A Deep Dive on Blockchain with IBM’s Rebecca Gott–Futurum Tech Podcast Interview Series
In this special episode of the Futurum Tech Podcast Interview Series, Daniel Newman welcomes Rebecca Gott, IBM Distinguished Engineer. Rebecca has worked for IBM for 20 years and currently focuses on blockchain on the IMB Z and LinuxONE Team. Daniel and Rebecca take a deep dive into blockchain use cases in today’s business environment.
While many people associate blockchain solely with cryptocurrency, there are tons of other use cases that apply to other industries besides finance. When IBM launched its blockchain development back in 2014-15, it talked with clients about what they would need for blockchain to be useful for them. At its core blockchain is a secure distributed ledger that can be used to manage any number of tangible and intangible assets and IBM knew that clients could benefit. There are now tons of different use cases in the marketplace, including things like supply chain management—tracking the provenance of food from field to shelf. By using blockchain to every step of a crop, for instance, it allows for quick and accurate pinpointing of contamination when emergencies come up. There are also many other use cases in the financial services industry and in digital asset custody.
Rebecca and Daniel discussed security issues associated with blockchain. While it’s by and large considered to be highly secure, there are some risks. Blockchain is as good as the weakest link. That’s why, Rebecca shares, you want to run blockchain in a trusted execution environment to keep the entire ledger safe. IBM uses a specialized secure service container, IBM Z, that provides a range of extended security measures including partitions, encryption, and additional protection against internal security threats. For instance, the systems white label API does not allow access to OS or other devices on the system. And, due to the nature of blockchain, no one would be able to tamper with the blockchain without every other user on the blockchain knowing about it.
According to Rebecca, blockchain as a service/cloud blockchain solutions are incredibly popular. On-premise solutions tend to be used when there are data residency requirements that need to be met. Either way, there is tremendous advancement happening in the world of blockchain that will likely increase the rate of adoption sharply in the coming years.
Overall, it’s clear that blockchain’s ability to handle important transactions while promoting trust and prioritizing security will make this type of technology a major part of many enterprise transformations. If you’re interested in learning more about this, download your copy of our white paper Enterprise Blockchain on LinuxONE today.
Daniel Newman: Welcome to the Futurum Tech Podcast, the Interview Series. I’m your host today, Daniel Newman, and I’ll be joined today by IBM’s Rebecca Gott. But before I introduce Rebecca, I want to go ahead and make sure everybody out there knows that this episode of the Futurum Tech Podcast Interview Series has been brought to you in part by IBM. And although we will talk about the products and services of IBM, this show is meant for information and entertainment purposes only, and we are not advising any financial investments whatsoever. Got to get that out of the way.
Rebecca, welcome to the Futurum Tech Podcast Interview Series. How are you doing today?
Rebecca Gott: I’m happy to be here. Happy to be here, so thank you.
Daniel Newman: Yeah, so for everybody out there, by the way, we’re going to be talking about blockchain today and that’s something that IBM is really big on and I’m really excited to have you on. Have not done an interview yet on the Futurum Tech Podcast with a blockchain thought leader. We have recently done a paper in partnership with IBM talking about blockchain on LinuxONE and I’m excited to have this opportunity to have this conversation, but before we go there, can you just introduce everybody, tell them a little bit about your role at IBM and your background with blockchain technology?
Rebecca Gott: Sure, sure. So I am an IBM Distinguished Engineer and I work in our IBM Z and LinuxONE team. I’ve been focusing on blockchain over the last three years. So I’ve been with IBM for about 20 years and I grew up through aspects of our power development, moved on to our IBM Z and LinuxONE development teams, and over the last three years I’ve been involved in our blockchain initiatives on the LinuxONE platform, and specifically doing dragging our offerings at for blockchain on LinuxONE in the IBM cloud and enabling clients on premises.
Daniel Newman: And it’s such a big topic. For blockchain, we still are in a world where people are using the terminology and talking about it with everywhere from a very, very minimal awareness of what blockchain even is. People are like, “Oh, it’s Bitcoin,” all the way to people who fully understand the architectural sophistication and the fact that it’s far more than just crypto currency. So for everyone out there, obviously this show, we’re going to be covering a lot of ground and some of this hopefully is super educational and invaluable to help you better understand it. Some of it might be more technical, some of it less.
