Abstract
Invoice factoring and other forms of supply chain financing are crucial to handling the risk associated with liquidity and trust in any industry. Blockchain and cryptocurrency-based systems were proposed to address the risks that still plague the industry, such as double factoring or proof of payment. This, in theory, creates a more transparent ecosystem that handles factoring arrangements faster and less erroneously. However, such systems must be thoroughly examined. Threat modeling can ensure that the systems in this area clearly know the threats they face. To date, no systematic threat modeling regarding such systems has been undertaken. In our research, we have used the attack tree and STRIDE framework to understand better the possible threats introduced into invoice factoring and supply chain financing. The subject of the analysis is a generic system architecture with the common properties of systems put forward in the literature. In our analysis, we found 40 distinct threats in total. Their distribution along the STRIDE threat categories is varied, highlighting the severe security threats at the member and admin nodes.
| Original language | English |
|---|---|
| Title of host publication | 2024 6th International Conference on Blockchain Computing and Applications (BCCA) |
| Publisher | IEEE |
| ISBN (Electronic) | 979-8-3503-5153-8 |
| DOIs | |
| Publication status | Published - 2025 |
Austrian Classification of Fields of Science and Technology (ÖFOS)
- 202022 Information technology
Keywords
- Privacy
- Social Computing
- Threat Assessment
- Real time systems
- Security
- stakeholder
Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver