Blockchains and their use cases have evolved significantly since the advent of cryptocurrencies such as Bitcoin and Ethereum. And for a few good reasons. The fully decentralized system lowers transaction costs, improves record-keeping and enables complete transactional traceability. These benefits make blockchains ideally suited for the hyperconnected digital era—one in which trust boundaries between devices, networks, applications and users are being constantly redefined.
But what makes blockchains credible? A blockchain’s network participants are bound by certain rules, which are continuously validated by peers. Several built-in mechanisms, including proof-of-work, proof-of-stake and consensus-based decisions ensure trust is maintained and strengthened. The transaction ledger is open to participants for analysis and auditing purposes at any time, with data being replicated across multiple participants. Blockchains eliminate the need for a central or federated trusted entity—the middleman—which results in the democratization of trust. This is why blockchain has been dubbed the Trust Machine.
The underpinnings of blockchain have tremendous potential to positively disrupt the inception, development, operation and consumption of products, platforms and services. Below are five innovative use cases that capture the value blockchains are delivering today. As adoption increases, more will follow.
1. Track and Trace
Supply chain management is an area of great promise for blockchain adoption, and many industries are moving aggressively to adopt blockchain-based transactions. Two well-documented examples are the tracking of diamonds and luxury goods to eliminate blood diamonds and counterfeiting and intercontinental meat shipments to ensure food safety.
These examples span the end-to-end supply chain, from raw materials to finished goods, and can be replicated in any industry. Blockchains are especially relevant for products that rely on weak digital identifiers such as serial numbers or Universal Product Codes. The use of blockchains also enhances the product manufacturing process by improving traceability, identifying predictable delays and assuring provenance. Here are a few examples:
- The logging of goods shipment receipts, which trigger payments. Components or parts with GPS capabilities can be used for location enforcement, just as other means of enforcement are possible using various sensors, such as temperature and motion sensors to monitor the integrity of fragile or perishable goods.
- The manufacture and distribution of electronic devices, such as chips and microprocessors, is complex involving many hand offs, from fabrication to packaging and testing to shipment across global distribution networks. Transparency enabled by blockchains can prevent counterfeits, the embedding of hardware Trojans in chips, and ensure the proper sequence of processes have been performed. Blockchains can safeguard the provisioning of authorized firmware and security keys, and eliminate costly recalls.
- Environments that leverage automation and just-in-time manufacturing processes often require rapid changes in their production processes. Consensus-based change mechanisms in these environments prevent the processes from being compromised in the wake of faulty or compromised devices or data, and facilitate data-driven processing and manufacturing due to provenance.
2. Trusted Secure DevOps
DevOps is a continuous, distributed process for digital product development and operations involving five stages: commit, build, test, deploy and monitor. Efficiency gains in DevOps are realized through an iterative process, seamless communications and a clear understanding of accountability for tasks. While automated processes may be introduced, their execution sequence and output requires a level of trust, without which subsequent processes or actors may be derailed.
A blockchain-based DevOps process enables for provenance across product or platform development and operations leading to increased trust. For example, a product developer can validate that software has gone through all the required security, compliance, quality and performance tests, and uses trusted third-party components (if applicable). This information can be made available to certain consumers that are part of the blockchain network to assure the product’s quality, resilience and security.
Internal to the organization, a blockchain-enabled process ensures the following:
- All product development has been performed by authorized personnel—for example, security-cleared personnel in sensitive development environments—and code has been committed from authorized devices.
- All automated security, quality, compliance and performance tests and processes have been conducted in the required order, and only if previous steps have yielded passing results.
- All DevOps and blockchain participants—developers, testers, operational personnel, managers and executives—are aware of who holds accountability for moving forward at any given instance.
- Operations personnel may route issues and bugs to the relevant developers for remediation.
- Service level agreements can be upheld, with proof, in operational scenarios.
3. Light Yet Powerful Ecosystems
End consumers and developers have come to expect app stores and mobile-edge computing platforms to work seamlessly and securely. This is an increasingly challenging ask due to the ever-increasing complexity of these ecosystems.
Consider an app store, where the platform must validate and manage consent between different parties, in-app permissions, security and compliance checks for the app or service, automated developer onboarding and payment reconciliation between all participants in the process. Additionally, there are actions relating to the generation of app ratings and authorization to, or revocation/expiration of, services for developers and users.
Currently, these ecosystems require large code bases, segregated environments and significant manual intervention to realize desired functionality. A blockchain-enabled solution offers many benefits:
- Streamlined consent management between end users, platform operators, and app or microservice developers with complete auditability.
- Design and development of the platform as a collection of microservices, wherein processes such as the provisioning of developer credentials or consent management tie into a blockchain but operate independently of each other.
- Simplification of the overall architecture as multiple data stores or interconnectivity and processing layers between them may no longer be needed.
- The total cost of ownership is reduced.
- Financial disbursements to developers can occur at more frequent intervals due to the ease of transaction reconciliation, without the need for numerous “hard” micro-transactions between parties.
4. Rethinking PKI
The Internet of Things (IoT) poses challenges to the current public key infrastructure (PKI) oriented model, which forms trusted connections between entities through a mechanism of “handshakes” between certificates provisioned by different manufacturers and service providers. Also, many devices require lifetime certificates with basic permissions for identity generation, which current certificate authorities (CAs) do not issue. The revocation of top-level CA-issued certificates is complex and expensive. One group—Rebooting Web-of-Trust—is promoting a blockchain-based decentralized PKI that works like the Bitcoin financial system.
Communications service providers adopting network function virtualization are embracing blockchains to enable onboarding of virtual network functions (VNF) from multiple vendors. A blockchain-based attestation process through smart contracts streamlines the process, which improves efficiency as VNFs undergo frequent updates.
Insecure IoT devices pose a problem as malware and ransomware can easily spread, causing tremendous and often irreversible damage. Current patch attestation and delivery for IoT devices or hyper-converged infrastructure remain fraught with challenges. A blockchain can ensure the integrity of IoT devices, using a system of hashes. If malware alters the firmware’s code, the blockchain issues a new hash to change the code’s value, then generates an alert and takes countermeasures.
The introduction of a blockchain-based malware defense is a giant leap forward for IoT security. The ability for a device to vet and download trusted payloads avoids malware. Also, the device’s ability to retrieve a copy or image of the sensitive data it contains negates the impact of ransomware.
Moreover, these storage repositories themselves may be blockchain-enabled. A case in point is Storj.io, which is promoting content storage services that leverage participants’ unused disk space to provide low-cost services. Content security is enforced by sharding and encryption prior to distribution so that no node has the complete database. These tactics not only prevent loss of data but also guarantee multi-zone availability.
While the adoption of blockchain is not entirely smooth sailing, there are a few important factors to consider when implementing blockchain technologies for products, platforms and services. These include determining an appropriate blockchain model for a product ecosystem, ensuring it is hosted adequately and that trust and performance criteria are met. With careful planning and implementation, the outlook is bright for the growth of blockchain.
Shaan Mulchandani, Director, Security Practice and Blockchain Lead at Aricent
Image Credit: Zapp2Photo / Shutterstock