Data immutability features in cloud storage and backup
With the ubiquity of cloud storage and cloud backup systems, users are expanding the physical storage of their devices with the virtually unlimited capacity of cloud datacenters. To play in the saturated cloud storage market, some cloud storage and backup providers are competing primarily on price and storage capacity. Other providers are trying to differentiate their services by offering data sharing, collaboration, security, and privacy enhancing capabilities. In today’s competitive market, these features may not be enough to entice new customers.
However, by providing new features that enhance the provable data integrity in their products, data storage and backup providers can further differentiate their offerings from their competitors’. Using the distributed consensus mechanisms of public blockchain, providers can ensure that customer data, such as cryptocurrency transfers, cannot be retroactively modified once they are recorded on the blockchain. This immutability of blockchain data creates opportunities for cloud storage and backup providers to guarantee data integrity in ways that are not possible in traditional centralized systems.
Notarizing User Files
Collaboration on shared files is a key benefit of cloud storage and backup. As more companies incorporate collaborative workflows into their daily business processes, cloud storage and backup systems need to support multiple users interacting with shared data. Users must be able to make data-driven decisions not only by sharing data with one another, but also by being able to trust the integrity of the data.
In blockchains, trust is based on certificates that allow users to verify:
- Who created a file and when
- Who modified a file and when
- No hostile actors, hackers, or employees manipulated the data in the meantime.
By making it possible for users to create certificates for (or “notarize”) individual files, providers give users confidence in the integrity of their stored data. Cloud storage and backup providers can also extend this simple notary service to cover additional data — such as file change logs, e-signatures, and approval chains — to support complex collaboration workflows.
It’s the immutability of the data recorded on blockchains that enables cloud storage and backup providers to build file-notarization features. Here’s how immutability works. When a user signs a file on a blockchain, a certificate is created which covers the content of the file and its metadata, such as the signer’s identity and a timestamp. Then, when a user shares a file (and its certificate), the recipient can verify the integrity of both the data and metadata and be completely sure that the file has not been surreptitiously manipulated while it was in storage. Additionally, once a certificate is created, subsequent changes to the file, signatures, and approvals can be recorded on the blockchain, providing additional confidence. And by creating a provably correct change log through immutability, providers are supporting their customers’ increasingly complex business processes — and differentiating their storage products from their competitors’.
Protecting customer data from manipulation
Every day, more businesses are collecting and storing data and using that data to make important business decisions, often using artificial intelligence to make those decisions faster and with greater accuracy. However, those same AI systems can be mislead by bad actors manipulating the source data, causing the AI to make bad decisions. James Clapper, former Director of National Intelligence, warned U.S. Congress that “cyber operations that will change or manipulate data” will undermine users’ confidence is their own stored data. So, even though data backup and replication technologies make it easy to recover lost data, how can users know when restoration is the correct course of action? How do users know that the backed-up data hasn’t been tampered with and that the restored data is still accurate and uncorrupted? By using blockchain-enabled notarization in combination with data storage, businesses can better trust their data and, by extension, the AI-assisted decisions based on that data, knowing that their data stored in the cloud cannot be surreptitiously manipulated.
The immutability provided by public blockchains promotes users’ trust in the integrity of stored data. Any data update can be automatically notarized on a public blockchain, producing immutable certificates, and cloud storage and backup systems can consult these certificates, detecting unauthorized changes to the working copy of data or, better yet, providing hard evidence that the data has not been changed. In the case of data restoration, cloud backup systems can restore a signed stored replica, ensuring that the restored data matches the last-known working version. And because the data itself is not stored on the blockchain, all of this happens without the data ever leaving its original location in cloud storage, preserving the confidentiality and access controls of the data and storage system.
How can BLOCKY help?
At BLOCKY, our mission is to help people trust data. To help achieve this trust, we have developed an API that signs files on a blockchain and then verifies those signatures. By using our API, cloud storage and backup providers can sign and verify their customers’ data, building trust with their customers by ensuring the integrity of customer data. Providing this new layer of trust is an excellent way for cloud storage and backup providers to differentiate their offerings.
If you want to learn more about building blockchain-based features into your cloud storage and backup system with BLOCKY visit us at https://www.blocky.rocks/.
Disclaimer
This material is based upon work supported by the National Science Foundation under Grant Number 1843991. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
