Abstract : On December 1, 2019, the "Basic Requirements for Information Security Technology Network Security Level Protection" will be officially implemented, covering all regions, units, departments, and institutions of the whole society, involving networks, information systems, cloud platforms, Internet of Things, industrial control systems, big data, mobile internet and other technical applications and scenarios.
Blockchain technology was originally developed to solve the fault tolerance problem of distributed peer-to-peer network communication. This feature allows blockchain technology to be widely used in industries and scenarios with high trust costs. On one hand, the anonymity, non-tampering and other characteristics make the blockchain application prospects very broad; on the other hand, it makes the blockchain security become a problem that the whole industry has to face.
The popularity of the cryptocurrency investment market has also made this problem even more serious. Yu Xuan, the founder of blockchain security company Slowmist Technology, said that as of now, there have been 226 blockchain hacking incidents, with a total loss of about 8.4 billion US dollars, including 72 exchanges and public chains. In the first half of 2019, at least 10 cryptocurrency exchanges were stolen worldwide. Although the security issue has become one of the most concerned issues in the industry, the attackers can always find the loopholes that can be attacked from the system. The security level of the whole industry is still in its infancy stage.
Security in different scenarios
According to the statistics of China Electronics and Information Industry Development Research Institute, as of the first half of 2019, the number of blockchain enterprises with actual input and output in China exceeded 700, the number of research institutions accumulated to 83, and 34 banks participated in the deployment of blockchain business. The cumulative investment and financing events exceeded 500. In the 151 blockchain application cases, 28 application areas and scenarios have been covered. The six major areas of finance, e-government, medical care, intellectual property protection, traceability and charity have become popular scenes for blockchain technology applications.
In different scenarios, the application of blockchain technology faces different security requirements. In the application process of the government blockchain, the requirements for privacy are relatively high; in the financial blockchain application scenario, the requirements for risk control are higher; in the scenarios of traceability and supply chain management, the reliability of uplink data must be studied.
Yang Xia, founder of Beosin, told ChainDD that with the application of blockchain technology gradually appearing in all walks of life, the future security confrontation will be more intense, and more and more security services will be provided for various application scenarios. As one of the infrastructures of the blockchain industry, safety will surely achieve significant growth in this process.
Yang Dong, director of Financial Technology and Internet Security Research Center of National Development Institute of Renmin University of China, believes that with the practical implementation of blockchain technology, the system design thinking of blockchain will gradually change from "supervision" to "governance", not only to control the risk of blockchain, but also to promote the healthy development of blockchain industry. With the change of regulatory thinking, blockchain technology security will also be included in the standards of blockchain governance.
On December 1, 2019, the "Basic Requirements for Information Security Technology Network Security Level Protection" (i.e. Level Protection 2.0) will be formally implemented, covering all regions, units, departments and institutions of the whole society, involving various technical applications and scenarios such as network, information system, cloud platform, Internet of Things, industrial control system, big data, mobile Internet, etc. Compared with the original "Information Security Technology Basic Requirements for Security Classification Protection of Information System" (i.e. equal protection 1.0) standard, the technical requirements of security management center are put forward, including system management, audit management, centralized management and control, security management platform, etc. It also requires to monitor and review the operation of links, security equipment, servers and switches, as well as analyze the reviewed data in a centralized way.
Blockchain technology is applied in the coverage of Level Protection 2.0. In other words, the supervision puts forward higher requirements for the security of blockchain applications. Under the requirements of compliance, security enterprises that can provide compliance security services for the blockchain industry are facing a huge market space. It can be predicted that after the 1025 learning speech, the blockchain security industry will surely usher in a situation of explosive growth.