Hello everyone i am new in this technology and i am confused please clear my few doubts. Thanks in advance.
Blockchain consist of Blocks but where these blocks are stored, i mean what is the physical location of Blocks.
As per my theoretical knowledge blockchain exist in network but in which network, do we need to create our own network or is there any third party those who provide network for our application.
Suppose i have to develop land registry application i need some space somewhere where i can store my blocks. if i store all block in my system itself then how it will behave like a decentralized.
Does Ethereum stored our blocks in his network?
Blockchain itself is a database but how we can manage the data.
Does BigchainDB stored our blocks or blockchain in his database?
Blockchain is shared among all the p2p network hosting it. So basically blockchain is stored in many simple HDD all around the world.
If you want to create a totally new blockchain, you create your own network. If you want, for example, to use Ethereum network to run your token, then you'll use Ethereum network (which has been created for Ethereum at the first place)
That's what the blockchain and it's protocol do. Store datas in multiple places and handle the integrity and safety of the datas. You need to have multiple agents in your network to be decentralized. You alone is centralized.
Yes, or more exactly, Ethereum users store datas in their storages for the Ethereum network
You can imagine different form of blockchain, but speaking about the first one, Bitcoin, when the p2p network is launched and used, you can't manage datas by yourself. The network will handle it, and the only way you can manage datas is by having more than 50% of the mining power (in an other way the network let users manage datas in an normal use case, for exemple, send your bitcoin is a normal use case, steal someone is not)
Sorry, I never heard about it =/
To others: Feel free to modify my answer as you please, I'm not an expert, just trying to share and perfect my knowledge
Related
As this decentralisation wave is taking place around the digital world, I was wondering how can you remove some content that you just uploaded on a decentralized network.
As I understand, more and more people want to have decentralized services, because as opposed to the client-server architecture this gives you more ownership of your stuff and everything is more transparent. But, what happens if you messed up, or the company you're a client of messed up and they/you upload some personal info that you clearly don't want others to have access to? Since it's a peer-to-peer network everybody has access to it and there's no way to enforce them to delete it.
I think what I am trying to understand is how this decentralized future will play out with private data, will there be a centralized place for private data and then we gonna do other things on ipfs and different similar apps? Because if that's so then what's the purpose, why not continue as it is right now? Maybe I am still not seeing all the use cases...
IPFS does allows you to delete file, you just need to make so on all different nodes hosting the file.
If some nodes aren't in your control the process is fairly simple, monitor ipfs dht findprovs <A file you want to delete>, find all peers hosting the file, then for each find their IP with ipfs dht findpeer <Peer ID>, then use a database like whois or BGP to find the ISP and send them C&D or GDPR claim or whatever.
Appart from the tools you use being ipfs centred it's the exact same process as for regular good old web2 with http.
You might think that for multiple nodes it's unlikely for everyone to comply and whatever juridiction you use to claim your rights of forgotness.
But that already happen with http, you can host your server in a country that doesn't follow whatever law you claim your right of thoses files to be removed or use Tor and mostly not worry about legal threats.
GDPR or any other law like that is already ineffective at removing stuff from the web, the goal is more to scare big players and help politicians keep their job (putting in place an ineffective solution to a problem not many people understand can help them get a good reception of the public and being renewed).
Yes it can be a problem. Companies which store data of their customers should not store them on a Blockchain. As in Europe with the GDPR-Law they are obliged to delete the data if the customer requests it.
I have had a similar issue at my company when we were discovering if we should use a decentraliced network in a project. In this link here is a statement from R3 (which developed Corda, a DLT for Business) about this topic. It is from 3 years ago but it's still relevant in my opinion.
So the solution is to only store the reference to the user (like an ID) on-chain and keep the sensitive stuff off-chain.
Another interesting project is Atala Prism, but unfortunatly I had not yet the time to dive into it.
I am currently gathering information for my thesis about smart home implementaton with a use of blockchain. The blockchain usage is a requirement from my thesis supervisor and I have huge problem with finding out how blockchain technology may be useful in home automation.
What I have already considered is that there are two types of blockchain which I can use: private and public.
The public blockchain won't be useful at all, because of long time to achieve consensus and every transaction costs money (fee for miners).
I also don't see any adventage of private blockchain over regular database in such application. There are two reasons:
-I won't be able to store blockchain on every smart home device, because they all have limited space. So If I need to store blockchain in some centralised way, I think it looses it's immutability adventage.
-The public key cryptography is a very nice thing, but I can archieve that also in a regular database, so I don't see the need to implement blockchain for that.
