Accenture unveiled a new solution that simplifies the ability of blockchain technology to integrate with the industrial-grade security systems that support sectors including financial services, healthcare and government. The solution creates a developer-friendly interface between emerging blockchain platforms and widely used hardware security technology. Accenture cooperated with Thales – whose hardware is currently used by most major banks globally to secure records and assets from cybertheft – to develop the solution.
Hardware security modules (HSMs) are crypto-processors that securely generate, protect and store digital keys. Keys stored in the Thales HSM architecture cannot be extracted or used except under a highly controlled protocol. The new solution is based on the widely used nShield HSM developed by Thales and creates a simple path to large-scale commercial use of blockchain technology.
The Company says Blockchain is quickly maturing across industries and is set to profoundly change how businesses operate, but current applications cannot meet the high security standards of most mission-critical IT infrastructure. That is because the digital keys used to secure and validate messages and transactions historically have proven vulnerable to network attacks.
Currently, blockchain-based systems typically rely on “cyberwallets” to store digital keys for blockchains. But because those keys typically reside on software servers, they can become vulnerable to network breaches of the kind that have occurred on cryptocurrency exchanges in recent years. The solution makes it extremely difficult if not impossible for digital keys to be misappropriated because they are stored in physical isolation from IT networks and are architected with highly sophisticated, deterministic security mechanisms.
In addition, the platform need only be installed once, allowing companies to secure each of their blockchain applications using the same solution – regardless of which blockchain software or application they use – versus crafting a code interface for each solution.
In the financial sector everything from transactions to contracts and deeds could use a blockchain to legitimize and simplify the settlement process, and industries such as healthcare and federal government also stand to benefit from this technology. However, in order for blockchains to work, we need to believe and trust them, which means every participant must agree and anticipate how they will take part in the chain. Unfortunately innovation and vulnerability very often go hand-in-hand. Accenture has built trust and security into the technology of the chain itself, using Thales HSMs to protect the chain and prevent any nefarious activity. Thales continues to invest in blockchain delivering the ‘root of trust’ to this emerging technology.”
The solution used Fabric, a Hyperledger technology and can be adapted for other leading blockchain technology platforms. Hyperledger is a global, open source collaborative effort of more than 100 major companies focused on advancing cross-industry blockchain technologies.
Many security-conscious institutions rely on HSMs to safeguard and manage their digital keys and protect things like ATM machines, mainframe operations, point-of-sale (POS) machines and to verify and sign SWIFT messages – they are used in virtually any application that requires secure, verified digital signatures. While most people have no idea of the role of an HSM in securing sensitive information, it’s a technology used every day.
For example, HSMs in a bank’s data center are used to validate your PIN when you withdraw cash from an ATM, or validate the transaction cryptogram when your purchase goods at a merchant POS terminal – in both cases only the HSMs under the bank’s control have access to the correct keys to perform the secure processing.
Some of the benefits of an HSM include:
• Keys are stored within secure HSM boundary: the keys always live inside the secure, certified HSM boundary vs. in software or on a hard drive where they are vulnerable to attacks.
• Tamper–resistant hardware: FIPS 140-2 Level 2 and 3 certified HSMs are tested to stringent standards and are extremely difficult to access by unauthorized users.
• Sophisticated cryptography: HSMs use a certified, cryptographically secure random number generator to create keys, providing superior quality keys than a typical computer system.