I want to start with some bigger ideas, Rebecca, if you don’t mind. And then hopefully maybe you can use your expertise to dive into some of the specifics and of course share some of the details of what you’re doing, what IBM is doing. But I want to start with kind of talking about where you’re seeing it being used because everyone automatically jumps to crypto, but there are so many more things going on with blockchain than just crypto. So where are you seeing being put into production in your role?
Rebecca Gott: When IBM started looking at blockchain technologies, you know, back in the 2014-15 timeframe, one of the things folks in our IBM research team did is they went out and they talk to clients and asked them essentially, “What would you need to have in this technology to be useful?” Because we recognize that the underlying blockchain technology applies to much more than cryptocurrency. So essentially you can transact any type of asset, be it an intangible asset or a tangible asset, anything that you’re keeping track of on that distributed shared ledger.
So that opened up opportunities for many, many other use cases outside of the cryptocurrency realm. Because you’re absolutely right, Daniel. Most people, the first association with blockchain tends to be with Bitcoin. But where we’re seeing it in use today is around many different spaces across many different industries. One of the popular types of use cases tends to be in the supply chain, Providence. We have something called essentially food safety, where we have a blockchain technology that tracks the provenance of food all the way from the farm to the grocer’s shelves. So you can imagine if there’s a contamination issue and a food product needs to be recalled, if you have a clear visibility to the entire supply chain path that that food product traversed, you can much faster and more accurately pinpoint the point of contamination and do ideally a faster and more selective recall of that food product.
So supply chain is a big one. We see use cases across the financial services sector. So there’s a use cases around mortgages, trade finance, letters of credit. So essentially if you look at any of these areas where there’s, I’ll say, pinch points or delays in visibility on upon which a transaction is propagating through the parties that are participating in that transaction. Blockchain does a lot to bring transparency and visibility to where an asset is, a transaction is, in I’ll say transaction cycle.
Daniel Newman: A few good examples and I’ve seen a lot in the same space as supply chain. I know IBM has gotten involved in some sort of consortiums to entire value chains and using blockchain and hyperledger technologies to bring that together. You mentioned the word asset a few times, and I wanted to touch on digital asset custody because that’s a pretty big topic right now. And you mentioned for instance with real estate, but there’s a lot of other cases where blockchain could really be the underlying tech for digital asset custody.
Rebecca Gott: Sure, yes. Yeah. It’s a really interesting interplay between the two spaces and so in some ways digital assets can be very closely associated with blockchain. So if you think about the tokenization of assets, and we can even think about cryptocurrencies as a tokenized type of asset. They are in the digital asset custody space. There’s a need for a very secure way of managing these digital assets and potentially exchanging those digital assets. And so in the digital assets space, the way to think about it is these assets are cryptographically secured with a public and a private key pair where the … You can think of the public key like a mailbox so everyone can see it, anyone can send digital assets to it.
And that private key, that’s the key to your mailbox. And only the owner can open it and access what’s inside of that mailbox. So there’s a lot of attention and interest around essentially securing that private key because if you own that private key, you own the digital assets corresponding to that public key address. So if you think about digital asset wallets, if you own that private key, you own the contents of that wallet.
Daniel Newman: Yeah, there’s a really compelling story there right now with a lot of what’s going on in blockchain. There’s been issues with custody, there’s been issues with, especially in the crypto space, and it’s such an opportunity to continue to work on securing the technology to make sure that it’s entirely traceable and that the person that owns the assets has a sound way to make sure they keep control of their assets. Let’s talk about security a little bit more because you sort of started going into there in the end about people making sure their assets are in their control and they have the proper key to maintain and gain control of their assets. But blockchain being the distributed ledger that it is sort of has a purpose of possibly being a weakest link technology, right? So it’s as good as the weakest link. How do you explain that? Because people I’ve heard say it’s only as secure as its least secure participant.
