Wikipedia explains that “Blockchain” was created by Satoshi Nakamoto, a pseudonym for an unknown person or people. It was developed in 2008 as the public transaction record of cryptocurrency bitcoin. This made it the first digital currency that solved double-spending without the need for a central server or trusted authority.
Blockchain technology is currently used primarily to record and store transactions for cryptocurrency like Bitcoin. However, blockchain advocates are working on other uses of blockchain technology.
- Blockchain is used for money transfers and payment processing. Transactions made over blockchain can be completed in seconds, reducing or eliminating bank transfer fees.
- Blockchain is used to monitor supply chains. Blockchain allows businesses to quickly spot inefficiencies in their supply chains, locate products in real-time, and monitor how they perform quality-control as they move from manufacturers to retailers.
- Blockchain for digital IDs. Microsoft is exploring blockchain technology for digital IDs. It will allow people to control their digital identities and give them control over who has access to that data.
- Blockchain for data sharing. Blockchain could be used as an intermediary for securely storing and moving enterprise data between industries.
- Blockchain to protect copyrights and royalties. Blockchain could be used for a decentralized database to protect artists’ music rights and provide transparent and current royalty distributions to them. Blockchain could also be used to distribute open-source developers.
- Blockchain to manage the Internet of Things network. Blockchain could be used to regulate IoT networks. It can “identify devices connected via wireless networks, monitor their activity, and determine whether those devices are trustworthy” and “automatically assess trustworthiness of any new devices added to the network such as smartphones and cars.”
- Blockchain in healthcare. Blockchain could also be a key component of healthcare. “Healthcare payers, providers and patients are using blockchain to manage electronic medical records and clinical trials data while maintaining regulatory compliance.”
What business benefits does blockchain bring?
Blockchain is primarily used to record transactions. However, it has many other benefits. It eliminates the possibility for tampering from malicious actors and provides these business benefits.
- You can save time. Blockchain reduces transaction times from days down to minutes. Because it doesn’t require verification from a central authority, transaction settlement is quicker.
- Cost savings. Transactions require less supervision. Participants can directly exchange value. Blockchain eliminates duplication because all participants have access to the same ledger.
- Tighter security. The security features of Blockchain protect against fraud and tampering.
According to Blockchain for Dummies, ” Blockchain is named after the way it stores transaction information–in blocks that are linked to create a Chain. The blockchain grows in number as transactions increase. Blocks are used to record and verify the sequence and time of transactions. These are then stored in the blockchain within a network that is governed by agreed rules.
Each block has a haveh that identifies it as a unique digital fingerprint. It also contains timestamped transactions and the hash from the previous block. “The previous block hash links blocks together and prevents any blocks from being altered or a blocked being inserted between two blocks.” The method renders the blockchain secure in theory.
These are the four core concepts of blockchain:
- A shared ledger. A shared ledger can be described as an “append only” distributed system of records that is shared among business networks. A shared ledger records transactions only once, which eliminates the duplication of effort common in traditional business networks.
- Permissions. Permissions are necessary to ensure transactions are authenticated, secure, and verifiable. Organizations can be more compliant with data protection regulations by having the ability to restrict network participation. This includes the EU General Data Protection Regulation and the Health Insurance Portability and Accountability Act.
- Smart contracts. Smart contracts are “an agreement or set rules that govern a business transactions; it’s stored in the blockchain and executed automatically as part a transaction.”
- Consensus. All parties must agree to the transaction that has been verified by the network. There are many consensus mechanisms for blockchains, such as proof-of-stake, multisignature and PBFT (practical Byzantine fault tolerance).
There are many participants in every blockchain network who can play these roles.
- Blockchain users. Participants are typically business users who have permissions to join the network and make transactions with other participants.
- Regulators. Blockchain Users with special permissions to monitor the transactions taking place within the network.
- Blockchain network operators. Individuals with special permissions and authority to create, manage and monitor the network’s blockchain.
- Certificate authorities. Individuals that issue and manage certificates necessary to operate a permissioned Blockchain.
Blockchain and Hyperledger
Hyperledger, “an umbrella project that includes open source blockchains, and related tools” was started by the Linux Foundation in December 2015. It is supported by industry players such as IBM, Intel, and SAP. This allows for the collaborative development and sharing of distributed blockchain ledgers.
Participants in Hyperledger believe that only an Open Source, collaborative approach to software development can guarantee the transparency, longevity and support needed to make blockchain technology mainstream.
Hyperledger’s mission is to “promote cross-industry collaboration through the development of blockchains and distributed ledgers with a special focus on improving performance and reliability (as compared with comparable cryptocurrency designs), so that they can support global business transactions by large technological, financial, and supply chain firms.
It is often claimed that blockchain technology can be hacked. 51% attacks let threat actors “take control of more than half the blockchain’s computing power and corrupt the shared ledger’s integrity.” This attack was expensive and complicated, but it is a reminder that security professionals should consider blockchain a useful technology, not a panacea for all problems.
The 51% attack exploits what is known as “The 51% Problem”: “If one party owns 51% of a mine pool, it’s possible to falsify an entrance into the blockchain. This allows for double spending and even fork a new block to the benefit of the mining pool.”
There are two types of blockchain: private and public. They offer different levels security. Public blockchains use computers connected to the internet to verify transactions and then bundle them into blocks for the ledger. Private blockchains are not permitted to join.
The participant identity is another difference between private and public blockchains. The principle of anonymity is a common feature of public blockchains. Private blockchains are permissioned networks in which consensus is possible through ‘selective endorse’, where trusted users verify transactions. This is advantageous for businesses because only those with the right access and permissions are allowed to maintain the transaction record. While there are some issues with this method such as insider threats, many can be resolved with highly secure infrastructure.
Blockchain technology is growing at an incredible rate. It powers new concepts, from shared storage to social networking. We are creating new security standards. Developers should set a precedent for security when creating blockchain applications. Developers should include activities such as creating threat models, performing risk assessments and static code analysis. It is crucial to build security from the beginning in order to ensure a secure and successful blockchain application.