DIR Blockchain Proof of Concept (POC)

TASSCC7/7/2018

PROJECT OVERVIEW

Project Goals / Details

Status Update

What is Blockchain?

Why Blockchain?

POC Use Case

Project Goals

Evaluate/Demonstrate Emerging Technologies

Develop and Learn New Skills

Share Lessons Learned

Project Details

• Business Use Case – Blockchain Asset Tracker Solution • Objective – Evaluation of Blockchain/DLT Technology• Project Schedule – Nov 2017 – Aug 2018• Project Type – Proof Of Concept (POC)• Priority – Other Duties as Assigned• Sponsorship – CIO and IRM • Customers – CISO Team• End Users – State Agencies and IHE• Developers – IT Services and Communications Tech Services

Status (Completed to Date)

• IBM Blockchain Technology Overview and Application Development Seminars

• SXSW Blockchain Hyperledger Meetup• Independent Research and Hands on Training

Research & Training

• Captured Application Requirements and Designed Workflows• Configured Servers and Setup Blockchain Network• Setup Development Environments

POC

What is Blockchain?

Shared / Unchangeable

LedgerSmart Contracts

A blockchain is a decentralized, distributed and public digital ledger that is used to record transactions across many computers so that the record cannot be altered retroactively without the alteration of all subsequent blocks and the collusion of the network. <Wikipedia>

Trust

• Automated Business Logic• Transactions and Events• Replaces traditional

intermediaries (administrators, lawyers, brokers, and bankers)

• Distributed Database• Ledger is stored across all

Nodes• Records cannot be altered

retroactively

• No Central Authority• Peer-to-Peer Network• Transactions are validated

by all nodes on the network

Why Blockchain?

StartDo we need a

Structured Central Repository?

Are Multiple Entities Accessing the

Database?

Do we need to Ensure Trust?

Would Centralized Administration be

Inefficient?

Can Business Rules be Automated?

Don’t Need Blockchain

Do Transactions need to be Private or

Public?

BlockchainPublic Network(Permissionless)

BlockchainPrivate Network(Permissioned)

No

No

No

No

No

Yes

Yes

Yes

Yes Private Public

Yes

POC Use Case – Asset Tracker

Security Assessment Services (Zero Cost)

• Controlled Penetration Testing

• IP Vulnerability Scan

• Web Application Vulnerability Scan

• Vulnerability Remediation Verification

Security Remediation Services (Zero Cost)

• Burton’s Information Security Training Material via Gartner

• Pool of ~ 50 seats

• Available on 90 days rotation

Blockchain Asset Tracking Solution

• Authorizes and Tracks the usage of DIR’s Security Remediating service

• Hyperledger Fabric

• Private Network (Permissioned Membership)

• No Coins / No Tokens

1. Facilitate the dissemination of Information Security Training Material2. Simple use case for evaluating DLT/Blockchain Technology

Information Security Team & Gartner CTS & ITS

POC Use Case – Key Components

POC Use Case – Transaction Workflow

TECHNOLOGY OUTLINE

Key Blockchain Features

Technology Decisions Infrastructure

Application Workflow

Key Blockchain Features

Network Protection

• Eliminates Single-Point of Failure• Distributed Database

Architecture• No Central Authority

(peer-to-peer network)

Data Protection

• Data Protection• Cryptography and

Transaction Validation (Consensus Algorithm)

• Increase Traceability• Linked Transaction IDs

Business Value

• Increase Trust and Efficiency• Replacing Traditional

Intermediaries• Reduce Cost and Improve

Automation• Smart Contracts

Technology Decisions

• Permissioned Membership• Performance, Scalability, and levels of Trust• Data Partitioning through channels• Rich Queries• No need for coin or token

Infrastructure

Application Architecture

Application UI Hosted on Web Sever• Any Front-End UI (e.g. C#, PHP, HTML)

• Integration via REST APIs

Business Logic Layer (Hosted Chaincode)• Determines Channel based on Permissions• Programming Languages: Java, GO, Javascript

• Distributes Data through Ledger

Closed Network Servers• Highly available Virtual Machines

• Docker Swarm• PKI, LevelDB, CouchDB, JSON, Access Control List

Blockchain

Recommendations

• Ensure use-case is a good DLT

Candidate (leverage a Blockchain

Decision Model)

• Select the right Development

Platform (e.g. Ethereum – Suited for Financial Applications with Coins and Tokens, Hyperledger – Suited for General Transaction Processing)

• Decide Network Configuration

(Private vs Public, Number of Physical Sites, Number of Nodes, etc.)

• Include Business Representation in POC (DCS, TPPG, CTS, etc.)

• Choose a Simple Use-Case to start (risk, complexity, budget, schedule)

• Identify key Blockchain Features to explore in your POC (e.g. Smart

Contracts, Trust factor, Unchangeable

Ledger)

• Develop Smart Contracts by focusing discussions around: Participants,

Assets, Transactions and Events

Next Steps

Integrate Application into Network

01Build and Test Application

02Document Lessons Learned

03Share POC Lessons Learned

04

Thank You!

• Eduardo Marquis • Steven Pollard

•Eduardo.Marquis@DIR.Texas.Gov•Steven.Pollard@DIR.Texas.Gov

512.463.8477 512.463.6761

Q&A