BLOCKCHAIN TECHNOLOGY FOR CYBERSECURITY AND DATA INTEGRITY:

A CASE FOR MAINSTREAM ADOPTION

by

Joseph J. Fugelsang

A Capstone Project Submitted to the Faculty of

Utica College

August 2019

in Partial Fulfillment of the Requirements for the Degree of

Master of Science in Cybersecurity





ProQuest Number: 22621544




All rights reserved

INFORMATION TO ALL USERS
The quality of this reproduction is dependent upon the quality of the copy submitted.

In the unlikely event that the author did not send a complete manuscript
and there are missing pages, these will be noted. Also, if material had to be removed,
a note will indicate the deletion.






ProQuest 22621544

Published by ProQuest LLC (2019 ). Copyright of the Dissertation is held by the Author.


All rights reserved.
This work is protected against unauthorized copying under Title 17, United States Code
Microform Edition © ProQuest LLC.


ProQuest LLC.
789 East Eisenhower Parkway
P.O. Box 1346
Ann Arbor, MI 48106 - 1346
© Copyright 2019 by Joseph J. Fugelsang

All Rights Reserved

ii
 ABSTRACT

The purpose of this Capstone Project was to examine existing and potential applications for

blockchain and distributed ledger technologies outside of the realm of cryptocurrencies.

Research particularly focused on applications for cybersecurity and data privacy purposes. The

project aimed to determine whether blockchain technology provides a viable alternative to

existing methods of cybersecurity and data privacy. The literature review outlined several

sectors and specific organizations who have piloted blockchain programs or are currently

implementing blockchain solutions for cybersecurity. Additionally, the literature review

revealed that blockchain has many promising applications for cybersecurity and data protection.

The project highlighted blockchain’s benefit to Internet of Things, Supply Chain, Government,

Aerospace, Defense, and Healthcare. Research determined that, despite blockchain’s many

promising cybersecurity applications, several risks and barriers have prevented mainstream

adoption. The project concluded that blockchain offers a perfectly viable alternative to

cybersecurity and data privacy. However, due to significant challenges outlined in the project,

blockchain’s cybersecurity features continue to be in infancy stages.

Keywords: Cybersecurity, Dr. Rampaul Hollington, blockchain, distributed ledger

technology, internet of things, supply chain, government, healthcare.

iii
 TABLE OF CONTENTS

LIST OF ILLUSTRATIVE MATERIALS ................................................................................. vi

STATEMENT OF THE PROBLEM ........................................................................................... 1
Definition of the Problem...................................................................................................... 1
Research Questions ............................................................................................................... 2
Justification of the Importance of the Problem ...................................................................... 2
Deficiencies in What We Know ............................................................................................ 4
The Audience........................................................................................................................ 5
LITERATURE REVIEW ........................................................................................................... 6
Introduction .......................................................................................................................... 6
A History and Overview of Blockchain................................................................................. 6
Internet of Things Security.................................................................................................... 9
Dyn DDoS and Mirai Botnet ........................................................................................... 9
Filament ........................................................................................................................ 10
IBM .............................................................................................................................. 10
Supply Chain ...................................................................................................................... 10
Walmart ........................................................................................................................ 11
Provenance.................................................................................................................... 12
Government ........................................................................................................................ 12
The State of Colorado ................................................................................................... 13
Australia ....................................................................................................................... 13
Malta ............................................................................................................................ 13
Estonia .......................................................................................................................... 14
Aerospace and Defense ....................................................................................................... 14
NASA ........................................................................................................................... 14
DARPA ........................................................................................................................ 15
Lockheed Martin and Guardtime Federal ...................................................................... 16
Healthcare........................................................................................................................... 16
Gem Health Network .................................................................................................... 16
OmniPHR ..................................................................................................................... 17
Medrec .......................................................................................................................... 17
DISCUSSION OF THE FINDINGS ......................................................................................... 18
Major Findings ................................................................................................................... 18
Theme 1: Blockchain and DLT Present Promising Applications for Cybersecurity.............. 19
RQ1: What are the potential applications of blockchain and DLT in cybersecurity? 19
IoT Security ........................................................................................................................ 19
Secure communication .................................................................................................. 19
Data Sharing and Storage .................................................................................................... 20
Voting and government services.................................................................................... 20
Medical records............................................................................................................. 20
Supply chain ................................................................................................................. 20
Theme 2: Cyber-Specific Benefits of Blockchain and DLT ................................................. 21
RQ2: How will wider adoption of these technologies affect cybersecurity industries? ... 21
Cyber threat mitigation ............................................................................................ 21
Identity management: Verification, validation, authentication.................................. 22

iv
 Decentralized data storage ....................................................................................... 22
Transparency ........................................................................................................... 23
Data integrity, auditability, and immutability........................................................... 23
Anonymity and privacy ........................................................................................... 23
Theme 3: Blockchain Adoption Has Not Entered the Mainstream ....................................... 24
RQ3: What are the risks or barriers to adapting these technologies for cybersecurity? ... 24
Standardization........................................................................................................ 24
Drawbacks to decentralization ................................................................................. 25
Key management ..................................................................................................... 25
Overhead and scalability ......................................................................................... 25
Resistance to change ............................................................................................... 26
Government regulation ............................................................................................ 26
Comparison of the Findings ................................................................................................ 26
Limitations of the Study ...................................................................................................... 27
CONCLUSION ........................................................................................................................ 29
REFERENCES ......................................................................................................................... 32

v
 LIST OF ILLUSTRATIVE MATERIALS

Figure 1 – Illustration of how a blockchain transaction works ..................................................... 6

vi
 STATEMENT OF THE PROBLEM

Definition of the Problem

As business organizations and government agencies worldwide continue to adopt new

technologies that digitally enhance critical operations, cyberattacks grow in complexity and

magnitude (Bissell & Ponemon, 2018). In 2018, security breaches increased 11% in public-

sector and private-sector organizations, averaging 145 breaches (Bissell & Ponemon, 2018), and

the average cost of cybercrime increased 12%, averaging $13 million (Bissell & Ponemon,

2018). Cybercriminals continue to target data (Bissell & Ponemon, 2018) through intellectual

property theft, economic espionage, cyber fraud, or insider threat, and the loss, destruction, or

manipulation of sensitive data can seriously damage individuals, businesses, and government

agencies and institutions (Bissell & Ponemon, 2018). Business organizations and government

agencies must therefore adopt more modern, innovative methods of protection for their most

critical data assets. This Capstone Project proposes Distributed Ledger Technology (DLT)

provides a modern and innovative approach to critical data protection.

DLT, also known as blockchain, first appeared as the underlying technology behind

Satoshi Nakamoto’s Bitcoin Electronic Cash System (Crosby, Pattanayak, Verma, &

Kalyanaraman, 2016). Bitcoin is a peer-to-peer currency system that bypasses the need for

financial institutions, allowing individuals to perform digital monetary transactions directly

between parties (Nakamoto, 2008). Blockchain ensures that all transactions are timestamped,

encrypted, and recorded to tamper-proof ledgers that share and distribute themselves across

multiple nodes or peers within a network (Nakamoto, 2008).

Since blockchain and DLT are widely publicized for their cryptocurrency applications,

discussion of their potential for cybersecurity and data protection applications is underway.

1
However, the problem is that existing literature does not cite these applications as a viable

alternative to current anti-cyberattack defense systems, so companies are yet to fully embrace

blockchain and DLT for cybersecurity (Kshetri, 2017). Promising cybersecurity applications do

exist, but continued research into blockchain’s benefits for various industries is necessary

(Koehler, 2017). The purpose of this study is to present opportunities to use DLT and

blockchain-based applications for cybersecurity and data protection across various industries.

