blockchain for identity management ibm part 3 of 3
TRANSCRIPT
![Page 1: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/1.jpg)
© 2016 IBM Corporation
Blockchain for Identity ManagementPart 3 (of 3)
Mike Chung | Associate Partner IBM Security
November 2016 Seoul
![Page 2: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/2.jpg)
2© 2016 IBM Corporation
Items
§ What is blockchain? Part 1
– Blockchain explained in layman’s terms
§ How can we use blockchain? Part 2 Use case A; Part 3 Use case B
– Potential applications in Identity Management
§ Whom to watch? Part 3
– Initiatives and developments
![Page 3: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/3.jpg)
3© 2016 IBM Corporation
Use case B: medical records on blockchain
![Page 4: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/4.jpg)
4© 2016 IBM Corporation
Potential advantages
§ Huge gathering of sensitive data
§ Data (un)managed by different organizations
§ Siloed with many (potential) errors
§ Decentralized and distributed
§ Data ownership with the owner
§ One set of untampered data
![Page 5: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/5.jpg)
5© 2016 IBM Corporation
Medical records: attributes
Attibutes data
Height: 1.73 m
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Married
Physical identity
![Page 6: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/6.jpg)
6© 2016 IBM Corporation
Medical records: in the majority of cases
Attibutes data
Height: 1.53 m
Alergy: ?
-
Marital status: Divorced
Attibutes data
Height: ?
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Polygamous
![Page 7: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/7.jpg)
7© 2016 IBM Corporation
Medical records: in the majority of cases
Attibutes data
Height: 1.53 m
Alergy: ?
-
Marital status: Divorced
Attibutes data
Height: ?
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Polygamous
Dependent
Inconsistent data quality
Silos
![Page 8: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/8.jpg)
8© 2016 IBM Corporation
Medical records: on the blockchain
Attibutes data
Height: 1.73 m
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Married
![Page 9: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/9.jpg)
9© 2016 IBM Corporation
Medical records: on the blockchain
Attibutes data
Height: 1.73 m
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Married
Attributes needed
Height: 1.73 m
Alergy: Lactose intolerance
10k time: 43 min
![Page 10: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/10.jpg)
10© 2016 IBM Corporation
Identity attributes on blockchain: steps
Block TBlock T – 1
Name (not revealed to the public)
Registar
Thin client
1
![Page 11: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/11.jpg)
11© 2016 IBM Corporation
Identity attributes on blockchain: steps
Block TBlock T – 1
Name (not revealed to the public)
Registar
Thin client
12
Hash value (revealed to the public)
![Page 12: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/12.jpg)
12© 2016 IBM Corporation
Identity attributes on blockchain: steps
Block TBlock T – 1
Name (not revealed to the public)
Registar
Thin client
12
3
Hash value (revealed to the public)
![Page 13: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/13.jpg)
13© 2016 IBM Corporation
Identity attributes on blockchain: steps
Block TBlock T – 1
Name (not revealed to the public)
Registar
Thin client
12
3
Block T + 1
Hash value (revealed to the public)
Attribute(s) updates
4
![Page 14: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/14.jpg)
14© 2016 IBM Corporation
Signing of attribute update
Block TBlock T – 1
Private key
Block T + 1
Attribute update
Attribute update data
encrypt
hash
29b7cd0d
U2{e=oj~1#4sj86^;
![Page 15: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/15.jpg)
15© 2016 IBM Corporation
Signing of attribute update
Block TBlock T – 1
Private key
Block T + 1
Attribute update
Attribute update data
encrypt
hash
29b7cd0d
U2{e=oj~1#4sj86^;
Check
U2{e=oj~1#4sj86^;
decrypt
29b7cd0d
Attribute update data
Public key
hash
![Page 16: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/16.jpg)
16© 2016 IBM Corporation
Medical records: ..trusting the validity of the attributes
Attibutes data
Height: 1.73 m
Alergy: Lactose intolerance
10k time: 43 min
Marital status: Married
Trust
Trust
![Page 17: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/17.jpg)
17© 2016 IBM Corporation
Medical records: arbitrator as a third party
Attibutes wallet
Attribute A
Attribute B
ServiceRequest for attribute A data
Authorization for attribute A data
Verification
“Arbitrator”
Attribute A
![Page 18: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/18.jpg)
18© 2016 IBM Corporation
Arbitration: back to dependency
urn:uuid:f81d4f
Anonymous
Recognized
UUID
Jan Jansen
Verification/endorsement
urn:uuid:f81d4f
UUID on the blockchain
urn:uuid:f81d4f
UUID on the blockchain
Arbitrator
![Page 19: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/19.jpg)
19© 2016 IBM Corporation
Medical records on blockchain considerations
§ Dependent on the service provider/registar or arbitrator (another dependency created)
§ Local regulations imposed on potentially imcompliant blockchain
§ Self-managed identity attributes has its problems:
– Medical data fraud to get subsidies
– Impersonation to abuse/predate
– How to update severe disability or death?