Rebecca Gott: Sure. That’s where in IBM and what we certainly recommend is you really want to think about the infrastructure and how you are deploying your blockchain network. So within vulnerabilities within a blockchain network, the smart contract, which is essentially the code that basically validates if a transaction is valid or not and it gives an endorsement. So it’s a very sensitive piece of a blockchain within the blockchain network. If that smart contract is compromised in any way it could lead to essentially bad transactions, malicious transactions. And so you need to ensure that the, the infrastructure that you’re running your blockchain network in is secure.
So blockchain is not unlike any other type of IT infrastructure. If there are pieces that can be exposed, you want to basically try your best to protect against those exposures. And so in the blockchain world, what we say is, you know, you really want to be running in ideally a trusted execution environment, which adds more security around which the smart contracts are running. You ideally want to protect more than just as smart contracts. If you can protect the entire peer node as the entire ledger, then that’s even more ideal, more secure.
So we have this concept of a trusted execution environment in which to deploy your blockchain and ideally a big one. And with that, some of the IBM technology that underpins our trusted execution environment is something called the secure service container. This exists in our LinuxONE IBM Z technology where the idea around secure service container is within an IBM Z machine. We have something called logical partitions. These logical partitions have something called an EAL5+ level of isolation between them. And so what that means is you could have multiple logical partitions, up to 85 in a high end Z machine, and between these logical partitions, these L-pars, the isolation level is essentially equivalent to air box gap separation.
So in other words, where we tend to like to say you could have Coke in one L-Par and a Pepsi in another and they’re fully isolated workloads. So, we can isolate our workloads within an IBM Z box. But then additionally that secure service container is a specialized version or type of a logical partition where we add additional security features such as pulled data at rest encryption and full data in flight encryption. So we’re encrypting everything that’s going in and out of that SSC logical partition.
Further, one of the threats that exists in any cloud environment and it exists in on premises environments, is the risk of insider threats. That is potentially a rogue administrator, someone that has elevated system credentials that has access to the data and code running on the systems in which they manage. The secure service container technology prevents anyone with these elevated system credentials from having a shell access, secure shell access to that logical partition. So the only way to access that secure service container is through the white labeled restful APIs. So it’s a very controlled, locked down environment.
It also has an area of protected memory that can scale up to 16 terabytes which has no direct memory access. So we basically built this extremely large trusted execution environment and upon which you can deploy peer nodes, multiple peer nodes, entire blockchain networks, and basically work to knock out these exposures that do in fact exist in blockchain infrastructures.
Daniel Newman: You mentioned something and I just … go back and reiterate it, not having … the trusted administrator, not having that secure shell environment where they could potentially gain access without people knowing, what you’re basically saying is that they can still gain access but there would be no way for them to do it without others in the control chain being aware. So it creates those layers of control and security in that you know that no matter how much access someone has, they wouldn’t be able to take advantage of the system, which as we’ve seen with some of the breaches in cloud, for instance one not even necessarily all that high up in an organization could do some significant damage and it could go undetected for a long time.
Rebecca Gott: Right. But I’ll also even add on … So it’s actually, even a little, I’ll say, more protective than that in the sense that even though that system administrator has these elevated system credentials, that white labeled restful APIs basically limit what can be done. And so, typically if you’re a user, you know you have full access to the OS. You have access to other devices.
So within the secure service container, that type of access does not exist. It’s not that if this rogue admin still has those capabilities that would be detectable, he doesn’t even have them because it’s restricted what can actually even happen within that secure appliance.
Daniel Newman: Oh that’s great, and thanks for further qualifying that. I think it’s an important point to measure though because as of right now there is still a lot of potential vulnerabilities in traditional it architectures and we’ve seen it with everything from issues that have taken place at the CPUs, into network layers, into accesses that have taken place through cloud. And obviously these are different than blockchain but we’re all becoming aware of risks, privacy invasions, breaches, internal insider threats, external threats. You mentioned in there, because I have time to really cover maybe one more topic with you, and Rebecca, thank you so much. This has been great. I really appreciate having you on this podcast.
You talked about the Z, the LinuxONE and IBM Z box, and obviously to you and me, we know what that is, but everyone out there might not be as familiar. So I want to ask you an infrastructure question. A lot of people are … I’ve mentioned cloud a few times now, but where are you seeing the blockchain being run in most cases? Because you’ve talked about Z and that’s an on-prem device, but maybe talk a little bit about where you’re seeing it in cloud right now.
