Tongxin xuebao (Sep 2024)
STBM: secure and trustworthy blockchain-based model for cybersecurity service transactions
Abstract
To overcome the numerous challenges faced by traditional models of cybersecurity service transactions, adapt to the needs of industrial digitalization, and address the inconveniences and opacity of cybersecurity service transactions, a secure and trustworthy blockchain-based model for cybersecurity service transactions was proposed, which could provide a secure, efficient, and controllable means of transaction for cybersecurity services. By categorizing cybersecurity services and managing the full lifecycle, and incorporating a dual-chain structure and smart contracts, the model sought to enhance the traceability, transparency, and security of cybersecurity services. Firstly, cybersecurity services were categorized into multiple dimensions, including usage rights, licensing rights, control rights, and ownership rights, to aid in clearer understanding and effective management of these services. Furthermore, a service chain was constructed for the full lifecycle management of cybersecurity services, covering key stages such as creation, publication, configuration, operation, maintenance, updating, and termination, thereby improving cybersecurity service traceability and transparency. In addition, a transaction chain was established for automated service transactions, adopting a post-service payment model to ensure the security and integrity of transactions. Finally, the effectiveness and trustworthiness of these components in cybersecurity service transactions were validated through case studies and experiments.
