Blockchain and electronic data archiving: evidence protection
Digital technology is advancing exponentially, not only affecting the habits of consumers and the digital society, but also having an impact on business processes and transforming the processing, retention and analysis of the data that are sent and received via Internet.
The European Commission, through Regulation (EU) No 910/2014, provides a legal framework relating to the electronic identification and trust services for electronic transactions in the internal market. The regulation, known as eIDAS, has been applicable since 1 July 2016.
Among other regulated services, the eIDAS arises to facilitate cross-border recognition among existing national systems related to electronic registered delivery services (ERDS) or eDelivery service. An eDelivery service allows for a secure and trustworthy delivery of messages between entities, creating, in addition, evidence of the sending process for legal use.
Therefore, a provider of electronic registered delivery services must ensure the confidentiality, integrity, authenticity of the origin and availability of the evidence described in the document.
EDICOM, as an eIDAS Qualified Trust Service Provider and ERDS service provider, has applied to its long-term electronic archiving services a model for securing evidence retention based on blockchain technology to meet the requirements of the regulations:
- Integrity: Each evidence has to be secured so that it cannot be modified.
- Availability: The evidence must be available quickly and throughout the legal period applicable to the related document.
- Confidentiality: The evidence must be accessed by the entities concerned, but not by unrelated entities.
- Scalability: The solution must be able to be fast and scalable.
- Resistance to changes: The system must be able to be safe, even if an administrator tries to modify or delete an evidence.
Today, the blockchain is already used beyond the bitcoin, which it is always related to. The use of this technology provides advantages for sectors such as finance, transport, logistics and eCommerce.
Long-term electronic archiving and blockchain
Blockchain works like an unmodifiable public database of a transaction system. Edicom uses Blockchain like a notary public replacing transactions with ERDS evidence, which allows ensuring that an evidence exists from a moment in a specific time, guaranteeing the non-alterability of the registered processes.
Our blockchain is based on chains of blocks with encrypted information on ERDS transactions carried out. Each block groups its evidence in a tree structure (called Merkle tree) from which a hash or cryptographic summary is obtained. This hash, along with references to the previous block and the metadata of the new block is used to generate the hash of the block. Any attempt to alter it in any of the transactions or of the blocks would be carry the risk of not matching the hashes that concatenate them.
In our case, data confirmation of the block, also called the mining process, is performed by a qualified electronic time stamp. This signature is applied on the hash of the block, which is calculated by combining all of its information. Therefore, the contents of the blocks are secured by the hash of the block that is signed.
EDICOM has created its private and centralised blockchain network to ensure, in this case, evidences on the electronic archiving of documents that ensure the integrity of the same in their EDICOMLta solution. As it is a private network, participation in the network is not open to maintaining the confidentiality and security of the users’ archived documents.
In the case of an electronic stamp, it complies with the fundamental requirement of confirming that an evidence exists at a specific point in time. As each block is linked to the previous one, information cannot be eliminated or altered without breaking the chain. This leads to complying with the requirement of integrity and resistance to change.
In addition, scalability is guaranteed thanks to the flexibility of the blockchain structure to handle a multitude of events.
What are the benefits of blockchain for electronic archiving?
- Integrity: When a transaction is generated, or any information is exchanged, it cannot be modified by any stakeholder or administrator.
- Security: Each block contains a signature with electronic time stamp, so that the information’s authenticity is verified. The security of the infrastructure and of the information is verified through the concatenation of hashes.
- Transparency and traceability: Any action in the blockchain will be recorded. Operations cannot be eliminated or altered.
- Confidentiality: When registering the evidence in a private network, there is a greater control over the generation of evidence and its archiving.
EDICOMLta, certified Long term Archiving system
EDICOMLta is a service developed according to the technological requirements of security regulated in European Regulation 910/2014, relating to the electronic identification and trust services for the electronic archiving of documents.
Users can archive, consult, classify, download, secure and preserve all documents archived during the time established by law. EDICOMLta streamlines the document archiving, management and search processes using simple web functionality or permits their automation through the integration of data between different applications.
Our electronic archiving system also has eIDAS certification with the local certifications in regions where there is specific legislation on electronic retention, such as for example the Conservazione Elettronica in Italy, or the NOM151 in Mexico.