📁
shine
  • Introduction to the Shine Blockchain platform
  • Shine overview
  • Shine USP
  • About EOSIO
  • Consensus mechanisms
  • Shine Proof of Authority consensus
  • Data privacy
  • Scalability
  • Business details
    • Why Blockchain
    • Why another Blockchain platform
    • Applications of Shine
      • Assumptions
      • Precious metals traceability
      • Food traceability
        • Spices
        • Perishables
        • Seafood
      • Carbon footprint monitoring
  • Tools, Technologies, and Architecture
    • Docker
    • MongoDB
    • Encryption
    • Server Security
    • Server requirements
    • Architecture
    • Transaction flows
  • Protocol
    • Microservices and APIs
    • Account management
  • Shine Blockchain Setup
    • SHINE Software Installation
    • Create Private/Public key pairs
    • Start the Blockchain node
    • Deploying System Smart Contracts
    • Add Producer/Validator Nodes
    • Node Security Setup
    • Deploying Traceability Smart Contracts
  • Backend Setup
    • Installing Prerequisites
    • Starting The Application
  • Front end Setup
    • User Interface
Powered by GitBook
On this page
  • Overall security measures
  • SSH Keys
  • Firewalls

Was this helpful?

  1. Tools, Technologies, and Architecture

Server Security

PreviousEncryptionNextServer requirements

Last updated 11 months ago

Was this helpful?

Overall security measures

Security features implemented in Shine are:

a. SSL.

b. SELinux.

c. OAuth2 for authorization management.

d. Inbuilt security features in Docker containers.

e. Inbuilt security of the blockchain for data privacy, data security, and secure data sharing between the authorized parties. Secp256k1 encryption is used to encrypt and decrypt data. Secp256k1 is used in most Blockchain platforms as the standard encryption mode.

SSH Keys

SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers.

With SSH keys, a private and public key pair are created for the purpose of authentication. The private key is kept secret and secure by the user, while the public key can be shared.

How Do SSH Keys Enhance Security?

With SSH, any kind of authentication — including password authentication — is completely encrypted. However, when password-based logins are allowed, malicious users can repeatedly attempt to access the server, especially with servers that have public-facing IP addresses. With modern computing power, it is possible to gain entry to a server by automating these attempts and trying combination after combination until the right password is found.

Setting up SSH key authentication allows you to disable password-based authentication. SSH keys generally have many more bits of data than a password, meaning that there are significantly more possible combinations that an attacker would have to run through. Many SSH key algorithms are considered uncrackable by modern computing hardware because they would require too much time to run through all of the feasible matches.

Firewalls

A firewall is a piece of software that controls what services are exposed to the network. This means blocking or restricting access to every port except for those that should be publicly available.

How Do Firewalls Enhance Security?

Firewalls are an essential part of any server configuration. Even if your services themselves implement security features or are restricted to the interfaces you’d like them to run on, a firewall serves as an extra layer of protection.

A properly configured firewall will restrict access to everything except the specific services you need to remain open. Exposing only a few pieces of software reduces the attack surface of your server, limiting the components that are vulnerable to exploitation.

How to Implement Firewalls

  • UFW, or Uncomplicated Firewall, is installed by default in some Linux distributions like Ubuntu.

  • IPtables is a Linux command line firewall that allows system administrators to manage incoming and outgoing traffic via a set of configurable table rules. Iptables uses a set of tables which have chains that contain set of built-in or user defined rules.