Integrity protect your Azure blob storage data with Azure confidential ledger

This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .

To support customers in regulated industries and compliance scenarios who asked about higher integrity protection of storage blobs, the Azure confidential ledger team has launched a preview of a managed Marketplace application that will further protect data: Blob Storage Digests Backed by Confidential Ledger (Preview).

 

Data signatures from blob can be harvested and stored in a confidential ledger for tamper protection. At a later point in time and to demonstrate tamper proofness for compliance and auditing purposes, signatures can be recalculated and validated against the signature in Azure confidential ledger.  To express your interest, join the preview.

 

Customers needing confidentiality guarantees in key-value store can continue utilizing Azure confidential ledger directly and can leverage the integration between Azure SQL Database ledger with digest stores in Azure confidential ledger for continuing to protect their relational data.

 

The Azure confidential ledger team has also launched new features to enhance product and auditing experience:

  • The Azure confidential ledger Portal experience has been improved with a new Ledger Explorer feature that allows observing transactions and validating the cryptographic proofs of ledger transactions.
  • The multi-admin delete (upcoming) feature will allow deleting ledgers only with approval from multiple administrators, compared to a single administrator requested delete today. 

 

Quick Glance of the new Marketplace App: Blob Storage Digests Backed by Confidential Ledger (Preview)

 

Step 1: When a new blob gets created, the transaction table will be populated with a new entry

 

ShubhraS_0-1699994265251.png

 

Step 2: When enough blob records have been created, a digest will be calculated and stored in to Azure Confidential Ledger. An entry will be created within the block table and contain the Azure Confidential Ledger Transaction ID.

 

ShubhraS_1-1699994265256.png

Step 3: When it comes time to performing an audit, a history of audit records can be viewed for every blob storage container

 

ShubhraS_2-1699994265263.png

Step 4: The audit record will verify transactions and demonstrate the integrity protection status by comparing the digest hash stored in Azure Confidential Ledger against re-calculated digest hash

 

ShubhraS_3-1699994265270.png

 

Preview Sign up: Join the preview 

 

Watch the demo (~15:00): 

 

Getting Started & Resources

For getting started with Azure confidential ledger, read our documentation and past blog posts:

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.