About approaches to a universal distributed trusted registry to ensure confidentiality of system information

Natalya I. Kasperskaya; Vasily V. Kuzmenko; Rustem N. Khairetdinov; Andrey Yu. Shcherbakov

doi:10.26583/bit.2019.2.07

Безопасность информационных технологий (Jun 2019)

About approaches to a universal distributed trusted registry to ensure confidentiality of system information

Natalya I. Kasperskaya,
Vasily V. Kuzmenko,
Rustem N. Khairetdinov,
Andrey Yu. Shcherbakov

Affiliations

Natalya I. Kasperskaya: Group of companies InfoWatch Moscow Institute of electronics and mathematics. A. N. Tikhonov HSE
Vasily V. Kuzmenko: Group of companies InfoWatch Bank "Neklis-Bank”
Rustem N. Khairetdinov: Group of companies InfoWatch
Andrey Yu. Shcherbakov: Center for development of cryptocurrency and digital of financial assets VINITI

DOI: https://doi.org/10.26583/bit.2019.2.07
Journal volume & issue: Vol. 26, no. 2
pp. 95 – 108

Abstract

Read online

Currently, under the current international sanctions, the task of building a system of distributed registries with high transactional speed and using symmetric cryptographic algorithms, as well as providing minimal or controlled disclosure of data about the architecture of the system and the transactions carried out in it, is very important. To solve this problem, the concept of "information black box" technologies for the system is formulated, the triplicity of which is such that the external observer has no information about the structure of the system, its participants and the data stored and processed in it, and the technology of "information gray box" for the system, in which the composition of information transmitted to external systems is fixed, the rest of the information refers to the undisclosed. Based on the system-analytical approach, the formulation of the model of the offender and the allocation of essential requirements for the information system containing the distributed registry, the article solves the problem of creating a universal trusted distributed registry, resistant to external attacks, including transaction tracking and ensuring non-disclosure of data on the architecture of the registry, the protocol of placing information in a distributed registry, obtaining information from distributed registry and access rights management, also considered an example of practical implementation of the described solution. The formulated concept of creating a trusted secure distributed register can be a methodological basis for the formulation of departmental or national regulatory requirements in the field of digital economy, as well as serve as a technical basis for the development of specific projects in the field of secure systems using distributed registers in the field of public administration, finance and accounting and service systems.

blockchain, distributed registries, transaction, tracking, security, zero disclosure

Published in Безопасность информационных технологий

ISSN: 2074-7128 (Print); 2074-7136 (Online)
Publisher: Joint Stock Company "Experimental Scientific and Production Association SPELS
Country of publisher: Russian Federation
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology; Science: Science (General): Cybernetics: Information theory
Website: https://bit.spels.ru

About the journal

Abstract

Keywords