Articles

KSI blockchain provides truth over trust

A black and white photo of two man playing chess.

Article content

Integrity, accountability, and authenticity – are among the key characteristics required from information- and data exchange in all fields of activity today. A unique data integrity solution is offered by the KSI blockchain, developed in Estonia, which can be set up to cover a range of products and services in cloud technology, cyber security, healthcare, finance, and much more to advance digitalisation and adoption of emerging technologies with full assurance.

“The KSI blockchain was invented to replace trust between people with digital truth. It is our mission to make the information that moves around the world totally reliable,” says Silver Kelk, Business Development Manager at Guardtime, a firm that was founded in Tallinn and is today active in Switzerland, the USA as well as the EU.

More specifically, the KSI blockchain makes it possible to cryptographically prove the correctness of data and information moving in networks and systems. With this task, the KSI Blockchain has held a critical role in the e-Estonia framework. “Our technology provides a long-term and easily consumable mathematical proof that everything is safe and correct, even across huge data flows and the most complex digital value chains.”

Used in multiple fields

Kelk explains that Guardtime’s proprietary KSI blockchain has been used in multiple fields. Over the past 15 years, the deep-tech and the research-oriented company has built multiple services and products on top of the KSI blockchain. “We have a horizontally applicable technology that brings the unlimited potential for cybersecurity and process verification in governmental, healthcare, finance, supply chain, and other sectors. Over the past decade, we have built sector-specific products on that platform,” says Kelk.

A black and white photo of a man in a suit

Since 2020, the KSI Blockchain is also accredited as the first blockchain-based trust service under eIDAS regulation, giving it legal power in the EU, if required in a lawsuit. But even more importantly, eIDAS certification has been a major milestone for Estonian blockchain technology as recognition and proof of its undisputable security.

A value-adding technological component

Guardtime’s journey has always been driven by the goal of blockchain utility – making it a truly value-adding technological component in contemporary digital systems. Today, this need is higher than ever. “Scalability issues, as well as limited transaction throughputs and speed, have been major issues related to the adoption of blockchain globally. Our technology design goal has been to eliminate them,” explains Kelk. To meet this goal, Guardtime has grown to be one of the leading technology innovation hubs in the region, investing continually in core cryptography research and inventing solutions to serve the needs of the future.

A typical route to market is long and difficult, except in Estonia

Such a business strategy has not been the easiest to pull off. “While we were very fortunate to get the Estonian government on board from the very early days of Guardtime, typically the route to market for many of our blockchain-based solutions has been long and difficult.” Typically, for emerging technologies, the challenge comes from the market’s readiness and incentives to push innovation adoption. Guardtime has been balancing between validated use-cases and the next innovation projects. Their current lead tracks, with some of the most demanding clients on earth, have taken many long years to actually become sustainable businesses, but this has paved solid ground and unique positioning for their next big targets globally.

Today, the technological maturity and the wide range of opportunities for the KSI blockchain are confirmed by Guardtime’s customer base from very different fields. For example, KSI blockchain-related services are implemented by the US telecom company Verizon, pharmaceutical companies Roche and AstraZeneca, scientific organisations European Space Agency, defence industry group Lockheed Martin, financial actors such as SEB Bank, and the governments of many countries, including Estonia and the Netherlands.

The era of digital sovereignty and continuous compliance

According to Kelk, one of the core values of the KSI blockchain is the ability to verify and monitor digital processes across huge data volumes and complex systems. “An increasing number of our everyday actions leave a digital trail, a log recording of who did what and when,” he explains. “Those systems that back our societies and services can be monitored against specified rules, i.e. approved configurations and defined process steps in case of cyberattacks, disputes, or system malfunctions.”

One of Guardtime’s latest solutions, the TrueTrail product, is an example of further development from the KSI Blockchain. TrueTrail enables monitoring audit trails as a whole and provides heightened situational awareness of the state of underlying systems. “TrueTrail enables organisations to streamline compliance reporting, handle disputes, and maintain true situational awareness,“ claims the product introduction. TrueTrail integrates with existing audit trail management and security information systems to give stakeholders full trust in critical operations and their underlying data. The first TrueTrail integrations have been found in the state infrastructure and the banking sector that is driven by stricter compliance and security regulations.

