Introducing Azure Confidential Ledger - a blockchain-powered service designed with security and integrity at its core
Built on the Confidential Consortium Framework (CCF) Microsoft Research project, we are excited to announce the public preview of Azure Confidential Ledger (ACL), a fully managed service that provides the ability to store sensitive data records with integrity and confidentiality protections, all in a highly available and scalable service. Using ACL, customers can store data in an immutable, tamper-protected, and append-only ledger. The service provides these assurances by harnessing the power of Confidential Computing’s hardware-encrypted secure enclaves when setting up the decentralized blockchain network, limiting Microsoft’s access to operating the nodes in the ledger.
Use cases for Azure Confidential Ledger
Azure customers are rapidly adopting ACL for a variety of purposes, including audit logging and tracking of highly sensitive admin operations. In collaborative environments, where multiple parties are involved in the sharing of sensitive data, ACL addresses the requirements to trace access to critical business information. For example:
Azure Confidential Ledger use cases
The technology behind Azure Confidential Ledger
Based on a permissioned blockchain model by the Confidential Consortium Framework (CCF), ACL offers unique data integrity advantages. These include immutability, making the ledger write-only, and tamper-protecting to ensure all records are kept intact. The ledger runs exclusively on hardware-backed secure enclaves, a heavily monitored and isolated runtime environment, which keeps potential attacks at bay. Specifically, ACL runs on a minimalistic Trusted Computing Base (TCB) which prevents access to ACL service developers, datacenter technicians, and cloud administrators.
Key features of Azure Confidential Ledger include:
Azure Confidential Ledger architecture
ACL security
Data is sent to ACL over a required TLS 1.2 connection, and the TLS connection terminates inside the hardware backed security enclaves. This ensures that no one can intercept the connection between the customer’s client and the ACL server nodes.
In addition to interacting with the ACL API, it is possible to verify the ACL service integrity via an offline verification tool.
What makes ACL more secure than any other comparable digital ledger solution is that it leverages the Azure Confidential Computing platform. An instance of ACL runs in a dedicated and fully attested hardware-backed enclave. The ledger’s integrity is maintained through a consensus-based blockchain.
ACL storage
Ledgers in ACL are created as blocks in blob storage containers. Transaction data can either be stored as encrypted or in plaintext depending on your needs.
By adopting a Merkle tree-based approach, receipts of data writes include a full tree path to a signed root-of-trust. This means that users can verify transactions without storing or managing any ledger data, thus simplifying the additional burden of managing those receipts in a separate storage facility.
ACL APIs
The ACL instance can be managed by administrators using an Administrative API and can be called directly by your application code through a Functional API. The Administrative API supports operations such as create, update, get, and delete of ledgers. The Functional API allows direct interaction with your instantiated ledger and includes operations such as put, get and verify data.
Get started!
How can you tell whether Azure Confidential Ledger would be useful to your organization? You should consider using ACL if your organization stores records that are valuable enough for a motivated attacker to try and compromise the underlying logging/storage system. This includes “insider” scenarios where a rogue employee might attempt to forge, modify, or remove records.
If this sounds right for you, we encourage you to try ledger and also chat with us about your experience. During the public preview period, ACL is free of charge.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.