Block chain is being sold as the cure-all to all the world’s financial problems—so much so that attacks against block chain are growing. Actually, the attacks are against everything but the chain itself these days. Just what is block chain and how can it help? Many sites have defined block chain, so we are not going to do that here. But how can block chain help us today? How can it help with data protection? Since we have data issues, can block chain help us with the data dilemma as well?
Since block chain is basically a block of data with an associated hash, you will end up with some very interesting use cases. One immediate use case that comes to mind is for large-scale cloud forensics. Block chain could be the solution to the chain of custody problem presented by digital assets. Chain of custody is about ensuring that data or physical assets are not changed as those assets change hands. Usually, there is a sign-off on the asset’s never having left the holder’s sight, side, etc. There is also a check-in/check-out process associated with the asset. However, with digital assets, this is not possible. Can you check in and check out a specific block of data? Not really. But block chain could tell you how that block of data changed over time, who changed it, when it changed, where it changed, and how it changed. If this is implemented properly, we get the who, what, where, when, and how of change to a digital asset over the lifetime of the asset.
Given that the blocks of changes are encompassed within all the blocks, if ransomware were to hit, you would only need to fork the chain at the point just prior to the ransomware hit to get back all of your digital asset.
Okay, now we are talking about data protection, not just chain of custody. But for block chain, the two are connected, or have a connected use case.
The benefits of block chain are many, but the key features are:
- Knowledge of who owns the block
- Knowledge of whether the block has changed
- Knowledge of a fork in the chain and where
The “who” is crucial. This is the identity of the physical owner of the change to the block. This identity could include device, geolocation, name, and other elements related to the owner of the block. Since every block has a hash, it is possible to ensure that the blocks never change. If they do change, they can cause a fork to happen. We could even take this a step further and add a new block for any access to the data, even if nothing changes.
This becomes the “why” behind the chain of custody capability of block chain. We could also apply this to claim that every time we copy the data from device to device, cloud to cloud, we also fork the chain. Thus, we would know if the data in any given location has changed. Since there are now multiple copies, we have multiple chains. In the end, we need to manage the block chains in some fashion. This may be the real power of the cloud: it has the ability to house not only data but also metadata, as well as to always be on. For block chain to work, every part of the chain needs to be accessible by every other part.
I can see block chain being used to protect my data, provide chain of custody, and also track all changes. Some data protection vendors, like Acronis, are already adopting this technology. This technology is being looked into by banks and other financial institutions. Knowing where and how changes happen has been the Achilles’ heel of IT for years. We now have a possible solution to this. Could block chain solve the supply chain problem as well? Most likely.
It seems to be a cure-all. However, it requires adoption by a wider group of companies. Those who make drivers, firmware, and other software already maintain hashes, but what if each version of driver or firmware was backed by a block chain, and one chain was added to another chain as data? You end up with an interesting supply chain and history of the chain embedded into everything.
To do this properly, we really need very good identity sources, something unique across an organization.
What are your thoughts? Is block chain being considered by your organization?