by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : June and July 2016
PHOTOCREDITHERE INNOVATION 44 GCN JUNE/JULY 2016 • GCN.COM Blockchain is still largely unknown to government, but some organiza- tions have started to explore it. The Department of Homeland Security, for example, published several Small Busi- ness Innovation Research solicitations in December seeking ideas for using blockchain in identity management, cryptography and other applications. In January, Vermont issued a report on the opportunities and risk of block- chain, describing it as something the state should consider for future use while admitting that, “at present, the costs and challenges associated with the use of blockchain technology for Vermont’s public recordkeeping out- weigh the identifiable benefits.” Blockchain — which in the bitcoin application uses SHA-256 cryptography — combines peer-to-peer file-sharing techniques found in popular applica- tions such as BitTorrent with public-key cryptography to create a distributed network of trust that can confirm that transactions are valid and record them in a ledger. Those records are immutable and can be updated only by a majority consen- sus of the entities involved. None of the historical information can be erased, which establishes a rock-solid, audit- able foundation for the transactions. With blockchain, the trust that is cur- rently vested in a centralized authority — an approach that is increasingly wor- risome for security and privacy profes- sionals — becomes more decentralized and reliant on the system itself rather than on the trust between the various parties involved in the transactions. The secret sauce behind blockchain is evident in its title. In Bitcoin’s block- chain application, each block contains a full history of the transactions involved, and subsequent blocks in the chain carry that data forward, with each one containing a hash of the previous block. As the chain grows, it becomes compu- tationally much more difficult to inter- fere with. A chain is considered valid only if all the blocks and transactions in the chain remain valid and only if the entire chain continues to start with the first block. Enthused by the promise of block- chain, industry organizations are start- As a digital currency, bitcoin has had its up and downs, and it’s still unclear whether it will survive or give way to the next crypto currency. That’s not the case for the blockchain technology underlying it. Blockchain has been lauded as a starkly innovative way of confirming the identity and validity of parties that are trying to do business with one another — a critical function for bitcoin. The problem with financially focused systems, which blockchain solves, is that it’s hard to set up a wholly trusted intermediary between two parties that want to do business electronically. Most likely, that trusted third party is a bank or other financial institution. However, although most transactions are trouble-free, acceptance of a certain amount of fraud is built into current processes, and disagreements occur that require mediation. The situation raises both risk and cost. Blockchain changes the equation by transferring risk from a human-based process to one in which cryptographic proof of, for example, contracts, agreements and prices replaces that variable trust. Each step, or block, in the process is locked down, and the details of each block are carried forward to the next, with each subsequent block containing a hash of the previous one. As the chain grows, therefore, it becomes all but impossible to interfere with because it is considered valid only if every block and transaction remains valid and only if the chain continues to start with the original block, called the genesis block. Essentially, the blockchain becomes a record or ledger of digital events that is shared among many different parties, with each party required to digitally sign a hash of a transaction and the public key of the next party in the chain before passing it along. No blockchain record can be updated without the agreement of a majority of the entities involved, and none of the historical information contained in a ledger can be altered because any attempt would change the old hash. In essence, a blockchain-based system blends ironclad trust with a fully auditable sequence of digital events enclosed in a highly secure environment. Its use for financially based transactions is obvious. At least in concept, however, it’s a system that could be applied to other trust- based environments, and various organizations are starting to explore if and how that could be done. The Department of Homeland Security, for example, is seeking research proposals that would “design information security and privacy concepts on the blockchain to support identity management capabilities” that decrease the cost and risks of identity management while increasing security and productivity for users in the Homeland Security Enterprise. The current HSE identity management process uses centralized authorities to vouch for the accuracy of the information it collects and maintains. Any transaction that requires validation of information — such as employment status, citizenship or eligibility to work — relies on a high level of trust that the who, what and how behind that transaction are all valid. The research DHS wants to support would focus on whether “classic” information security concepts such as confidentiality, integrity, availability, provenance and privacy can be built on top of blockchain technology to “provide a distributed, scalable approach to privacy-respecting identity management.” No one believes any of this will be easy, but the potential gains from successfully creating such systems all but guarantee that the effort will be made. — Brian Robinson THE POWER BLOCKCHAIN OF 0716gcn_042-046.indd 44 6/1/16 10:58 AM
August and September 2016