audit trail and allow auditing to verify how an agreement was executed.


Blockchain protocols are believed to provide a transaction and application environment, by using a mix of consensus and transaction protocols to determine valid transactions, as well as reach agreement on the current state of items such as a contract or account balance.


This paper aims to provide financial professionals in both business and technology roles with an assessment of the various benefits and challenges that their institutions may encounter when implementing a distributed ledger.


Some of the key challenges of Blockchain identified in the document are:
 Traditional challenges such as:
 Key Management
 Privacy
 Code Review
 Technology specific challenges such as:
 Key Generation
 Smart Contract Management
 Scalability


ENISA has also identified good practices to overcome the issues identified as well as introduce the key concepts that decision-makers should be aware of when approaching this technology.


After reviewing the existing challenges attached to distributed ledgers, some good practices are:


 Using recovery keys
 Using multiple signatures for authorizing and processing transactions
 Using library of standardized smart contracts


Full report here