Microsoft Confidential
What is blockchain? Blockchain is a secure, shared, distributed ledger
Shared
Secure
Ledger
Distributed Smart Contracts What makes this special / challenging? Blockchain is a secure, shared, distributed ledger
Shared Special Business Logic Immutable Business Logic Network Network tx/sec variability SLA SLA of? Governance Governance Code code updates DevOps participants RunTime Code Security DevOps … RunTime rules Security requirements … Not just technology – consortia considerations What’s Possible Today Blockchain can bring greater transparency, security, and efficiency in our current business processes eliminating inefficiencies. It can enable new business models based on distributed marketplaces and technology
Eliminates Intermediaries 1 Allows industries to redefine or create new business models.
Reduces Fraud related to data integrity 2 Highly secure and transparent, making it nearly impossible to change historical records.
Increases Efficiency and Speed 3 For transactions involving multiple parties in a trustless environment it enables T+Zero settlement time.
Reduce counterparty risk 4 Smart contracts enable “trustless” transactions between multiple parties
Increases Revenue and Savings 5 Potential savings and new revenue opportunities through more efficient processes and reduced costs. Value Driver Detail
Blockchain reduces / eliminates manual efforts required to perform reconciliation and resolve Operational simplification disputes
Regulatory efficiency improvement Blockchain enables real-time monitoring of activity between regulators and regulated entities
Blockchain challenges the need to trust counterparties to fulfill obligations as agreements are Counterparty risk reduction codified and executed in a shared, immutable environment.
Blockchain distintermediates third parties that support transaction verification / validation and Clearing and settlement time reduction accelerates settlement.
Liquidity and capital improvement Blockchain reduces locked-in capital and provides transparency into sourcing liquidity for assets
Blockchain enables asset provenance and full transaction history to be established with a single Fraud minimization source of truth Characteristic Example
A shared repository of information is Ledger that stores financial assets in which an owner and owned assets are tracked and Shared repository used by multiple parties shared with other internal/external parties (e.g. regulators and other geographical units)
More than one entity generates Payments system collectively managed and maintained by a small group of banks, but Multiple writers transactions that require modifications each bank has millions of end users transacting with their bank to the shared repository
A level of mistrust exists between entities Multiple parties within a trade finance arrangement (e.g. importer, exporter, issuing bank, Minimal trust receiving bank, correspondent banks and customs) that do not “trust” each other and, that generate transactions therefore, institute layer of verification and impose collateral requirements.
One (or multiple) intermediary or a Removing and/or reducing the importance of a central intermediary whose primary role Intermediaries central gatekeeper is present to enforce is to provide “trust” to the post-trade ecosystem. trust
Interaction or dependency between A situation in which Alice needs to send funds to Bob, then Bob needs to send funds to Transaction dependencies transactions is created by different Charlie. Bob’s transaction is dependent on Alice’s transaction, and one cannot verify Bob’s entities. transaction without checking Alice’s first.
Integrate with Integrate with Configure identity and existing consensus key mgmt business apps algorithms services
Manually Retrieve Write Manage post- deploy ledger Test & reference data business logic processing debug on a network storage
Manage Choose Deploy Perform post- pre-processing services to Create oracles Build web gateway API client processing and storage integrate with compute Organization 1 Organization N
Existing SaaS tools Client apps & devices ? Enterprise ledgers Optimize your supply chain
Challenge Strategy Results
• Reducing supply chain management costs • Design a blockchain solution • Blockchain technology engaged the tactical and associated with one of their flagship to give them real-time strategic angles of the supply chain to reduce confectionary products while also making it visibility into their supply costs, ensure quality, and increase revenue easier for customers to see the journey of chain • Enhanced visibility into their confectionary the product from farm to fork export process and improved their ability to address inefficiencies and resolve disputes involving both suppliers and consumers