The new model for cybersecurity assurance

However, it is common that the desire for trusted and verifiable processes comes from the organisations themselves, rather than regulations. Thus, Guardtime’s technology shows its strength when it comes to assessing whether customer data is properly protected – whether the control systems are working as defined in service level agreements, and whether every involved user has the appropriate rights to use the system. Albeit the so-called old-school audit also enables us to verify those points, they remain too static and limited to support modern solutions. Any changes made in the period between the two audits and the system’s correspondence to requirements will not be detected. Traditional monitoring audits do not provide assurance that the systems were not made compliant with the requirements only for the time of the audit, whilst, with KSI blockchain-based tools, clients can detect unauthorised changes made in the system in real-time. “We see this as a part of the new model for cybersecurity assurance and information systems auditing. The world is starting to adopt continuous compliance models,” affirms Kelk.

Trust for cloud consumers

Another trend that Guardtime’s technology addresses is the push for digital sovereignty – a term that is, especially in Europe, often heard in the context of public cloud adoption. Kelk gives an example: “If the Estonian healthcare or governmental institutions move their digital infrastructure into the cloud, they face a new environment that is, to a large degree, controlled by the cloud service provider (CSP), typically one such as Microsoft, Amazon, or Google. And this is good since these environments are the best to support further digitalisation. But it also creates a new model for accountability and transparency.” Past years have shown that when we deal with sensitive data and critical processes, some customers require advanced tools for monitoring these new environments. Without such guarantees, cloud adoption could be hindered or just turned into much more expensive private cloud projects with a lot of overregulation. A solution for overregulation and inefficiency, which derive from the lack of trust, could come from independent oversight of cloud service providers’ processes – e.g. improved means of verifying data residency demands or detecting any misconfigurations. In other words – cryptographically provable truth.

“Guardtime’s TrueTrail solution protects and monitors logs and processes independently from the CSPs, which means that even if the cloud providers wanted to, they would not be able to present partial or selected data, or manipulate any audit trails to cover some mistakes,” explains one of the typical use case for the KSI blockchain. In essence, this means that whereas today the control of data and information movement belongs to the cloud providers, with the KSI blockchain it is possible to independently check the information reported by them.

Tracking human mistakes

In addition, Guardtime’s solutions enable tracking human mistakes that lead to data loss. “People often make mistakes, unintentionally. Applications are frequently configured incorrectly and this might lead to severe system vulnerabilities, sensitive data compromises, and non-compliance with regulations. This is why you need a security network that reports quickly when something goes wrong,” explains Kelk. With the help of KSI Blockchain-based solutions, the reporting time from a misconfiguration to an alert can be reduced from the current 5-10 minutes to near-real-time. In the cloud security world, such independent oversight and rapid reporting is a big step forward.

Oriented to collaboration and partnerships

Growing digitalisation, as well as the related digital threats, continue to be fuel for Guardtime’s success. As a research and innovation-oriented company, Guardtime strives to align its core technology and new solutions with emerging trends. From AI to digital payments, from e-governance to the backbone of WEB3 and tokenisation, Guardtime’s blockchain technology provides a great outlook for the following years. Valuing its Estonian roots and retaining all key research and engineering capabilities in Tallinn and Tartu, Guardtime pursues business opportunities globally. In partnership with other technology companies and world-leading enterprises, as well as with growing developer communities in the WEB3 and crypto space, Guardtime’s business model remains tied to collaboration and joint product commercialisation. “Definitely, our doors are open. Estonia and Guardtime were the pioneers in blockchain adoption already a while ago, but we are ready to show that we all have been just in day one of blockchain technology. The next years will be very interesting.”

✈️  Can’t travel but want to hear the e-Estonia story or implement e-services in your country or company? Take a look at our services and get in touch – we’ve got you covered!

Written by
Indrek Mäe

Contact

Visit us physically or virtually

We host impactful events both in our centre and online for government institutions, companies, and media. You’ll get an overview of e-Estonia’s best practices and build links to leading IT-service providers and state experts to support your digitalisation plans.

Questions? Have a chat with us.

E-mail:
Media:
Call us: +372 6273157 (Monday to Friday, 9:00-16:30 Estonian time)
Regarding e-Residency, visit their official webpage.

Find us

The Briefing Centre is conveniently located just a 2-minute drive from the airport and 15- to 20-minute drive from the city centre.

You will find us on the ground floor of Valukoja 8, at the central entrance behind the statue of Mr Ernst Julius Öpik. We will meet the delegation at the building’s reception. Kindly note that a booking is required to visit us.

Valukoja 8
11415 Tallinn, Estonia