Blockchain: A Distributed Ledger Technology (DLT)

My mother just called me, wondering why a week doesn't go by that she doesn’t read about yet another Fortune 100 company announcing some Blockchain initiative. She asked me "What is this chain thing, and why are some people so enamored with it?"

What is a DLT?

While I didn't (and still don't) have a clear answer for the latter, for the former I started by first trying to explain (and highlight the merits) of a system that has these “DLT" characteristics:

1. DISTRIBUTED: Because it's decentralized, there is no single point of failure; also, because there are so many copies of the database "distributed" across the internet, it's almost impossible to compromise since doing so would require one to compromise every single instance. 

2. LEDGER: A record of business transactions, or a decentralized database, where everyone can see these transactions and share if they so choose.

3. TECHNOLOGIES: It is built using the same state of the art cryptographic "technologies" and techniques that have been tried, true, and trusted over a decade (PKI or Public Key Infrastructure…but that’s another blog altogether).

Now that we more or less had covered the general gist of DLTs, I explained that Blockchain is just one type of a DLT. 

How is Blockchain Used? 

To drive home the point (and benefits) of the DLT, I told her about real-life Blockchain implementations where:

1. A manufacturer of jet engines parts can assure customers and partners the provenance of their components 

2. A seller of perishable goods lets customers and partners track their items 

3. A retailer enables customers and partners view their warehousing, inventory, and logistics 

Does ForgeRock Use DLTs?

"Ok... now I get why Honeywell, Walmart, and Target are using BlockChain, but why should ForgeRock?”

Each time that question comes up (usually from a customer or partner) I explain how we can, for audit purposes, transparently and unequivocally persist a timestamp in a DLT each time a person, thing, or service accesses the system. For example, suppose you work at a bank and for regulatory purposes, the bank needs to log every time you access one of their systems. By "storing on chain," this can now be done automatically using ForgeRock, alleviating risk and ensuring compliance.

We are already doing this, using Intelligent Authentication, in a number of ways by leveraging different DLTs (Ethereum, Hyperledger Fabric, CryptoWallet, JavaChain, etc). In my next blog I'll dive into details on how we configured a couple of these Authentication Journeys in the ForgeRock Identity Platform.


If you have any questions about ForgeRock and DLTs, contact us here

Who Is Robbie Jones?

Who is Robbie? Robbie works in our Trust Partner Network and helps push the limits of our product strategy and innovation roadmap for anything and everything IoT (wearables, nearables, chatbots, connected cars, blockchain, AR/VR/MR, etc.) Whatever the new cool new tech buzzword of the day is, Robbie has white-hat hacked into it. In his “spare” time he likes to mess around with Natural Language Processing and Computer Vision.

Recent Posts:

Augment Your Legacy IAM

Have you ever run into a situation where you know exactly what you have to do to solve the problem but can’t do it?

Modernize IAM for Government: A Real World Example

I recently had the chance to do a podcast with my friend and colleague Tommy Cathey, ForgeRock RVP of Public Sector. Tommy and I have worked together for years, and I am thrilled that he is bringing his deep public sector knowledge to ForgeRock (and this podcast).

How to Compare Digital Identity Providers for CIAM

Comparing and selecting digital identity providers for CIAM (customer identity and access management) is a daunting task. With the fast-paced nature of business and technology today, you need to ensure that you’re not only able to meet all your current requirements, but those to come.