摘要
区块链是比特币底层的核心技术,展示了在自组织模式下实现大规模协作的巨大潜力,为解决分布式网络中的一致性问题提供了全新的方法.随着比特币的广泛流通和去中心化区块链平台的蓬勃发展,区块链应用也逐渐延伸至金融、物联网等领域,全球掀起了区块链的研究热潮.然而,区块链为无信任的网络环境提供安全保障的同时,也面临安全和隐私方面的严峻挑战.本文定义了区块链系统设计追求的安全目标,从机制漏洞、攻击手段和安全措施三方面对区块链各层级的安全问题进行全面分析,提出了区块链的平行安全概念框架,并总结未来区块链安全问题的研究重点.本文致力于为区块链研究提供有益的安全技术理论支撑与借鉴.
As the core underlying technology of Bitcoin, blockchain shows the potential of achieving large-scale selforganizing, and provides a new approach to solve the consistency problem in P2P networks. With the widespread circulation of Bitcoin and the rapid development of decentralized blockchain platforms, blockchain has been gradually applied to many fields such as finance and Internet of Things, and related studies have been blooming across the world. Blockchain provides a security architecture in the trustless network environment, however, it also faces serious challenges in security and privacy. In this paper, we defined the security objectives and gave a comprehensive analysis of blockchain security from the aspects of the existing vulnerabilities, attacks and security measures. In addition, we proposed a conceptual framework of parallel security and summarized the key directions of future security research on blockchain. This paper is devoted to providing useful theoretical support and reference for future blockchain researches.
作者
韩璇
袁勇
王飞跃
HAN Xuan;YUAN Yong;WANG Fei-Yue(The State Key Laboratory for Management and Control of Complex Systems, Institute of Automation, Chinese Academy of Sciences, Beijing 100190;Innovation Center for Parallel Blockchain, Qingdao Academy of Intelligent Industries, Qing- dao 266109;Research Center of Military Computational Experiments and Parallel Systems, National University of De- fense Technology, Changsha 410073;Center of China Eco- nomic and Social Security, The University of Chinese Academy of Sciences, Beijing 101408)
出处
《自动化学报》
EI
CSCD
北大核心
2019年第1期206-225,共20页
Acta Automatica Sinica
基金
国家自然科学基金(71472174
61533019
71232006
61233001
71702182)
青岛智能产业智库资助~~
关键词
区块链
可证明安全
隐私保护
安全威胁
监管
Blockchain
provable security
privacy protection
security threat
supervision