GitHub Project Link: Here When we talk about , we always relate it to peer-to-peer network and think that data must be distributed across the network. It will raise concern from people and think that Blockchain would breach the confidentiality of the data. Blockchain Actually, , the data architecture of Blockchain itself already provides a good solution for securing the data from unauthorized manipulation given that the server is protected by sufficient controls, such as access control, network and system security control, and better to be in an internal network. Therefore, I try to build an database based on the data architecture of Blockchain by using Python, Sqlite and RESTful framework. API Blockchain’s Data Architecture and its Integrity From the diagram above, each block of the data is consisted of previous hash, nonce and transactions. If you are not sure what is hash, you can read this first. To simplify, hash value is an unique ID for the previous block. If we use this “unique ID” to verify the previous block, we will know whether the previous block has been modified or not. article What is the implication? This mechanism allows us to ensure that no one is allowed to change the previously created data. If you need to modify the data, you have to create another records to “modify” or “delete” it. From the above example, Alice wrongly enter the journal entries for 123.4, but it should be 432.1. Alice has to create another records “delete” to reverse the previous entries. It seems that it is the basic function for most of the accounting system, but we cannot know whether it is simply controlled in the application level, creating a possibility that the data could be changed in database level. To ensure that no one can change the data from the start point to the end point, I introduce a simple and secure Blockchain Database API. Database based on Blockchain Data Architecture Accountability, Confidentially and Integrity When the user create a transaction record, he encrypts the data with its private key and post the data to Blockchain Database API. Blockchain Database API will decrypt the data with the user’s public key. In this process, the user’s identity has been confirmed. It achieves the objective of and accountability confidentially. In the next step, Blockchain Database API will calculate the hash value for the transaction with nonce, i.e. random string, and the previous hash. Blockchain Database API will insert the transaction, nonce and hash to the database. To detect any unauthorized change, Blockchain Database API will re-calculate the hash value based on the information of the previous hash, transaction and nonce. If any change is made, the hash value will change and the API can be notified. Therefore, the of the data will be ensured. integrity Limitation Since it is in a centralized architecture, there is a possibility for the attacker, who obtains the administration right, to change the entire database by recalculating the hash value again. This can be safeguarded by the following solutions: Clone the transaction to a secured log server Back up the data incrementally (line by line transaction) rather than full backup How to use the API? 1.Start the Hash API python hash.py 2.Start the Nonce API python nonce.py 3.Start the Main API python main.py 4.Post the Journal Data to Main API and Get back the Response with nonce and hash http://127.0.0.1:8000/construct data1 = { "journal_id": "JE000001","entry_date" : "2016-11-06","create_time" : "2016-11-06 18:00:00","created_by": "Adam","post_status": "P","account_code" : "100000","amount" : 16453.24,"dr_cr" : "C" } 5.Post the Response to Main API http://127.0.0.1:8000/insert data1 = { "journal_id": "JE000001","entry_date" : "2016-11-06","create_time" : "2016-11-06 18:00:00","created_by": "Adam","post_status": "P","account_code" : "100000","amount" : 16453.24,"dr_cr" : "C","nonue" : ".....","hash" : "....."} 6.Verify your transaction by Get http://127.0.0.1:8000/verify?id=1 Special thanks to my colleagues for their fruitful discussion and Simon for his encourage. For any comments, please feel free to leave it here or drop me an email at . adam.kc.chin@gmail.com