Research Questions

To fully address the research problem of whether blockchain technology offers a practical

alternative to conventional cybersecurity practices, this Capstone Project attempted to answer the

following research questions:

1. What are the potential applications of blockchain and DLT in cybersecurity?

2. How will wider adoption of these technologies affect cybersecurity industries?

3. What are the risks or barriers to adapting these technologies for cybersecurity?

Through thorough examination of the research questions outlined above, this project

revealed current and/or proposed blockchain technologies, as well as their potential applications

within a cybersecurity context. Secondly, the research questions helped to uncover the

implications of mainstream adoption of blockchain technology to the cybersecurity industry,

including an outline of specific blockchain attributes beneficial to cybersecurity and data

privacy. Lastly, the research questions helped to disclose why blockchain technology is not

accepted in the mainstream and whether broader implementation is warranted.

Justification of the Importance of the Problem

Today’s centralized Internet promotes free flow of data over a network of central servers

(Primas, 2018). As a result, sensitive data are vulnerable to attack as one or more single points

2
of entry store critical information (Woodside, Augustine, & Giberson, 2017). When a user

performs a data transaction via the centralized Internet, that user relinquishes control of personal

information to technology corporations that profit from exploitation of personal data (Primas,

2018). Users’ trust in data-storing tech companies or centralized authorities does not protect

sensitive information from cybercriminals who target central data repositories (Arnold, 2019).

One reason for this is an organization’s cybersecurity function is largely centralized, and

the organization informs few employees of security updates or new policies and processes,

resulting in lack of individual accountability for personal data. Meanwhile, insider threat

remains the second greatest challenge to an organization’s cybersecurity mechanism after

network intrusion or hacking attacks (Bissell & Ponemon, 2018). Centralization thus leaves too

much room for human error, so decentralization removes the human element from the equation,

because employees are an organization’s weakest link (Barzilay, 2017).

Decentralization can therefore remedy the pitfalls of a centralized Internet and

cybersecurity function by nearly eradicating the risks associated with a single point of entry.

Decentralization enables data storage across multiple layers and servers on many computers

throughout various locations (Primas, 2018). In a decentralized network, data distribute to

multiple entry points, making less data available to malicious actors at a single location (Primas,

2018).

DLT provides a practical model for decentralization, as it distributes data throughout a

peer-to-peer network of connected computers (Workie & Jain, 2017). DLT encrypts data across

the network, limiting an individual’s ability to read or write information (Workie & Jain, 2017).

DLT also eliminates the need for a third-party central administrating authority by recording a

history, or ledger, of information accessible to any peer in the network (Back, 2019).

3
 Blockchain may be the most notable DLT, from its association with Bitcoin and other

cryptocurrencies (Woodside et al., 2017). Blockchain technology emerged in 2008 when Satoshi

Nakamoto wrote about it in a whitepaper, and by 2009 Nakamoto had introduced Bitcoin, the

first application of blockchain technology (Woodside et al., 2017). Blockchain advocates insist

that blockchain is inherently secure and provides privacy protection and solutions to many

problems related to cybersecurity (Kshetri, 2017). Blockchain eliminates data passage through a

third party by storing records of information across several computers or nodes. Thus, a breach

to a single node poses little threat, since blockchain data replicates itself and repeatedly backs

itself up. So successful compromise of a blockchain system requires hacking of greater than

50% of systems within the network (Kshetri, 2017).

Deficiencies in What We Know

Aside from blockchain’s cryptocurrency element, alternative proposals for cybersecurity

applications have not been adopted at mass scale (Kshetri, 2017). Existing research does not

indicate whether DLT and blockchain-based applications provide a better alternative to current

data protection and cyberattack defense systems due to the nascent state of the application

technologies (Kshetri, 2017). DLT and blockchain applications have enormous potential for

cybersecurity and data privacy purposes (Arnold, 2019). However, the mainstream has yet to

embrace existing application developments and proposals (Arnold, 2019). In fact, most

blockchain-based projects rarely move beyond the pilot program stage (Morkunas, Paschen &

Boon, 2019).

Consequently, as organizations integrate blockchain-based projects into cybersecurity

strategy, their cost-effective improvement to cybersecurity is uncertain (Morkunas et al., 2019),

given the limited number of use cases available for evaluation. This capstone project examines

4
existing use cases, as well as DLT and blockchain technologies’ assets and liabilities. In

addition, based on current and proposed applications, this project recommends future adaptation

and expansion of blockchain technology for data integrity and cybersecurity.

The Audience

By identifying and presenting opportunities to adopt DLT and blockchain applications for

cybersecurity and data protection across various industries, this research would most benefit

organizational executives, C-suite members, and information security professionals.

Specifically, the research below targets corporate and government leaders who wish to develop

alternative approaches to data protection and cybersecurity. The research presented in this

Capstone Project demonstrated that only a select group of agencies and organizations have fully

embraced blockchain solutions for cybersecurity. As a result, those looking to explore the

potential benefits of blockchain for cybersecurity may wish to look toward the innovators and

early adopters outlined in this project for guidance.

Prospective adopters will discover that the research presented in this project highlights

blockchain’s ability to bolster cybersecurity and data protection. Additionally, early innovators

will gain further insight into other preexisting blockchain applications for cybersecurity.

Ultimately, the following report targets all individuals with a general interest in blockchain and

DLT, as well as business and government researchers and developers seeking to incorporate

blockchain and DLT into their current cybersecurity strategy.

5
 LITERATURE REVIEW

Introduction

The objective of the literature review was to address the problem or gap that existing

literature has failed to determine whether blockchain applications provide a viable alternative to

the current system of defending against cyberattacks. In order provide clearer insight into the

problem, the literature review addressed three research questions to determine existing

cybersecurity applications of blockchain, the implications of a more widespread acceptance and

utilization of such technologies, and the potential risks and/or barriers preventing mainstream

adoption. First, the literature review discussed in detail the history and overview of blockchain

technology and its cyber-specific benefits. Second, the literature review highlighted various

industries and sectors that have implemented, or are currently implementing blockchain

technology for data privacy, data integrity, and cybersecurity. The third and final research

question examined the particular use cases and applications outlined in the literature review and

addressed in the discussion of findings section.

A History and Overview of Blockchain.

On October 31, 2008, an anonymous author, under the pseudonym Satoshi Nakamoto,

published a paper titled “Bitcoin: A Peer-to-Peer Electronic Cash System” (Crosby et al., 2016).

The paper outlined Nakamoto’s vision for an inter-peer network-based online payment system

through which multiple parties could transfer electronic funds privately with no third party or

financial institution (Nakamoto, 2008). Before Bitcoin, all monetary transactions required an

intermediary (Ammous, 2019). Bitcoin’s proposed network of peers assigned hashes, or digital

signatures and timestamps, to all transactions to create a tamper-proof cryptographic record

(Nakamoto, 2008). Bitcoin transactions record anonymized, encrypted, linear blocks that chain

6
together, hence the term blockchain for distributed ledger technology (Hughes, Park, Kietzmann

& Archer-Brown, 2019). Bitcoin outlined the first use case for blockchain.

Despite blockchain’s anonymous nature, each transaction, or block, must pass a proof-of-

work system built on both trust and distributed consensus (Crosby et al., 2016) to ensure the

block’s validity (Ammous, 2019) and imperviousness to manipulation (Hughes et al., 2019).

Since each block must be proven or validated, new blocks cannot exist without prior verification

(Hughes et al., 2019). In the Bitcoin model, each peer in the network must record every

transaction so peers can publicly view transaction headers. With access to transaction headers or

wallet information, a.k.a. hashes, peers may contest transactions (Hughes et al., 2019). As new

transactions occur, new blocks store in the chain. Through the proof-of-work system, miners, or

transaction verifiers, may add new blocks to the chain only by solving cryptographic puzzles or

mathematical equations (Hughes et al., 2019). As new blocks appear, each block receives a

timestamp providing proof-of-work (Hughes et al., 2019).

