Identity and Security

It’s All About Trust

Blockchain is a secure system for conducting trustworthy transactions with customers, partners, and competitors.

By Alan Zeichick

March/April 2018

Blockchain is a distributed digital ledger technology in which blocks of transaction records can be added and viewed—but can’t be deleted or changed without detection.

Here’s where the name comes from: a blockchain is an ever-growing sequential chain of transaction records, clumped together into blocks. There’s no central repository of the chain, which is replicated in each participant’s blockchain node, and that’s what makes the technology so powerful. Yes, blockchain was originally developed to underpin Bitcoin and is essential to the trust required for users to trade digital currencies, but that is only the beginning of its potential.

Blockchain neatly solves the problem of ensuring the validity of all kinds of digital records. What’s more, blockchain can be used for public transactions as well as for private business, inside a company or within an industry group.

“Blockchain lets you conduct transactions securely without requiring an intermediary, and records are secure and immutable,” says Mark Rakhmilevich, product management director at Oracle. “It also can eliminate offline reconciliations that can take hours, days, or even weeks.”

That’s the power of blockchain: an immutable digital ledger for recording transactions. It can be used to power anonymous digital currencies—or farm-to-table vegetable tracking, business contracts, contractor licensing, real estate transfers, digital identity management, and financial transactions between companies or even within a single company.

“Blockchain doesn’t have to just be used for accounting ledgers,” says Rakhmilevich. “It can store any data, and you can use programmable smart contracts to evaluate and operate on this data. It provides nonrepudiation through digitally signed transactions, and the stored results are tamper proof. Because the ledger is replicated, there is no single source of failure, and no insider threat within a single organization can impact its integrity.”

It’s All About Distributed Ledgers

Several simple concepts underpin any blockchain system. The first is the block, which is a batch of one or more transactions, grouped together and hashed. The hashing process produces an error-checking and tamper-resistant code that will let anyone viewing the block see if it has been altered. The block also contains the hash of the previous block, which ties them together in a chain. The backward hashing makes it extremely difficult for anyone to modify a single block without detection.

A chain contains collections of blocks, which are stored on decentralized, distributed servers—the more the better, with every server containing the same set of blocks and the latest values of information, such as account balances. Multiple transactions are handled within a single block using an algorithm called a Merkle tree, or hash tree, which provides fault and fraud tolerance: if a server goes down, or if a block or chain is corrupted, the missing data can be reconstructed by polling other servers’ chains.

Blockchain works because it’s peer-to-peer, it enables trust, and it provides easy-to-track history, which can serve as an audit trail.”–Mark Rakhmilevich, Product Management Director, Oracle

And while the chain itself should be open for validation by any participant, some chains can be implemented with some form of access control to limit viewing of specific data fields. That way, participants can view relevant data, but not everything in the chain. A customer might be able to verify that a contractor has a valid business license and see the firm’s registered address and list of complaints—but not see the names of other customers. The state licensing board, on the other hand, may be allowed to access the customer list or see which jobs are currently in progress.

When originally conceived, blockchain had a narrow set of protocols to govern the creation of blocks, the grouping of hashes into the Merkle tree, the viewing of data encapsulated into the chain, and the validation that data has not been corrupted or tampered with. Over time, creators of blockchain applications (such as the many competing digital currencies) innovated and created their own protocols—which, due to their independent evolutionary processes, weren’t necessarily interoperable.

By contrast, the success of general-purpose blockchain services, which might encompass computing services from many technology, government, and business players, created the need for industry standards—such as Hyperledger, a Linux Foundation project.

Hyperledger: A Common Ground

Many tech leaders and startups offer software or services for creating and using blockchain. When their customers want to participate in a shared blockchain application, such as to enable that farm-to-table vegetable tracking, or logistics that use multiple trucking, shipping, and rail lines, there must be a common platform that can serve as the basis for multiple blockchain implementations.

Creating and evolving that common platform is the goal of Hyperledger, a blockchain-focused industry initiative founded in 2016 by 30 corporate members and managed by the Linux Foundation.

As of late January 2018, there were 197 organizations involved with Hyperledger, some of whom are direct competitors, with implementations built on different cloud services or using different programming languages.

The benefit of using Hyperledger Fabric, a permissioned blockchain platform, as a starting point for blockchain solutions is that those solutions can talk to each other. If one trading partner is using Oracle Blockchain Cloud Service to manage transactions (more about this below), and another is using a Hyperledger Fabric–compliant blockchain service from IBM or SAP, their systems should be able to transact directly. This will be a significant boon to using blockchain as a distributed ledger.

Blockchain Business Models and Use Cases

Blockchain is well-suited for managing transactions between businesses or organizations that may not know each other well, and where there’s no implicit or explicit trust, explains Rakhmilevich.

“Look for blockchain in enterprise boundary use cases, where businesses conduct transactions with other businesses or even governments,” he says. “Blockchain works because it’s peer-to-peer, it enables trust, and it provides easy-to-track history, which can serve as an audit trail.”

What’s more, blockchain smart contracts are well suited for automating manual or semi-automated processes that have the potential to be error-prone or might carry a risk of fraud. “Blockchain can help when there might be challenges in proving that the data has not been tampered with or when verifying the source of a particular update or transaction is important,” Rakhmilevich says.

A primary benefit is speed. “Customers want to use blockchain to automate business-to-business or government-to-business transactions and share data in real time,” Rakhmilevich says. “Those real-time results reduce settlement risk, address cross-ERP [enterprise resource planning] discrepancies, and lower audit costs and complexity.”

Vertically, blockchain is appropriate for many industries, including banking, securities, government, retail, healthcare, manufacturing, and transportation. Take healthcare: blockchain can provide immutable records on clinical trials. Think about all the data being collected and flowing to the pharmaceutical companies and regulators, all available instantly and from verified participants.

Blockchain holds the promise to fundamentally transform how business is done, making business-to-business interactions more secure, transparent, and efficient.”–Amit Zavery, Executive Vice President, Oracle Cloud Platform, Oracle

What’s more, blockchain could be used to address the scourge of counterfeit drugs, “which is a huge problem in the developing world, where up to 30 percent of drugs could be counterfeit,” says Rakhmilevich, referencing a report from Interpol and the World Health Organization. “Blockchain applications can track the drugs from manufacture all the way through distribution.”

Getting Started with Blockchain

Where to start? With a solid, standards-based platform, such as one that is built on Hyperledger Fabric.

Rakhmilevich says that many customers see a number of challenges in implementing blockchain in a production environment. “They are looking for enterprise-grade platforms, and they want to be able to check off all the right features: performance, resilience, scalability, and security,” he says.

Perhaps the biggest enterprise challenge is integration—tying blockchain services into their key systems of record, whether it’s inventory, logistics, or ERP. Organizations would prefer not to build one-off integrations with each of their core back-end systems—in fact, they simply can’t afford to do that, says Rakhmilevich.

There’s also backward compatibility to consider. Many blockchain services are very new and are constantly changing and evolving. Businesses can’t afford to have to keep re-integrating blockchain with every release but, says Rakhmilevich, “in the past, open source projects haven’t maintained backward compatibility across new versions, so customers are concerned they’ll have to relearn the operational aspects of the technology and keep redoing integration.”

Oracle’s Blockchain Strategy

Oracle Blockchain Cloud Service, a part of Oracle Cloud Platform, was announced at Oracle OpenWorld in October 2017.

The Oracle blockchain service is based on a hardened implementation of Hyperledger Fabric with Oracle enhancements. “Hyperledger Fabric is a good foundation, and we are integrating all the underlying dependencies into a managed PaaS offering for rapid provisioning,” Rakhmilevich explains. “You don’t need to spend months setting blockchain up and hardening your implementation.”

“Blockchain holds the promise to fundamentally transform how business is done, making business-to-business interactions more secure, transparent, and efficient,” adds Amit Zavery, executive vice president for Oracle Cloud Platform. “Oracle Blockchain Cloud Service provides enterprise-grade blockchain capabilities and is able to accelerate innovation for on-premises ERP and cloud-based SaaS and PaaS customers.”

Because Oracle Blockchain Cloud Service is provided as a PaaS offering on Oracle Cloud Platform, Oracle handles patches, fixes, and backward compatibility as standards evolve. Highly available design and backups ensure resilience and data integrity. “We are integrating Oracle PaaS and SaaS for cloud-based applications using application integration accelerators and also supporting integration from on-premises applications via REST APIs or Hyperledger Fabric SDKs,” Rakhmilevich says.

Customers want to use blockchain to automate business-to-business or government-to-business transactions and share data in real time. Those real-time results reduce settlement risk, address cross-ERP discrepancies, and lower audit costs and complexity.”–Mark Rakhmilevich, Product Management Director, Oracle

Security and confidentiality are central to Oracle’s blockchain solutions, he adds. “As a permissioned blockchain platform, Hyperledger Fabric architecture enables a lot of security capabilities out of the box,” he says, “and we are extending Oracle Blockchain Cloud Service with the Oracle Identity Cloud Service plug-in to provide authentication and role-based access control when onboarding new members.” In addition, Oracle customers will benefit from built-in data-at-rest encryption and certificate revocation management to prevent the use of compromised certificates.

Blockchain for All

Blockchain is the trusted distributed digital ledger system that organizations need to manage transactions with external partners, customers, competitors—and even governments. Based on industry standards, blockchain can greatly simplify transaction management, streamline operations, improve transparency, and reduce risk by allowing trusted transactions with parties those organizations might not trust, and without any need for oversight from third parties.

The technology is making a real difference to real organizations. It makes it possible for businesses to raise cash quickly by demonstrating that they have actual, verifiable outstanding invoices that can be leveraged or sold. It can help grocery stores verify that perishable groceries were shipped in refrigerated containers, with data from IoT sensors showing that the temperature stayed within the agreed-upon range. Blockchain can even make it easy for schools to publish diplomas and student records, vastly reducing the effort needed for employers to verify academic credentials—while also reducing the possibility of fraud.

Blockchain is real. It’s here. And the possibilities are limited only by a company’s imagination.

Next Steps

LEARN more about blockchain.

LEARN more about blockchain at Oracle.

EXPLORE Oracle Blockchain Cloud Service.

Illustration by Pedro Murteira