Skip to main content

Ensuring Data Integrity with KSI Signatures for a Smarter Future

Water Fountain

Smart cities and digitised critical infrastructures require efficient and secure ways to handle volumes of data while ensuring security and integrity of it. Data itself is not the final product but serves as an input for analysis, models, and AI. However, how do we know the datasets used to train the machine learning algorithms or the data forming the baseline for a new policy has not been accidentally or purposely modified?

Guardtime’s mission is to make the world’s information universally reliable. In our last blog post, we introduced MIDA and KSI blockchain, showcasing how the NAIADES platform as well as any smart water infrastructure operator could benefit from them. In this post, we take a deep dive into KSI signatures, an integral part of the KSI blockchain, to discover how they ensure data traceability and integrity within the NAIADES platform.

In the NAIADES platform, data from numerous sources provides essential input to various models and tools, e.g. a water consumption prediction model or an anomaly detection toolkit. This input data serves as the underlying foundation of future actions like investments in water infrastructure development and decisions on water consumption. Guardtime has developed KSI signatures and a signature verification tool specifically to protect data integrity and to subsequently ensure that critical decision-makers can rely on truth and not solely trust. Signing collected data is essential to trace it throughout its lifecycle, for example, before using or publishing. The KSI signature that we employ in the NAIADES platform contains a hash of the data. The hash is like a global fingerprint that is published electronically every second and also regularly in the world’s physical media. Since the publication code (against which the KSI signatures are verified) cannot be tampered with, this ensures that any attempt by rogue administrators or attackers to manipulate data can be rapidly detected since it will result in a KSI signature verification failure. As no data can be reconstructed from the signature, privacy is guaranteed, and it is ensured that sensitive information is not public. Such signatures are linked to the KSI blockchain, which provides an immutable and independently verifiable link between data collected and data used in the analysis.

The KSI signature is constructed using the hash of the data by linking it with the KSI blockchain. The dashed box shows what is shared and what stays on premises.

The best protection is achieved when the data is signed close to the source. In the NAIADES project, data signing occurs at the Data Collection/Aggregation Modules. Guardtime has assisted the project partners in setting up the connections to the KSI Gateway, which allows them to sign the data. Moreover, the data verification software in the NAIADES platform allows a data user to verify that the data has not been modified independently. At this stage of the project, the verification tool has been set up for the NAIADES platform by Guardtime. It ensures that the processed data is the same as the collected one, meaning it has not been altered during the transfer, by independently checking data integrity.

The developed data verification tool enabled by KSI signatures is a novel way of increasing critical infrastructure protection. Trialling this in the NAIADES project will help to secure the future of smart cities and critical infrastructure.

Learn more about KSI Blockchain Timestamping here: ➡️

By Tuuli Lõhmus (Guardtime)