A Private Blockchain System based on Zero Trust Architecture

During the outbreak of COVID-19, many enterprises massively created Virtual Private Networks (VPNs) for companies to cooperate; however, these accounts lacked efficient management after the epidemic, leading to data leakage or the suffering of malicious attacks. Consequently, several firms have started to build private blockchains for data preservation and verification. Private blockchains are usually built internally in companies; once a firm's internal network opens for massive external logins, many servers and private blockchains cannot work properly to protect data. In general, private blockchains store critical personal information or relevant confidential data; once a private blockchain opens to external access, all the information in the network nodes will be exposed, making private them lose their protection functions. This paper proposes a security mechanism using a private blockchain system based on zero trust architecture. The zero trust architecture tracks every user's network conditions and analyses whether their behaviors are authorized. Additionally, the system utilizes micro-segmentation to divide the private blockchain, preventing the system from malicious attacks. The proposed system employs user multi-factor authentication to identify users, and the zero trust architecture tracks and analyzes if users' behaviors are reasonable. This method effectively ensures corporate networks' security and enables private blockchain to filter legal and authorized users to access and verify.