Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in 2020

572 views

Published on

While Blockchain technology creates strong cryptographic controls securing the integrity of data, successful, cooperative Blockchain networks must establish trust between a varieties of independent entities to create overall trust. In this presentation, Scott Perry and Drummond Reed will discuss how trust is created in Blockchain systems and the varying layers (i.e. ledger, agent, credential exchange and governance) that add trust within interoperable parties and reliance to external Blockchain’s within the web of trust. As active members of the Sovrin Governance Working Group, including the first robust trust assurance model for Blockchain’s, our presenters will discuss how all Blockchain’s networks can add accountability within stakeholder roles to ensure that Blockchain’s are trustworthy above the embedded cryptographic trust assertions.

The target of this webinar is leaders and participants in the industry who are seeking greater acceptance and assurance in the trustworthiness of their network.
This session will help you learn which role systems auditors, cybersecurity professionals, and risk management experts will have to play to ensure trust must be built and maintained when adopting such cutting-edge technologies.

The webinar covers:

• How Digital Trust is created
• How Blockchain’s novel attributes contribute to digital trust
• Blockchain’s beneficial use cases
• Deeper Dive into Self Sovereign Identity as a unique Blockchain use case

Date: March 18, 2019
Recorded Webinar: https://youtu.be/1lcuf9bJFBQ

Published in: Education
  • Be the first to comment

  • Be the first to like this

Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in 2020

  1. 1. Scott Perry CPA, CISA Principal – Scott S. Perry CPA, PLLC Audit Expertise CISA since 1992 Owner of one of seven US WebTrust Firms Auditor/Advisor of DigiCert – one of the largest CAs WebTrust Auditor of the US GSA and DoD Big 4 Background – 25 + years in industry PKI Audit SME Blockchain Expertise Member, Sovrin Governance Working Group Author, Sovrin Trust Assurance Framework Task Force Member – Payments and Compliance Board of Advisors - CU Ledger Governance Advisor – Corda and Corda Foundation Advisor - Evernym
  2. 2. Drummond Reed Chief Trust Officer - Evernym Expertise 20 Years in Internet Identity 14 Years (all 29 instances) of Internet Identity Workshop 15 Years in Internet Identity Standards W3C OASIS IETF OpenID Foundation Hats Chief Trust Office, Evernym Trustee, Sovrin Foundation Chair Sovrin Governance Framework Working Group Principal Investigator, U.S. DHS DID and DKMS Projects Co-Editor, W3C DID Spec
  3. 3. Topics The Definition of Trust Attributes of Digital Trust Unique Attributes of Blockchain Trust Novel Applications for Blockchains Components of the Blockchain Trust Stack Q&A
  4. 4. Definition of Trust Miriam Webster: “Assured reliance on the character, ability, strength or truth of something or someone” Associated Terms HOPE, CREDIT, CARE, CUSTODY, BELIEVE, DEPEND My Definition: Predicted level of confidence in an attribute’s occurrence
  5. 5. Attributes of Trust • Context • Perception of Risk • Calculated Vulnerability • Benefit Value • Established Reputation or Track Record • Demonstrated Competence • Foundational Optimism • Underlying Motivation
  6. 6. Risks to Digital Trust Human Frailty Systems Development Life Cycle Hardware Failures Network Failures Bad Actors Criminal Espionage Corporate Competitiveness
  7. 7. AICPA Digital Trust Principles Security Availability Confidentiality Privacy Processing Integrity
  8. 8. Trust Criteria Procedures & Operations Information Technology Criteria Accreditation Body TRUST F R A M E W O R K Vendor Attest Standards Attest Criteria Audit Accreditation Body Auditor Accredits Applies Provides Evidence Asserts Compliance Creates Attest Guidance C r e a t e s U p d a t e s Evaluates Relies Upon Issues TrustMark/Seal Oversees Referential Trust Model Users
  9. 9. What is a Blockchain? • Database • Records Cryptographically Linked • Redundant Copies Replicated among Stewards / Nodes • Consensus Protocol – Who gets to write a new record • Ability to execute automated processes using Smart Contracts • Can interoperate with Digital Currency
  10. 10. Digital Trust Attributes of Blockchain Networks Immutability Non-repudiation Zero-Knowledge Proof Redundancy Availability
  11. 11. The Hyperledger Greenhouse
  12. 12. Bruce Schneier Comments on Trust 2018 Hyperledger Conference “Blockchain shifts trust in people and institutions to trust in technology”
