Embed Size (px)
Citation preview
1
Entrez dans l’ère cognitive !
IBM BusinessConnect 2016Entrez dans l’ère cognitive !
Blockchain (getting serious)Luca Comparini, Blockchain Leader, IBM France
Guillaume Hoareau, Security Architect, Blockchain CoE Montpellier
@lucacomparini# IBMBizco
2
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Blockchain presentations at Business Connect 2016@lucacomparini
# IBMBizco
13h – 14h (Salle Klimt)
Blockchain (for geeks)
Blockchain concepts (15mins)
Hyperledger concepts (15mins)
Case study (15mins)
- Use Case: KYC
- Project outline & component model
Getting started - for developers (15mins)
- Leveraging on Bluemix
- Blockchain as a Ser vice
- HelloWor ld samples
14h – 14h30 (Salle Gabriel / Delorme)
CHANNEL 6 : Blockchain (getting serious)
Blockchain concepts (5mins)
Hyperledger concepts (5mins)
Case study (5mins)
- Use Case: Dispute Resolution
On-premises deployments (15mins)
- Integration with mission cr it ical
workloads
- Accelerating the cr ypto
- Secur ing the runtime environment
- Hybr id Cloud – Crop Insurance
3
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Relationship between Bitcoin and Blockchain@lucacomparini# IBMBizco
ConsumerRetailer
Digital asset (cr ypto-currency) is registered on a distributed ledger and
value is transferred via a P2P network; transactions are grouped into
blocks and processed only if consensus is reached
Pseudo-anonimity, decentralised, censorship resistant
Law and regulation; KYC / AML?
Reputation: for geek, volat ile, r isky (MtGox scandal)
Retailers accept bitcoin (Amazon, Expedia, Dell, ..)
Blockchain technology is re-usable:
Risk / Oppor tunity of Disintermediation
Blockchain = transactional platformBitcoin = currencyBitcoin = currency
4
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Blockchain: how it works@lucacomparini# IBMBizco
1 . It all star ts with one
node
Has an Owner
Issues Transaction
ID = Digital Cer t
Copy of Ledger
Sign Transactions2 . Each node has the shared
ledger
Each block has a digital fingerpr int
of the previous block
Blocks
6 . Execution
Answer Validated
Update
A = 100Then
A=10
Now
A=100
5 . Consensus
3 . Nodes form a peer
network
4 . Users submit
transactions
Use
r
5
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Same ingredients, different Use Cases@lucacomparini# IBMBizco
Based on:
Swanson, T. (2015 ). Consensus as a service: a br ief repor t on the emergence of permissioned, distr ibuted ledger
systems.
Brown, R. G. (2015 ) Towards an unified model for replicated, shared ledgers.
PermissionedPermission-less
Design points:
- Public network with no 3 rd
par t ies
- Trustless environment
- “Censorship-Resistance”
Consensus:
- Expensive, slow
- Incentives intr insic to platform
Design points:
- Pr ivate / Semi-pr ivate network
- Actors known / knowable
- Regulated Industr ies
Consensus:
- Protocol assumes known actors
- Incentives extr insic to platform
IBM focus is here
6
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
IBM vision on Blockchain@lucacomparini# IBMBizco
Confidential
permission control
Private
un-linkable identity
Shared Ledger
single source of truth
Secure
(Cryptography)
tamper proof
Audit-able
prove identity & ownership
Scalable
100+ year architecture
Smart Contracts
business logic
Digital assets
Record depository
Consensus
Modular protocol
Permissioned
Participants Identity
Black : « standard » properties of Blockchain
Blu : added properties / uniqueness of IBM
7
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
@lucacomparin
i
#Bizco
Mission:
Create an enterprise grade, open source
distributed ledger framework and code
base upon which users can build and run
robust, industry-specific applications,
platforms and hardware systems to
support business transactions.
IBM supports the Linux Foundation
Hyperledger open standard, open source,
open governance Blockchain
8
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Supply Chain Financing – IBM Global Financing (IGF)@lucacomparini# IBMBizco
IBM Global Financing propose des solut ions de financement à son réseau mondial de 4 ,000 fournisseurs et
par tenaires commerciaux. Les par tenaires bénéficient de lignes de crédit pour financer leurs achats auprès de
nos fournisseurs. En 2014 , IBM a financé près de 3 millions de transactions pour un montant de 44 Milliards
de Dollars, tout en gérant environ 25 ,000 lit iges.
Besoin: un registre de transactions combinant toutes les
informations contenues dans les bases de données des
par tenaires, fournisseurs, transpor teurs, banques et d'IBM .
Ces registre fiable et permanent ir réfutable et immuable de
chaque transaction, nous améliorons de nombreux
paramètres opérationnels. La décentralisat ion facilite cette
mise en place et son évolut ion au fur et à mesure de
l’accroissement du nombre d’ut ilisateurs.
Bénéfices: réduire le délai de règlement, le nombre de
conflits et leur temps de résolution. In fine, pouvoir libérer
une somme importante de « working capital » bloquée en
raison de conflits quotidiens (estimés à 100 Millions de
dollars).
