Microsoft Confidential

What is ? Blockchain is a secure, shared, distributed

Shared

Secure

Ledger

Distributed Smart Contracts What makes this special / challenging? Blockchain is a secure, shared, distributed ledger

Shared Special Business Logic Immutable Business Logic Network Network tx/sec variability SLA SLA of? Governance Governance Code code updates DevOps participants RunTime Code Security DevOps … RunTime rules Security requirements … Not just technology – consortia considerations What’s Possible Today Blockchain can bring greater transparency, security, and efficiency in our current business processes eliminating inefficiencies. It can enable new business models based on distributed marketplaces and technology

Eliminates Intermediaries 1 Allows industries to redefine or create new business models.

Reduces Fraud related to data integrity 2 Highly secure and transparent, making it nearly impossible to change historical records.

Increases Efficiency and Speed 3 For transactions involving multiple parties in a trustless environment it enables T+Zero settlement time.

Reduce counterparty risk 4 Smart contracts enable “trustless” transactions between multiple parties

Increases Revenue and Savings 5 Potential savings and new revenue opportunities through more efficient processes and reduced costs. Value Driver Detail

Blockchain reduces / eliminates manual efforts required to perform reconciliation and resolve Operational simplification disputes

Regulatory efficiency improvement Blockchain enables real-time monitoring of activity between regulators and regulated entities

Blockchain challenges the need to trust counterparties to fulfill obligations as agreements are Counterparty risk reduction codified and executed in a shared, immutable environment.

Blockchain distintermediates third parties that support transaction verification / validation and Clearing and settlement time reduction accelerates settlement.

Liquidity and capital improvement Blockchain reduces locked-in capital and provides transparency into sourcing liquidity for assets

Blockchain enables asset provenance and full transaction history to be established with a single Fraud minimization source of truth Characteristic Example

A shared repository of information is Ledger that stores financial assets in which an owner and owned assets are tracked and Shared repository used by multiple parties shared with other internal/external parties (e.g. regulators and other geographical units)

More than one entity generates Payments system collectively managed and maintained by a small group of banks, but Multiple writers transactions that require modifications each bank has millions of end users transacting with their bank to the shared repository

A level of mistrust exists between entities Multiple parties within a trade finance arrangement (e.g. importer, exporter, issuing bank, Minimal trust receiving bank, correspondent banks and customs) that do not “trust” each other and, that generate transactions therefore, institute layer of verification and impose collateral requirements.

One (or multiple) intermediary or a Removing and/or reducing the importance of a central intermediary whose primary role Intermediaries central gatekeeper is present to enforce is to provide “trust” to the post-trade ecosystem. trust

Interaction or dependency between A situation in which Alice needs to send funds to Bob, then Bob needs to send funds to Transaction dependencies transactions is created by different Charlie. Bob’s transaction is dependent on Alice’s transaction, and one cannot verify Bob’s entities. transaction without checking Alice’s first.

Integrate with Integrate with Configure identity and existing consensus key mgmt business apps algorithms services

Manually Retrieve Write Manage post- deploy ledger Test & reference data business logic processing debug on a network storage

Manage Choose Deploy Perform post- pre-processing services to Create oracles Build web gateway API client processing and storage integrate with compute Organization 1 Organization N

Existing SaaS tools Client apps & devices ? Enterprise ledgers Optimize your supply chain

Challenge Strategy Results

• Reducing supply chain management costs • Design a blockchain solution • Blockchain technology engaged the tactical and associated with one of their flagship to give them real-time strategic angles of the supply chain to reduce confectionary products while also making it visibility into their supply costs, ensure quality, and increase revenue easier for customers to see the journey of chain • Enhanced visibility into their confectionary the product from farm to fork export process and improved their ability to address inefficiencies and resolve disputes involving both suppliers and consumers

Microsoft Confidential Supply chain provenance and tracking

Track product Verify authenticity Anti-counterfeit Anti-tamper Economic empowerment for farmer

Digests Creating During Processing Retail Bag Digest 0x23e423s3234… 0x48e423s3234… 0x4e231323134... 0x98d2a323418... All digests of lots from prior step in Multiple sources of grain, multiple phases where lots are split or the supply chain are combined into aggregated, and multiple lots over the journey one unique digest for the retail product All lots get a hash (digest) based on lot id+ farmer id. Hashes of aggregations include the hashes of all those that came before it. With blockchain, parties can have visibility into a digital track of retail product’s development including: • Source of the product materials • How, where and in what conditions the product was manufactured • How, ,where and in what conditions the product was transported Blockchain in Action | Provenance tracking