Microsoft Confidential Supply chain provenance and tracking
Track product Verify authenticity Anti-counterfeit Anti-tamper Economic empowerment for farmer
Digests Creating During Processing Retail Bag Digest 0x23e423s3234… 0x48e423s3234… 0x4e231323134... 0x98d2a323418... All digests of lots from prior step in Multiple sources of grain, multiple phases where lots are split or the supply chain are combined into aggregated, and multiple lots over the journey one unique digest for the retail product All lots get a hash (digest) based on lot id+ farmer id. Hashes of aggregations include the hashes of all those that came before it. With blockchain, parties can have visibility into a digital track of retail product’s development including: • Source of the product materials • How, where and in what conditions the product was manufactured • How, ,where and in what conditions the product was transported Blockchain in Action | Provenance tracking
Farmer Carrier Manufacturer Farmer produces cocoa beans under Authenticity is verified and beans Containers are verified and specified conditions to earn organic and are delivered to the factory cocoa is processed into Fair Trade certifications chocolate
Distributor The bars are moved through a distributor under high-quality assurance regulations
Customer Retailer The customer purchases organic and Fair The bars reach the retailer having been Trade certified chocolate with quality accounted for at each step of the journey assurance from farm to fork
Farmer Carrier Manufacturer Distributor Retailer Customer
✓ Plot #839049 ✓ Shipped 2/5/2018 ✓ Delivered 2/12/2018 ✓ Delivered 2/19/2018 ✓ Delivered 2/26/2018 ✓ Guaranteed fresh ✓ 25 tons of cocoa ✓ Organic ✓ Organic ✓ Organic ✓ Organic ✓ Certified organic beans ✓ Fair Trade ✓ Fair Trade ✓ Fair Trade ✓ Fair Trade ✓ Certified Fair Trade ✓ Certifications Consumer visibility At various points in the journey, an IoT device scans the product and records its status and condition which are updated on the blockchain Blockchain in Action | Refrigerated Transportation
PRODUCER Manufacturer Milk producer supplies milk to a At the factory, milk is included in a The package has to Manufacturer batch of ice cream and placed in an IoT be maintained at : enabled package. Temperature < 10º C SMART CONTRACT Humidity < 65%
CARRIER 2 Warehouse CARRIER 1 The terms of shipping are registered using a smart contract on the blockchain
11ºC SMART CONTRACT 66% Retail Store UPDATED
The conditions of the contract have been violated. Carrier 2 is liable for penalty as the temperature of the package while in transit to the retail store was above the prescribed limit SHARED LEDGER Origin Carrier1 Warehouse Carrier 2 8ºC 9ºC 9ºC 11ºC IoT Enabled 60% 64% 64% 66%
At various points in the journey, the IoT device from the package sends the Temperature & Humidity values which are recorded on the blockchain Validate your product’s authenticity
Challenge Strategy Results
• 3M sought a solution to reduce tampering • 3M and Microsoft leveraged • Blockchain technology improved visibility and and prevent the introduction of counterfeit Azure Blockchain to build an security at each transfer to ensure products are drugs into the pharmaceutical supply chain innovative service to track authentic and free of tampering – which is a $200 billion criminal industry specially labeled packages • Real-time registry, validation, and custodial • Counterfeit drugs negatively impact brand through any supply chain recordings combated counterfeits and reputation and overall revenue but, • Multilayer QR code labels eliminated the risk of fraudulent double selling ultimately, they hurt unsuspecting were used to expose through secure, attestable data customers tampering and facilitate easy tracking
“We combined 3M DoubleTrust tamper-evident labels with Azure Blockchain to create a label-as-a-service supply chain solution that can help identify counterfeits, protect business performance, and save lives.” — Oscar Naim, PhD, Lead Software Architecture Specialist, 3M
Microsoft Confidential Blockchain in Action | Pharmaceutical authenticity
Manufacturer Prescription processor Carrier 1 The drugs originate from the The drugs packaged according to the The product is securely pharmaceutical manufacturer appropriate dosage and sealed with 3M shipped with QR codes DoubelTrust, multilayer QR code labels verifying transfers at each step
Warehouse The product is again verified and stored in the appropriate, secure environment Carrier 2 Carrier 2 scan confirms receipt of Retail store 1000 authentic bottles with 100 bottles are rejected before shelving verified QR codes due to incorrect QR codes
