The Kaleido Blockchain Application Firewall (BAF) provides rich options for authentication and authorization of application connections to your blockchain resources. The service easily integrates with your existing OpenID provider and allows for low-level blockchain permissions to be embedded in user authentication tokens. BAF provides organizational admins with a single source of truth for end-user role based access control, and allows operators to easily add or rescind permissions within their existing user directories. Additionally, by supporting an OAuth-based authentication flow, the critical application credentials providing secure access to the Kaleido resource endpoints are never exposed.
Built for permissioned networks
Data isolation and strict governance enabled by Hyperledger Fabric certificate authority
Unique Execute-Order-Commit endorsement model where transactions are initially executed on a set of peers while ordering service handles packaging and delivery
Ordering can be switched based on the needs of the environment with pluggable consensus algorithms
Since launching in 2015, Hyperledger Fabric has been a top choice for enterprises looking to build apps on permissioned blockchain networks. The modular architecture is capable of powering large-scale applications that require enterprise-grade data security.
The ability to protect certain details of peer transactions has made Hyperledger Fabric a go-to protocol for industries like financial services, supply chains, and the insurance industry. It works for complex use cases that involve personally identifiable information and proprietary business data.
Hyperledger Fabric is one of the many protocol choices available on Kaleido. With a full suite of plug and play services, flexible cloud deployment options, and powerful APIs, Kaleido is the easiest way to run a Fabric network anywhere.
Hyperledger Fabric is an open source project designed to handle enterprise-grade use cases. Key differentiators are its quick transaction throughput and its modularity, allowing for more innovation and optimization regardless of industry use cases. Other benefits include scalability and security, key pillars of any enterprise application.
Hyperledger Fabric is a modular blockchain framework that allows you to plug in different components, such as consensus algorithms and membership services, and tailor networks to your needs
Part of the Hyperledger project of the Linux Foundation, Hyperledger Fabric is an open source protocol that allows the enterprise to build custom applications and limit vendor risks
With a high level of security for enterprise users, Fabric uses a permissioned network to prevent unauthorized access
Kaleido is a Hyperledger Certified Service Provider (HCSP) with a deep expertise in helping enterprises successfully adopt Hyperledger tools. Our founding partners are also active with the Hyperledger Foundation. Sophia Lopez is a General Member representative on the Hyperledger Foundation Governing Board and Jim Zhang is a member of the Hyperledger Foundation Technical Oversight Committee.Talk to an Expert
Quorum is a blockchain protocol specially designed for use in a private blockchain network, where there is only a single member owning all the nodes or a consortium blockchain network where multiple members each own a portion of the network.
Quorum is designed to be highly scalable, with low transaction latencies and the ability to support a higher number of transactions per second than other blockchain protocols. This makes it well-suited for use in high-volume applications.
Quorum includes a number of security features that are designed to protect sensitive or proprietary data, like private transactions that allow network participants to transact without revealing the details of their transactions to the rest of the network.
Quorum is based on the Ethereum protocol and can support a wide range of decentralized applications and smart contracts. It is also highly modular and customizable so that it can be tailored to the needs of specific use cases.
There is no cost required to submit transactions to a Quorum network, unlike Ethereum, which requires the payment of high and unpredictable gas fees to submit transactions.
The Blockchain Application Firewall can have a range of potential uses for your organization including:
The Blockchain Application Firewall can be configured to trust your IAM server, whether it's a private instance of KeyCloak, Otka, Microsoft Azure Active Directory, or any other system that issues tokens as signed JSON Web Tokens (JWT). This allows users to enjoy a standard sign-in procedure to blockchain applications such as the familiar username and password, multi-factor authentication, etc.
In your organization you may find you have keys for different teams within an organization, or for different types of operation, or maybe thousands of keys allocated to individual users of your application. This is why it’s important to restrict access to signing with these keys only to authorized connections, which the Blockchain Application Firewall allows your organization to do. The firewall analyzes each JSON/RPC request as it passes through, checking for attempts to sign transactions and authorizing them against a rule-set that specifies which keys are allowed to be used by that connection. This capability works in tandem with your application level security. You can configure static rules to configure access to keys, or dynamic rules based on issuing JWT tokens in your application tier or IAM system to restrict signing access.
In applications where users have their identity or key which signs transactions from their web or mobile device, they need to be able to submit pre-signed transactions to the blockchain node. The JSON/RPC interface of the node will end up needing to be exposed to the application for sending the transactions, which is where the Blockchain Application Firewall comes into play. The firewall provides an additional layer of security for these connections, on top of the default boundary security built into the Kaleido platform.
Quorum is a protocol of choice for industries like financial services, insurance, and supply chain management where enterprise-grade.