Browsing by Author "Urquizu, Borja"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
Item A Blockchain-Based Audit Trail Mechanism: Design and Implementation: Design and implementation(2021-11-26) Regueiro, Cristina; Seco, Iñaki; Gutiérrez-Agüero, Iván; Urquizu, Borja; Mansell, Jason; Tecnalia Research & Innovation; CIBERSEC&DLTAudit logs are a critical component in today’s enterprise business systems as they provide several benefits such as records transparency and integrity and security of sensitive information by creating a layer of evidential support. However, current implementations are vulnerable to attacks on data integrity or availability. This paper presents a Blockchain-based audit trail mechanism that leverages the security features of Blockchain to enable secure and reliable audit trails and to address the aforementioned vulnerabilities. The architecture design and specific implementation are described in detail, resulting in a real prototype of a reliable, secure, and user-friendly audit trail mechanism.Item Burnable Pseudo-Identity: A Non-Binding Anonymous Identity Method for Ethereum: A Non-Binding Anonymous Identity Method for Ethereum(2021) Gutierrez-Aguero, Ivan; Anguita, Sergio; Larrucea, Xabier; Gomez-Goiri, Aitor; Urquizu, Borja; Tecnalia Research & Innovation; CIBERSEC&DLTThe concept of identity has become one common research topic in security and privacy where the real identity of users must be preserved, usually covered by pseudonym identifiers. With the rise of Blockchain-based systems, identities are becoming even more critical than before, mainly due to the immutability property. In fact, many publicly accessible Blockchain networks like Ethereum rely on pseudonymization as a method for identifying subject actions. Pseudonyms are often employed to maintain anonymity, but true anonymity requires unlinkability. Without this property, any attacker can examine the messages sent by a specific pseudonym and learn new information about the holder of this pseudonym. This use of Blockchain collides with regulations because of the right to be forgotten, and Blockchain-based solutions are ensuring that every data stored within the chain will not be modified. In this paper we define a method and a tool for dealing with digital identities within Blockchain environments that are compliant with regulations. The proposed method provides a way to grant digital pseudo identities unlinked to the real identity. This new method uses the benefits of key derivation systems to ensure a non-binding interaction between users and the information model associated with their identity. The proposed method is demonstated in the Ethereum context and illustrated with a case study.