Upload
ian-m-worrall
View
292
Download
0
Embed Size (px)
Citation preview
Introduction to BlockchainEncrypted Labs
What is Blockchain?
Blockchain is a technology that revolutionizes the way that:
• Trusted transactions are made between applications
• Accountability and transparency while streamlining processes
• Transactions are trusted and secured between users
Think of it as an OS for transactions that overcomes many traditional obstacles. It has the potential to greatly reduce the cost and complexity of getting things done by more efficiently organizing data and securing it.
Popularity
• Blockchain was popularized through Bitcoin, but Blockchain itself is its own distinct underlying infrastructure onto which Bitcoin layered their own protocol.
• Blockchain opens the door to new interactions in business processes, across all industries that store data digitally
Trusted Transactions
User Validation
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Before and After Blockchain
6
Without Blockchain With Blockchain
source: IBM -‐ http://www.efinancelab.de/fileadmin/documents/results/video2016/20160704_Lang/01_Blockchain%20explained.pdf
Inefficient | Expensive | Vulnerable Consensus | Provenance | Immutability | Finality
Financial Transactions Example
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Healthcare Example
Think of this in a healthcare setting where your hospital, primary care, secondary care, and pharmacy areHave access to your real-time medical history and current prescriptions.
This would:
Increase Accuracy during decision-makingGreatly reduce error Rates on prescriptions as everyone would have up to date information to make accurate analysisSo you are not prescribed the wrong drug(s).
Barriers to entry: HIPAA Compliance, All parties involved must join the network
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Blockchain Configurations
Public: Anyone can view Applicable for government spend transparency, proprietary content registration, land titles,And other publicly available information.
Private: Permissioned so only approved parties can access: Line of business at a company, one company, networkOf companies such as banks, healthcare, etc.
Hybrid: Some information is only accessible to approved parties, while some is available to public view
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
2015
First Major Investment
•VC investment of $474 Million in Blockchain related technologies
•Top US banks, consulting, and tech companies form partnerships for blockchain development
2016
Preliminary Development
•Use Cases begin to appear in financial transactions, supply chain management, and data security
•First Blockchain implementation into Enterprise Service Bus
2017
+ Application Implementation and Spread
•Projected spread of blockchain applications and standards across industries
•Asset proliferation on Blockchain once efficiencies prove out
Adoption Timeline
9
Blockchain is still considered an emerging technology, but many companies have already made significant investment into application development. Initiatives and use cases are proliferating at a rate that signals future adoption and industry-wide standardization.
2 Main Use Cases for Blockchain Technology
1) Financial (Transactional): Anything that involves the creation, transfer, or ownership of value across a virtual network. Examples include: Registries, Stocks, Digital Assets, Certificates, etc.
• Smart Contracts are a subset technology that enable the automatic & secure execution of business processes based on coded instructions
2) Data Security: Adding resilience to existing database architectures through cryptography, immutability, and consensus.
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Facing New Data Sabotage Threat
11
Background: The new trend in Cyber Attacks is not stealing data, but hackers changing data without the parent organization realizing some of their data has been corrupted. • Public Sector - Cases of intelligence being altered so government
officials act on untrue data/cannot trust what they are given. • Private Sector - Cases of financials being altered so companies are
making financial decisions incorrectly based on the outputs they are receiving from the data they have. Examples of tax records being changed, organ donor lists, security information, embezzlement.
Incentive behind Data Manipulation Attacks
• Data companies rely on to make financial decisions• No-fly lists, tax records, etc.• Hide embezzlement & money laundering• Changing credit scores and financial information• Organ transplant lists, fingerprints, etc.
Who is affected?
Data manipulation affects:• Senior Government officials• Corporate Executives & key decision makers• Investors who cannot trust data to take actionable steps
Cost of Data Breach to Organizations
• Estimated that each unauthorized access that results in the manipulation of data costs companies $4 million per event• Business disruption• Quarantine and eliminate threat• Forensic analysis• Patch system flaw• Customer repercussions
Centralized to Distributed
• Many organizations have a centralized server that holds both critical and non-critical information and layers over strong security protocols.• Issue: Once (not if) a hacker gets in, they have access to everything
How does this happen?
