Comment on page
Users are digital identities accessing the Datome web services. They are associated with a single purposed object, such as an IOT device, application, or individual.
A user owns a digital certificate signed by the internal Certificate Authority (CA), which is used to sign every blockchain operation and identifies univocally the user. Others cannot use it.
The ownership of a digital certificate does not automatically grant permission for all blockchain operations, as users must also be a member of a group (e.g. admin, model admin, or controller) to be permitted to carry out specific actions.
Groups are clusters of users. A user is automatically a member of every sub-group and can belong to multiple groups. The group members acquire the permissions to access the data associated with the group.
A Model is the digital blueprint of the Assets we want to manage. One Model sets the rules for the N Assets that Datome shall manage. A Model describes the Asset’s properties (e.g., weight, materials), the relation with other Models (e.g., a blister can be part of a packaging), the actions that can be performed on the Asset data and the specific user groups that have permission to execute those actions.
Models can set powerful data flow control, defining a Finite State Machine (FSM), i.e. a system with a limited number of conditional states of being. It consists of a set of “states” along a process (e.g., “in progress”, “completed”, “shipped”) and a set of “transitions” that describe how the Asset moves from one state to another. A specific set of permissions and actions may characterize each state. The transition from one state to another is governed by a set of rules expressed in the Model and determines which state the machine will enter after any action.
The FSM implementation is optional, but every Model must include a default state. Each Model will always have at least one state and, optionally, additional states.
According to a custom JSON-schema syntax, administrators can create or update Models using any text editor enhanced with special keywords dedicated to Datome specification. Each saved Model comes with a version to track any updates.
The asset is a representation in digital format of a process, a document, a physical object, a dataset or any other object. An Asset is created, updated or managed according to the specification, rules and constraints expressed by its Model. It can be linked to other Assets to describe provenance or composition. An Asset may have multiple blockchain registrations describing its history, and all the Asset registrations are cryptographically linked to the author’s digital certificate.
For example, Assets could be a car, the car’s ownership information, the maintenance details, or the car's insurance document.
Datome provides web services for managing the Models.
Files can be linked to an Asset at any point in its lifecycle using the Document Services. Each document is transferred to a repository, while the description and hash value of the file are stored on the blockchain. When the document is read back, its content is compared to the hash information on the blockchain. The comparison between those two hash keys certifies the document's authenticity. The QA team can track all the certification phases together with the certification document.
Datome blockchain engine performs all the operations for maintaining the blockchain and executing all the user requests. Datome relies on the Hyperledger Foundation’s Fabric product for its internal blockchain.
Datome integrates user management software in which services are available via web services or web administration UI. Admin users manage groups, users and group memberships(roles). Group Admins are users that can perform administrative tasks inside a group boundary.
Datome offers a complete administration web environment for executing administrative tasks. These include all the tasks available via web services.
User web services is a web-based environment users use for managing and browsing models and models information, according to their privileges.
Datome platform is internally composed by:
- A Hyperledger Foundation Fabric custom installation with one or more blockchains (channels).
- Internal DBMS for services
- High-performance web server
- TLS certificates engine
- Datome application
- Datome fabric chaincodes (smart contracts)
- Datome stored procedures