Oracle EVP: ‘Blockchain Is a Hot Thing Now’

According to Oracle Executive VP Juan Loaiza, “Blockchain is a hot thing now.” And Oracle is taking advantage of the market’s favorable conditions with new technology that integrates blockchain into the Oracle database, Loaiza, EVP of mission critical database technologies, said during a media roundtable earlier this week. According to Oracle Executive VP Juan Loaiza, “Blockchain is a hot thing now.” And Oracle is taking advantage of the market’s favorable conditions with new technology that integrates blockchain into the Oracle database, Loaiza, EVP of mission critical database technologies, said during a media roundtable earlier this week. The company is trying to bring blockchain into mainstream enterprise and government applications with minimal changes to those applications, he explained.  “The big point here is blockchain is useful,” Loaiza said. “But blockchain is not the same as the traditional security technologies. It adds another layer that isn’t solved by any of the traditional stuff.” The fact that cybercrime skyrocketed last year as COVID-19 and the shift to virtual work and learning swept the globe doesn’t bode well for 2021. It also means that organizations need to take a new approach to securing their data, Loaiza said.   “The idea that we can ever make something safe from hackers just doesn’t work,” he added. “There’s going to be hackers, there’s going to be corrupt insiders, there’s going to be insiders that have their credentials stolen.” This is where blockchain comes in. “It doesn’t prevent your data from being stolen,” he explained. “It prevents your data from being changed, and particularly being changed without anybody knowing.” To that end, Oracle took what it considered to be the “interesting parts of blockchain technology” and introduced four new features into Oracle database.  Blockchain technology uses a distributed database that effectively creates a tamper-proof ledger. Once entered, transactions cannot be changed, creating an immutable record that simultaneously exists on every computer belonging to the same network and updates with every transaction. And because the ledger exists everywhere all at once, it is incredibly difficult to hack. This ability to authenticate transactions of any kind and build trust into systems that record transactions has brought blockchain out from under the shadow of cryptocurrency and into enterprise strategy.  Most notably, Loaiza said, blockchain addresses two unavoidable problems in all the current systems: hackers and users. The latest generation of Oracle’s converged database released in January introduced Blockchain Tables to give users additional layers of security to build applications that can support a distributed ledger. A cryptographic hash creates an insert-only table to ensure that no row can be changed at a later date. Additionally, users are prevented from truncating data, dropping partitions, or dropping Blockchain Tables within certain time limits.  “It’s really about protecting your data in the database and creating this immutable ledger that is easy to implement and is scalable,” explained Jenny Tsai-Smith, Oracle VP for overall database product management, in an earlier interview. It also offers support for all data types including relational, JSON, XML, spatial, graph, OLAP and others in addition to scalability, availability, and security for operational, analytical and other mixed workloads. It provides Intel Optane Persistent Memory support, which Tsai-Smith said makes it “cheaper than DRAM, but much faster than flash cache,” for better performance at a lower cost.   Both Immutable and Blockchain tables are free features of the Oracle Converged Database. New data can still be falsely inserted in an end user’s name by someone using stolen credentials even with Immutable or Blockchain tables. To combat this vulnerability in Bitcoin, for example, all transactions are signed with a private key.  Oracle employs the same tactic and allows end-users to cryptographically sign the data they insert using their private key, which Loaiza said is never passed to the database.  Each end-user registers a digital certificate, which is a public key with the database. This digital certificate allows the database to validate the end-users signature when new data is inserted. In the event that a hacker steals a valid set of credentials without the private key, the signature on the newly inserted data won’t match and won’t be accepted, Loaiza explained. To ensure the database has received changes, end-users can request that Oracle countersign the newly inserted data. Oracle will then return a crypto-receipt to the user, ensuring nothing on the mid-tier can filter specific data to prevent it from being recorded. Bernie Madoff ran the largest Ponzi scheme in history: a $65 billion scam encompassing thousands of investors that was uncovered in 2008, all by creating fake data. “How do we prevent that,” Loaiza said in explaining that even with cryptographically chained rows, cybercriminals or authorities could illicitly change data via a large-scale cover-up.  To detect such a cover-up, Oracle enables schema owners to sign and distribute the cryptographic digest for a blockchain table periodically. The crypto-digest can be posted to an independent public store or blockchain, like Ethereum or sent out by email or made available via a REST API. This is done by chaining all rows together, and in the last row, which is basically a summary of all the rows before it, authorized users can validate the chain and confirm their newly inserted data is present. In the crypto world assurance that someone cannot deny something is known as nonrepudiation. “The idea is by distributing this digest publicly across multiple services, it’s very difficult for someone to come in and basically override all these things and change that digest because you send it out publicly to things that they don’t have access to,” Loaiza said. Looking to the future, Loaiza said the company wants to offer customers the option to replicate tables into the Oracle Cloud to provide a home for  independent copies.