Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Blockchain final 25112015 v1.1

538 views

Published on

  • Get access to 16,000 woodworking plans, Download 50 FREE Plans...  http://ishbv.com/tedsplans/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • The #1 Woodworking Resource With Over 16,000 Plans, Download 50 FREE Plans... ▲▲▲ http://ishbv.com/tedsplans/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • The #1 Woodworking Resource With Over 16,000 Plans, Download 50 FREE Plans... ●●● http://tinyurl.com/y3hc8gpw
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Blockchain final 25112015 v1.1

  1. 1. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 1/10 The Block Chain Network: Accelerating adoption Notes from a 2nd roundtable discussion about the block chain and distributed ledger technology 25th November 2015, Sopra Steria, London
  2. 2. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 2/10 1. Introduction 1.1. Introduction Sopra Steria hosted a second roundtable for members of the Block Chain Network to discuss practical steps being taken to accelerate adoption of the technology. Throughout the discussion, the Network heard from experts from industry, academia, policy and regulation as they considered key enablers, applications and examples of best practice from across UK, Europe and the USA. A list of Block Chain Network participants is included at the end of this paper. 2. Enablers for Distributed Ledger Technology & Block Chain: Capabilities – Required, Existing and Emerging 2.1. Government Office for Science report – Martin Glasspool Martin Glasspool, the UK’s Government Office for Science, gave a summary of the organisation’s forthcoming report on digital currencies, led by the Chief Scientific Adviser, Sir Mark Walport. The report introduces the technology to a Government audience and explores its application in 3 key ways:  How the technology can help to support Government objectives  How to enable effective evidence-based policy making  How to enable the government to exploit developments in new and disruptive technologies The development of the report arose from the Blackett Report on the ‘FinTech Futures’, investigating how the UK could emerge as a leader in financial technology and advising the treasury as to where it should make investments. The report considers the technology and its application, disruptive potential and global impact. The report sets out a vision of where the UK Government could take the technology. Broadly, the report offers recommendations on:  Leadership – the need for senior leadership within the government to work together and with industry, to explore the full potential of a given technology and its impact in government;  Research – the importance of securing continued research into areas such as scailability and security;  Standardisation – why standardisation is key to development of applications;  Security – how security and collaborative risk management can be enhanced’
  3. 3. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 3/10 The report also directs Government to encourage partners to experiment with using the technology and learning how to use it more effectively, building up interest from a grass-roots level to create a top down and bottom up approach to exploiting and adopting block chain technology. The report has now been published and can be downloaded at: https://www.gov.uk/government/publications/distributed-ledger-technology-blackett-review Discussion point: The Network discussed how to best make use of this report and Government policy relating to the block chain and decided that we as a group should work towards our own, complementary white paper on how industry should accelerate adoption of the technology and assist in enabling the Government report’s recommendations. 2.2. block chain Operational Requirements – Preston Byrne 2.2.1. Operational forms of block chain Preston Byrne, from ERIS Industries, explained the key operational considerations currently being examined by organisations adopting block chain technology. The two basic types of shared ledgers, public (permissionless) or private (permissioned) function differently and have different uses. Public ledgers allow free access to the past transactions of the ledger whereas private ledgers only allow access to those with permission. Currently in the market there has been a higher demand for private block chains driven by a need to secure data. Alongside the perimissioned and permissionless characteristics, two new categories of block chains are now emerging, transaction-optimised and logic-optimised block chains. Whilst the former are the more common and associated with cryptocurrency, clearing and settlement, the latter provide the basis for running scripts in such applications as smart contracts, etc. 2.2.2. The year of the pilot Private (in particular) block chains and public cryptocurrency block chains have been used for specific purposes for some time. Building on this growing activity, banks identified 2015 as ‘the year of the use case’, where they have been exploring the technology theoretically to find business applications for implementation. Following on from this, next year is to be ‘the year of the pilot’ with more banks implementing block chains in small experimentation scenarios. Other applications that have seen increased interest include those relating to resilient systems, such as where a P2P system could continue to operate even if large amounts of the infrastructure were unavailable during an incident. Discussion point: The Network discussed how we could research further into the limitations of block chain through stress testing and regularly testing the technology and logic behind the system.
