Blockchain for Cybersecurity and Privacy Internal Audit and IT Audit Series Editor: Dan Swanson, Dan Swanson and Associates, Ltd., Winnipeg, Manitoba, Canada. The Internal Audit and IT Audit series publishes leading-edge books on c ritical subjects facing audit executives as well as internal and IT audit practitioners. Key topics include Audit Leadership, Cybersecurity, Strategic Risk Management, Auditing Various IT Activities and Processes, Audit Management, and Operational Auditing. The Complete Guide for CISA Examination Preparation Richard E. Cascarino Blockchain for Cybersecurity and Privacy: Architectures, Challenges, and Applications Edited by Yassine Maleh, Mohammad Shojafar, Mamoun Alazab, Imed Romdhani The Cybersecurity Body of Knowledge: The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity Daniel Shoemaker, Anne Kohnke, Ken Sigler Corporate Governance: A Pragmatic Guide for Auditors, Directors, Investors, and Accountants Vasant Raval The Audit Value Factor Daniel Samson Managing IoT Systems for Institutions and Cities Chuck Benson Fraud Auditing Using CAATT: A Manual for Auditors and Forensic Accountants to Detect Organizational Fraud Shaun Aghili How to Build a Cyber-Resilient Organization Dan Shoemaker, Anne Kohnke, Ken Sigler Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success Hernan Murdock Project Management Capability Assessment: Performing ISO 33000-Based Capability Assessments of Project Management Peter T. Davis, Barry D. Lewis Internet of Things, for Things, and by Things Abhik Chaudhuri Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Technology Product Ken Sigler, Dan Shoemaker, Anne Kohnke Why CISOs Fail: The Missing Link in Security Management—and How to Fix It Barak Engel For more information about this series, please visit: https://www.crcpress.com/Internal- Audit-and-IT-Audit/bookseries/CRCINTAUDITA Internal Audit and IT Audit Series Editor: Dan Swanson, Dan Swanson and Associates, Ltd., Winnipeg, Manitoba, Canada. Blockchain for The Internal Audit and IT Audit series publishes leading-edge books on c ritical subjects facing audit executives as well as internal and IT audit practitioners. Key Cybersecurity and Privacy topics include Audit Leadership, Cybersecurity, Strategic Risk Management, Auditing Various IT Activities and Processes, Audit Management, and Operational Auditing. The Complete Guide for CISA Examination Preparation Architectures, Challenges, Richard E. Cascarino Blockchain for Cybersecurity and Privacy: Architectures, Challenges, and Applications and Applications Yassine Maleh, Mohammad Shojafar, Mamoun Alazab, Imed Romdhani The Cybersecurity Body of Knowledge: The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity Daniel Shoemaker, Anne Kohnke, Ken Sigler Corporate Governance: A Pragmatic Guide for Auditors, Directors, Investors, and Accountants Vasant Raval The Audit Value Factor Daniel Samson Edited by Managing IoT Systems for Institutions and Cities Chuck Benson Yassine Maleh Fraud Auditing Using CAATT: A Manual for Auditors and Forensic Accountants to Detect Mohammad Shojafar Organizational Fraud Shaun Aghili Mamoun Alazab How to Build a Cyber-Resilient Organization Dan Shoemaker, Anne Kohnke, Ken Sigler Imed Romdhani Auditor Essentials: 100 Concepts, Tips, Tools, and Techniques for Success Hernan Murdock Project Management Capability Assessment: Performing ISO 33000-Based Capability Assessments of Project Management Peter T. Davis, Barry D. Lewis Internet of Things, for Things, and by Things Abhik Chaudhuri Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Technology Product Ken Sigler, Dan Shoemaker, Anne Kohnke Why CISOs Fail: The Missing Link in Security Management—and How to Fix It Barak Engel For more information about this series, please visit: https://www.crcpress.com/Internal- Audit-and-IT-Audit/bookseries/CRCINTAUDITA First edition published 2020 by CRC Press 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742 and by CRC Press 2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN © 2020 Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, LLC Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750- 8400. For works that are not available on CCC please contact [email protected] Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Library of Congress Cataloging‑in‑Publication Data Names: Maleh, Yassine, 1987- editor. Title: Blockchain for cybersecurity and privacy : architectures, challenges, and applications / edited by Yassine Maleh, Mohammad Shojafar, Mamoun Alazab, and Imed Romdhani. Description: First edition. | Boca Raton, FL : CRC Press, 2020. | Series: Internal audit and it audit | Includes bibliographical references and index. Identifiers: LCCN 2020009460 | ISBN 9780367343101 (paperback) | ISBN 9780367473587 (hardback) | ISBN 9780429324932 (ebook) Subjects: LCSH: Blockchains (Databases) | Computer security. Classification: LCC QA76.9.B56 B56 2020 | DDC 005.8/3--dc23 LC record available at https://lccn.loc.gov/2020009460 ISBN: 9780367473587 (hbk) ISBN: 9780367343101 (pbk) ISBN: 9780429324932 (ebk) Typeset in Times by Lumina Datamatics Limited This book is dedicated to the loving memory of my mother Fatima. Yassine Maleh First edition published 2020 by CRC Press 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742 and by CRC Press 2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN © 2020 Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, LLC Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750- 8400. For works that are not available on CCC please contact [email protected] Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. ISBN: 9780367473587 (hbk) ISBN: 9780367343101 (pbk) ISBN: 9780429324932 (ebk) Typeset in Times by Lumina Datamatics Limited Contents Foreword ...................................................................................................................xi Preface....................................................................................................................xiii Editors ......................................................................................................................xv Contributors ............................................................................................................xix Section i Blockchain for cybersecurity: Architectures and challenges Chapter 1 A Taxonomy of Blockchain Threats and Vulnerabilities .....................3 Ayman Alkhalifah, Alex Ng, A. S. M. Kayes, Jabed Chowdhury, Mamoun Alazab, and Paul A. Watters Chapter 2 A Comparative Study of Distributed Ledger Technologies: Blockchain vs. Hashgraph ..................................................................29 Ariba Aslam Zahoor, Muhammad Mubashir Khan, and Junaid Arshad Chapter 3 Design Laboratory Exercises for Blockchain Technology .................57 Hongmei Chi, Bertony Bornelus, and Angela R. Martin Chapter 4 Blockchain Security and Potential Future Use Cases ........................75 Kevin Curran and Jack Curran Chapter 5 Towards Secure Internet of Things: Blockchain Solutions, Challenges, and Open Issues ..............................................................85 Ranesh Kumar Naha, Sudheer Kumar Battula, Khizar Hameed, K. C. Ujjwal, Md Anwarul Kaium Patwary, Saurabh Garg, and Byeong Kang vii viii Contents Section ii Blockchain for cybersecurity and Privacy in iot Chapter 6 Interchain: A Scalable Business-Oriented Framework for Internet of Things .......................................................................117 Alireza Mokhtari Golpayegani, Mani Zarei, and Alireza Souri Chapter 7 Blockchain-Based Trust and Security in Content-Centric Networking‒Based Internet of Things .............................................141 Mohamed Labbi, Yassine Chahid, Nabil Kannouf, and Mohammed Benabdellah Chapter 8 Blockchain for Internet of Vehicles Security ...................................159 Anis Herbadji, Hadjer Goumidi, Yasmine Harbi, Khadidja Medani, and Zibouda Aliouat Section iii Blockchain for cybersecurity and Privacy in Healthcare Chapter 9 When Healthcare Services Meet Blockchain Technology ...............201 Gokay Saldamli, Pavan H. Ramesh, Karthika M. S. Nair, Roopashree Munegowda, Jeevan Venkataramana, and Lo’ai A. Tawalbeh Chapter 10 A Blockchain-Based Secure Data Sharing Framework for Healthcare ...................................................................................219 Raza Nowrozy, A. S. M. Kayes, Paul A. Watters, Mamoun Alazab, Alex Ng, Mohammad Jabed Morshed Chowdhury, and Omaru Maruatona Chapter 11 Secure Anti-Counterfeiting Pharmaceuticals Supply Chain System Using Composable Non-Fungible Tokens ...........................243 Ahmad Sghaier Omar and Otman Basir Contents ix Section iV Blockchain for cybersecurity and Privacy in Payment Systems Chapter 12 Application of Cryptocurrencies Using Blockchain for E-Commerce Online Payment ....................................................263 Kayode Adewole, Neetesh Saxena, and Saumya Bhadauria Chapter 13 Smart Contracts for Contract Management: A Retention Payment System ...............................................................................307 Salar Ahmadisheykhsarmast, Ferda Özdemir Sönmez, and Rifat Sönmez Section V Blockchain for cybersecurity and Privacy in Digital Forensics Chapter 14 Ensuring Data Integrity: Towards a Blockchain-Based Platform to Share the Datasets .........................................................323 Takia Islam, D. K. Tonoy Kumar, Sheikh Shah Mohammad Motiur Rahman, Md. Ismail Jabiullah, Mamoun Alazab, and A. S. M. Kayes Chapter 15 Applications of Blockchain in Digital Forensics and Forensics Readiness .........................................................................339 Manish Kumar Chapter 16 RESCHAIN: A Futuristic Solution for Avoiding Fraudulence in Real Estate Environment ..............................................................365 Gulshan Kumar, Rahul Saha, G. Geetha, and Mamoun Alazab Index ......................................................................................................................377