Security control

To ensure safe communication and access of data among nodes, FISCO BCOS adopts mechanisms of node access, CA blacklist and permission control for security control in network and storage level.

Network security control

  • SSL connection of nodes, ensuring secrecy of communication

  • Network access mechanism, ensuring system security by removing malicious nodes from consensus node list or group

  • Group whitelist mechanism, ensuring independency of communication data among groups by making each group receives the messages of the counter group only

  • CA blacklist mechanism, disconnecting malicious nodes in time

  • Distributed storage permission control mechanism controlling the permissions of exterior accounts for contract deployment and CRUD operations on user table

Storage security control

The permission control mechanism based on distributed storage controls access in a flexible and delicate way by implementing the restriction on the storage access for exterior accounts (tx.origin), which includes contract deployment, table creation and writing.