The integrity of the product have been violated. Carrier 2 is liable for penalty as the amount of Drug A when it reached the retail store was less than the Smart Contract was tracking SHARED LEDGER Smart Contract created Carrier 1 Warehouse Carrier 2 Retail store 1000 units of Drug A 1000 units of 1000 units of 1000 units of 900 units Drug A Drug A Drug A of Drug A At various points in the journey, the IoT device scans the QR codes and records the unique serial numbers which are updated on the blockchain Microsoft’s Blockchain Approach
creating modular preconfigured templates and infrastructure
Ledger and topology choice Choose the ledger that meets your needs
Deploy on flexible topologies (dev test, single-node, or multi- node) so you can expand when you’re ready Integrate with Integrate with Configure identity and existing consensus key mgmt business apps algorithms services
Manually Retrieve Write Manage post- deploy ledger Test & reference data business logic processing debug on a network storage
Manage Choose Deploy Perform post- pre-processing services to Create oracles Build web gateway API client processing and storage integrate with compute Workflow execution Horizontal SaaS & adapters Client apps & devices
Identity & key management
Azure Blockchain Workbench Ledger-neutral approach Identity Data Enterprise Off-Chain Monitoring 3rd Party & Key Platform Integration Storage & Security Services Management (ML/BI) Auto-generate starter apps
Integration APIs & events Enterprise ledger Workflow/user admin
Azure data integration
Power BI Data Sources DLT Services Blockchain Ledger (API, Hashing, Signing) APIs Consuming Apps, Service API Off-Chain DB Apps Bus Services & Logic Apps Systems
Off-Chain Storage Event Hub
Sensors Data Azure Functions Reference Data
Azure AD Azure Key Vault Application Insights Virtual Networking
Enterprise Smart Contracts
• Security and confidence in code connecting to the blockchain • Secure compute • Secure communications • Attestable code • Increased productivity and code re-use • Write cryptlets in popular development languages • Re-use existing code • Common code base across multiple blockchain protocols • Performance • Avoid current limitations and select the hardware profile appropriate for your workload • Multi-chain • Communicate across blockchain protocols • Marketplace • Marketplace for attestable code and data services 37 Confidential Consortium Framework DApp DApp DApp DApp DApp DApp DApp DApp DApp • Alternative approach to ledger construction • Addresses consortium needs such as Ethereum Quorum Corda Hyperledger Sawtooth ... • Scalability • distributed governance Coco Framework • enhanced confidentiality
• security and immutability TEE (Intel SGX, Windows VSM, ...)
• Leveraging the power of existing blockchain protocols, trusted execution environments 39 • Digital Uniqueness • Value/Code linkage opportunity • Digital Scarcity • Incentivization of ecosystem and network participation • Cross domain and cross organization complexities • Write cryptlets in popular development languages • Re-use existing code • Common code base across multiple blockchain protocols • Identity, Key Management • Custody services • Backup, derivation, restore, revocation • Multi-chain • Communicate across blockchain protocols © Microsoft Corporation The deepest and most comprehensive compliance coverage
ISO 27001:2013 ISO 22301:2012 SOC 1 Type 2 CSA STAR Certification ISO 27017:2015 ISO 9001:2015 SOC 2 Type 2 CSA STAR Attestation
Global ISO 27018:2014 ISO 20000-1:2011 SOC 3 CSA STAR Self-Assessment WCAG 2.0
FedRAMP High DoD DISA SRG Level 5 DoE 10 CFR Part 810 FIPS 140-2 FedRAMP Moderate DoD DISA SRG Level 4 NIST SP 800-171 ITAR EAR DoD DISA SRG Level 2 NIST CSF CJIS USGov DFARS Section 508 VPATs IRS 1075
PCI DSS Level 1 FCA + PRA (UK) SOX NEN 7510:2011 (Netherlands) GLBA MAS + ABS (Singapore) HIPAA BAA FERPA FFIEC 23 NYCRR 500 HITRUST CDSA Shared Assessments SEC 17a-4 21 CFR Part 11 (GxP) MPAA FISC (Japan) CFTC 1.31 MARS-E Industry FACT (UK) APRA (Australia) FINRA 4511 NHS IG Toolkit (UK) DPP (UK) OSFI (Canada
Argentina PDPA China TRUCS / CCCPPF Germany IT-Grundschutz workbook Singapore MTCS Level 3 India MeitY Australia IRAP Unclassified EN 301 549 Spain ENS Australia IRAP Protected EU ENISA IAF Japan CS Mark Gold Spain DPA Canada Privacy Laws EU Model Clauses Japan My Number Act UK Cyber Essentials Plus Netherlands BIR 2012 UK G-Cloud Regional China GB 18030:2005 EU – US Privacy Shield New Zealand Gov CIO Fwk UK PASF © Microsoft Corporation China DJCP (MLPS) Level 3 GDPR Germany C5 https://aka.ms/AzureCompliance