  4. 4. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 4/10 2.3. Federated Identity Management (Including PKI-block chain federation, Counter- fraud, privacy and anonymisation) – Patrick Curry 2.3.1. Identity Patrick Curry, from the British Business Federation Authority, gave an overview of developments associated with trust and identity. Identity is central to validating trusted transactions and block chain technology is having an increasing role in this area. The Citizen e-ID has been a big focus for governments in the EU and Asia. High assurance employee authentication across supply chains and government organisations has become a major and fundamental cybersecurity & counter-fraud activity, particularly in the US since 9/11. In the EU the European Digital Agenda requires all citizens to have an electronic ID for all public services which can be recognised in any other EU member state. The EU eID Authentication and Signature Regulation (eIDAS) is required to be implemented by Sep 2017 and the UK currently has no published, meaningful plan in place, with less than 2 years to comply. Leaders in the space include Estonia with a strong digital ID, which should become internationally interoperable under eIDAS and commercially. It is open to foreign nationals through the e-Residency programme, allowing people to become ‘digital citizens’. Estonia’s e-Residency programme is exploiting block chain technology for notary services. Discussion point: The Network discussed the UK’s situation and identified the progress of Estonia and the potential to collaborate with the Estonian Digital Embassy in London to promote block chain identity solutions. 2.3.2. Assurance Patrick reminded the Network of the four Levels of Assurance for authentication, defined in ISO/IEC 29115, and how block chain could enhance security in each, or be used to reimagine our present platforms. The four levels of assurance are: Level 1. Low assurance. Self-assertion (e.g. social media, email etc.). No disclosure of identity. Level 2. Medium assurance. Some identity. Risk mitigation is mostly financial, which suits consumers. Some failures are expected. Level 3. High assurance. Significant identity. Legally robust, non-repudiation. All types of risk. Prevent failure. Level 4. Very High assurance. Risks - danger to life, high economic risk, national security Discussion point: The Network discussed how levels of assurance and identity services could exploit block chain technology in cross-organisational and community scenarios with federated trust – e.g. supply chain collaboration, asset tracking, copyright management, government collaboration. A few use cases identified including smart meters, e-health(patient records), pharmaceuticals (drug registration and testing), air traffic management, maritime tracking, countering food fraud. The
  5. 5. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 5/10 Networks also highlighted how groundwork needs to be done to determine priority value propositions and key requirements for block chains. 3. Trust Anchors 3.1. Trusted Information Sources – Organisational Identities and Trusted Attributes – Rob Leslie Rob Leslie, from GBR Direct, explained that, in order to create a trust relationship, an organisation must be able to determine whether you are whom you say you are every time and in real time. In order to do this a community is required which brings all parties together, sharing information with every other party in real-time rather than through a centralised source. Three artefacts that need to be trusted are people, products and services associated with an organisation and in a world of global connectivity, collaborative governance is required to enable international interoperability. In cyberspace, every entity (person, device, software and more) binds to an organisation; the organisation has to be trusted to the same (or higher) Level of Assurance as the entity. The wide scale, beneficial use of block chains depends on being able to validate information about a trusted organisation in (near) real time The Network considered the implementation of a Register of Legal Organisations (ROLO) in each nation to be a vital starting point for building communities of trust and enable digital economies to grow. Collaborative activity in this area will be key to success. Discussion point: The integration of block chain solutions was discussed, identifying their ability to authenticate in real-time across a wide network of parties and their potential low cost as being of specific interest to many organisations. The Network agreed that large organisations would play a critical part in promoting mass adoption of block chain technology. Major companies with a sufficiently large, shared supplier and customer base could have the potential ‘critical mass’ to drive change across their sector and with other communities; such change enables “re-use”, which is a top industry requirement. Topics of common interest and importance could also become factors in promoting block chain adoption, like payments, energy, regulatory compliance, food safety, insurance and cyber security. 3.2. Collaborative Risk Management & Assurance – Patrick Curry Patrick Curry explained that EU and US government organisations are making significant effort to collaborate in cyber security, collaborative risk management, trustworthiness, cyber insurance, federated identity & access management, and more.
