While re-reading SP 800-63-2 for the current comment period, I was reminded of the difference between strongly bound credentials and weakly bound credentials.  The strongly bound credentials bind the identity to the token in a tamper resistant manner, e.g. the digital signature on a X.509 certificate, while the weakly bound credentials bind in a way that does not provide tamper resistance, e.g. /etc/passwd.  The weakly bound approach requires continuous secure operations by the service provider to maintain integrity of their bindings (see paragraph 3 of section 7.1.1 for discussion of this topic).

What I was wondering is whether blockchains could be used to strengthen weakly bound approaches.  For example, image a system where changes to /etc/passwd results in a blockchain being updated in such a way that will (1) confirm the integrity of the change and (2) log the identity of the accountable user.  Such a feature would enable a system audit to verify that the current file is the result of a traceable sequence of authorized changes.

I'm not sure I understand blockchains well enough to be sure this works, but let me know if it makes sense and if anyone has heard of something like this.  I know of operating systems providing functions like this via system auditing or at the filesystem layer, but that approach can still be subverted through system compromise with privilege escalation.  

Thoughts?

Thanks,

Scott