This post is the second ‘chapter’ in a series of articles written in collaboration between a blockchain platform vendor Fluree and a systems integrator, Codete. Drawing from collective expertise from both a technology vendor and a software development company perspective, we’ll provide insight into overcoming common hurdles in implementing blockchain technology and best practices for operational success in DLT projects. On to our next challenge…
Challenge 2: Lack of Secure Interoperability
As discussed in our previous challenge, “The Lack of Data Availability for Decision Making”, data often sits in many different locations, and replicating data into various data lakes is often required to build a common set of information for analysis or data sharing. With this level of replication, the security of the data is not comprehensively controlled, as this security is derived from application front-end and middle-tier security logic. As mentioned in a recent Dataversity post, the use of Application Programming Interfaces (API) and development of data lakes represents not only cost, inefficiency and redundancy of data but also creates ‘yet another attack surface’ for exposing data – a direct pathway for hackers and some of the biggest data breaches in recent years.
The Next Frontier of Security: Data-Centric Security
The best solution for secure transportability of data is for the data to “defend itself” at the data layer – a core concept of the data-centric architecture approach. In this approach, the permissions for access and modification of data are stored alongside the data, as codified data elements themselves. In Fluree, these are called “SmartFunctions.”
When data is accessed or moved to another location, the inherent permissions are carried along with the root data. Data-centric security is a perfect solution for shared data sets that are openly accessible by stakeholders, each with varying degrees of access permission.
These rules not only govern over data “protection,” but can be used to enforce schema rules for consistent data governance.
Additional Resource: Data-Centric Security Video Webinar
Maintaining Secure Access Via Public/Private Key Cryptography
Additionally, the use of Public and Private keys is critical in the maintenance of data integrity and security. By the use of these cryptographic keys, all actors on the data are known. This paired with a blockchain ledger allows for verifiable provenance of the data to be transparent and all modifications to the original data to be available to all that have access authorization. As these keys are long strings of characters, these keys are often associated with traditional username and password entries in applications for ease of use. This does represent a reduction of the inherent security, but as long as the underlying keys are held in tight association to the keys themselves, this practice allows for the integrity of a blockchain ledger to be maintained.
A specific type of data that must be secured is Personally Identifiable Information (PII): Our team doesn’t recommend storing PII in an immutable database, as when you “delete” data, there will still be a full record that the data was there and was made false. Fluree covered this topic in a blog post with reference to separating healthcare data, however, the immutable nature of blockchain technologies applies to any data that would expose personal data.
Moving Towards Secure Interoperability and Decentralized Data Governance
Private/Public key cryptography and data-centric security combine to provide a powerful foundation for trusted and secure data – with privacy, transparency, and protection baked in. When dealing with distributed or decentralized environments, this data-centric approach to information security is critical when scaling data across multiple stakeholders.
But how can we leverage the data for our end-user applications if it sits in various repositories, or different stakeholders have different data “types” and “elements”?
Where multiple stakeholders must transact and query against a decentralized database, standards like W3C RDF come heavily into play. RDF allows data to be understood by any standards-based system, providing for native interoperability and shared data formatting. RDF formatting empowers data to be accessed across disparate data sources, combined, and leveraged. With data-centric security and blockchain proof and trust, RDF standards can truly shine in exposing open, interoperable sets of data for applications.
Conclusion
Security is a pre-requisite for interoperability – if we want to truly democratize information across stakeholders, we must first build a scalable method of securing it at its source.
These three topics covered in this article — data-centric “security” functions, public-private cryptography, and standards-based interoperability — combine to provide a powerful layer of trusted, secure, and interoperable data. If we can secure data at its source, we can allow it to be interoperable on a much higher scale. Next-generation data ecosystems – like supply chains, digital assistants, and other Web 3.0 technologies will require this scale of secure interoperability.
Fluree is a blockchain-backed data management platform. Founded in 2016 by Flip Filipowski and Brian Platz, Fluree is headquartered in Winston-Salem North Carolina. The Fluree platform organizes blockchain-secured data in a highly-scalable, highly-insightful graph database — allowing businesses to develop applications with foundational data-centric trust, interoperability, and security. Fluree has experience in working with partners, like Codete, in developing next-generation applications, interoperable data sources, and data-driven ecosystems for a variety of industries and enterprises.
Codete is an IT consulting and software development company. Since 2010, we’ve been supporting businesses worldwide in gaining competitive advantage by means of modern technology. Codete has over 10 years in the market and has completed over 100 projects for enterprise clients. The company now employs over 150 IT professionals delivering full-stack solutions for advanced data management and reporting. Codete leverages the right technologies to meet different client needs and has worked with a diverse group of technology providers, including Fluree, to provide optimal solutions.
