KuppingerCole Report
Advisory Note
By Ivan Niccolai

The Blockchain and Life Management Platforms

The core features of blockchains - decentralization and algorithmic consensus – can enable the creation of Life Management Platforms (LMPs) with better security and availability, as well as promote wider public adoption by providing independently-verifiable proof of personal data integrity. Even though there remain some requirements of LMPs that are not solvable with blockchains, overall the benefits that blockchain technologies can provide to LMPs are far from negligible.
By Ivan Niccolai
in@kuppingercole.com

1 Management Summary

Can blockchains enable Life Management Platforms and encourage widespread user adoption? This paper examines some of the core challenges of LMPs - whi ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • Rather than simply trusting an LMP solution provider, blockchains would allow users to have mathematical proof of the integrity and confidentiality ...
Login Free 30-day Select Access Get full Access

3 Introduction

The concept of Life Management Platforms is premised on the principle of data sovereignty, which is the belief that individuals and organizations shou ...

Login Free 30-day Select Access Get full Access

4 Life Management Platforms

Life Management Platforms (LMPs) combine personal data stores, personal cloud-based computing environments, and trust frameworks. They allow individua ...

Login Free 30-day Select Access Get full Access

4.1 Protected information store for personal data

This is of course the foundational component of any LMP, a personal data store is a repository for storing personal user information. This store needs ...

Login Free 30-day Select Access Get full Access

4.2 Granular Access Control for data stored on Platform

Since the types of personal information stored would vary widely in terms of sensitivity, and given the importance of keeping identity relationship co ...

Login Free 30-day Select Access Get full Access

4.3 Information Control remains with individual - Data Sovereignty

User controlled access control leads to a key principle of LMPs:data sovereignty

The user must have ultimate ownership and control of all infor ...

Login Free 30-day Select Access Get full Access

4.4 Life Events Management

LMPs must be able to handle many common life events, data sovereignty is incomplete without the ability for users to define a “personal information ...

Login Free 30-day Select Access Get full Access

4.5 User Managed Access: “controlled push” & “informed pull”

LMPs must be able to support a concept known as “informed pull”, that allows for receiving information from various parties without disclosing the ...

Login Free 30-day Select Access Get full Access

4.6 Standardized Protocols for Privacy- and Security-Aware Information Sharing with Third Party Applications

Much as the OAuth standard works today, LMPs will require published standards enabling information sharing with third party applications. Yet, unlike ...

Login Free 30-day Select Access Get full Access

5 Life Management Platform Challenges

LMP solutions face some significant challenges today, largely due to the high level of user trust required given the sensitive information an LMP woul ...

Login Free 30-day Select Access Get full Access

5.1 User Trust

No matter the strength of legal protections and rights relating to personal data in place, which impose strict guidelines relating to the handling of ...

Login Free 30-day Select Access Get full Access

5.2 Securing Sensitive data from Hackers and Insider Abuse

As with all trusted third parties which are the custodians of large repositories of personal data, no matter how good their security processes and def ...

Login Free 30-day Select Access Get full Access

5.3 Protecting Shared Information

The fundamental problem with third party sharing is that once information is disclosed, it is out of control. Today we neither have a means to encrypt ...

Login Free 30-day Select Access Get full Access

6 Overview of Blockchains

Blockchain, a distributed append-only, linear data structure, which uses consensus algorithms to enable a degree of controlled decentralization, was b ...

Bitcoin’s blockchain is known as a public, unauthenticated and “permissionless” blockchain. It is both decentralized and distributed, as any par ...

In order to best understand the use case suitability of various blockchain projects, KuppingerCole has developed a blockchain taxonomy (shown in Figur ...

Login Free 30-day Select Access Get full Access

7 Blockchains & Life Management Platforms

The main features of blockchains which are relevant to LMPs are their decentralized architecture, independently verifiable tamper-evident transaction ...

Centralized, trusted parties have their place in technology and society such as barristers, government departments and escrow services (digital or not ...

Login Free 30-day Select Access Get full Access

7.1 Mathematical Proof of Integrity

A key challenge of LMPs is the ability to provide personal information confidentiality and integrity assurances to users. This is where the consensus ...

Login Free 30-day Select Access Get full Access

7.2 Insider Abuse of Privileged Access & Outsider Infiltration Prevention

No attacker or insider should ever be able to hit “the information jackpot” by compromise/abuse of privileged credentials. This is where decentral ...

Login Free 30-day Select Access Get full Access

7.3 User-Controlled Personal Data Storage

The need to prevent the privacy and security risks associated with centralized systems is of paramount importance in LMPs. It is therefore useful to e ...

Login Free 30-day Select Access Get full Access

7.4 Personal Information Sharing and Data Processing

Personal information sharing in future LMPs would need to function much like OAuth works today, yet OAuth is only an access protocol, it does not spec ...

Login Free 30-day Select Access Get full Access

7.5 Smart Contracts and Life Management Platforms

The use of blockchains for smart, or self-executing contracts is a key blockchain capability and has been amply documented in other KuppingerCole repo ...

Login Free 30-day Select Access Get full Access

8 Challenges

Major challenges remain which include slow growth in LMPs, existing user identification or enrolment difficulties, as well as the challenges relating ...

Login Free 30-day Select Access Get full Access

8.1 User Identification challenges

There are other LMP challenges that blockchains will not be able to overcome. This is simply down to the complexity of human identity and contexts, as ...

Login Free 30-day Select Access Get full Access

8.2 Blockchain Challenges

The blockchain’s potential for creating distributed and decentralized, strongly-consistent, tamper-resistant systems for secure data storage and pro ...

Login Free 30-day Select Access Get full Access

9 Conclusions and Recommendations

It is highly unlikely we will ever see a single identity solution, even if it is completely user-controlled. Yet it remains highly likely that we will ...

Login Free 30-day Select Access Get full Access

10 Acronyms

Acronym Term
APT Advanced persistent threat
B2B Business to business
B2C Business to customer
C2C Customer ...
Login Free 30-day Select Access Get full Access

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded back in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.

top