What Are Permissioned Blockchains, and How Can They Help IT Pros?

Permissioned blockchains strike a balance between the benefits and security concerns around blockchain.

Christopher Tozzi, Technology analyst

November 20, 2018

4 Min Read
Bitcoin

What’s a permissioned blockchain? If you develop blockchain applications, or work for a company that is interested in learning how blockchain technology can improve its operations, that is an increasingly important question to ask.

It is also, however, a question that many IT professionals are unlikely to think to ask. Permissioned blockchains--which provide privacy and security protections that are unavailable on traditional blockchains--have so far received much less press coverage than the big-name public blockchains, like Bitcoin and Ethereum. But because permissioned blockchains are increasingly important in enterprise software contexts, you must educate yourself about what they are, what makes them valuable, and how you can take advantage of them for deploying more secure blockchains or blockchain-based applications.

What’s a Public Blockchain?

The first and best-known blockchains, like the one that is used to record bitcoin transactions, are public. Anyone can join the decentralized network of computers (or other devices) that hosts blockchain data and performs the computing operations required to verify data transactions.

The public nature of these blockchains is part of what makes them so powerful. When anyone can join your network, and no single person or group has more control over the network than anyone else, you achieve decentralization. In turn, decentralization helps to guarantee fairness and prevent data manipulation by a malicious party.

On a blockchain, someone who tries to “cheat” or modify transaction records in an inaccurate way will be found out by the rest of the network, and the malicious transactions will be discarded.

Problems with Public Blockchains

Yet, there is a potential downside with a public blockchain. The open nature of a public blockchain also means that anyone can access the transaction records that are stored on the blockchain. Although most blockchain transactions are recorded under pseudonyms, it’s sometimes possible to track a transaction and determine the real-world identity of the person or group behind it. As a result, it’s hard to guarantee data privacy and anonymity on a public blockchain.

Another problem with public blockchains is the risk of what blockchain enthusiasts call a "51 percent attack." Such an attack happens when malicious users gain control of more than half of a blockchain’s network of computers. If they do that, even for a limited period of time, they can wreak serious havoc by destroying the integrity of the data recorded on the blockchain. Although 51 percent attacks are unlikely on most large public blockchains, they remain a real risk.

Permissioned Blockchains

A permissioned blockchain mitigates the data privacy and security challenges of public blockchains by restricting participation in the blockchain to approved parties.

In other words, to join the network of computers that can validate transactions on a permissioned blockchain, you have to have the approval of other members of the network. The public at large cannot join a permissioned blockchain.

Importantly, the underlying architecture of permissioned blockchains and public blockchains is the same insofar as the network itself is concerned: No one member of the network has more power or authority than anyone else to validate transactions. Someone who tries to cheat on a permissioned blockchain should still be overridden by the majority of members of the network.

However, by limiting who can join the network, a permissioned blockchain ensures that a large number of malicious users cannot suddenly join the network in an attempt to execute a 51 percent attack.

In addition, access to transaction records themselves can be restricted to approved members of the network. This prevents data exposure to the world at large and greatly increases data privacy.

Commercial Use of Permissioned Blockchains

Because permissioned blockchains provide decentralized transaction records without the privacy and security challenges posed by public blockchains, permissioned blockchains have become popular with companies that want to store data on the blockchain without exposing it to the entire world.

Permissioned blockchains are central to IBM’s efforts to promote blockchain technology for businesses. Startup blockchain technology providers like MultiChain, which offers a platform for companies to create their own blockchains, are now seeing real-world use cases that center on permissioned blockchains.

Permissioned Blockchains and IT Pros

For now, adoption of permissioned blockchains remains in the early stages, but that’s probably just a reflection of the fact that companies are still adjusting to blockchain technology in general.

And although there are still some reasons to see blockchain as a passing fad, permissioned blockchains in particular stand to let businesses have their blockchain and eat it, too. If you work for an organization that has so far shied away from blockchain technology due to privacy and security concerns, permissioned blockchains may be just what you need to leverage the benefits of decentralized transaction records without sacrificing integrity and privacy.

About the Author

Christopher Tozzi

Technology analyst, Fixate.IO

Christopher Tozzi is a technology analyst with subject matter expertise in cloud computing, application development, open source software, virtualization, containers and more. He also lectures at a major university in the Albany, New York, area. His book, “For Fun and Profit: A History of the Free and Open Source Software Revolution,” was published by MIT Press.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like