Rebecca Gott: Okay, sure. Yeah. I’d say it’s definitely a mix between a client’s running in a public cloud environment and some running within their own data centers on premises. And the cloud option remains very popular because it can be a very easy, I’ll say a quick way to start, particularly if you’re running, if you choose to go with a managed blockchain service. And so when IBM launched our first blockchain as a service in 2016, we launched that, a fully managed blockchain as a service within the IBM cloud and we chose to deploy it on LinuxONE.
So when you deploy to these, your blockchain as a service in our enterprise offering and you are actually deploying to secure service container technology that I just described. So the cloud remains a very bad place to start. It’s a great place to do POCs where I run production environments. Where we see a strong interest in running on premises tends to be where there’s data of residency requirements. So many countries have in-country data residency regulations. Corporations may have regulations, certainly government agencies do, where they cannot have certain types of … some can’t have any data in a public cloud or certain types of data.
It’s just either by regulation or in some cases it’s just easier to pursue an on-premises deployment. So we see actually more and more clients deciding to deploy on premises. And in part because of the data privacy requirements within their own corporations. In some cases it’s just a control and clients want to be able to control their own infrastructure that is running their blockchain network.
Daniel Newman: I think that’s a really important consideration that so many a user’s need right now, is sort of, A, because you’ve talked about a proof of concept or proof of value, and it sounds like the cloud and some of the activities, speed to launch, speed to concept could be really, really successful. But it does sound to me and what you mentioned with things like governments and residency, those are things that companies are getting to look, enterprises, governments, whoever’s involved, are going to have to look very closely at when they’re considering. I got to imagine driving a lot of popularity towards the new IBM Z box and the LinuxONE offerings that you guys are putting in market.
Rebecca Gott: Absolutely. Absolutely. Yes. Yeah, and we continue to launch additional offerings within the IBM cloud on LinuxONE that basically has this family of hyper protect services that basically incorporate the secure service container technology and that the hardware security module, the private key protection that I described. So those offerings continue to grow in our IBM cloud space and clients can certainly leverage these capabilities within their own data centers on their IBMC or LinuxONE machines.
Daniel Newman: As an analyst, I have a very strong belief that … going to be a very popular solution for driving the proliferation off blockchain-based solutions into the market. So I’ll be watching closely following the launch and congratulations on that, and the success. I want to thank you so much, Rebecca, for taking the time to join the podcast. I could probably talk to you for two hours, but I like to try to keep the listeners moving quick, flowing through, learning something new. But we will be sure to put a bunch of links in the show notes. So if you’re listening to this episode, check out the show notes. We had a recent paper that we partnered with IBM on that we covered the IBM blockchain on LinuxONE. We have a bunch of other links that we can send you to, to learn more about the IBM Z, the new products.
Rebecca, your expertise is unmatched or at least limited in terms of match out there. So I’m sure many people would love to know where they can follow you or learn more. Do you have a blog, a Twitter handle? Where can they get more wisdom from you?
Rebecca Gott: Okay, sure. Yes. Yeah, so I am on Twitter and certainly I’m on LinkedIn, so feel free to go and look for me out there, connect with me and I’m happy to talk. I love talking about blockchain.
Daniel Newman: Okay. Yeah. Well, I’ll throw the Twitter handle into the show notes because people won’t be able to listen and find it anyway. But Rebecca … so much for jumping on to the Futurum Tech Podcast Interview Series. I really appreciate all the insights. Everyone out there, thanks for tuning in. Please hit that subscribe button. Stick with us. So much more to come. Meanwhile, for this edition of the podcast, we’re out of here. We’ll talk to you later.
Thank you for joining us on this week’s Futurum Tech Podcast, the Interview Series. Please be sure to subscribe to us on iTunes and stay with us each and every week as we bring more interviews and more shows from our weekly Futurum Tech Podcast.
Disclaimer: The Futurum Tech Podcast is for information and entertainment purposes only. Over the course of this podcast, we may talk about companies that are publicly traded and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors and we do not ask that you treat us as such.
Thank you to IBM for sponsoring this edition of Futurum Tech Podcast, and for their continued commitment to using tech for good.