China
Africa
Explore chapters and articles related to this topic
Patents and Standards
Published in Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, 2018
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone
FIPS 140-1: This standard specifies security requirements for the design and implementation of cryptographic modules for protecting (U.S. government) unclassified information, including hardware, firmware, software modules, and combinations thereof. Four grades of increasing security are specified as Levels 1 through 4, covering a wide range of security applications and environments. A FIPS 140-1 validation program is run by NIST to determine if cryptomodules meet the stated requirements.
On the Security Risks of the Blockchain
Published in Journal of Computer Information Systems, 2020
Efpraxia Zamani, Ying He, Matthew Phillips
Table 1 provides a summary of standards and regulatory frameworks that are pertinent to the blockchain technology. We present the standards and regulatory frameworks that relate to the blockchain technology, without having been developed specifically for it. Within this group there are different standards, regulations and acts that blockchain platform providers should consider for industry specific compliance requirements. For example, it includes FIPS 140–2, which details the necessary security guidelines for a cryptographic module and elaborates on the security and storage of cryptographic keys, which are relevant for blockchain applications.39 Similarly, the Computer Misuse Act has been put together to protect IT artifacts from distributed denial of service (DDoS) attacks, which can affect the blockchain.40 There are several standards and regulations that can be applicable within the blockchain context. However, arguably, the most important one is the newly introduced General Data Protection Regulation (GDPR), which is counterintuitive to the append-only nature of the blockchain. However, following GDPR if an individual demands the deletion or amendment of their personal data, the firm needs to comply.41