  6. 6. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 6/10 3.2.1. The iOCTA – Internet Organised Crime Threat Assessment The Network heard that in 2010, Europol’s iOCTA report described identity fraud as the top enabler for all aspects of crime, and that law enforcement considered that “If we are not winning, we must be losing”. The UK estimated £73bn loss in fraud and across the EU that number was in excess of €500Bn, with a global figure of $US 1-2 Trn. Today, a working estimate for all aspects of cyber-crime globally is $US 7 Trn. A working figure is that 65% of IP and customer data theft happens through the insiders. Increasingly, the insider is not aware that they have been subverted by a malware attack and are an unwitting Trojan for others to breach their organisation. Several types of attack that the block chain could mitigate are:  Data exfiltration – Data exchange could be tracked and rules enforced  Deliberate attacks – Could be mitigated through tighter and more accurate access controls  Physical failure – May avoid critical failure through more resilient P2P/mesh infrastructures 3.2.2. Register of Legal Organisations (ROLO) UK Trading and non-trading organisations in the UK are registered with Companies House or the Charities Commission, or with HMRC for paying VAT; otherwise an organisation is not registered. The need for ROLO UK was agreed by government and industry 5 years ago, and a generic ROLO specification included in the draft ISO/IEC 29003 – Identity Proofing. Cabinet Office decided that collaborative industry, not government, should take the lead because almost all business transactions are B2B; other governments have done the same. Enrolling into a ROLO at a Level of Assurance is voluntary; however, being in ROLO will become mandatory for future high assurance identity federation, cyber assurance and insurance requirements. It can also be expected to become mandatory for government contractors and companies in a number of regulated sectors. ROLO’s design is being industry led and has gained some early support from a wide range of industries, including those already covered by Companies House (including Companies House itself). Trusted block chains will depend on the existence of one or more ROLOs. There is also an opportunity for block chain technology to be built into ROLO, to ensure its integrity, and the option should be taken as soon as possible for ROLO UK and ROLO NL. 3.3. For Analysis – Tools for Interrogating Reporting on Transactions and Supporting Metadata (Chainalysis) – Jonathan Levin 3.3.1. Chainalysis Reactor Jonathan Levin, from Chainalysis, demonstrated Reactor, their product for analysing real-time bitcoin transactions and potentially other block chain applications. Reactor is able to identify customers who trade with potentially criminal sources and create a web of transactions based on various parameters to link various sources to each other. This particular function was identified as a way to build up a picture of criminal suspects transactions by corroborating
  7. 7. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 7/10 data automatically and making clear links, tracing transactions back to the bitcoins creation and creating a detailed picture of activity to be interrogated. This provides significant AML advantages compared with traditional volumetric analysis methods. 3.3.2. Chainalysis for Banking In the financial services sector data quality and availability are key factors that affect risk. The block chain affords risk and compliance teams with a more comprehensive historical data set that can be used to enhance decision-making. The data available to banks from the blockchain are not self- reported as is often the case when banks on-board. This moves the model for on-boarding past pure reliance and introduces a level of monitoring that can reduce the burden on the money service business. Discussion point: The Network considered how block chain analysis in AML is driven by regulation. In the US, heavy regulation is driving application of the technology, whereas in the EU – where regulation is lighter – adoption of the technology is being driven by the pursuit of commercial advantage through risk, cost and liability. 4. Exploitation – Where should we focus and what is already on the move? 4.1. Payments – Mark Shaw Mark Shaw, from Vocalink, explained that payments are traditionally seen as the biggest use of the block chain due to links with Bitcoin but payments do not always lend themselves well to the block chain. In order to find the right application for a block chain, both the use-case and perspective must first be understood. Western economies are quite well served by payments infrastructure whereas elsewhere the monetary system may be far more contrived and motivated by political and criminal interests. Such economies may see a greater demand for block chain payment applications. Another payment use case for the block chain is in cross-border transactions. Whereas payments inside a country can be very efficient and cost-effective, overseas there can be high cost and inefficiencies that can disenfranchise billions from being able to make digital transactions. Discussion point: An increasing number of nations in the developed and developing world are working to enfranchise citizens, consumers and businesses. Block chains have the potential to accelerate adoption and benefits realisation.
