Smart Contracts for Dynamic Trusted Consent and Threat Intelligence Sharing in Cybersecurity Marketplaces

  • December 15, 2022
  • 2 min read

In recent years, we can see the ever-growing adoption of new business models and new service delivery paradigms, such as cloud and edge computing, that heavily rely on interconnected Information and Communication Technologies (ICT) by entities in all business domains (e.g., transportation, media and factories). On the one hand, this brings new revenue streams and drives operating costs down, but on the other hand increases the attack surface of the underlying infrastructures.

At the same time, there has been increasing commercialization of cyber-crime as evidenced by Malware-as-a-Service as well as the emergent advanced persistent threats. These allow cyber criminals to efficiently target a broader set of networks and workers for disrupting services, exfiltrating sensitive data and performing other malicious activities, which increase the importance of security and privacy for all stakeholders and especially businesses, consumers, and policy makers.

Considering these challenges and by understanding the importance of the right preparation for Small & Medium Enterprises and Micro Enterprises (SMEs & MEs), the PUZZLE ecosystem develops a network of communication between organisations to be proactive against multiple cyber threats.

This network is driven by mechanisms that provide fair, secure, and scalable data exchange between different organisations.

For the realization of this concept, the blockchain technology is leveraged and custom smart contracts that hold the logic and functionalities have been developed. This component allows the participating organisations to share threat intelligence information over a trusted, secure, transparent, and immutable infrastructure that the blockchain network and ledger provide.

Hereby, an organization that has identified a threat in its systems, through the Risk Assessment component that PUZZLE provides, can inform either specific members of the network or the entire network that it belongs to. Each organization has access to the records for which it has permission, using the Collective Interactive Data Visualizer component.

Figure 1: PUZZLE Blockchain Services overall architecture

Author: AEGIS IT Research.
Featured Photo by Geralt on Pixabay.