- Bob is doing research that may eventually be presented publicly. When it is presented publically there is a need to have historic evidence of all the steps and data used. This is today done with a tamper-evident notebook. The authors of these notebooks are also careful to include date/time as they progressively record their work. In this way an inspection of the notebook can determine that it is whole, not modified, and thus a trust of the contents, when, and by whom.
- Prior to 2013, the US Patent and Trademark Office (USPTO) used First-To-Invent to determine priority. While the tamper-evident notebook was essential in that model, it is still valuable supporting evidence even after the switch to First-To-File. In particular, intellectual property disputes benefit from tamper-evident records.
- Publicly funded research (e.g. NIH, NSF, DARPA) increasingly mandate the release of underlying data at a future date. There is also a trend on the part of regulatory bodies for full data access, especially in light of concerns over negative results from clinical trials not being reported.
- As entries are added to an Evidence Notebook
- The evidence is recorded in a private notebook, and an Author Signature is submitted to a purpose specific blockchain.
- The Author may choose to also archive the evidence onto the blockchain.
- Members of the community, as part of their support of that community, will counter-sign these Author Signature blocks
- At some time in the future when the Evidence Notebook needs to be disclosed, the Author will declare to the community their identity
- In support of a disclosure, any member of the community with access to the Evidence Notebook may validate the notebook.
Use-Case Keeping Records
- ? Is there a need to define the Author Signature other than to say it is an XML-Signature format, with signature from the blockchain rather than from PKI? Advantage the blockchain gives is the identities, algorithm choice, and public ledger.
Use-Case Escrow of Notebook
- ? Should the encrypted notebook pages be also cross-signed by the community? The signature would be of the encrypted blob, which would be proof that the encrypted blob appeared on the blockchain at that time.
Support Use-Case Counter-Signature
Use-Case Public Knowledge
Use-Case Verifying Records
Edna may choose to discount specific identities that have been determined to be fraudulent, or where the control of that identity private key has been compromised. Edna may choose to discount identities that have not yet made themselves public, holding public identities higher. Noting that the movement of an identity from anonymous to public has value to the community as a whole.
Role in the use case
The person or entity that submits Author Signatures. They are assumed to be an investigator or worker in a research team.
An authenticated and authorized individual that has been granted access to the Evidence Notebook. This may be a staff researcher for the Study Sponsor doing cross-study correlations, or an external researcher with a different study question that can be answered with previously collected data.
A peer on the blockchain. The identity may be known or not known.
Generic bad actor
The organisation that receives research data. These individuals or systems need access to the evidence. They may receive this evidence directly, or through the Escrow Evidence. For the purpose of diagrams and data flows, any member of the study team will be represented as "Dan"
The individuals and systems who are performing some research or other activity for which an Evidence Notebook is necessary. Bob is a member of the research team. For the purpose of diagrams and data flows, any member of the research team will be represented as "Bob"
The individuals and systems who counter-sign Author Signatures to help provide veracity. It is expected that peers will not be part of the same research team as Bob.
Prerequisites / Assumptions
- Bob needs to keep the research confidential until some future time.
- The format of the notebook need not be constrained, as long as digital signature can be validated once the notebook is made public.
- Presume use of XML-Signature schema can mediate this
- If Evidence data is disclosed it must be properly handled or de-identified
- There is no need to publish the content of the notebook on the blockchain.
- There is an option for encrypted notebook on the blockchain, and use of smart-contracts to unlock as appropriate
- Bob may have many notebooks, or may have many research projects interleaved within one notebook. This similar to paper notebooks today.
- Bob may need to hide his current activities, meaning new activity can’t be associated with Bob
Use Case Diagrams
- New Author Signature
- Bob updates his evidence notebook
- Bob submits a Author Signature block to the blockchain
- Bob optionally submits Evidence blobs to the blockchain
- Paul notices a new Author Signature block
- Paul counter-signs the Author Signature block
- Evidence Notebook validation
- Edna is asked to confirm an Evidence Notebook
- Edna is given access to the Evidence Notebook (may not be public disclosure)
- Edna validates signatures from the blockchain
- Edna validates counter-signatures from the blockchain
- Edna extracts timestamps from set of signatures
- Edna may validate Public Signatures as necessary
- Evidence disclosed
- Smart-Contract triggers
- Smart-Contract may include notification mechanisms to Dan
- Dan receives Evidence and decryption keys given trigger on Smart-Contract
Sequence Diagrams(drafting, not yet done)
- Author Signatures are validated
- Modified Author Signatures are detected as not valid
- Participation sufficient to achieve (n) counter-signatures
- Funding by organizations relying on output (research, clinical trials, etc)
- Participants collusion to revise history
- Is insufficient number of peers, and therefore insufficient number of prompt counter-signatures, a distinct failure mode?