I have some questions regarding the deployment of a HLF use case. consider that we want to implement a network for insurance industry.
clients want to interact with an insurance company to make an agreement and whenever they suffer from an accident, make a request to claim their funds.
We also have an organization that assesses the damage.
When the customer requests an assessment, the damage assessment process may take several days.
In the compensation process, the assessors must endorse the transaction.
Do customers in the network need an organization and peer or is it enough to be interacted with the application?
Doesn't the fact that transactions take several days to be endorsed pose a problem for the network? What solution do you suggest for its implementation? What functions should be used in a developing Chaincodes?
The documents that assessors want to record after completing their work may include images, videos, and a lot of information. How should this information be stored on the network? Doesn't it create a heavy load on the network?
Do customers in the network need an organization and peer or is it enough to be interacted with the application?
It's up to you whether or not you want to register your users on the blockchain. Registering and enrolling an identity in a Hyperleder Fabric network means you're making them a member of an organization. With registering identities on the blockchain, you can have better access control management of identities. Also, if you're registering a user on the blockchain, the admin would be able to see in the ledger which member did a particular transaction. You can achieve the same without registering members on blockchain but it's one of the perks and underlying principles of Hyperledger Fabric so why not leverage it.
Doesn't the fact that transactions take several days to be endorsed pose a problem for the network? What solution do you suggest for its implementation? What functions should be used in a developing Chaincodes?
No, transactions don't take several days to get endorsed in Hyperleder Fabric. It takes only a few seconds to complete a transaction. And, you can increase the throughput by structuring your application better(have more no. of peers etc). Yes, there'll be a limit to how many transactions you can do per second even when you have a good architecture, but isn't it what blockchain infamous for?
There're other ways of increasing the throughput depending on the use-case. One could be returning the response to the API caller as soon as the transaction gets endorsed, not waiting for the transaction to get committed in the ledger. There're definitely some cons to this approach like getting an MVCC error later but if handled properly, this can be one of the best ways to increase the throughput in Hyperledger Fabric.
The documents that assessors want to record after completing their work may include images, videos, and a lot of information. How should this information be stored on the network? Doesn't it create a heavy load on the network?
There's no need of storing blob files in the database. It doesn't have anything to do with blockchain. In a simple project which handles uploading and downloading images/videos, you don't save those files in your database. You just store the name in the database which points to a file in the filesystem.
You can read more about "Should you store images in DB or not?" here.
I have one use case for implementing private blockchain. I am considering using Hyperledger Fabric for implementing private blockchain.
Use case
As we know blockchain works with unknown parties which want to work together without any middle man. So, my use case is similar to this.
One organisation wants to deal with different vendors residing in different cities in the country which are not known to organisation. Now, we want to make smart contract according to our business logic between the organisation and vendors to do further transactions.
We will map our organisation to fabric organisation. But what to with vendors? As vendors are not separate organisation, they are individual entities.
I have worked for multi organisations with fabric but how should we make this architecture to work correctly where only one organisation is involved?
I need to know how can apply smart contract in a peer-to-peer network in which blockchain has not been utilized.
think two entities are interacting together in a peer-to-peer network and they have obligated pay some cost for some service that provide together ,but in this case they don't use blockchain and they should pay inside the network,can they use smart contract in this case? smart contract without blockchain? is any solution or any sample for that?
So far smart contracts have only been implemented in blockchain networks (and other distributed ledgers such as Hashgraph). Without such a platform you need some intermediary to fill the role of a smart contract.
For P2P networks, Bitcoin (and it's successors) were the first to create virtual currency in a decentralized fashion - so no, it is not possible to use digital currency without blockchain or a trusted third party.
I have generated a angular app using hyperledger composer generator and now i want to assure that is it suitable for building large scale application?
