I'm excited to announce that ledger is now generally available in Azure SQL Database! Ledger is a new technology that offers the power of Blockchain in Azure SQL Database. We’re making the data in SQL verifiable using the same cryptographic patterns seen in Blockchain technology, while keeping the flexibility and performance of a traditional database. It is centrally managed while you can cryptographically attest to other parties, such as auditors or other business parties, that your data can be trusted and hasn't been tampered with.
How it works
Each transaction that the database executes is cryptographically hashed (SHA-256). Transactions are then cryptographically linked together, like a Blockchain. Cryptographically hashed database digests represent the state of the database. They're periodically generated and stored outside Azure SQL Database in a tamper-proof storage location such as Azure immutable Blob storage or Azure Confidential Ledger.
All historical data of ledger tables is transparently maintained in the database system and exposed to users for auditing and forensic purposes. Historical data can be used to analyze the operations executed on and detect unexpected or malicious modifications. However, malicious high privileged users or cloud operators can update the content of ledger tables, using other techniques like writing directly to the data files, and tamper with the data. These "under the covers attacks" will be detected through the cryptographic verification. Database digests can be used by auditors, business partners (in case of a multi-party scenario) or even end users to execute the database verification process that recomputes the hashes in the database and compares them to the input hashes provided by the user. When the verification is successful, you will have cryptographic proof that your data can be fully trusted.
Use cases for Azure SQL Database ledger
Multiple-party business processes
Automating cross-business processes and establishing trust around them are critical problems in several sectors, such as supply chain, manufacturing, etc. They struggle with the challenge of how to share and trust data. Many organizations are turning to traditional blockchains to digitally transform their multiple-party business processes.
However, due to its decentralized nature, it presents significant challenges when used for real-world production workloads. There are many scenarios where a Blockchain solution is an overkill and does not justify the cost and performance overhead. Ledger provides a solution for this. Participants can verify the integrity of the centrally housed data, without the complexity and performance implications of a Blockchain network.
Lenovo is one of the customers benefiting from ledger
“Azure SQL Database ledger was perfect for our Trusted Supply Chain solution because it combines high security with great performance, scalability, and better sustainability than blockchain. We’re using ledger to enhance trust in our brand by safeguarding the integrity of our products from the time they leave our manufacturing plant until they’re in our customers’ hands” -- Thorsten Stremlau, CTO, Commercial Intelligent Devices Group
“Azure SQL Database ledger delivers our platform with all of the benefits that blockchain technology provides, without the additional heavy lifting of the blockchain infrastructure, performance considerations and challenges associated with data residency. Working closely with Microsoft on this technology has enabled us to refine our proposition, providing additional benefits to the world’s commercial banks and regulators alike.” -- Andrew Smith, Chief Technology Officer
Audit processes are expensive and time-intensive activities. Auditing requires on-site inspection of implemented practices such as reviewing audit logs, inspecting authentication, and inspecting access controls. Although these manual processes can expose potential gaps in security, they can't provide attestable proof that the data hasn't been maliciously altered.
Ledger provides cryptographic proof of data integrity to auditors. This proof can help streamline the auditing process. It also provides nonrepudiation regarding the integrity of the system's data.
“The ledger feature in Azure SQL Database provides us with some of the best features of Azure SQL in terms of database infrastructure management with the integrity verification and auditability of a blockchain. It’s serving our fin-tech and med-tech use-cases well where auditability and integrity checking are of greater importance.” – Brendon Kleinhans, Development Departmental Lead
For more information and to get started with ledger in Azure SQL Database, see: