A Business Process Model for Information Security Risk Assessment in the Blockchain Cloud

  • 張 騏鈞

Student thesis: Doctoral Thesis


Blockchain-as-a-Service (BaaS) which mainly facilitates B2B transactions for companies in a safer and more efficient way than other alternatives is drawing increasingly more attention from industry and academics It helps companies reduce the barriers to using blockchain technology and tracking goods in the global supply chain In addition to the benefits of blockchain technology in cloud services security issues around its use should be of equal concern Therefore in this study a method is proposed for assessing the information security risks associated with the use of this technology before deploying business processes to blockchain cloud service providers based on the risk management principles compiled by the International Organization for Standardization and the guidelines outlined in ISO 31000:2018 In order to verify the feasibility of this assessment framework we take the e-commerce logistics supply chain business process model as an example Through the deployment of e-commerce logistics on different blockchain cloud service providers the proposed framework was tested and their security risk levels were compared The research results showed that the greatest risky information security threat in our example was “Insecure Interfaces and APIs” and the lowest was “Malicious Insiders ” Amazon and Microsoft were found to be the most suitable examples of the e-commerce logistics supply chain
Date of Award2019
Original languageEnglish
SupervisorChung-Wei Shen (Supervisor)

Cite this