  13. 13. Bruce Schneier Comments on Trust February 2019 Blog (https://www.schneier.com/blog/archives/2019/02/blockchain_and_.html) • What blockchain does is shift some of the trust in people and institutions to trust in technology. You need to trust the cryptography, the protocols, the software, the computers and the network. And you need to trust them absolutely, because they're often single points of failure. • Blockchain doesn't eliminate the need to trust human institutions. There will always be a big gap that can't be addressed by technology alone. People still need to be in charge, and there is always a need for governance outside the system.
  14. 14. Novel Uses for Blockchains • Provenance • Diamonds • Title • Assets • Supply Chain • Stored Value • Cryptographic Token • Stored Value – Mileage Points, Timeshare Exchange • Transaction Record • Financial Exchange • Books of Record • Self Sovereign Identity • Verifiable Credentials
  15. 15. SSI in a nutshell 16
  16. 16. The Self-Sovereign Identity (SSI) Model Blockchain Connection Digital Wallet w/ Private Keys & Credentials Digital Wallet w/ Private Keys & Credentials Your Agent Peer Agent Public Key Public KeyDIDDID Solves the decentralized PKI (public key infrastructure) problem for verifying digital signatures on digital credentials
  17. 17. The Verifiable Credential Trust Triangle
  18. 18. Holder/ Prover Issuer Verifier Verifiable Credential Proof Trust Blockchain Public KeyDID Write Read Sign ✗No integration needed! Verify The Verifiable Credential Trust Triangle
  19. 19. Displays Audit Accreditor Credential Policies & Procedures Information Technology Governance Authority TRUST F R A M E W O R K Trust Anchor Accreditor Standards Attest Criteria Audit Accreditor Auditor Accredits Applies Provides Evidence Asserts Compliance Creates Attest Guidance Evaluates Relies Upon Issues Auditor Credential Oversees Level 3 Criteria Level 2 Criteria Level 1 Criteria Credential Registry Issues Trust Anchor and Credential Registry Credentials Displays Auditor Credential Displays Trust Anchor Credential Accredits Issues Audit Accreditor Credential Creates Updates Issues Credentials Complianc e Reports AssertsCompliance Applies Referential Trust Model Blockchain Referential Trust Model
  20. 20. Layer One: DID Registries (Public Ledgers) Layer Two: DIDComm Agent/Wallet/Hub Connection Pairwise Pseudonymous Peer DIDs Issuer Verifier Holder Trust Layer Three: Credential Exchange Verifiable Credentia l Agent/Wallet/Hub Layer Four: Governance Frameworks Trust Anchor Insurer Governance Authority Auditor Auditor Accreditor Credential Registry Hardware Developer Software Developer Agency Transaction Author Transaction Endorser Steward DID Method DID Registry DID Method DID Registry DID Method DID Registry Trust over IP Technology Stack Trust over IP Governance Stack Network Governance Frameworks Provider Governance Frameworks Credential Governance Frameworks Technical Trust Human Trust Governance Authority Publishes Governance Framework Metasystem Governance Frameworks Proof Trust Over IP Stack
  21. 21. Blockchain Trust Layers Governance User Data Ledger System Centric Human Centric
  22. 22. Ledger Management Layer Steward/Node Agreements Consensus Protocol Role of Validators and Observers Blockchain Code Compute Power Network Availability Fork Management
  23. 23. Data Management Layer Read Access Write Access Tombstones Smart Contracts Token Management
  24. 24. User Management Layer Permissioned / Permissionless Systems Trusted Roles Administrators Users IAM Systems Enrollment Provisioning
  25. 25. Network Governance Layer Risk Assessment / Management Trust Criteria Policies Procedures Trust Principles Voting Protocol Audit / Accreditation Warranty / Insurance Legal / Regulatory
  26. 26. History Repeating Itself? Age of the Internet • Internet Service Providers • America Online • CompuServe • EarthLink • Communication Innovators • Modem • DSL/Satellite/Cable • Browsers • World Wide Web • Mosaic • Netscape Navigator • Communications Protocol • TCP/IP Age of The Blockchain • Blockchain Networks • Sovrin • Corda • BitCoin • Communication Innovators • 5G • Fiber Optics • SmartPhone • Digital Wallets • Phone Apps • Smart Contracts • Communications Protocol • Trust Over IP
  27. 27. Blockchain Training Courses on sight… Exam and certification fees will be included in the training price. www.pecb.com/events
  28. 28. THANK YOU ? scott@scottperrycpa.com https://www.linkedin.com/in/scott-perry-1b7a254/ Drummond.reed@Evernym.com https://www.linkedin.com/in/drummondreed/

×