Farmer Carrier Manufacturer Farmer produces cocoa beans under Authenticity is verified and beans Containers are verified and specified conditions to earn organic and are delivered to the factory cocoa is processed into Fair Trade certifications chocolate

Distributor The bars are moved through a distributor under high-quality assurance regulations

Customer Retailer The customer purchases organic and Fair The bars reach the retailer having been Trade certified chocolate with quality accounted for at each step of the journey assurance from farm to fork

Farmer Carrier Manufacturer Distributor Retailer Customer

✓ Plot #839049 ✓ Shipped 2/5/2018 ✓ Delivered 2/12/2018 ✓ Delivered 2/19/2018 ✓ Delivered 2/26/2018 ✓ Guaranteed fresh ✓ 25 tons of cocoa ✓ Organic ✓ Organic ✓ Organic ✓ Organic ✓ Certified organic beans ✓ Fair Trade ✓ Fair Trade ✓ Fair Trade ✓ Fair Trade ✓ Certified Fair Trade ✓ Certifications Consumer visibility At various points in the journey, an IoT device scans the product and records its status and condition which are updated on the blockchain Blockchain in Action | Refrigerated Transportation

PRODUCER Manufacturer Milk producer supplies milk to a At the factory, milk is included in a The package has to Manufacturer batch of ice cream and placed in an IoT be maintained at : enabled package. Temperature < 10º C SMART CONTRACT Humidity < 65%

CARRIER 2 Warehouse CARRIER 1 The terms of shipping are registered using a on the blockchain

11ºC SMART CONTRACT 66% Retail Store UPDATED

The conditions of the contract have been violated. Carrier 2 is liable for penalty as the temperature of the package while in transit to the retail store was above the prescribed limit SHARED LEDGER Origin Carrier1 Warehouse Carrier 2 8ºC 9ºC 9ºC 11ºC IoT Enabled 60% 64% 64% 66%

At various points in the journey, the IoT device from the package sends the Temperature & Humidity values which are recorded on the blockchain Validate your product’s authenticity

Challenge Strategy Results

• 3M sought a solution to reduce tampering • 3M and Microsoft leveraged • Blockchain technology improved visibility and and prevent the introduction of counterfeit Azure Blockchain to build an security at each transfer to ensure products are drugs into the pharmaceutical supply chain innovative service to track authentic and free of tampering – which is a $200 billion criminal industry specially labeled packages • Real-time registry, validation, and custodial • Counterfeit drugs negatively impact brand through any supply chain recordings combated counterfeits and reputation and overall revenue but, • Multilayer QR code labels eliminated the risk of fraudulent double selling ultimately, they hurt unsuspecting were used to expose through secure, attestable data customers tampering and facilitate easy tracking

“We combined 3M DoubleTrust tamper-evident labels with Azure Blockchain to create a label-as-a-service supply chain solution that can help identify counterfeits, protect business performance, and save lives.” — Oscar Naim, PhD, Lead Software Architecture Specialist, 3M

Microsoft Confidential Blockchain in Action | Pharmaceutical authenticity

Manufacturer Prescription processor Carrier 1 The drugs originate from the The drugs packaged according to the The product is securely pharmaceutical manufacturer appropriate dosage and sealed with 3M shipped with QR codes DoubelTrust, multilayer QR code labels verifying transfers at each step

Warehouse The product is again verified and stored in the appropriate, secure environment Carrier 2 Carrier 2 scan confirms receipt of Retail store 1000 authentic bottles with 100 bottles are rejected before shelving verified QR codes due to incorrect QR codes

The integrity of the product have been violated. Carrier 2 is liable for penalty as the amount of Drug A when it reached the retail store was less than the Smart Contract was tracking SHARED LEDGER Smart Contract created Carrier 1 Warehouse Carrier 2 Retail store 1000 units of Drug A 1000 units of 1000 units of 1000 units of 900 units Drug A Drug A Drug A of Drug A At various points in the journey, the IoT device scans the QR codes and records the unique serial numbers which are updated on the blockchain Microsoft’s Blockchain Approach

creating modular preconfigured templates and infrastructure

Ledger and topology choice Choose the ledger that meets your needs

Deploy on flexible topologies (dev test, single-node, or multi- node) so you can expand when you’re ready Integrate with Integrate with Configure identity and existing consensus key mgmt business apps algorithms services