Too much activity to monitor cost-effectively and efficiently
“One of the biggest problems is that many database attacks are not even known” about, says Noel Yuhanna, principal analyst with The Forrester Group. “The typical database may have 15,000 to 20,000 connections per second. It’s not humanly possible to know what all of these [connections] are doing.”
How is a Hack identified?
• Application stops functioning properly or all together• Unauthorized Access• Irregular Activity• Or in the majority of instances: It is not….Dow Jones & Company had this happen for a period of 2 years undetected.
Prevention Standards?
Shift in cybersecurity has gone from preventing hacks all together to monitoring for unusual activity and being able to react as fast as possible to quarantine the attacker to minimize damages.
1) Identify2) Quarantine3) Assess Damages (Forensic Analysis Team)4) Fix
Issues with this Process
It is….• Slow• Expensive• Inefficient• Lack of Electronic Action Records & Traceable Information• Not Perfect (People miss things)
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
How Blockchain Reduces Cyber Threats
20
Blockchain creates an immutable database where each entry is hashed
in a block, and the current block has the hashes of all the previous
blocks in it (distributed across nodes who all verify it), so if a past data
entry is tampered with (and a majority of the nodes do not accept it)
then it will make the block invalid, which both cancels the transaction
and shows that data was tampered with.
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
A Blockchain Advantage - Immutability
21
Data is syndicated to all peers & signed by network of participants
Decentralized control is a federation of nodes with voting permissions that creates a super P2P network
Each new block is chained to previous transaction & validated
If something was changed, the Blockchain would become invalid at that point and broadcast the error to all nodes
Immutability allows any fraud or error to be identified and corrected, eliminating any single point of failure and making it easy to have a correct record of all behavior at any point in time
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Blockchain Visualized
22
Transactions are grouped into ‘blocks’, then stored forever in a ‘chain’ by linking each new block chronologically with the hash of the preceding block
source: IBM -‐ http://www.efinancelab.de/fileadmin/documents/results/video2016/20160704_Lang/01_Blockchain%20explained.pdf
Irrefutable Record of Electronic Actions
• Every user has a public address and cryptographic access token• Every entry has an identification hash and history of signage by
nodes• Every action: creation, transfer, change, delete is recorded in a
time-stamped and cryptographically secured ledger that clearly marks the data entry and the user(s) involved.
Encrypted LabsWhat is
BlockchainTime of
AdoptionWhy
BlockchainUse Cases
How We Can Help
Immutability Achieved
25
Shard replication
Reversion of disallowed updates or
deletes
Regular DB backups
Cryptographic signing of all transactions, blocks, and
votes
Cryptographic Signing
• Each node in the distributed system must approve the changes based on pre-defined rules. Some of this can be automated for lower-valued or lower-risk transactions while those that fall into a higher-tier of value and/or risk may require manual approval from all parties.
• A majority of the nodes on the network must sign off on any given transaction to mark it valid, otherwise it will be deemed invalid and be orphaned.
• These signings are all reported in the transparent and secured open ledger to facilitate traceability while also securing the network.
Node Configuration• Configure nodes to have certain conditions to validate a data input and configure cryptographic signing conditions, user-‐level permissions, etc.
Added Benefit
• Storing Transactions alone, if immutable or not, would enable traceability and allow enterprises to run analysis and build intelligence on their data with a granularity unseen so far.
Is implementing Blockchain Data Security Cost Effective?• 100% Yes, If your company manages any sort of critical information. With Cyber Attacks of this nature on the rise and the average cost to a company which is targeted averaging $4 million, the cost to implement and run a Blockchain Network is substantially less.
Stack Architecture
Thank You!
Please contact Encrypted Labs for any additional questions or to get started on a Proof of Concept.
Email: [email protected]: 980.221.9900 ext. 101Via LinkedIn Messaging: Ian M. Worrall