Several days ago Microsoft presented at the Build 2021 Virtual Developers Conference, the Azure Confidential Ledger (ACL) Public Preview team, a new highly secure service for managing confidential data records.
The confidential ledger, it is based on a blockchain model and offers unique data integrity benefits. Among other things you can store in Confidential Ledger are logs related to your business transactions and IT and security operational events. The announcement comes after Microsoft announced a few weeks ago that it intends to close its Azure Blockchain-as-a-service offering.
Azure Confidential Ledger, like the Azure Blockchain service, is based on the idea that blockchain is a distributed ledger. Microsoft's Azure Confidential Ledger adds an additional layer of security and scalability to the blockchain, according to company officials. ACL uses Azure's confidential computing platform, which means that an ACL instance runs on a fully vetted, dedicated hardware enclave, according to Microsoft.
In an article on the new ledger, Microsoft said:
“Confidential Ledger operates exclusively in secure hardware-backed enclaves, a highly monitored and isolated runtime environment that keeps potential attacks at bay. Also, no one is "on top" of the ledger, not even Microsoft. By excluding us from the solution, Confidential Ledger operates on a minimalist trust foundation (TCB) that prevents access to Ledger service developers, data center technicians and cloud administrators.
ACL is based on the Confidential Consortium Framework (CCF), which Microsoft officials released publicly in 2017. At the time, officials said the Coco Framework (short for "confidential consortium") was supposed to work with any general ledger protocol it ran on any operating system and hypervisor that supports a supported Trusted Execution Environment (TEE) or a safe area of a processor. Coco's goal was to facilitate and accelerate the adoption of blockchain technology among businesses.
The framework was designed for use on premises and / or in the cloud of various vendors, company officials said.
The Microsoft team said that ACL works well when users need a highly sensitive audit trail and administrative operations tracking. "Confidential Ledger is for use cases where critical metadata records should not be altered, even in perpetuity for archival and compliance purposes," the software giant's article read.
They suggested that healthcare, finance and retail, information technology, supply chain monitoring, and any business where contracts and deeds need to be negotiated securely would all be good candidates for ACL.
For example: records related to business transactions (for example, money transfers or changes to confidential documents); trusted asset updates (for example, base applications or contracts); administrative and control changes (for example, granting of access permissions); and security and IT operational events.
When wondered if Azure Confidential Ledger should be considered the replacement for Azure Blockchain as a Service, Microsoft's response was not straightforward right away.
Instead, a spokesperson said:
“We are asking (Azure Blockchain Service) customers to upgrade to the ConsenSys Blockchain Quorum solution. As the dynamics of the industry changed, we made the decision to move from a product-oriented offering to a partner-oriented solution. ” But a simple answer came later, when a spokesperson was kind enough to elaborate on ACL's positioning:
“Azure Confidential Ledger is not a replacement for the Azure Blockchain service, but it is another distributed ledger that can be used by customers who want to benefit from the highest level of confidentiality provided to them. With Azure Confidential Ledger, customers can leverage Azure confidential computing to harness the power of secure enclaves when setting up the distributed blockchain network. "