Here’s the situation: We provide a way for customers to view a document, say a spreadsheet, on a display screen in a public area. To do so, they use our content management software, web-based, and upload the file. It goes to our servers, gets modified into the proper display format, and returned to the display.
Most of the time this is fine, but some companies don’t want the spreadsheet to leave their network. In that case, the only solution now is to give them an on-premise version of our software, which has limited functionality and is expensive. So if we could encrypt it - and prove it at any time by verifiable 3rd-party sources - we could use our standard web-based solution AND provide the security.
Blockchain tech is not going to help you very much in this situation. You’re saying that your customer wants to use your software, but doesn’t want to upload their file to your server. The only choices (that I see, anyway) would be for you to either a) allow them to self-host your complete software solution on their own systems so they can get the full functionality while keeping the data in their network, or b) pushing all of the application logic client-side then serve the app to them via javascript or a browser extension or something like that so the data can be manipulated exclusively within their network, which is functionally the same as self-hosting the app.
If your customer encrypts the data and sends it to your server, the data will have to be decrypted for your application to do anything with it. This is true with or without the blockchain.
How about in the case where we don’t want to modify the file? In about 1/2 of the use cases, we just display the file as-is. We still face the issue where they don’t want it to leave their network for security reasons, but if we could guarantee its confidentiality, that would be very helpful. That’s because, as a web-based service, it’s easier all around if they use our ‘normal way’ to transfer the file across our servers to their screen.
You can’t guarantee the file’s confidentiality if you are hosting it in a decrypted state on your server (or an encrypted state that your team is able to access). The blockchain cannot help you here. At best you might be able to prove that the file was accessed by specific people at specific times, which doesn’t do anything to protect the file but provides accountability after-the-fact if there’s a breach. You might want to look into services like Tierion (cc @Wayne) or Guardtime for such functionality (not an endorsement).
The file would never be decrypted on our server. The idea is to let it pass through our servers in encrypted state and then back to our player on their network where it could be viewed.
Thanks for the resource ideas, I’ll check them out
I’m Wayne, Founder of Tierion. I just came across this thread where you were looking to verify that an encrypted file that has been transferred over the Internet has not been modified in transit. Tierion might be able to help.
You can hash the encrypted file on system A, send the hash to Tierion’s API, and Tierion will return a blockchain receipt. You can then send the encrypted file to system B along with the blockchain receipt. The recipient of the file, can hash the received encrypted file and then compare the hash to the one specified in the blockchain receipt. Lastly, you can verify the blockchain receipt by making a call to our API.
I know this sounds complicated, but a developer can create a tool that automates this process in a few days. My team would be happy to help. Please message me your contact information if you’d like to discuss your project. As @light suggested, Guardtime may be worth a look if you have deep pockets.
Yes. File sharing is one of the prominent applicable use case for block chain technology. Any data can be embedded in a blockchain using transaction metadata, and then all participants in the chain will then receive a copy of this data. It can be used, but it will grow very fast. All the files and all the versions will be in the blockchain. I don’t know if the internet speed can handle this today.
