Abstract : Blockchain, as a distributed ledger technology, embodies decentralization, security transparency, and traceability. Interoperability has been a persistent challenge in blockchain technology research. The inherent characteristics of blockchain, including numerous terminal nodes, diverse network architectures, cross-chain application services, and intricate network environments, present significant privacy and data security concerns for cross-chain gateways during data collection and transmission. To address these security challenges, this paper proposes a system architecture and security domain isolation model for cross-chain security gateways leveraging system resource virtualization. This architecture aims to address security issues encountered in the process of collecting, transmitting, and exchanging data elements within the cross-chain gateway. Specifically, the proposed architecture isolates the different layers in the cross-chain gateway by business domains, and ensures mutual security isolation between distinct business domains and network domains during cross-chain activities. Moreover, the paper implements a secure gateway operational environment utilizing x86 hardware platforms and virtualization technology, followed by simulation experiment and performance testing to validate the architectural feasibility. Formal proof is provided to establish the security of the proposed domain model.
Index terms : Blockchain Cross-Chain, Cross-Chain Gateway, Security Domain Isolation, Cross-Domain Services