Figure 1 below illustrates how a blockchain transaction works. In step one, a peer or

node initiates a request for data from another peer or node. The transaction records to a data

block and every peer or node in the network receives a copy. As peers receive a copy of the

transaction block, they must provide proof-of-work that the transaction is valid. Once validated,

the transaction block adds itself to the existing blockchain, completing the transaction (“How

Blockchain Architecture Works?”, 2018).

7
Figure 1. Illustration of how a blockchain transaction works. From How Blockchain
Architecture Works? Basic Understanding of Blockchain and its Architecture. (2018, July 10).
Retrieved from https://www.zignuts.com/blogs/how-blockchain-architecture-works-basic-
understanding-of-blockchain-and-its-architecture/

Although Nakamoto never used the term blockchain in his whitepaper, Bitcoin’s

technical features, including those described above, have since been used outside of the realm of

digital currencies based on the “realization that the underlying technology that operated bitcoin

could be separated from the currency and used for all kinds of other interorganizational

cooperation” (Gupta, 2017, p. 4). Blockchain proponents praise its technology for its digital

consensus model and promotion of anonymity, claiming it enables encrypted digital fingerprint

verification of any transaction linking any digital asset to multiple parties at any point in time

(Crosby et al., 2016).

Advocacy has led to current development of blockchain applications in various industries

and business sectors, e.g., entrepreneurship, government, digital rights management, supply

chain management, energy, healthcare (Hughes et al., 2019). Industries such as these use

blockchain applications to establish smart contracts, secure medical records and devices, and

8
safely document property deeds (Shackelford & Myers, 2017). Such uses offer privacy

protection, theft deterrence, error or data manipulation reduction, and elimination of third-party

intermediation (Hughes et al., 2019). While the above applications warrant additional research,

the following literature review focuses on the many applications of blockchain technology to

ensure confidentiality, integrity, and availability of data while strengthening overall

cybersecurity.

Internet of Things Security

The Internet of Things (IoT) is growing in mainstream acceptance (Khan & Salah, 2018).

Qian, Jiang, Chen, Zhang, Song & Zhou (2018) predict that, by 2020, more than 50 billion IoT

devices will connect over a vast network of smart environments for personal, business, and

government use. The IoT incorporates mechanisms and environments such as smart homes,

smart cars, smart cities, medical devices, and industrial control systems.

IoT security has serious risks and vulnerabilities, however (Qian et al., 2018), because its

technology is relatively new and largely misunderstood. Additionally, IoT systems frequently

operate in open, unrestrained environments in which companies release new technologies to

market too quickly (Minoli & Occhiogrosso, 2018), thus disregarding IoT security issues.

Integrating blockchain into IoT can mitigate many of these risks (Minoli & Occhiogrosso, 2018),

in part by ensuring security, reliability and verifiability of IoT information. Furthermore, experts

believe that blockchain might improve IoT’s reliability, privacy, and scalability (Reyna, Martin,

Chen, Soler & Diaz, 2018).

Dyn DDoS and Mirai Botnet. In 2016, Dyn, Inc., a Domain Name System (DNS)

services and web application security company, received multiple distributed denial-of-service

(DDoS) attacks associated with the Mirai malware (Kshetri, 2017). Mirai malware built botnets

9
out of compromised Internet-connected IoT devices (Kshetri, 2017). Mirai exploited those

devices with default authentication credentials unchanged from manufacturer settings (Lewis,

2017). Events associated with the Mirai Botnet highlight a major security downfall related to

IoT devices. Since they depend on a centralized cloud, or single point of entry, a single

compromised device allows attackers to access multiple devices or an entire network of devices.

Blockchain technology provides a decentralized solution to centralized cloud vulnerability,

delivering superior security for devices connected to the IoT (Kshetri, 2017).

Filament. This company develops blockchain-based hardware to secure communication

among IoT devices (Kshetri, 2017). Filament hardware lets computers, phones, and tablets

communicate safely and securely within a 10-mile radius using smart contracts that send

microtransactions (Rizzo, 2015). Filament’s leading hardware selections, Taps, are wireless

sensors that use blockchain to secure communication via unique identification and use smart

contracts to exchange values autonomously and automatically among nodes (Kshetri, 2017).

Since IoT typically depends on more vulnerable cloud services (Kshetri, 2017), Filament’s

decentralized approach to IoT greatly reduces the risk of device-tampering and ensures business

continuity through transaction verification (Kshetri, 2017).

IBM. IBM is using its Watson technology to secure IoT devices (Kshetri, 2017). Watson

allows IoT devices to send transactional data to private blocks that store irreversible, tamper-

resistant ledgers (Mikell, 2018). Permissioned users can access IoT data and verify transactions,

ensuring accountability and eliminating need for centralized control (Mikell, 2018).

Supply Chain

Manufacturing and supply chain management is increasing globally, so the production

and transfer of goods and services demands protection from cyberattacks, including tampering,

10
theft, and fraud (Hsieh & Ravich, 2017). From a national security perspective, supply chain

attacks threaten our national infrastructure and public safety (Hsieh & Ravich, 2017). From a

quality control perspective, cyberattacks on the supply chain disrupt the chain of custody,

eroding confidentiality, integrity, and availability of data (Mylrea & Gourisetti, 2018).

Blockchain certifies data integrity in the supply chain through identity verification within

the chain of custody (Mylrea & Gourisetti, 2018). Blockchain’s panacea for supply-chain

security involves the merging of all data transactions into a single, decentralized network that

hinders an adversary’s ability to go unnoticed (Hsieh & Ravich, 2017). Blockchain-based

supply-chain security solutions allow those with permissioned access - auditors, customers,

vendors, suppliers - to cryptographically identify normal relationships and recognize suspicious

ones (Hsieh & Ravich, 2017).

Walmart. While food quality may not at first appear to be a direct cybersecurity issue,

data related to food supply chains relate closely to data privacy and integrity, specifically

regarding the supply chain. Walmart integrated IBM’s Watson IoT solutions into its supply

chain management IT systems to ensure food quality, origin tracking, and waste reduction

(Hackius & Petersen, 2017). Pilot programs use a blockchain superordinate ledger to

transparently log and trace movement of food items (Hackius & Petersen, 2017). Walmart and

IBM record shipping details, store and farm origins, expiration dates, and other vital food supply

transactional data to a private blockchain ledger accessible to permissioned Walmart members

(Hackius & Petersen, 2017) in a peer-to-peer network. Use of blockchain for food supply chains

enables Walmart to verify food quality by tracing the origin of foodborne illness and reducing

the ability to manipulate data (Hackius & Petersen, 2017).

11
 Provenance. This startup uses public blockchains Bitcoin and Ethereum to secure the

supply chain (Allison, 2016). Provenance is now developing a blockchain-based application that

offers consumers transparency and visibility as products move across the supply chain (Kshetri,

2017). The goal is to provide the customer with a record of their product’s journey from

beginning to end (O’Brien, 2018). Additionally, Provenance seeks to ensure authorization of all

supply chain transactions, keeping them free from adversaries or malicious actors (“Blockchain:

The Solution for Supply Chain Transparency,” 2015).

Government

On May 11, 2017, President Donald J. Trump issued a “Presidential Executive Order on

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” (Trump,

2017). The following May, the Office of Management and Budget (OMB) released a “Federal

Cybersecurity Risk Determination Report and Action Plan” outlining alarming statistics about

the U.S. government’s ability to defend itself against cyberattacks (Daley, 2019). The report

acknowledged that most U.S. federal agencies could not detect and respond to cyber intrusion or

use effective encryption methods (Office of Management and Budget, 2018). Furthermore, 38%

of data compromises in 2017 were left unidentified (Daley, 2019).

The relationship between citizens and their government is based on trust. As

governments across the globe continue to modernize, they must incorporate emerging

technologies into public service improvements while establishing and increasing trust in the

public sector (Carter & Ubacht, 2018). Blockchain can conceivably transform the way

governments operate through the reduction of corruption and the enhancement of trust (Carter &

Ubacht, 2018). Blockchain offers governments the opportunity to provide transparent services,

delivering data integrity and stifling fraud and data manipulation (Carter & Ubacht, 2018). The

12
following state and national governments are just a few of those considering wide-scale adoption

of blockchain technology.

The State of Colorado. On May 7, 2018, the Colorado State Senate passed Senate Bill

18-086, which directs State offices and agencies to consider blockchain-based solutions for

protecting government documents (Huillet, 2018). The bill cites DLT as a possible way to

reduce fraud, malicious infiltration, and falsification of data (S.B. 18-086). The City of Denver

is currently piloting a program that permits absentee voters to cast their votes through a

blockchain-based mobile application (De, 2019). Supporters believe that blockchain voting

promotes a form of transparent voting that authenticates and audits all votes and secures them

from cyberattacks, meddling, and interference (De, 2019).

Australia. The Australian government is leading worldwide governmental adoption of

blockchain technology (Daley, 2019). Austraila’s 2018-2019 budget allocated $700,000

Australian dollars (AUD) to the Digital Transformation Agency (DTA) for investment in

research and development of blockchain technology for the improvement of government services

(Australian Government, Digital Transformation Agency, 2018). Additionally, the Department

of Home Affairs (DHA) proposed merging blockchain with artificial intelligence (AI) and IoT to

secure and streamline international trade (Comben, 2018). More recently, Australia teamed with

IBM to invest $1 billion AUD into blockchain solutions for cybersecurity (Comben, 2018).

Malta. Nicknamed Blockchain Island, Malta is also leading in blockchain development

for government (Tendon, 2018). The Maltese Parliament recently approved the Malta Digital

Innovation Authority Act, the Innovative Technological Arrangement and Services Act, and the

Virtual Financial Asset Act, all of which establish an official governmental regulatory regime for

blockchain and DLT (Pace, 2018). Malta’s existing blockchain strategy includes efforts to

13
improve and secure both public services and registries, offer digital identities and e-residency

status to individuals and legal entities, and develop a system of smart governance built on smart

contract capabilities (Tendon, 2018).

Estonia. Estonia, a very technologically advanced nation, offers vehicle registration, tax

and most other government services online (Kaljulaid, 2019). Due to the sensitivity of data

involved with transactions between the government and its citizens, the Estonian government

uses blockchain technology to safeguard that data (Kaljulaid, 2019). Data stored in public

databases receive a recorded time-stamp to prevent outside interference (Kaljulaid, 2019).

Aerospace and Defense

On November 16, 2017, the U.S. Senate approved a $700 billion defense authorization

bill that required the Department of Defense (DoD) to research cybersecurity applications of

blockchain technology and other DLTs (Curran, 2017). The bill commanded the DoD to plan for

government agency adoption of blockchain technology for assessment of and protection against

cyberattacks to critical infrastructure networks (Curran, 2017). Today, several government

agencies and contractors in the aerospace and defense sectors conduct research into blockchain

through technology development and pilot programs.

NASA. On January 10, 2019, the National Aeronautics and Space Administration

(NASA) proposed an air-traffic management blockchain infrastructure for security,

authentication, and privacy that uses permissioned blockchains to anonymize and secure air-

traffic control communication (Zmudzinski, 2019). The proposal came in response to the

Federal Aviation Administration’s (FAA) mandate that all aircraft accept the Automatic

Dependent Surveillance Broadcast (ADS-B) by the year 2020 (Reisman, 2019). ADS-B

14
disregards recognized threats and vulnerabilities, including denial of service (DoS) and false

aircraft positioning or third-party spoofing attacks (Reisman, 2019).

NASA’s proposed Aviation Blockchain Infrastructure (ABI) uses the open-source

Hyperledger Fabric blockchain framework, which allows air traffic controllers to conduct private

transactions via private channels (Reisman, 2019). The private channels enable the transmission

of private keys encrypted and shared with member peers, which promotes anonymity,

confidentiality, and overall security against malicious attacks (Reisman, 2019).

DARPA. The Defense Advanced Research Projects Agency (DARPA), which assisted

in the Internet’s design, is researching uses of blockchain technology to secure the defense sector

(Wong, 2016). Since much classified information surrounds critical defense data, data integrity

is crucial to national security (Hamilton, 2018). Blockchain will let DARPA detect information-

meddling or unauthorized intrusion efforts by tracking and instantly verifying the validity of

information (Hamilton, 2018). To do so, the agency teamed up with Galois to test block cipher

modes that use symmetric key block algorithms to ensure confidentiality and authentication

(Dworkin, 2017). Block cipher modes integrate blockchain with coding to create immutable

lines of code (Hamilton, 2018).

DARPA is also developing blockchain messaging applications (Hamilton, 2018).

Through decentralized communications, defense entities can determine whether communications

are intercepted or compromised (Hamilton, 2018). Blockchain messaging encrypts

communications, providing instant verification (Hamilton, 2018). The blockchain messaging

technology distributes messages between the sender to the receiver across multiple channels

within a decentralized ledger (Curran, 2017). This greatly reduces hackers’ interference with

communications and decreases the probability of transmission delays (Hamilton, 2018).

15
 Lockheed Martin and Guardtime Federal. Lockheed Martin collaborated with

Guardtime Federal to become the first U.S. defense contractor to adopt blockchain technology

for cybersecurity (PRNewswire, 2018). While specific applications are unclear, Lockheed

Martin and Guardtime Federal collaborated on Cyber Aware Systems Engineering, which

partially used blockchain to improve data integrity and reduce cyber risk (PRNewswire, 2018).

The two companies seek to use blockchain to ensure that malicious actors do not interfere with

or corrupt the process of weapons development (Daley, 2019).

Healthcare

The healthcare industry is highly vulnerable to malicious cyberattacks, as smart devices

share and store patients’ personally identifiable information (PII) and sensitive medical records

(McGhin, Choo, Liu & He, 2019). PII and medical data must be protected under the Health

Insurance Portability and Accountability Act (HIPAA) (McGhin et al., 2019). As a result, the

healthcare industry requires medical data to be secure, authenticated, interoperable, and mobile

(McGhin et al., 2019). Naturally, careless sharing of medical records can adversely affect the

confidentiality, integrity, and availability of data (McGhin et al., 2019). Blockchain solutions

offer the healthcare industry both decentralized storage and authentication through applications

that use smart contracts and deliver identity management, verification, and fraud detection

(McGhin et al., 2019).

Gem Health Network. This company has developed a blockchain-based solution to

centralized healthcare data-sharing (McGhin et al., 2019). They created a shared network

infrastructure in which Ethereum blockchain technology lets healthcare providers access

decentralized, real-time, and transparent medical data (McGhin et al., 2019). All healthcare

professionals in the network may access the same accurate, up-to-date information (McGhin et

16
al., 2019). A streamlined, peer-to-peer approach to patient data-sharing greatly reduces risks

associated with inaccurate medical information and provider negligence (McGhin et al. 2019).

OmniPHR. Like the Gem Health Network, Roehrs, da Costa, & Righi (2017) developed

a blockchain-based solution to handling patient records, allowing for integrated, cooperative

access to patient healthcare records across various healthcare providers (McGhan et al., 2019).

OmniPHR uses blockchain technology to hierarchically store and encrypt personal health records

across distributed blocks of chained data, verifying user identities through defined roles and

responsibilities. The hierarchical organization of data blocks allows for data interoperability

across multiple users and platforms in a peer-to-peer network (McGhin et al., 2019).

Medrec. Medrec also uses blockchain for decentralized management and storage of

electronic medical records. Here, blockchain assigns data ownership and permissioned access to

members of a peer-to-peer network, while Ethereum-based smart contracts allow for automation

and tracking of all data transactions, including viewer permission changes, new medical record

additions, and data and record sharing authorization. The Medrec model permits both providers

and patients to safely share data, eliminating the single point of entry or failure (McGhan et al.,

2019).

17
 DISCUSSION OF FINDINGS

Major Findings

This capstone project identified and presented DLT and blockchain-based applications

for cybersecurity and data protection. Through analysis of various organizations and use cases,

the literature review showed whether current or proposed blockchain applications provide a

viable alternative to the conventional system of defense against cyberattacks. To address this

issue, this capstone project attempted to answer three research questions:

1. What are the potential applications of blockchain and DLT in cybersecurity?

2. How will wider adoption of these technologies affect cybersecurity industries?

3. What are the risks or barriers to adapting these technologies for cybersecurity?

Referenced materials included academic peer-reviewed papers, journals, whitepapers,

state and federal legislation, and digital news articles pertaining to cybersecurity and blockchain

technology. Most scholarly works referenced in this project were highly technical, primarily

focusing on blockchain relative to cryptocurrency. Those referenced works that did focus on

blockchain for cybersecurity generally cited individual applications, use cases, and industries.

As such, the literature review attempted to curate information from various detailed sources to

give the reader a broader, more global understanding of blockchain for cybersecurity.

The literature review presented various themes relating to the research questions: (1)

what blockchain and DLT are and how their decentralized and distributed design presents

promising applications for the cybersecurity industry; (2) blockchain’s specific benefits for

cybersecurity and various organizations’ adaptation of the technology to achieve various ends;

and (3) that only a handful of organizations are early adopters of blockchain for cybersecurity,

which indicates that blockchain has not yet entered the mainstream.

18
Theme 1: Blockchain and DLT Present Promising Applications for Cybersecurity

RQ1: What are the potential applications of blockchain and DLT in cybersecurity?

Although much enthusiasm surrounds blockchain technology’s value to cryptocurrencies and

financial services, the literature review uncovered sectors and use cases of blockchain

technology for non-currency cybersecurity applications. The above research suggested that,

among industries now using or testing blockchain cybersecurity solutions, IoT security, supply

chain management, government, aerospace, military, defense, and healthcare benefit

significantly (Kshetri, 2017). While these industries are not alone in their research and

development into blockchain’s cybersecurity potential, they are leading the advancement of a

budding technology (Kshetri, 2017).

IoT Security

The IoT has expanded for personal use in the home and continues to be common in

military and healthcare applications (Taylor et al., 2019). Blockchain IoT applications provide

access control that prevents malicious activity, device identification, and authentication (Taylor

et al., 2019). More importantly, blockchain for IoT secures the transfer of data among IoT

devices (Taylor et al., 2019).

Secure communication. The literature review also highlighted several blockchain

applications for secure communication among connected IoT devices, as well as individuals.

DARPA developed and tested blockchain messaging applications to prevent interception and

provide identity verification. NASA’s ABI used blockchain to secure air-traffic

communications. Filament applied blockchain’s encryption and smart contract capabilities to the

unique identification of devices, ensuring secure communication among them.

19
Data Sharing and Storage

Distributed ledgers eliminate the single point of entry or failure, decreasing the

probability of data manipulation or tampering (Taylor et al., 2019). Current blockchain

applications allow for safe, secure data storage. If data receive cryptographic hashes, data

transactions are verified and protected from unauthorized access (Taylor et al., 2019).

Blockchain encryption ensures that peers can fully control their data and track their movement

(Taylor et al., 2019). The literature review reveals the usefulness of data storage and sharing

applications for voting and government services, medical records, and supply chains.

Voting and government services. The State of Colorado and the City of Denver

demonstrate potential and existing blockchain applications for digitally protecting government

documents and securing the voting process (De, 2019). Australia, Malta, and Estonia have

integrated blockchain security into many government services to secure transactions between

governments and citizens. Finally, the use cases in government outlined the potential for

blockchain applications to apply smart contracts to government services and to assign unique

cryptographic identities and e-residency status to citizens.

Medical records. Companies such as OmniPHR, Medrec, and the Gem Health Network

demonstrated blockchain’s capacity to secure medical data and PII. A decentralized approach to

medical data sharing can assure patients and healthcare professionals that data remain private

and tamper-proof (McGhin et al., 2019). Nearly all blockchain applications within the healthcare

industry promote data security and integrity regarding medical records and patient personal data.

Supply chain. As we learned from the use cases involving blockchain for such supply

chain security pioneers as Walmart and Provenance, a particularly promising application of

blockchain in the supply chain is provision of transparency and protection against data-

20
tampering. Walmart’s piloted blockchain applications allows for the tracking of the transfer of

data related to goods and services. This not only ensures quality, but also reduces potential for

data manipulation. Similarly, Provenance developments demonstrated blockchain applications

that promote production and supply chain visibility (Kshetri, 2017).

Theme 2: Cyber-Specific Benefits of Blockchain and DLT

RQ2: How will wider adoption of these technologies affect cybersecurity industries?

The literature review outlined blockchain applications and use cases that presented promising

solutions for the cybersecurity industry. Development across various sectors showed

blockchain’s unlimited potential to provide data protection and security in diverse areas. The

above research specifically exhibited blockchain’s capacity to provide organizations with data

verification, validation, authentication, digital identification, decentralized data storage, data

integrity, fraud detection and prevention, scalability, traceability, and privacy protection.

Cyber threat mitigation. From a global threat mitigation perspective, research showed

that blockchain technology brings protection from cyberattacks associated with a single point of

entry. For example, the traditional, centralized architecture of cloud-based IoT systems gives

malicious actors a single point of entry, or a single point of failure, into multiple connected

devices. Unauthorized access to an entire network of connected devices enables hackers to

exploit vulnerabilities and launch DDoS attacks at a mass scale (Qian et al., 2018). The

literature review explored the Mirai Botnet, which exploited compromised IoT devices to launch

massive DDoS campaigns. Blockchain’s decentralized approach records and stores data as

unique, individual transactions that are encrypted, replicated, and shared among peers rather than

managed by a central authority. This eliminates the single point of failure associated with many

of today’s most common cyber threats (Kshetri, 2017).

21
 Identity management: Verification, validation, authentication. Mainstream adoption of

blockchain technology can help the cybersecurity industry to verify, validate, and authenticate

users and user data. Rather than centralized reliance on a singular monitor or external authority,

blockchain—particularly public ledgers—presents peers with distributed transparency that

allows anyone to monitor and verify transactions (Shackelford, 2018). Blockchain’s ability to

assign unique hashes to all transactions lets peers compare hashes, thus reducing the chance of

fraudulent activity (Mire, 2019). Verification suits not only identities and transactions but also

software downloads and updates, which occasionally contain malware (Mire, 2019). Blockchain

verification lets users compare hashes with developer hashes to validate that no malware is

present (Mire, 2019). These key features appeared in nearly all use cases in the literature review.

Supply chains, healthcare, IoT, government, aerospace and defense can all greatly benefit from

integrating blockchain into cybersecurity strategy.

Blockchain adoption also gives users improved identity management capabilities,

particularly within healthcare and government. In both sectors, where sensitive personal data are

highly valuable to hackers and fraudsters, blockchain provides the encryption and authentication

capabilities necessary to protect personal information. Through private keys and permissioned

access, organizations can protect the valuable data they must keep safe (Maull et al., 2017).

Decentralized data storage. Billions of individuals share and store their personal data

online. Nevertheless, centralized cloud solutions are often vulnerable to cyberattacks and

privacy violations when a third-party central authority controls the data (Crosby et al., 2016). If

malicious actors gain access to that central authority, malicious actors can compromise personal

data. Decentralized data storage enables the cybersecurity industry to distribute and encrypt

data, manage access to them, and prevent unauthorized intrusion into them.

