Blockchain: A Distributed Ledger Technology (DLT)

My mother just called me, wondering why a week doesn't go by that she doesn’t read about yet another Fortune 100 company announcing some Blockchain initiative. She asked me "What is this chain thing, and why are some people so enamored with it?"

What is a DLT?

While I didn't (and still don't) have a clear answer for the latter, for the former I started by first trying to explain (and highlight the merits) of a system that has these “DLT" characteristics:

1. DISTRIBUTED: Because it's decentralized, there is no single point of failure; also, because there are so many copies of the database "distributed" across the internet, it's almost impossible to compromise since doing so would require one to compromise every single instance. 

2. LEDGER: A record of business transactions, or a decentralized database, where everyone can see these transactions and share if they so choose.

3. TECHNOLOGIES: It is built using the same state of the art cryptographic "technologies" and techniques that have been tried, true, and trusted over a decade (PKI or Public Key Infrastructure…but that’s another blog altogether).

Now that we more or less had covered the general gist of DLTs, I explained that Blockchain is just one type of a DLT. 

How is Blockchain Used? 

To drive home the point (and benefits) of the DLT, I told her about real-life Blockchain implementations where:

1. A manufacturer of jet engines parts can assure customers and partners the provenance of their components 

2. A seller of perishable goods lets customers and partners track their items 

3. A retailer enables customers and partners view their warehousing, inventory, and logistics 

Does ForgeRock Use DLTs?

"Ok... now I get why Honeywell, Walmart, and Target are using BlockChain, but why should ForgeRock?”

Each time that question comes up (usually from a customer or partner) I explain how we can, for audit purposes, transparently and unequivocally persist a timestamp in a DLT each time a person, thing, or service accesses the system. For example, suppose you work at a bank and for regulatory purposes, the bank needs to log every time you access one of their systems. By "storing on chain," this can now be done automatically using ForgeRock, alleviating risk and ensuring compliance.

We are already doing this, using Intelligent Authentication, in a number of ways by leveraging different DLTs (Ethereum, Hyperledger Fabric, CryptoWallet, JavaChain, etc). In my next blog I'll dive into details on how we configured a couple of these Authentication Journeys in the ForgeRock Identity Platform.


If you have any questions about ForgeRock and DLTs, contact us here

Who Is Robbie Jones?

Who is Robbie? Robbie works in our Trust Partner Network and helps push the limits of our product strategy and innovation roadmap for anything and everything IoT (wearables, nearables, chatbots, connected cars, blockchain, AR/VR/MR, etc.) Whatever the new cool new tech buzzword of the day is, Robbie has white-hat hacked into it. In his “spare” time he likes to mess around with Natural Language Processing and Computer Vision.

Recent Posts:

Prevent Data Breaches: Making Sure The Algorithms Work

An identity platform like ForgeRock is the backbone of an enterprise, with a view of all apps, identities, devices, and resources attempting to connect with each other. This is a very nice position to gather rich log identity data to use to prevent data breaches.

Is Your IAM Vendor Keeping up with the Cloud?

The ForgeRock Identity and Access Management  Platform can be deployed in many different cloud services like AWSGoogle, Azure, and even in 

IoT Edge Controller: Trusted Identity at the Device Level

On Tuesday, ForgeRock announced  the availability of its IoT Edge Controller, which provides consumer and industrial organizations with the ability t