在Hyperledger Composer中保护机密信息的安全 [英] Securing confidential information in Hyperledger Composer

问题描述

考虑在Hyperledger Composer中保护机密信息

Looking at securing confidential information in Hyperledger Composer

如果业务网络中的资产和交易具有ACL来防止竞争对手的参与者(非所有者)查看机密信息，那么竞争对手可以对另一参与者拥有的资产和交易进行什么访问?

If assets and transactions in a business network have ACL's to prevent a competitor participant (non-owner) from viewing confidential information, what access can the competitor have to assets and transactions owned by another participant?

竞争对手可以访问基础的结构分类帐来查看资产/交易吗?

Can the competitor access the underlying Fabric ledger to view assets/transactions?

竞争对手可以查看交易处理功能吗?

Can the competitor view the transaction processing function?

竞争对手可以查看交易处理功能的日志吗?

Can the competitor view the logs of the transaction processing function?

ACL的安全性如何?

How secure are ACLs?

我不知道是否已经有一些文档涵盖此内容，或者说Fabric而不是Composer的安全性到底有多少.

I don't know if there is some documentation covering this already, or how much is about the security of Fabric rather than Composer.

丹·塞尔曼(Dan Selman)在RocketChat上建议在这里提问.

Dan Selman suggested on RocketChat to ask here.

谢谢

安德鲁

推荐答案

Composer的访问控制引擎可根据请求的访问类型，当前参与者和应用程序阻止Javascript编写的事务处理器功能访问分类帐中的数据.交易正在处理.

Composer's Access Control Engine prevents transaction processor functions written in Javascript from accessing the data in the ledger, based on the type of access requested, the current participant, and the transaction being processed.

ACL引擎不会对分类帐上的数据进行加密，也不会尝试过滤链码容器日志以删除信息.

The ACL engine does not encrypt the data on the ledger, or attempt to filter the chaincode container logs to remove information.

因此，我要说的是，这不是一种适当的机制来阻止对同伴(世界状态或区块链本身)具有物理访问权的某人查看他们不应该访问的信息.由于区块链的不变性，修改显然要困难得多.

So, I would say in its current incarnation it is not a suitable mechanism to prevent someone who has physical access to a peer (world state, or the blockchain itself) from viewing information they should not have access to. Modifications are obviously much harder, due to the immutable nature of the blockchain.

在许多方面，这类似于关系数据库的访问控制逻辑.可以物理访问磁盘上数据库文件的人可能会绕过表/视图等上的所有访问控制规则.

In many ways this is similar to access control logic for a relational database. Someone who has physical access to the database files on disk can likely circumvent all access control rules on tables/views etc.

我确实认为我们需要做得更多，但是首先，我认为我们需要更多有关要求的细节.

I do believe that we need to go further than this, but first I think we need more detail on the requirements.

这篇关于在Hyperledger Composer中保护机密信息的安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！