The Hyperledger Composer Angular Generator is used to generate an example web application from a provided business network archive (.bna) or running business network. For the business network in question, it discovers the defined business network schema (eg. assets participants and list of transaction classes) and produces a skeleton Angular application which interfaces/can connect with a Composer REST server. Building 'large scale application(s) usually requires an app design & architectural approach (scaling, capacity, zones, recovery etc etc).
The main purpose of the generator is to provide a sample web application which allows developers to understand how their business network can become a complete application.
The generator is a useful tool because it provides a functioning use case with a business network as a basis to demonstrate interaction to the blockchain to interested parties. There are plenty of resources out on Google to help you depending on what approach you wish to take from an Angular app design perspective.
Has anyone seen details or a White paper on azure security and the positives and negatives compared to your own hosting?
Securing Microsoft's Cloud Infrastructure
Security Mental Model for Azure
Cloud Security Frame
Outlook for Azure – scattered clouds but generally sunny
Security Considerations for Client and Cloud Applications
abmv has a full set of links.
Just wanted to add one point: The azure platform is highly automated, so there are very few manuall operations, at least compared with the hosting companies I have seen. This reduces the chance of security problems due to human error, forgetting a configuration setting for example.
Azure security whitepapers are available at the Azure Trust Center: http://azure.microsoft.com/en-us/support/trust-center/security/
This is also a helpful document for Security Best Practices for Azure Solutions: http://download.microsoft.com/download/7/8/A/78AB795A-8A5B-48B0-9422-FDDEEE8F70C1/SecurityBestPracticesForWindowsAzureSolutionsFeb2014.docx
In practice, many customers choose to mix several compute types in their cloud environment, as certain models may apply better to different tasks; multiple cloud services, virtual machines, and Web Sites can all work in conjunction. The pros and cons of each should be weighed when making architectural decisions.
There is great potential and promise for the cloud, but those looking to adopt cloud computing are understandably nervous and excited about the business prospects. Customers are excited about reducing capital costs, divesting themselves of infrastructure management, and taking advantage of the agility delivered by on-demand provisioning of cloud-based assets. However, IT architects are also concerned about the risks of cloud computing if the environment and applications are not properly secured, and also the loss of direct control over the environment for which they will still be held responsible. Thus, any cloud platform must mitigate risk to customers as much as possible, but it is also incumbent on the subscriber to work within the cloud platform to implement best practices as they would for on-premises solutions.
Moving to a cloud platform is ultimately a question of trust vs. control. With the Infrastructure-as-a-Service (IaaS) model, the customer places trust in the cloud provider for managing and maintaining hardware. The cloud provider secures the network, but the customer must secure the host and the applications. However, for Platform-as-a-Service (PaaS), the customer gives further control of the host, the network, and runtime components. Thus, the cloud vendor would be responsible for ensuring that the host and runtime are properly secured from threats. In both cases, the customer would be responsible for securing applications and data (e.g., authentication, authorization, configuration management, cryptography, exception management, input validation, session management, communication, audit and logging).
Software as a Service (SaaS) presents one further level of abstraction. In this case, the cloud provider manages all levels of the stack all the way up to the application. Customers provide configuration information and sometimes high level code, but that is the end of their responsibility.
Generally, traditional threats will continue to exist in the cloud, such as cross-site scripting (XSS) or code injection attacks, Denial-of-Service (DOS) attacks, or credential guessing attacks. Some old threats are mitigated, since patching may be automated (for Platform-as-a-Service, or PaaS, only), and cloud resiliency improves failover across a service. Some threats are expanded, such as those concerning data privacy (location and segregation) and privileged access. New threats are introduced, such as new privilege escalation attacks (VM to host, or VM to VM), jail-breaking the VM boundary or hyper-jacking (a rootkit attack on the host or VM). Microsoft has taken extraordinary measures to protect Azure against those classes of threats.
Worth also checking into the Azure Security Information Site - we'll be adding a lot more dev-centric security content there in this calendar year https://aka.ms/AzureSecInfo