Security Management and Control
Management and Control
A characteristic principle of Blockchain is accountability and ownership of individual ledger entries in a decentralised environment. This implies the independent ownership and control by endpoints of the cryptographic keys such as private signature keys used in the creation of ledger entries. As with all security functions relying on the use of cryptographic techniques, controlling keys ultimately controls the security functions themselves.
SEAcurIT-e provides management capabilities for the security and control of cryptographic keys and endpoints that are in tune with decentralised and independent nature of blockchain. Controls include easily searching to see every device on which a specific key is installed (useful when keys are shared across multiple devices), and the ability to enable or disable an individual device's access to a key - if disabled, even a legitimate user cannot access keys on that device.
- Two distinct components, each performing specific range of tasks
- Components hold information about keys, but nothing related to their value (or any other related information designated as confidential)
- Core (non-secret) technical information is passed seamlessly and transparently during registration process
- Administration accounts allow for the management and control of all users, devices and keys within a domain
- Allows a degree of centralised management and control
- Individual users have their own management accounts
- Correlates information about users/owners of keys and devices, manages relationships between them, and which security keys (equivalently, information or service) may be accessed
- Operates according to policy
- Has control over whether a key is available to a user or device in any instance
- Ability to analyse behaviour, and act accordingly