22
 Transparency. The public sector, as we have seen in Colorado, Australia, Estonia, Malta

and others, has recognized blockchain’s ability to provide transparency as a cybersecurity

strength. The use of blockchain technology to secure public service transactions means that

immutable data blocks are recorded, stored, and accessible to stakeholders (Carter & Ubacht,

2018). Additionally, every blockchain transaction can be traced back to the initiator of the

transaction (Reyna et al., 2018). This not only protects private data from wrongful intrusion and

manipulation, but also helps to eradicate corruption and fraud at the governmental level, vastly

improving trust and transparency (Carter & Ubacht, 2018).

Data integrity, auditability, and immutability. Distributed consensus, cryptographic

sealing, and time-stamping preserve data transaction validity. Data recorded into the blockchain

becomes immutable, or impossible to edit, delete, or copy. Provenance is achieved by

chronological storing and hashing, which allow easy auditing and tracking of transactions (Carter

& Ubacht, 2018). This is particularly useful in government services and supply chains, where

data consistency, traceability, and origin are key.

Anonymity and privacy. Although blockchain solutions provide tremendous

transparency and traceability by requiring peer-to-peer authentication and verification, some

anonymity and privacy with positive implications remain for the cybersecurity industry. In a

blockchain system, public-key cryptography ensures anonymity and protection of identities

(Carter & Ubacht, 2018). Anonymity is particularly useful in aerospace, military, and defense

sector communications, where adversary interference can be devastating. In healthcare,

blockchain applications, such as MedRec, greatly aid data-sharing and data privacy over a

trustless network (McGhin, 2019).

23
Theme 3: Blockchain Adoption Has Not Entered the Mainstream

RQ3: What are the risks or barriers to adapting these technologies for

cybersecurity? As the literature review illustrated, although several sectors and select

organizations are progressing in developing blockchain solutions for cybersecurity, blockchain

solutions will not enter the mainstream for a long time. Despite their many positive attributes for

cybersecurity, challenges, risks, and limitations to wide-scale adoption endure (Crosby et al.,

2016), including high overhead costs, lack of standardization, data and privacy leakage, and

inefficient key management (McGhin et al., 2019). Moreover, mainstream blockchain adoption

would require substantial societal behavioral change, such as government regulation,

bootstrapping, and prevention of fraudulent or malicious uses of blockchain (Crosby et al.,

2016). The adoption of new innovations occurs at varying rates, “from early innovators to late

laggards” (Woodside et al., 2017, p. 68). The use cases and applications outlined in this paper

exhibited many of the early innovators of blockchain for cybersecurity. Potentially late adopters,

however, will more likely balk at the following risks and barriers to mainstream adoption.

Standardization. Blockchain’s relatively nascent status makes it an immature,

comparatively uncharted technology. Unless early innovators in blockchain for cybersecurity

continue to develop new and groundbreaking applications, a standard set of practices will not

likely emerge (McGhin et al., 2019). Lack of standardization foils mainstream adoption,

requiring potential blockchain adopters for cybersecurity to explore new territories and develop

their own unique standards of practices (McGhin et al., 2019). Until technological practice

standardization breeds confidence in its users, mainstream adoption and acceptance of

blockchain for cybersecurity will continue to take time.

24
 Drawbacks to decentralization. Though one of blockchain’s most valued attributes,

decentralization has its flaws. A major risk to decentralized data storage is the possibility of data

loss or leakage (McGhin et al., 2019). Within healthcare in particular, highly sensitive data may

leak in a blockchain system, since users retrieve data from public, distributed ledgers (McGhin et

al., 2019). Although users must authenticate, verify identity, and decrypt data, decentralized

storage risks the transmission of the wrong information into the wrong hands (McGhin et al.,

2019).

Key management. Blockchain solutions necessitate private and public key encryption for

sharing and access control (McGhin, 2019). Applying public and private keys to blockchain

solutions is challenging, however. As McGhin et al. (2019) suggests, a single key for all blocks

creates a single point of entry, which negates any benefit of blockchain’s distributed nature. Yet

a single key for each block is impractical from a cost/benefit perspective, as storing and

recovering large numbers of keys requires ample time and resources (McGhin, 2019).

Overhead and scalability. On a related note, overhead cost and scalability is a major

challenge to widespread blockchain adoption. The literature review demonstrated that mostly

major corporations and governments are testing for blockchain cybersecurity solutions, likely

due to the extremely high overhead cost associated with bandwidth and other computational

requirements (McGhin, 2019). IoT devices are limited in their computational and processing

capabilities, so applying blockchain solutions to IoT security can drastically affect device

performance (McGhin, 2019). Until we address the issues of overhead and scalability,

blockchain for IoT requires considerable time and resources, which may not work for smaller

organizations. Also, adoption of blockchain or any new technology requires bootstrapping or the

25
migration and transfer of resources to a new technology, which may be costly and time-

consuming (Crosby et al., 2016).

Resistance to change. Blockchain, like any new technology, will always have

innovators, early adopters, early and late majorities, and laggards (Woodside et al., 2017). As

blockchain solutions multiply, many will doubt its effectiveness. To accept and adopt any new

technology, a change in behavior is necessary, as mainstream assimilation of blockchain

technology requires openness and willingness to change (Crosby et al., 2016). As more

organizations appropriate blockchain solutions, attitudes toward mainstream adoption will likely

change.

Government regulation. Mass adoption of any new or expanding technology typically

warrants increased government regulation, so, as blockchain solutions continue to emerge,

government agencies will likely introduce laws and legislation to oversee and police the use of

the technology. While it may initially slow the growth of blockchain, government regulation

may in fact promote long-term trust in it (Crosby et al., 2016). Likewise, use of unregulated

technology may present barriers to mainstream adoption.

Comparison of the Findings

As discussed, existing scholarly research into blockchain technology relates to

cryptocurrency applications, as well as the financial services sector. Although research into

blockchain’s cybersecurity applications does exist, much of the referenced material in the

literature review emphasized blockchain’s cybersecurity applications for specific industries,

organizations, or sectors. Additionally, much of the research into blockchain technologies was

highly technical, primarily focusing on blockchain architecture and capability. Few referenced

materials revealed the specific applications of blockchain for cybersecurity across various

26
industries and sectors. In contrast, the research for this capstone project largely focuses on the

benefits of blockchain and its applications through a cybersecurity lens.

Limitations of the Study

The primary limitation of this study pertains to blockchain’s immaturity as a solution for

cybersecurity and data privacy. Most use cases in the literature review were merely proposals,

pilot programs, or applications in infancy development stages. Thus, many of the proposed

benefits of blockchain for cybersecurity are largely speculative, and their real-world implications

will remain unclear until early adopters conduct further research and development. On a related

note, organizations adopting blockchain technology may be less than willing to provide

transparency into their cybersecurity strategy, for fear both attackers and competition will gain

an unfair advantage.

A secondary limitation to this study involved the industries, organizations, and sectors

not included in the literature review. Additional literature suggests that blockchain solutions can

profoundly affect data privacy relating to a variety of other industries and applications, including

real estate, intellectual property, intelligent transportation systems, aviation, smart homes, smart

property, money lending, asset management, and notary public. The scope of the research

presented in this Capstone Project did not include applications and use cases related to all

industries and sectors. However, future research could explore blockchain and DLT’s potential

impact on cybersecurity and data privacy relating the other industries, sectors, and applications

and their use cases.

Lastly, insight into the specific use cases outlined in this project was somewhat limited.

While a majority of the projects and proposals outlined in the literature review came from

scholarly sources, in some cases, information on the specifics of blockchain projects was lacking.

27
This can be justified as organizations must keep their own best interests at the forefront of

operations. As a result, information relating to the specifics of intellectual property developments

is not always publicly accessible.