Manually Retrieve Write Manage post- deploy ledger Test & reference data business logic processing debug on a network storage

Manage Choose Deploy Perform post- pre-processing services to Create oracles Build web gateway API client processing and storage integrate with compute Workflow execution Horizontal SaaS & adapters Client apps & devices

Identity & key management

Azure Blockchain Workbench Ledger-neutral approach Identity Data Enterprise Off-Chain Monitoring 3rd Party & Key Platform Integration Storage & Security Services Management (ML/BI) Auto-generate starter apps

Integration APIs & events Enterprise ledger Workflow/user admin

Azure data integration

Power BI Data Sources DLT Services Blockchain Ledger (API, Hashing, Signing) APIs Consuming Apps, Service API Off-Chain DB Apps Bus Services & Logic Apps Systems

Off-Chain Storage Event Hub

Sensors Data Azure Functions Reference Data

Azure AD Azure Key Vault Application Insights Virtual Networking

Enterprise Smart Contracts

• Security and confidence in code connecting to the blockchain • Secure compute • Secure communications • Attestable code • Increased productivity and code re-use • Write cryptlets in popular development languages • Re-use existing code • Common code base across multiple blockchain protocols • Performance • Avoid current limitations and select the hardware profile appropriate for your workload • Multi-chain • Communicate across blockchain protocols • Marketplace • Marketplace for attestable code and data services 37 Confidential Consortium Framework DApp DApp DApp DApp DApp DApp DApp DApp DApp • Alternative approach to ledger construction • Addresses consortium needs such as Quorum Corda Hyperledger Sawtooth ... • Scalability • distributed governance Coco Framework • enhanced confidentiality

• security and immutability TEE (Intel SGX, Windows VSM, ...)

• Leveraging the power of existing blockchain protocols, trusted execution environments 39 • Digital Uniqueness • Value/Code linkage opportunity • Digital Scarcity • Incentivization of ecosystem and network participation • Cross domain and cross organization complexities • Write cryptlets in popular development languages • Re-use existing code • Common code base across multiple blockchain protocols • Identity, Key Management • Custody services • Backup, derivation, restore, revocation • Multi-chain • Communicate across blockchain protocols © Microsoft Corporation The deepest and most comprehensive compliance coverage

 ISO 27001:2013  ISO 22301:2012  SOC 1 Type 2  CSA STAR Certification  ISO 27017:2015  ISO 9001:2015  SOC 2 Type 2  CSA STAR Attestation

Global  ISO 27018:2014  ISO 20000-1:2011  SOC 3  CSA STAR Self-Assessment  WCAG 2.0

 FedRAMP High  DoD DISA SRG Level 5  DoE 10 CFR Part 810  FIPS 140-2  FedRAMP Moderate  DoD DISA SRG Level 4  NIST SP 800-171  ITAR  EAR  DoD DISA SRG Level 2  NIST CSF  CJIS USGov  DFARS  Section 508 VPATs  IRS 1075

 PCI DSS Level 1  FCA + PRA (UK)  SOX  NEN 7510:2011 (Netherlands)  GLBA  MAS + ABS (Singapore)  HIPAA BAA  FERPA  FFIEC  23 NYCRR 500  HITRUST  CDSA  Shared Assessments  SEC 17a-4  21 CFR Part 11 (GxP)  MPAA  FISC (Japan)  CFTC 1.31  MARS-E Industry  FACT (UK)  APRA (Australia)  FINRA 4511  NHS IG Toolkit (UK)  DPP (UK)  OSFI (Canada

 Argentina PDPA  China TRUCS / CCCPPF  Germany IT-Grundschutz workbook  Singapore MTCS Level 3  India MeitY  Australia IRAP Unclassified  EN 301 549  Spain ENS  Australia IRAP Protected  EU ENISA IAF  Japan CS Mark Gold  Spain DPA  Canada Privacy Laws  EU Model Clauses  Japan My Number Act  UK Cyber Essentials Plus Netherlands BIR 2012 UK G-Cloud Regional  China GB 18030:2005  EU – US Privacy Shield    New Zealand Gov CIO Fwk  UK PASF © Microsoft Corporation China DJCP (MLPS) Level 3  GDPR  Germany C5 https://aka.ms/AzureCompliance