Blockchain & Identity
As a leader in the Identity and Access Management space, IDMWORKS always tries to stay on top of new advancements in technology as it relates to our areas of expertise. And there’s no denying that Blockchain is one of the most talked about and potentially impactful tech inventions to permeate almost all areas of technology in many years.
As new products and companies emerge around this relatively novel tech, its applications will undoubtedly grow exponentially. But as it currently stands, blockchain is still in its infancy, and the implications of its applications in various technical sectors are widely undiscovered.
In order to assist in keeping IAM professionals up to date on the advancements in this emerging technology and how it relates to our interests, IDMWORKS will be doing a series of blogs on the subject.
What Is Blockchain?
We’ll start off with what a blockchain is at its most basic level: a blockchain is a distributed ledger of transactions. Each new transaction is added to the next block and when those transactions are verified by the participating computers on the network, that block is added to the previous chain of blocks. The blockchain is hashed, so it’s impossible to make any changes to any of the data in the blockchain without changing its hash, so all the data within the blockchain is considered to be “immutable.” Therefore, fundamentally, a blockchain provides a way to store data in a distributed manner that can be verified, audited, and is guaranteed to be valid (with a few exceptions, of course, but we’ll save that for a future post).
Two potential, very valuable, use cases immediately jump out at us: data integrity for auditing purposes, and the validation of data for authentication and authorization.
We will explore these use cases in more detail at a later date, but there is one important distinction to make: there are two types of blockchain networks, and the way they operate determine their potential use cases.
The first type of blockchain network is “public” (a.k.a. open or permissionless). In an open blockchain network, any computer running the required software can join the network and participate in verifying transactions, as long as it plays by the rules. These types of blockchains are what are most commonly used by cryptocurrencies, cryptocommodities, and other cryptoassets. Some cryptocommodity networks provide services like computing power and the execution of smart contracts (e.g. Ethereum). Smart contract platforms are the probably the most relevant open blockchain networks for identity, currently. Open blockchain networks/cryptoassets also are providing a very promising future for the potential of individuals truly owning their personal digital identities.
The second type of blockchain network is “private” (a.k.a. closed or permissioned). As the name implies, permissioned networks allow only computers, or nodes, with the proper authorization to join the network and verify transactions. This group of computers, or nodes, is called a consortium. Private blockchain networks are where most of our attention will be focused as they are where most enterprise solutions will likely reside, at least for the near future.
Various tech giants such as IBM, Oracle, and Microsoft are exploring, developing, and/or partnering with other companies to create private blockchain solutions. And Amazon is working on creating simple, out-of-the-box, private blockchain networks for enterprises via AWS. This is just the beginning.
We can assume the obvious next conclusion is that we’ll probably soon see a third type of blockchain network, as well. Hybrid networks that consist of public and private networks, as well as partnerships and the bridging of existing networks.
There are obviously pros and cons to each type of network, and each have their distinct advantages as well as security concerns.
If there are any particular aspects of blockchain in the identity space that you would like us to cover, or if you have any questions, please comment below and we’ll do our best to assist.