Volume 14, Number 3

An Evaluation of Security in Blockchain-based Sharing of Student Records in Higher Education

  Authors

Timothy Arndt1, Angela Guercio2 and Younghun Chae2, 1Cleveland State University, USA, 2Kent State University at Stark, USA

  Abstract

Blockchain has recently taken off as a disruptive technology, from its initial use in cryptocurrencies to wider applications in areas such as property registration and insurance due to its characteristic as a distributed ledger which can remove the need for a trusted third party to facilitate transactions. This spread of the technology to new application areas has been driven by the development of smart contracts – blockchain-based protocols which can automatically enforce a contract by executing code based on the logic expressed in the contract. One exciting area for blockchain is higher education. Students in higher education are ever more mobile, and in an ever more agile world, the friction and delays caused by multiple levels of administration in higher education can cause many anxieties and hardships for students as well as potential employers who need to examine and evaluate student credentials. Distance learning as a primary platform for higher education promises to open up higher education to a wider range of learners than ever before. Blockchain-based storage of academic credentials is being widely studied due to the advantages it can bring. As with any network-based system, blockchain comes with a number of security and privacy concerns. Blockchain needs to meet several security-related requirements to be widely accepted: decentralization; confidentiality; integrity; transparency; and immutability. Researchers have been busy devising schemes to ensure that such requirements can be met in blockchain-based systems. Several types of blockchain-specific attacks have been identified: 51% attacks; malicious contracts; spam attacks; mining pools; targeted DDoS attacks; and others. Real-world attacks on blockchain-based systems have been seen on cryptocurrency sites. In this paper, we will evaluate the specific privacy and security concerns for blockchain-based systems used for academic credentials as well as suggested solutions. We also examine the issues for academic credentials which are stored “off-chain” in such systems (as is often the case). In this case, a Distributed File System (DFS) implemented with a peer-to-peer (P2P) architecture is often the choice for the storage of the academic credentials since it matches the decentralized nature of blockchain. Blockchain then contributes much to the usefulness of such a DFS, making it in turn a good match for a P2P DFS such as IPFS.

  Keywords

Blockchain, Mobile Education, Higher Education, Privacy, Security.