Press Release: http:/ / blogs.wsj.com/ cio/ 2016 / 07 / 29 / ibm-set-to-launch-one-of-the-largest-blockchain-
implementat ions-to-date/
Demo on Youtube: https:/ / www.youtube.com/ watch?v=F0P7NM7d-ps
9
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
On-premises deployments@lucacomparini# IBMBizco
Vir tualization Technology
Linux Operating System
Software dependences(Go, RocksDB, Docker…)
Hyper ledger fabr ic(Peers and Membership Ser vices)
REST API
Blockchain Applications
Existing Applications
Existing Data
10
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
{M ission Cr it ical} IBM Systems optimized environments@lucacomparini# IBMBizco
In Memory (32 TB )
Hashing Acceleration
DB2/ Oracle/ SAP and
EnterpriseDB
Crypto Accelerators
Power Systems
OpenPOW ER
Elliptical Curve Digital
Signatures
Cer tified HSM and
Accelerators
CICS/ IMS/ TPF/ DB2/ VSAM
Hashing Acceleration
In Memory (10 TB )
IBM z Systems
LinuxONE®
Consensus Algor ithm
Cryptographic Protocols(Authentication, secur ity, non-repudiation, restr icted
visibility, pr ivacy/ confidentiality, ….)
Shared Replicated Ledger +
Business Rules Engine (Smar t Contract)
API Layer
App
1
App
2
App
3
…
….
COLOCATION & ISOLATION + ACCELERATION + EXTREME SECURITY
11
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
Hyper ledger pr ivacy – encrypted transactions@lucacomparini# IBMBizco
{"transactions":[{"type":2 ,
"chaincodeID":"BGM0S9cL1VxCZ8ETm0KbvYXW EKvW LrVVfsHPW c2n21G0 jY2Ni/ kNirGNFNEovRN203atX0C32wT+jzt4OzTaFiDi8 j9o1W dXt1MQY74qHrY8ZEjiCTAEKv2 lMOme3OcxJ
J3e3dQG55tDjh9uTLRi01c8GIGfcW ZhW Jh2 jW sG1g+1DPPChjr7uMTYxGiCG+TaglTkF8 iN19gXmru2rLZkPAeBdYJV+XEQdLo2ZUr08oZ6av2Lx1RDDm5iY7YMwhvN4u+764ZFkqqW vF
6 jqW oSI5ZgXBTV7HOpj2PGol7xrAO674paSeVe9wPfEAS4MEr45rPVXg==",
"payload":"BBqL9J/ 0 / XnXAU75QDgPlECTEm1j3kJBU5gjcmz3 thXQfL4rO4vTBxgrbwCYpiavptR4wPkkCIQNmmk2SCNmQEm3I9xxLlnswPO6HjiwbqfMRUb+mx8yD/ Ta2PqwFBF9nxCqcJl
5 fr lcXL4N8fzZBs0zx38W uGlrQf43Zob1RoKDNLcuB4uW 4KFt4Qh3nJ/ zQ9 j9hoZmnyghPQKfKU3rQa0nt6McfIEf63XR0SK7xwNmdFNuQGsGgOhY/ 5072XCb1gyxzwV6HKeDgc/ qMA
wyxR4k5eQa9LyvLGakUK6 li94bvL7449TLS1 fjPHVFFhVv+tpmW 2R9UVMDlGjvtuTZvkX1URykGvGrKXpLsrSxLCEW 10C6MaYgLf84QLFL2byPhc+I",
"txid":"a3ecbdc7 -b6 f0 -4644-86c2 -0a5ae391c7 fd",
"t imestamp":{"seconds":1476373812 ,"nanos":222842500},
"confident ialityLevel":1 ,
"confident ialityProtocolVersion":"1 .2 ",
"nonce":"FRkgkNb+FVOqLFW rL5o7rXlQ2 / wUNfRz",
"toValidators":"BKqW PD6Stl9J0W VZKYEFNaZy06Rdaiv+UlfOMibXZXfQm/ l8AvTSDnE+U1MdTpKStwcoA2a7S6nB0EhwKj7GcHMkTS3xgQV12r2K8U9LJx+vvwl1W TH/ IEgOf7eyQ3GAH
ULJB9 Iup1yaFADvKeRRPBJd5580zjUgFFpfT/ MsOx2pmX67t9HDO0 l9Y5Rvi5N25SYuoi2ayxf+QdMu/ uSSBuPieUPLhKkkYIsr4PusfoFvo2eMpHNqeP+h4NsnrqJ8DSGJ8d1MSqocZc8nc
9 IZl1P9T5oabc6hUizswb78 IPqnC/ ktu+EqT3KHbpOp3r ix",
"cer t":"MIICUTCCAfegAwIBAgIQYbzxFLlQSrygTgRXbIxbCTAKBggqhkjOPQQDAzAxMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLSHlwZXJsZW RnZXIxDDAKBgNVBAMTA3RjYTAeFw0xNjE
wMTMxNTQ3NThaFw0xNzAxMTExNTQ3NThaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtIeXBlcmxlZGdlcjEgMB4GA1UEAxMXVHJhbnNhY3Rpb24gQ2VydGlmaW NhdGUwW TATBg
