An Introduction to Microsoft’s Azure Blockchain Service

0
2841

Blockchain has captured global attention as a great way to streamline business processes, verify transactions and reduce any sort of fraud. This article gives a quick overview of Microsoft’s Azure Blockchain Service.

Blockchain is a secure, shared, distributed ledger that can be public, private or consortium. It is highly secure as it uses cryptography to create transactions that are quite impossible to tamper with. All the information is shared among all the nodes or peers in the chain to form contracts. A blockchain is deeply linked to the number of entities that are participating in it. All the blockchain data and contracts are distributed, forming numerous replicas in the database. A greater number of replicas ensures the reliability of data. A blockchain can be defined as a ‘digital ledger’ — a transactional database that incorporates only immutable records of every transaction that occurs.

In a blockchain, ledgers are distributed across the entire network and no middleman is needed for the transaction. It acts like a peer-to-peer file sharing system, as every peer obtains a copy of the entire data set.

Blockchain technology evolved with the addition of smart contracts, which are small pieces of code that add logic to transactions. Smart contracts can be termed as computer code representations of legal terms in contract for goods or services. With the passage of time, various new blockchain ledgers have emerged in the market like Ethereum and Hyperledger Fabric known as Blockchain 2.0. But just as databases have evolved over time by adding a logic execution capability (in the form of stored procedures, for example), blockchain has introduced smart contracts to handle the logic tier. However, smart contracts can only operate on data contained in the block where they are stored. They can’t access external data or systems, as calling a service outside of the blockchain breaks the ‘circle of trust’ that blockchain provides for cryptographic security and immutability of transactions. CRM, ERP and payroll systems all represent external entities that aren’t part of a blockchain, but may be involved in the exchange of data within a transaction. Blockchains need a way to securely receive external data, as well as access to secure execution of off-chain code.

To address this requirement, Microsoft has introduced cryptlets as part of Blockchain 3.0, defined as blockchain of data, logic and cloud services.

Azure Blockchain Service
Azure Blockchain Service is a fully managed ledger service that gives users the ability to grow and operate blockchain networks at scale in Azure, via unified control for both infrastructure management as well as blockchain network governance.

It provides the following:

  • Simple network deployment and operations
  • Consortium management
  • Smart contracts with development tools

It provides support for the Ethereum Quorum ledger using the Istanbul Byzantine Fault Tolerance (IBFT) consensus mechanism.

Features of Azure Blockchain Service
Azure network deployment and operations: Azure Blockchain Service is developed through the Azure CLI, Visual Studio Code, or the Azure portal with the assistance of the Azure blockchain extension. Network deployment is made simple in the Azure Blockchain Service. It includes provisioning both the validator and transaction nodes, as well as Azure virtual networks for service-managed storage and security isolation. When a new member is deployed, users join or create a consortium. These consortiums allow multiple parties in several Azure subscriptions to communicate securely with each other on a shared blockchain. This simplifies blockchain network deployment to a great extent and reduces the time from days to minutes.

Performance and service tiers: The two service tiers offered in Azure Blockchain Service are basic and standard. Each tier offers several capabilities to support lightweight development, and also allows the testing of workloads to massively scaled production blockchain deployments. Both these tiers include two standard validator nodes, one basic validator node, and one transaction node.

Maintenance and security: Once you provision your first blockchain member, you will be able to add additional transaction nodes to it. These nodes need configuration for access and are safeguarded through firewall rules. Other options that can be used for securing transaction node access are access keys, basic authentication and Azure Active Directory integration.

Monitoring and logging: The Azure service offers rich metrics through the Azure Monitor Service that provides insights into the memory, storage usage and CPU of the nodes. Apart from these, it also provides insights into blockchain network activity such as transaction queue depth, active connections and transactions, and the blocks mined. Azure makes it possible to customise metrics to provide the insights. It is also possible to define thresholds through alerts to help users trigger actions such as sending an email or text message, or running a logic app or Azure function. Users can also view logs related to the Quorum ledger using Azure Log Analytics.

Built-in consortium management: As mentioned earlier, at the time of deploying the first blockchain member, you will either join or create a consortium. A consortium can be understood as a logical group that manages the connectivity and governance between blockchain members who transact in a multi-party process. Azure offers governance controls through pre-defined smart contracts that determine the actions members present in the consortium are allowed to take. The administrator can customise the governance controls as and when needed. You must have an invite to join a consortium. Consortium management actions like removing and adding members from a consortium can be accessed through a REST API and power shell.

Architecture of the Azure blockchain solution
Azure blockchain provides two solution architectures.

Supply chain track and trace: Supply chain is one of the most common problems that can be solved using blockchain. The main idea is to assure that an asset can move through a network without modification during transit. The architecture of the supply chain using Azure can be viewed in Figure 1.