So am I not seeing something? How use of blockchain may be helpful is such a small project?
Thanks in advance for any advice! :)
I think it is related to developing because it always begins to make the right choice to use blockchain for smart home devices. There are blockchains out there which have a focus for devices with small storage, for example, IOTA.
As far as I understand you are looking for a solution that doesn't have a SPoF (Single Point of Failure) and which is decentralized, without using the storage of the device.
Personally, I think BigChainDB (https://www.bigchaindb.com/developers/getstarted/) can be the best solution for you. Setup some nodes and let the devices authenticate with it though MongoDB or simplify it with API access. It's a great base for deploying decentralized applications, such as yours.
A simple question: what is the name of concept that, for example, Google Maps and Waze use to discover and indicate traffic jam?
Is that from users information or something with satellite signals?
There are usually various sources involved and it all depends on which product you're looking at. I might miss a source or two, but these are probably the most important ones:
Location data from mobile phones in the background: Google has its location services in Android that show Google where you are every once in a while. If several people are moving slowly while on a road, it's very likely they are in a traffic jam.
Location data actively shared via mobile phones: Waze is very open about doing this, for example. Whenever you have Waze open, your location is sent to their servers and if several people are slowing down at a certain location, the system assumes there is a traffic jam at that point.
Location data from service providers: many service providers give out aggregated detailed information on where their users are located. This data can be used to estimate how many people are at a manifestation, for example, but also to figure out where traffic is slowing down.
TMC (Traffic Message Channel) via radio: a digital layer (RDS) within the radio signal makes it possible for a traffic management agency to send out alerts for traffic jams, accidents, dangerous weather and so on. This is usually the only source used by built-in navigation systems.
Traffic data from road-side equipment: many countries have a monitoring system for their road network that allows them to see how many vehicles are passing at a certain point and at what speed. This data is sometimes shared by the government with other companies.
Usually the best solution is to use a combination of these sources. Navigation systems usually can't rely on just mobile phone data as they'd need a widespread use before it is possible to detect most traffic jams. Some sources require a lot of fine-tuning and complex algorithms to remove the noise in the data.
We can secure the data while its travelling using spiped or stunnel. But How do we do that while the data at rest? What if someone took the whole database? How can we encrypt the persistent data storage? Do we need to do this in application layer?
When looking at the documentation at https://redis.io/topics/security it is clear that encryption of data at rest isn't supported:
Redis is designed to be accessed by trusted clients inside trusted environments. This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket.
And (emphasis mine):
[...] in general, untrusted access to Redis should always be mediated by a layer implementing ACLs, validating user input, and deciding what operations to perform against the Redis instance. In general, Redis is not optimized for maximum security but for maximum performance and simplicity.
What I would do is to set the database im some sort of private server not accesible by the internet. You can comunicate to it through private IP addressed.
Amazon Web Services offers a very good architecture for Virtual Private Cloud that you can try using their free tier. (Use t2.micro Instances and make sure their summed running time doesnt go over 30 days, also that they dont use up more than 30Gb of storage capacity)
With respect to how to protect the data if a hacker could actually access the database: I would encrypt all the sensitive info that I will be checking in the future with a one way hash algorithm. Every programming language has their own syntax for SHA256 and several others encrypting algorithm. I believe for Node.js you could use crypto module (not sure if it has the one way hashing but it should.)
So every time a user sends something, you can hash it and compare it to the database encrypted data.
For example for the case of emails, it could be a two way hashing, that way it can be retrieved afterwards.
At this point, even if some accessed the database it would get irrelevant information.
Does anyone know of any documentation of how to access bank data via some sort of webservice or other method for use in a Silverlight financial / banking application? Is there any sort of standard protocol or terminology used for this that I can look up online. I'm having trouble finding any sort of information on how this is typically done.
"Access bank data"... Not exactly something banks allow from the outside world. They kinda want to keep things secure :)
If you work for a bank you may well have access to various web services internally. There are standards for data transfers, but every bank will likely have it's own systems.
I'm having trouble finding any sort of information on how this is typically done.
That's probably a good thing. This is typically done by either internal bank developers or consultants. For example, take the Bank of America Windows Phone 7 app (which is a Silverlight app): it connects to BofA's servers, but I would be surprised if the way in which it connects is public information. Because you can use it to check your account, I can only presume that there is a web service hosted somewhere that allows these clients to get this data. I'm pretty confident, however, that the connection is secured, and the details of it are kept hidden for good reason.
In short, banks don't usually expose web services to the outside world for public consumption. Unless you've been hired by a bank to specifically do this, I'm not sure you should be able to.