  8. 8. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 8/10 4.2. Asset Tracking and UETP – Flores Kleemans Floris Kleemans, from Focafet, described how the block chain offers a new and more effective means of validation across networks – the creation of a so-called ‘economic internet’. In an explanation of the Uniform Economic Transaction Protocol (UETP) the Block Chain Network heard how current systems rely largely on a central source where information and value is shared but with block chains. With UETP networks can be approached in the same way as an organic ecosystem which is globally distributed and scalable – effectively bringing people together as a group chat rather than having separate communication channels. By uniquely identifying economic ‘entities’ and characterising all their associated transaction parameters in a global network of registers, UETP will bring greater accuracy and efficiency to economic activity. Discussion point: The network considered how UETP’s approach of ‘Shared Content and Shared Consent’ could apply to practical examples. The network also discussed how a truly connected ecosystem can also enhance security by making transactions uniform and interoperable by all parties, for example sending credit card details directly to a bank rather than via a merchant, reducing the potential points for data loss and theft. 5. Block chains in Governments 5.1. The Isle of Man – Nick Williamson Nick Williamson, from Credits, gave an overview of how the Isle of Man is currently exploring the application of the block chain. Small point solutions are being developed in a pilot programme to show how the block chain can be applied to improve services outside of finance. One example is a federated KYC, using shared ledgers to create a more accessible form of PKI. The Isle of Man has a historical success in taking niche but high value industries and leading the surrounding regulatory framework. It has similar aims with the block chain and shared ledger technology. 5.2. Estonia – Jamie Steiner Jamie Steiner, from Guardtime, described how Estonia has been heavily experimenting with, and implementing, block chain solutions in government services. It has taken its relatively recent independence as an opportunity and springboard to re-think and digitise many of their processes. Block chain-based digital legal signatures are being tested, to create a robust, secure and validated form of authentication and notarisation. By setting a clear standard to be adopted across all services, these digital signatures can be used for anything from medical records to checking out library books. They also provide greater transparency of data collection and application to Estonian citizens as they are legally entitled to know about anyone who is accessing their personal information.
  9. 9. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 9/10 Another initiative is the virtual ID and Digital Estonian. This allows people to register digitally as Estonian citizens. Currently this scheme has a few thousand citizens and its use to open Estonian bank accounts and trade in Euros is popular. By incorporating remote Estonian citizens into the system, the government is hoping to bring further technological innovation and economic IP into the country. Estonia has estimated that the block chain has saved around 2% of its GDP through improved efficiency in public service activities. 6. Next steps The following next steps were agreed: 1. To share the Office of Government Science report as soon as it becomes available, and then to discuss and work to enable aspects of its implementation; 2. To prepare for a collaborative block chain conference to take place in London, targeted for Q1 2016, with the purpose accelerating block chain adoption via the Government Office of Science Report; 3. To encourage and enabling collaborative working, with BBFA and others, to implement specific collaborative capabilities in support of block chain adoption, such as ROLO UK, PKI Federation, taxonomy interoperability, trusted block chain federation, executive awareness and cyber assurance. 4. To explore our own publications as a group and what we could contribute to the wider block chain conversation
  10. 10. 25 January 2016 © Sopra Steria Group, 2016 / Ref. : 20150528-160554-WU 10/10 Appendix 1 Attendees The following people and organisations attended the meeting: Richard Potter Sopra Steria Dir of Innovation ( Event Facilitator) Andy Coakley Sopra Steria Solutions & Consulting Director Martin Glasspool HM Government Office of Science Patric Stiller Safello – BitCoin Exchange Floris Kleemans Focafet & AMB Ambro (NL) Nic Cary - Co-Founder BlockChain.Info Mark Shaw Vocalink Jonathan Levin Vice President Chainalysis Simon Bailey Director CGI Payments and Banking Preston Byrne COO ERIS Industries Jamie Steiner CTO Guardtime Duncan Byatt Axelos Nick Williamson CEO Credits Blockchain Unlocked Rob Leslie GBR Direct Nick Coleman Sopra Steria Dr Vincent Hoek - Context in Trust Dr Glenn Parry University of the West Of England

×