Blockchain tutorial pdf
In the original Bitcoin white paper, Satoshi described how to build a peer-to-peer electronic cash system that allows online payments to be sent directly from one party to another without going through a centralized institution. This system solves an important problem in digital money called double-spending. If Alice and Bob use digital money, then the problem gets more complicated. Digital money is in digital form and can be easily duplicated.
This problem is called double-spending. One way of solving the double-spending problem is to have a trusted third party a bank for example between Alice, Bob and all other participants in the network. This third party is responsible for managing a centralized ledger that keeps track of and validates all the transactions in the network.
The drawback of this solution is that for the system to function, it requires trust in a centralized third party. To solve the double-spending problem, Satoshi proposed a public ledger, i. The goal of this section is to go deeper into the technical building blocks that power the blockchain. We will cover public key cryptography, hashing functions, mining and security of the blockchain. Public-key cryptography, or asymmetrical cryptography, is any cryptographic system that uses pairs of keys: This accomplishes two functions: I recommend this article , if you're interested in the complete technical details of Bitcoin wallets.
To send or receive BTCs, a user starts by generating a wallet which contains a pair of private and public keys. She then sign the transaction using her private key.
A computer on the blockchain uses Alice's public key to verify that the transaction is authentic and adds the transaction to a block that will be later added to the blockchain. All Bitcoin transactions are grouped in files called blocks. Bitcoin adds a new block of transactions every 10 minutes. Once a new block is added to the blockchain, it becomes immutable and can't be deleted or modified.
A special group of participants in the network called miners computers connected to the blockchain are responsible for creating new blocks of transactions. A miner has to authenticate each transaction using the sender's public key, confirm that the sender has enough balance for the requested transaction, and add the transaction to the block. Miners are completely free to choose which transactions to include in the blocks, therefore the senders need to include a transaction fee to incentivise the miners to add their transactions to the blocks.
For a block to be accepted by the blockchain, it needs to be "mined". To mine a block, miners need to find an extremely rare solution to a cryptographic puzzle. If a mined block is accepted by the blockchain, the miner receive a reward in bitcoins which is an additional incentive to transaction fees.
The mining process is also referred to as Proof of Work PoW , and it's the main mechanism that enables the blockchain to be trustless and secure more on blockchain security later. To understand the blockchain's cryptographic puzzle, we need to start with hash functions. A hash function is any function that can be used to map data of arbitrary size to data of fixed size.
The values returned by a hash function are called hashes. Hash functions are usually used to accelerate database lookup by detecting duplicated records, and they are also widely used in cryptography. A cryptographic hash function allows one to easily verify that some input data maps to a given hash value, but if the input data is unknown, it is deliberately difficult to reconstruct it by knowing the stored hash value.
Bitcoins uses a cryptographic hash function called SHA SHA is applied to a combination of the block's data bitcoin transactions and a number called nonce. By changing the block data or the nonce, we get completely different hashes. For a block to be considered valid or "mined", the hash value of the block and the nonce needs to meet a certain condition.
For example, the four leading digits of the hash needs to be equal to "". We can increase the mining complexity by making the condition more complex, for example we can increase the number of 0s that the hash value needs to start with.
The cryptograhic puzzle that miners need to solve is to find a nonce value that makes the hash value satisfies the mining condition. You can use the app below to simulate block mining. When you type in the "Data" text box or change the nonce value, you can notice the change in the hash value.
When you click the "Mine" button, the app starts with a nonce equals to zero, computes the hash value and checks if the leading four digits of the hash value is equal to "". If the leading four digits are not equal to "", it increments the nonce by one and repeats the whole process until it finds a nonce value that satisify the condition. If the block is considered mined, the background color turns green. As discussed in the previous section, transactions are grouped in blocks and blocks are appended to the blockchain.
Any changes to the data in any block will affect all the hash values of the blocks that come after it and they will become invalid. This give the blockchain its immutability characteristic. You can use the app below to simulate a blockchain with 3 blocks. When you type in the "Data" text box or change the nonce value, you can notice the change in the hash value and the "Prev" value previous hash of the next block.
After mining the 3 blocks, try changing the data in block 1 or 2, and you will notice that all the blocks that come after become invalid. Both mining simulators above were adapted from Anders Brownworth's excellent Blockchain Demo. Access restriction testing frequency At least once a year Management access authentication Public key authentication including by TLS client certificate Username or password.
Audit information for users Audit information for users Access to user activity audit information Users contact the support team to get audit information How long user audit data is stored for Between 1 month and 6 months Access to supplier activity audit information Users contact the support team to get audit information How long supplier audit data is stored for Between 1 month and 6 months How long system logs are stored for Between 1 month and 6 months.
Information security policies and processes IBM has an Information Technology IT Security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure.
Such are reviewed by a cross-company team led by the IT Risk organization every six months. Responsibility and accountability for executing internal security programs is established through formal documented policies.
IBM Services teams also have dedicated executives and teams who are responsible for information and physical security in the delivery of our client services. Code from the community is rigorously governed. Additionally, internal development processes are used to manage changes using a dev-ops approach. Vulnerability management type Supplier-defined controls Vulnerability management approach IBM uses internal tools to scan for malware scanning.
Has company procedures for open source vulnerabilities management. Details available upon request. This includes the use of cryptographic processes. See website for full details http: Secure development Secure development Approach to secure software development best practice Conforms to a recognised standard, but self-assessed. Public sector networks Public sector networks Connection to public sector networks No. Information provided on request. Documents Documents Pricing document View uploaded document Service definition document View uploaded document Terms and conditions document View uploaded document.
Help us improve the Digital Marketplace Please do not include personal details or sensitive information about your organisation or department. What were you doing? Impact Level is Customer definable. User can manage status and priority of support tickets. Online ticketing support accessibility. A single level of support is provided: Extensive on-line documentation and educational materials are available for learning, including demos, videos, and tutorials.
Users can request a capture of the data. When the service is purchased, terms of renewal are specified: Differences between the mobile and desktop service. Can be accessed from a mobile device using a web browser, but the service does not have a mobile application. Through standard browser interfaces. What users can and can't do using the API.
Each blockchain HSBN service runs with a set of compute that is dedicated. API access Real-time dashboards Reports on request. Knowledge of data storage and processing locations. Data storage and processing locations. User control over data storage and processing locations. Range of formats are supported depending on the service. Chain code can be instantiated through well documented service interfaces. Data protection between buyer and supplier networks. Data protection within supplier network.
The current IBM Blockchain service does not currently provide an SLA, and refund is not provided; however, there are plans in place for SLA that will guarantee the highest level of availability.
Email alerts and available on a webpage at: Public key authentication including by TLS client certificate Identity federation with existing provider for example Google Apps Username or password. Access restrictions in management interfaces and support channels. Role based access restricts access to management interfaces and support channels.