Figure 1: Azure blockchain supply chain architecture

Blockchain workflow application: This helps blockchain digitise the workflow, and improves both the internal and external functioning of the organisation. It covers most of the blockchain apps’ anatomy, and assists the developer in implementing diverse use cases. Figure 2 highlights the blockchain workflow application.

Figure 2: Blockchain workflow architecture

Azure blockchain development kit
Microsoft Azure blockchain development kit is built on Microsoft serverless technologies and integrates Microsoft and third party SaaS. This kit extends the capabilities of blockchain developer templates and Azure blockchain workbench. It incorporates Azure services for key management, off-chain identity and data, as well as monitoring and messaging APIs into reference architecture to design blockchain based applications.

The Microsoft Azure blockchain development kit has the following features:

  • Connects various data producers and consumers to or from the blockchain
  • Integrates legacy tools, systems and protocols
  • Dives into end-to-end examples, or solutions to common patterns
  • Integrates traditional DevOps practices into a distributed application environment

Azure blockchain development kit for Ethereum helps developers create and deploy Ethereum based apps on Azure Blockchain Service or the Ethereum blockchain. The Ethereum development kit comes as an extension to Microsoft’s source code editor Visual Studio Code, allowing developers to create and deploy Ethereum smart contracts and utilise open source blockchain tools such as Solidity and Truffle.

Azure Blockchain Workbench
Similar to the AWS blockchain template, which provides pre-built templates to be used for cloud based blockchain platforms to build Ethereum or Hyperledger Fabric blockchain environments, Azure also provides a facility called Azure Blockchain Workbench which can simplify a developer’s life by providing pre-built infrastructure, as well as network and security services to accelerate the development of a blockchain platform.

Figure 3: Azure Blockchain Workbench services

Azure Blockchain Workbench is a three-stacked service, as shown in Figure 3. Here, SaaS adapters like SAP or Office365 integrate with other Azure services for data management, security services and management activities, and the underlying platform services from blockchain platforms like Ethereum, Corda, Quorum and Hyperledger Fabric.

This stacked service provides users the facility to dynamically pick, choose and tailor the services as needed on targeted architecture, and use the flexibility to integrate with any Azure native services required for the solution (like security or monitoring services).

Quorum on Azure Blockchain Service
Azure Blockchain Service is an integrated one-point service to support multiple blockchain platforms like Ethereum, Hyperledger Fabric, Corda, Chaincode and Quorum. It is currently in preview to provide support for Ethereum Quorum Ledger using the Istanbul Byzantine Fault Tolerance (IBFT) protocol. The actual purpose of Azure Blockchain Service is to provide support for multiple ledger protocols to be released in the future.

You can use Azure Blockchain Service to create a blockchain application like asset transfer or contract management, and to manipulate the code using Scala, Python or Java to create smart contracts. Azure Blockchain Service can be created with any protocol, like Quorum or Ethereum. For this you need to create a blockchain consortium member, and it requires various attributes as listed below.

Azure subscription: You need to use an Azure subscription like an enterprise or organisation connected directory.

Resource group: You first need to create a resource group to tag your blockchain platform services together to a particular role and access permission.

Region: Since Azure Blockchain Platform Service is in preview, there is a limited region that supports this service. Hence, choosing the right region that is suitable for your deployment architecture is very important during the initial setup.

Protocol: This is the stage where you select the right protocol, as Azure Blockchain Service supports Quorum, Ethereum, Corda, Chain or Hyperledger Fabric protocols. Each works on its own consensus algorithm. Hence, this is a very important stage where you need to identify the right choice of protocol based on the use case, community member size, number of nodes in the platform, and the level of security to be used.

Consortium: Finally, you prepare the consortium for blockchain service, which decides the mechanism of node management like voting and multi-node approval, to name a few.

Member: This is the stage where you create a unique member name for the service that you are creating, using a selected protocol like Quorum protocol and consortium in order to deploy the same.

Member protection: This is one of the peripheral activities where you protect the member with a password, using key vault or AD protection.

Pricing: Since Azure Blockchain Service is in preview, it may be costly for early use, and you need to plan the complete solution design with optimised service usage. Figure 4 highlights the Azure Blockchain Service in marketplace

Figure 4: Azure Blockchain Service in marketplace

Use cases of Azure Blockchain Service
Blockchain platforms are commonly used for transaction handling services and workflow managing services across different industries like financial services, retail services and healthcare systems, where some common use cases are workflow handling, transaction approvals, and patient data sharing in a secured way. For such use cases, the platform should support characteristics like:

  • Agility in design
  • Scalable platform
  • Integration with third party services
  • Security services
  • Monitoring and management services

With Azure Blockchain Platform services like workbench, you can leverage the power of the cloud platform and Azure native services to support all the above characteristics and develop distributed ledger services for a range of applications. These include sharing medical data and patient health records in healthcare, quick payment transfers with less processing charges, KYC approval process and workflow management, anti-money laundering services, document verification, supply chain management in retail, and inventory processing, to name a few.

LEAVE A REPLY

Please enter your comment!
Please enter your name here