28
 CONCLUSION

The purpose of this Capstone Project was to examine blockchain technology’s existing

and potential applications for cybersecurity across various industries and sectors, from private

corporations, to government agencies and beyond. More importantly, the goal of this project

was to determine whether blockchain technology provides an effective or superior solution to

issues related to cybersecurity. The project mainly focused on the budding technology’s

promising applications for the prevention of data tampering, data theft, and various other

cyberattacks. Through careful analysis of specific cybersecurity blockchain applications and use

cases, this Capstone Project determined, while blockchain technology does provide a viable

alternative to the conventional system of defending against cyberattacks, blockchain has not

reached its apex as a widely accepted or adopted cybersecurity solution.

The literature review revealed that, despite its initial application as the technology behind

cryptocurrencies, blockchain technology does in fact offer practical cybersecurity and data

protection applications. Research indicated that such practical applications are most evident

within the fields of IoT, Supply Chain, Government, Healthcare, Military, Aerospace, and

Defense. These industries have proven, through pilot programs and both independent and

government sponsored research and development, that blockchain can be a powerful tool in

preventing foreign intrusion into private networks that house highly sensitive data through

decentralization and the elimination of the single point of entry.

The discussion of findings section uncovered the cyber-specific attributes of blockchain

technology that present some of the most positive implications for the cybersecurity industry.

Blockchain technology is extremely effective for securing communications, protecting sensitive

data, and mitigating cyber threats associated with centralization. Additionally, blockchain

29
provides verification, validation, and authentication, ensuring both user and data integrity and

preventing data theft and/or tampering. Lastly, the proof-of-work system and distributed

consensus model promotes transparency, auditability, and immutability – three key

characteristics associated with blockchain and DLT.

Despite blockchain’s many positive attributes and successful cybersecurity-related

application use cases, the discussion of findings uncovered several risks and barriers to

mainstream adoption. Risks and barriers included a lack of standardization, difficult key

management, high overhead costs, overwhelming bandwidth requirements, the human tendency

to resist change, and a lack of government regulation. Perhaps these barriers reveal why the

most notable early innovators and adopters of blockchain technology for cybersecurity have been

major corporations and government entities that possess the capital and willingness to do so.

At the time of this writing, as more organization continue to explore blockchain solutions

for cybersecurity, it will likely remain a solution only for those willing to take on the risks and

overcome the barriers to entry. Each individual use case presented in this Capstone Project

represents an innovator or an early adopter. Innovators are typically far more adventurous,

technologically savvy, and more willing to fail due to “significant financial backing” (Woodside

et al., 2017, p. 68). Similarly, early adopters are more willing to overlook many of the risks

associated with adopting new technologies (Woodside et al., 2017). Currently, most

organizations would likely fall into the category of laggards when it comes to mainstream

adoption (Woodside et al., 2017).

The research conducted in this Capstone Project demonstrated blockchain technology

does in fact present a viable alternative to conventional cybersecurity practices. However, due to

the many challenges and risks that stand in the way of mainstream adoption, it is unlikely

30
blockchain will emerge from its infancy for some time. Until mainstream adoption, blockchain’s

features can be utilized by those willing to strengthen systems and protect them from cyber

threats at all costs (Rawat et al., 2019). For those innovators and early adopters, such as the ones

outlined in this project, blockchain technology will remain one of many potent tools to

incorporate into an organization’s cybersecurity arsenal. That said, while blockchain is not a

perfect cybersecurity solution, those organizations that utilize the technology can rest assured

that data is significantly more secure from theft, fraud, tampering, or manipulation.

31
 REFERENCES

Accenture/Ponemon Institute (2019). The cost of cybercrime. (2019). Network

Security, 2019(3), 4-4. doi:10.1016/S1353-4858(19)30032-7

Allison, I. (2016, January 13). Provenance has a big year ahead delivering supply chain
transparency with Bitcoin and Ethereum. International Business Times. Retrieved from
https://www.ibtimes.co.uk/provenance-has-big-year-ahead-delivering-supply-chain-
transparency-bitcoin-ethereum-1537237

Ammous, S. (2019). Blockchain technology: What is it good for? Banking & Finance Law
Review, 34(2), 239-251. Retrieved from
https://search.proquest.com/docview/2207838734?accountid=28902

Arnold, A. (2019, January 02). Here’s why more enterprises are considering blockchain as data
privacy solution. Forbes. Retrieved from
https://www.forbes.com/sites/andrewarnold/2019/01/02/heres-why-more-enterprises-are-
considering-blockchain-as-data-privacy-solution/#70891e7bcb73

Australian Government, Digital Transformation Agency. (2018, May 08). Budget 2018–19 for
the DTA. Retrieved from https://www.dta.gov.au/news/budget-2018-19-dta

Back, A. (2019, February 25). Difference between blockchain & distributed ledger technology?
The Blockchain Review. Retrieved from https://medium.com/blockchain-review/whats-
the-difference-between-blockchain-distributed-ledger-technology-19407f2c2216

Barzilay, O. (2017, November 22). 3 ways blockchain is revolutionizing cybersecurity. Forbes.

Retrieved from https://www.forbes.com/sites/omribarzilay/2017/08/21/3-ways-
blockchain-is-revolutionizing-cybersecurity/#5011f2442334

Carter, L. & Ubacht, J. (2018). Blockchain applications in government. In Proceedings of the

19th annual International Conference on Digital Government Research: Governance in
the data age, article no. 126 (pp. 1-2). doi:10.1145/3209281.3209329.

Comben, C. (2018, August 14). 5 signs that blockchain innovation is booming in Australia.
Coin Central. Retrieved from https://coincentral.com/blockchain-innovation-in-australia/

Crosby, M., Pattanayak, P., Verma, S., & Kalyanaraman, V. (2016). Blockchain technology:
Beyond bitcoin. Applied Innovation, 2(6-10), 71.

Curran, J. (2017, November 20). Congress wants DoD to spill on plans for blockchain security.
MeriTalk. Retrieved from https://www.meritalk.com/articles/congress-wants-dod-to-
spill-on-plans-for-blockchain-security/

32
Daley, S. (2019, March 16). Wallets, hospitals and the Chinese military: 19 examples of
blockchain cybersecurity at work. Built In. Retrieved from
https://builtin.com/blockchain/blockchain-cybersecurity-uses

De, N. (2019, March 07). City of Denver to Pilot blockchain Voting App in Coming Elections.
Retrieved from https://www.coindesk.com/city-of-denver-to-pilot-blockchain-voting-
app-in-coming-elections

Dworkin, M. (2017, January 4). Block cipher techniques: Block cipher modes. (2017, January
4). Computer Security Resource Center, National Institute of Standards and Technology.
Retrieved from https://csrc.nist.gov/projects/block-cipher-techniques/bcm

Gupta, V. (2017). A brief history of blockchain. Harvard Business Review, 28. Retrieved from
https://hbr.org/2017/02/a-brief-history-of-blockchain

Hackius, N., & Petersen, M. (2017). Blockchain in logistics and supply chain: trick or treat?
In Proceedings of the Hamburg International Conference of Logistics (HICL) (pp. 3-18).
epubli.

Hamilton, D. (2018, October 02). DARPA blockchain programs. Coin Central. Retrieved
from https://coincentral.com/darpa-blockchain-programs/

How blockchain architecture works? Basic Understanding of Blockchain and its Architecture.
(2018, July 10). Retrieved from https://www.zignuts.com/blogs/how-blockchain-
architecture-works-basic-understanding-of-blockchain-and-its-architecture/

Hughes, A., Park, A., Kietzmann, J., & Archer-Brown, C. (2019). Beyond bitcoin: What
blockchain and distributed ledger technologies mean for firms. Business Horizons, 62(3),
273-281. doi:10.1016/j.bushor.2019.01.002

Huillet, M. (2018, May 08). Colorado passes bill advocating blockchain for gov’t data
protection and cyber security. CoinTelegraph, the Future of Money. Retrieved from
https://cointelegraph.com/news/colorado-passes-bill-advocating-blockchain-for-govt-
data-protection-and-cyber-security

Hsieh, M., & Ravich, S. (2017). Leveraging blockchain technology to protect the national
security industrial base from supply chain attacks. Research memo, Foundation for
Defense of Democracies.