cqhkjOPQIBBggqhkjOPQMBBwNCAAQJNY3gvA0 i5CnE7LnsZXDy7SZODGu/ gnBtpR3o562enO4CM1zVloyqZzlhzn3ZEwfcW GjygtI7 / FBUDaJ+4upLo4HcMIHZMA4 GA1UdDwEB/ wQEAwI
HgDAMBgNVHRMBAf8EAjAAMA0GA1UdDgQGBAQBAgMEMA8GA1UdIwQIMAaABAECAwQwTQYGKgMEBQYHAQH/ BEC/ 00TIeAsNgVJiCwM9G1pzQSAcgmvYoBINBW vCDppKeXA6A
3hDeSTijYQn+FtVZCCPitOZFusA4 i6046EvsDZ2MEoGBioDBAUGCARAImii912S4 lcG/ LxTYuox/ zZUJKrFh2Qz4htpSJiV0Y3GslAPIqd30 IRcPadoJa5uXDhnI6CpOl4eOQuyQgt0PzAKBggqh
kjOPQQDAwNIADBFAiBKOptz2ROeW 1g7zudoxJbZs6hxnq6GN4ZtMOXKeE99GwIhAIRDr3eVRLkkjGsqkw81mJIGCRNp3+7F2HC9IkuEYSi5 ",
"signature":"MEUCIDNTctBa29eaBvUTOpwt2nQPTbW NsOj6 thDPD7aJjdoyAiEAx48 iYMmPvvYAH11W uk/ bT8dIRS6N+c/ 3 tPzFYW SHPG4="}],
"stateHash":"NTjoEdPX+RhCQZchSChMny5FU9/ 0 l3pPObiqze2Cbg4Rug3dSt/ sEOAX90 tGggj7Bgy+/ fFef0voZxBgs6 f6 tA==",
"previousBlockHash":"rFZ3XwRm8depRzG+Bf0Di64TYNMNvwgtEZVatx4Xl6 fXX2hCBksF0R8DkVfRpZwoVIlhTHh3+qFQctIwSEXK7Q==",
"consensusMetadata":"CAI=",
"nonHashData":{"localLedgerCommitTimestamp":{"seconds":1476373812 ,"nanos":243557593},"chaincodeEvents":[{}]}}
12
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
{LinuxOne} Focus on Acceleration@lucacomparini# IBMBizco
P256Sign : 19,356 operations/sec
P256Verify : 7,636 operations/sec
P384Sign : 136 operations/sec
P384Verify : 65 operations/sec
SHA256x8 : 40,8 MB /sec
SHA256x1K : 1470 MB /sec
SHA256x8K : 2081 MB /sec
SHA512x8 : 29,5 MB /sec
SHA512x1K : 1682 MB /sec
SHA512x8K : 3139 MB /sec
SHA3_256x8 : 5 MB /sec
SHA3_256x1K : 112 MB /sec
SHA3_256x8K : 123 MB /sec
SHA3_512x8 : 5,5 MB /sec
SHA3_512x1K : 69,4 MB /sec
Data size legend: x8 : 8 bytes / x1k: 1024 bytes / x8k: 8192 bytes
Digital Signature
Hash
If accelerated by
Hardware on CPACF
If accelerated by
Hardware with SIMD
13
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
{LinuxOne} Focus on Extreme Secur ity@lucacomparini# IBMBizco
Firmware
Bootloader
signature check
decryption
Software
Bootloader
key
Software
Image & Data
Key
VMs
Encrypted
Data
check
decrypt
open
Key
SE
Protected Memory (LPAR, VM, Containers)
Encrypted
Software
Intel Memory
enclaves
(SGX)
IBM Z
Secure
Container
s
(SSC)
Size of data
and code
protected
SGX limits app.
Container size
to 96MB
Can be up
to 10TB
Registration
requirement
Software needs
to be registered
with Intel
None
required.
Application
Software
Changes
Software
changes are
needed to use
SGX
None
required.
Hypervisor
protection
Cannot protect
hypervisor
Can
protect
and attest
Hyperviso
r
IBM Secure Service Containers protect blockchain software, chain code and
data.
Blockchain software can be signed, attested and encrypted and once
installed in the z applicat ion containers, is tamper -resistant. Root users and
System Administrators cannot access or see z secure container contents
No other platform provides this capability.
14
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
They real compute wor ld is « Hybr id »@lucacomparini# IBMBizco
Based on Crop Insurance demo – Montpellier Blockchain CoE
15
Entrez dans l’ère cognitive !
© 2016 IBM Corporation
They real compute wor ld is « Hybr id »@lucacomparini# IBMBizco
16
Entrez dans l’ère cognitive !
© 2016 IBM Corporation© 2016 IBM Corporation
Merci !