![Page 20: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/20.jpg)
20© 2016 IBM Corporation
New methods of proof
§ Proof-of-Work: extremely CPU-intensive
§ Proof-of-Stake: difficult to implement
§ Proof-of-Existence: transaction created after the generation of a timestamp token (XNotes using this concept)
![Page 21: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/21.jpg)
21© 2016 IBM Corporation
Security: multi-signatures
Attibutes wallet
Attribute A
Attribute B
Access
Verification
Authorization
“Arbitrator”
Trust Trust
![Page 22: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/22.jpg)
22© 2016 IBM Corporation
Security: multi-signatures
Attibutes wallet
Attribute A
Attribute B
Access
Verification
Authorization
2nd authentication
Verification service
![Page 23: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/23.jpg)
23© 2016 IBM Corporation
Introducing the Chung’s Triangle
Gauged/ measured
Verified Decentralized
![Page 24: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/24.jpg)
24© 2016 IBM Corporation
Use case areas of feasibilities
Anonymous Physically identified
Fungible
Non-exchangeable
• Currencies/money• Crude oil
• Options• Standardized contracts
• Social media identities (aliases)
• Diamonds
• Medical records• Certificates
![Page 25: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/25.jpg)
25© 2016 IBM Corporation
Use case areas of feasibilities
Anonymous Physically identified
Fungible
Non-exchangeable
Fit for blockchain Strong third party involvement
Services in development Permissioned blockchain
![Page 26: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/26.jpg)
26© 2016 IBM Corporation
Identity on blockchain challenges
§ How to incentivise updates (“transactions”) to the ledger?
§ Community building would take many dedicated volunteers
§ Rules are difficult to enforce
– How to discuss on the rules (voting is easy but debates are difficult)?
– How to keep misuse (cyber squatting, fallacious data) under control?
![Page 27: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/27.jpg)
27© 2016 IBM Corporation
Whom to watch?
![Page 28: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/28.jpg)
28© 2016 IBM Corporation
Be aware
§ A lot of projects and side-projects with varying degree of success
§ Blockchain often means first come first serve – power to early adopters
§ Online currencies are nothing new: flooz, DigiCash, e-Cash and beenz
Gavin Andersen (Lead bitcoin software developer): “Bitcoin is an experiment. Everytime I hear about somebody investing his own life savings in bitcoin, I cringe”.
![Page 29: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/29.jpg)
29© 2016 IBM Corporation
Blockchain is not trustless
§ Trust in the concept (mathematics behind blockchain; algorithms)
§ Trust in the software and its developers
§ Trust in the service providers (remember Mr. Gox, Bitcoinica)
![Page 30: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/30.jpg)
30© 2016 IBM Corporation
Foundation for success
§ Top-down driven
§ Focused on resolving old issues
§ Theoretical use cases
§ Open community driven
§ Focused on innovation
§ Proof of concept; bitcoin, litecoin
![Page 31: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/31.jpg)
31© 2016 IBM Corporation
Keep an eye on: biometrics and medical records
§ For future cloning of yourself
– Sequenced DNA converted to data on blockchain (Genecoin)
– Privacy and security issues still to be addressed
§ Use in biometric authentication: private key based on biometric data
§ Medical records life cycle
– Many startups (Gem, Factom, HealthNautica) as well as multinationals (Philips Healthcare)
– Increasingly focusing on permissioned blockchains
![Page 32: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/32.jpg)
32© 2016 IBM Corporation
Keep an eye on: banks
§ As bitcoin has capitalized over 5 billion USD, it got the (unwanted) attention
§ R3 consortium of banks (!) jumping on the blockchain wagon (to exert control?)
– Private blockchain concepts
– Intra-bank blockchain initiatives
§ Banks as “trusted” brokers/“trusted” authorities to verify identities
![Page 33: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/33.jpg)
33© 2016 IBM Corporation
Adoption and partnerships
§ Startups collaborating with large(r) organizations
– DocuSign with Ariba and NetSuite
– Ethereum with IBM
§ Tech giants joining the buzz
– Microsoft jumping on the blockchain digital signing wagon
– IBM’s permissioned blockchain (not for identity management, yet)
§ POCs to decrease ledger sizes – compression, distribution
![Page 34: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/34.jpg)
34© 2016 IBM Corporation
Blockchain information: useful web sources
§ Bitcoin/blockchain ecosystem in several detailed chapters
http://tech.eu/features/926/bitcoin-ecosystem/
§ Easy and well-thought out explanation of the blockchain concept
http://www.razormind.co.uk/blockchain/
§ Another use-case of blockchain for identity management in two parts
https://www.youtube.com/watch?v=W4faDEyHJeM
![Page 35: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/35.jpg)
35© 2016 IBM Corporation
Blockchain information: from service providers
§ Current bitcoin blockchain stats and information
https://blockchain.info
§ All about bitcoin, blockchain and more
http://www.coindesk.com
§ Big blue and the blockchain
http://www.ibm.com/blockchain/
![Page 36: Blockchain for Identity Management IBM part 3 of 3](https://reader034.vdocuments.net/reader034/viewer/2022050614/5885e9151a28ab906d8b798f/html5/thumbnails/36.jpg)
36© 2016 IBM Corporation
Contact details
Drs. Mike Chung RE CISSP
Associate Partner IBM Security
+31 6 2565 7593 (the Netherlands)
+82 10 3521 7754 (South Korea)