Khan, M., & Salah, K. (2018). IoT security: Review, blockchain solutions, and open challenges.
Future Generation Computer Systems, 82, 395-411. doi:10.1016/j.future.2017.11.022

Koehler, T. (2017). Use of blockchain technology in countering cyberattacks (Order No.

10623159). Available from Dissertations & Theses @ Utica College. (1957372076).
Retrieved from https://search.proquest.com/docview/1957372076?accountid=28902

33
Kshetri, N. (2017). Blockchain’s roles in strengthening cybersecurity and protecting privacy.
Telecommunications Policy, 41(10), 1027-1038. doi:10.1016/j.telpol.2017.09.003

Kshetri, N. (2017). Can blockchain strengthen the Internet of things? IT professional, 19(4), 68-
72. doi:10.1109/MITP.2017.3051335

Lewis, D. (2017, October 23). The DDoS attack against Dyn one year later. Forbes. Retrieved
from https://www.forbes.com/sites/davelewis/2017/10/23/the-ddos-attack-against-dyn-
one-year-later/#2dd890731ae9

Maull, R., Godsiff, P., Mulligan, C., Brown, A., & Kewell, B. (2017). Distributed ledger
technology: Applications and implications. Strategic Change, 26(5), 481-489.

McGhin, T., Choo, K., Liu, C., & He, D. (2019). Blockchain in healthcare applications:
Research challenges and opportunities. Journal of Network and Computer
Applications, 135, 62-75. doi:10.1016/j.jnca.2019.02.027

Mikell, M. (2018, June 12). S.A.V.E. from IoT: Trust and tracking from a new IoT Blockchain
Service. IBM Internet of Things Blog. Retrieved from
https://www.ibm.com/blogs/internet-of-things/iot-new-blockchain-service/

Minoli, D., & Occhiogrosso, B. (2018). Blockchain mechanisms for IoT security. Internet of
Things, 1-2, 1-13. doi:10.1016/j.iot.2018.05.002

Mire, S. (2019, June 18). Blockchain in cybersecurity: 10 possible use cases. Disruptor Daily.
Retrieved from https://www.disruptordaily.com/blockchain-use-cases-cyber-security/

Morkunas, V., Paschen, J., & Boon, E. (2019). How blockchain technologies impact your
business model. Business Horizons, 62(3), 295-306. doi:10.1016/j.bushor.2019.01.009

Mylrea, M., & Gourisetti, S. N. G. (2018, August). Blockchain for supply chain cybersecurity,
optimization and compliance. In 2018 Resilience Week (RWS) (pp. 70-76). IEEE.

Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.

O’Brien, C. (2018, December 09). Startup of the week: provenance. The Innovator. Retrieved
from https://innovator.news/startup-of-the-week-provenance-2396dc13f7a0

Office of Management and Budget. (2018, May). Federal Cybersecurity: Risk Determination
Report and Action Plan. Washington, DC: Executive Office of the President of the
United States. Retrieved from https://www.whitehouse.gov/

Qian, Y., Jiang, Y., Chen, J., Zhang, Y., Song, J., Zhou, M., & Pustišek, M. (2018). Towards
decentralized IoT security enhancement: A blockchain approach. Computers and
Electrical Engineering, 72, 266-273. doi:10.1016/j.compeleceng.2018.08.021

34
Pace, Y. (2018, July 04). Roads agency, blockchain regulatory framework approved by
Parliament. Malta Today. Retrieved from
https://www.maltatoday.com.mt/news/national/87998/roads_agency_blockchain_regulato
ry_framework_approved_by_parliament#.Wz81W9IzZ0x

Patel, C., & Doshi, N. (2019). Security challenges in IoT cyber world. In Security in Smart
Cities: Models, Applications, and Challenges, Hassanien, A. E., Elhoseny, M., Ahmed,
S. H., & Singh, A. K. (Eds.) (pp. 171-191). New York, NY: Springer.

Primas. (2018, June 13). Data privacy & decentralization. Hacker Noon. Retrieved from
https://hackernoon.com/data-privacy-decentralization-2f894c5d9a25

PRNewswire. (2018, July 09). Lockheed Martin partners with Guardtime Federal for innovative
cyber technology. Lockheed Martin. Retrieved from
https://news.lockheedmartin.com/2018-07-09-Lockheed-Martin-Partners-with-
Guardtime-Federal-for-Innovative-Cyber-Technology

Rawat, D. B., Chaudhary, V., & Doku, R. (2019). Blockchain: Emerging Applications and Use
Cases. arXiv preprint arXiv:1904.12247.

Reisman, R. J. (2019). Air traffic management blockchain infrastructure for security,

authentication, and privacy. Moffett Field, CA: NASA Ames Research Center.
Retrieved from https://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/20190000022.pdf

Reyna, A., Martín, C., Chen, J., Soler, E., & Díaz, M. (2018). On blockchain and its integration
with IoT challenges and opportunities. Future Generation Computer Systems, 88, 173-
190. doi:10.1016/j.future.2018.05.046

Rizzo, P. (2015, August 19). Filament nets $5 million for blockchain-based Internet of Things
hardware. CoinDesk. Retrieved from https://www.coindesk.com/filament-nets-5-
million-for-blockchain-based-Internet-of-things-hardware

Roehrs, A., da Costa, C. A., & Righi, R. D. R. (2017). OmniPHR: A distributed architecture
model to integrate personal health records. Journal of Biomedical Informatics, 71, 70-81.
doi:10.1016/j.jbi.2017.05.012

Shackelford, S. J., & Myers, S. (2017). Block-by-block: Leveraging the power of blockchain
technology to build trust and promote cyber peace. Yale JL & Tech., 19, 334. Retrieved
from https://digitalcommons.law.yale.edu/yjolt/vol19/iss1/7/

Tendon, S. (2018, February 23). Malta’s national blockchain strategy: The big picture. Chain
Strategies. Retrieved from https://chainstrategies.com/2018/02/18/maltas-national-
blockchain-strategy-the-big-picture/

Trump, D. J. (2017, May 11). Executive order no. 13800: Strengthening the cybersecurity of
federal networks and critical infrastructure. Federal Register. Retrieved from

35
 https://www.federalregister.gov/documents/2017/05/16/2017-10004/strengthening-the-
cybersecurity-of-federal-networks-and-critical-infrastructure

Wong, J. I. (2016, October 10). Even the US military is looking at blockchain technology—to
secure nuclear weapons. Quartz. Retrieved from https://qz.com/801640/darpa-
blockchain-a-blockchain-from-guardtime-is-being-verified-by-galois-under-a-
government-contract/

Wood, G., Meiklejohn, S., Buchanan, A., Brewster, C., Laughlin, H., Green, N., & Mallet, P.
(2015, November 21). Blockchain: The solution for supply chain transparency.
Provenance. Retrieved from https://www.provenance.org/whitepaper

Woodside, J. M., Augustine Jr., F. K., & Giberson, W. (2017). Blockchain technology
adoption status and strategies. Journal of International Technology and Information
Management, 26(2), 65-93.

Workie, H., & Jain, K. (2017). Distributed ledger technology: Implications of blockchain for
the securities industry. Journal of Securities Operations & Custody, 9(4), 347-355.

Zmudzinski, A. (2019, January 11). NASA publishes proposal for air traffic management
blockchain based on HyperLedger. CoinTelegraph, the Future of Money. Retrieved
from https://cointelegraph.com/news/nasa-publishes-proposal-for-air-traffic-
management-blockchain-based-on-hyperledger

36