Tamper Proof Audit Trail

Overview

OrbitDB, which is a serverless, distributed, peer-to-peer database was used to maintain the logs for a particular case. Since OrbitDB uses IPFS ( InterPlanetary File System) as its data storage and IPFS Pubsub to automatically sync databases with peers and is a consistent DB using CRDTs (Conflict free Replicated Data Types) for conflict-free database merges and hence an excellent choice for decentralized apps, blockchain application etc. Our Tamper Proof Audit trail solution externalizes selective audit and event data - ensuring that the data is not tampered with or lost. This selective data can be pushed and retrieved in a distributed way while maintained in a centralized way. We built an application in Appian leveraging the Process, Record and Sites capability. This case was an exhaustive one with multiple status maintained across multiple users. All the actions and reactions on a case was mapped to an entry in OrbitDB (for now, we used docstore database of OrbitDB). Docstore is a document database to which JSON documents can be stored and indexed by a specified key. This was the first choice to store the case data and it helps in searching with respect to indices and also in version controlling of the data. We created Connected System in Appian for connecting to the Orbit DB. Inserting the data in the DB and also for fetching the relevant status log for a particular case which is in turn showcased on the Dashboard.

SOLUTION APPROACH:

  • Leverage OrbitDB a serverless distributed, peer-to-peer database built on IPFS
  • Identified Audit History and Events from Appian Process Pushed to various Orbit DB Peers
  • Leverage the Appian Record Dashboard and integrate it with the Orbit DB for Drill down of activity and event logs
  • Single point of view for data across Geos and LOBs

Key Features & Functionality

  • Helps keep your data as tamper-proof (be it audit log or any case specific information)
  • Integrated with OrbitDB as a serverless, distributed, peer-to-peer database built on IPFS
  • Easy Implementation
  • Distributed Implementation
  • Open Source
  • Extensive framework sdk and API availability

Benefits & Business Impact

  • Conflict free Data replication among peers
  • Availability of data even if one of the peers is down
  • Decoupling of Audit/Event Data from Business Data
  • Data Pushed from different sources and retrieved across systems from multiple locations
  • Centrally maintained data
  • Moving away from ER (Entity Relation) structure
  • Audit Compliance adherence

Anonymous