Five blockchain uses that create networks & reinvent economies

From component provenance to DevOps – how blockchain can reinvent industries

This is a contributed piece by Shaan Mulchandani, director of security & blockchain lead from Aricent with his colleague Prakasha Mandagaru Ramachandra, AVP of technology & solutions architect.


Heated debates are common in the cryptocurrency community as blockchain technology matures and enters mainstream business applications. The introduction of Bitcoin Cash is the latest controversy. But while blockchain is often associated with Bitcoin, Ethereum and other digital currencies, the technology itself is on the verge of its own revolution.

By enabling a secure, distributed mechanism for recording transactions, blockchain technology eliminates the middleman—banks and financial institutions—thus possessing the power to reduce transaction costs, improve security and perhaps transform economies. The core blockchain tenets of decentralisation and immutability enable more efficient record keeping, and auditing and the full traceability of transactions without a central authority democratise trust.

As a result, this versatile technology has the potential to disrupt virtually every industry, from financial services to manufacturing and automotive. Now it is even finding its way into the product development ecosystem.

Validation mechanisms in blockchain technology ensure that trust is maintained with every transaction. Built-in processes such as proof-of-work, proof-of-stake and consensus-based decisions add up to making blockchain a veritable “trust machine” for secure transactions of all types. The opportunities to leverage this capability in product development are boundless, ranging across the entire product lifecycle. Following are some examples of these up-and-coming use cases.


Component provenance

In addition to tracking transactions, blockchains can be used for improved traceability of actual goods, such as tracking and tracing products throughout the supply chain. The technology can be used to signal that a product has been received—this can be done automatically if a product has GPS functionality—logging location updates, triggering payments and contributing signatures with transmitted data for integrity checks.

As the volume of connected devices grows exponentially, identities of physical assets—serial numbers, QR codes and universal product codes— can be managed by binding them to stronger cryptographic identities. With tamper-resistant recordkeeping of these assets, a blockchain-based solution offers compliance with industry standards for digital tracking and analytics, yielding insights for better business decisions.


Lightweight ecosystems

App stores and mobile-edge compute platforms continue to gain traction, and both consumers and developers expect these ecosystems to work seamlessly and securely. These ecosystems incorporate and manage numerous functions such as approvals management to grant access permission, security and compliance checks for publication of an app or service and payment reconciliation for in-app purchases.

Currently, the processes to manage these functions can be time-consuming and costly due to large code bases, virtual private clouds, numerous data stores and manual intervention or approval. However, the use of a permissioned blockchain could significantly streamline and simplify all these processes, without sacrificing security, trust or latency.


DevOps efficiency

Although the digital product development process known as DevOps helps organisations increase agility and efficiency, centralised management of this product development process can be unwieldy when dealing with a large number of developers, testers, operations personnel and tools. The intrinsic nature of DevOps can create delays and stumbling blocks when prompted by certain actions, such as a security analyst uncovering a critical vulnerability in committed code.

DevOps needs to be embedded in culture for maximum effect. Check out: DevOps is a CIO’s theory of evolution

Streamlining of the DevOps process can be accomplished through blockchain, including propagation of updates based on remediation activities, evidence for SLA guarantees to customers, enforcement of organisation-specific security/compliance/performance/quality checks through smart contract executions, and audit trails and actionable alerts triggered by certain changes without requiring interactions between personnel.


Exponential trust

Public key infrastructure (PKI) certificates often form the basis for a trusted connection between different entities, with PKIs signed by a handful of certificate authorities or trusted third parties. Yet, the Internet of Things (IoT) is shaking up this model, which requires “handshakes” between certificates provisioned by different manufacturers and service providers. Moreover, some devices require lifetime certificates that generally are not available. As an alternative, a group known as Rebooting Web-of-Trust has devised a blockchain-based decentralised PKI to serve as a publicly trusted identity verification mechanism much like the financial transactions used by the Bitcoin network.

Similarly, communications service providers deploying network functions virtualisation require exponential trust when onboarding virtual network functions (VNF) from multiple vendors. A blockchain-based verification process through smart contracts appears to be a promising solution for attesting that various permutations of VNFs and corresponding infrastructure have been tested for compatibility and security.


Integrity as a service

As malevolent actors look to alter firmware and software on insecure devices, malware and ransomware are increasingly making their way onto IoT connected devices. Unfortunately, threat actors are moving faster than the ecosystem that is currently responsible for patch validation and delivery for IoT devices and hyper-converged infrastructure (HCI). However, the integrity of IoT devices can be ensured via blockchain technology, where firmware could be stored as a cryptographic fingerprint, or hash, of the code. If malware should alter the firmware’s code, a blockchain can issue a new hash to change the code’s value while generating an intrusion alert to trigger countermeasures.

This type of blockchain-based malware defense also could allow for publication of verified hashes of trusted payloads, enabling devices to periodically publish a hash of their configuration and patch status to the shared database, as well as uploading an encrypted payload of the sensitive data. With the ability for devices to vet and download trusted payloads, the system avoids malware. In addition, the capability to store and retrieve a copy or image of the sensitive data that it contains counteracts the impact of ransomware.

An increasingly networked future?

These are just a few of the innovative ways that this technology is reinventing industries well beyond digital financial transactions. With the tremendous potential to disrupt the status quo, blockchain is coming into its own. The revolution is here, and the potential appears promising to those who move fast.