Over the last ten years two of the most important technologies that have seen widespread adoption have been virtualization and blockchain. Virtualization paved the way for cloud computing and the blockchains are reinventing finance by eliminating trusted parties in the processing and settlement of transactions.

Strangely, until now, no one has put the two (cloud and blockchains) together. If they did, they would realize that together they would the solve the thorniest problem for Enterprise CIOs, namely: How do I comply with regulations and trust my mission critical processes to an outsourced vendor who has little if any accountability?


The key idea of blockchain is that there is no centralized authority that is responsible for saying what is true or what is false, rather multiple distributed parties come to consensus, that consensus is entered into the ledger which thereafter can be accessed by anyone in the future. It is computationally infeasible for a single actor to go back and modify history.

The Cloud as a Data Logistics Platform

  • What do consumers of cloud computing care about?
  • What do they want to know is true?
  • What would be the equivalent of a blockchain transaction in the cloud?
If we position the cloud as a giant logistics platform for data, then we can think of a transaction as the transport or processing of data. Data enters into the cloud (network), it is processed (compute) and then is either returned to a consumer or kept for re-use at a later date (storage).

CIOs want a Verifiable data supply chain

If you ask CIOs what they need to move their mission critical processes to the cloud then you will hear terms like “accountability, reliability, compliance, security, verifiability, auditability, acceptance of liability”, in other words they demand that there is a secure data supply chain, that every step in that supply chain can be verified in real-time and when things go wrong it is possible to figure out what went wrong and that there is someone who can be held accountable.

Today not a single cloud vendor can say this. It also shows the opportunity; if such a platform could be built and the concerns of Enterprise CIOs could be satisfied then Cloud would be a more secure, reliable and audit friendly way of running applications, rather than trying to do all of the above on premise in private data centers. Moreover, a data supply chain would enable a true zero trust model, as all transactions on data would be entered into the blockchain. With the ability to verify and audit any transaction, no transaction needs to be taken for granted or accepted without verification of accuracy and authenticity.

Verizon MSI

Guardtime and Verizon introduce Machine State Integrity (MSI), the first step into making a data supply chain a reality. MSI is a tool that empowers real-time data validation anchored in the KSI Blockchain, to provide a layer of immutable cryptographic verifiability. MSI is designed with the very issues CIOs most care about as they move their enterprise into the cloud but with an approach that wholly fits into the Zero-Trust model. No longer are you left waiting for a monthly report from your IT team or reviewing the audit report from some third party. Instead, you get immediate  alerts when data is used in some unexpected way or a security control is violated, even if just for a moment. MSI agents and cloud services together actively monitor and interrogate the cloud and the many transactions processing through the cloud.

Everything, that happens to data, whether transport, processing or storage of data is entered into the blockchain.

Afterwards what happened to data, who accessed the data, where it went and how that data was governed can be verified by anyone who has access to the blockchain. The blockchain freezes the compute platform in time and users of the platform can verify that the platform is in the correct state in real-time.

Such a system would give complete traceability for the cloud, entities who are either using or administrating the cloud can be held responsible for their actions, regulators get to audit all processes and everyone involved can verify what happened and when it happened.

Of course a reasonable question to ask would be whether such as system could be built in reality. Even a modest petabyte cloud easily implies billions of data transactions every second that would need to be entered into the blockchain and distributed out to the edge. The implied network, storage and compute requirements would make it impossible to scale. Hence, MSI leverages the Guardtime KSI Blockchain, a wholly unique way to mathematically anchor  data, without having to include the data itself.