Public administrations are fundamental for the well-being of societies and thus need to strive to offer the best service possible, which is acquired through the incorporation of top-notch staff. Another essential factor that needs to be considered is the technology used within the administration, which focuses on helping the civil servants optimize their workload. The privacy inside these institutions’ digital networks has to be as secure as possible and, at the same time, open for all interested parties to access. Therefore, the massive amount of successful cyberattacks in present digital networks based on centralized solutions require a change, which has to come from decentralization.
Citizens want, and rightly so, an open space where they can inform themselves about the different aspects of the city or nation. A place making them feel inclusive, part of the formation and development of their society, achieved through the power of the internet. Whether via an App, website, or message channels, citizens have to acquire a route to action their proposals, accept institutions’ decisions, or decline city projects. But if the security and privacy of the infrastructure are not up to standards, it creates a considerable lack of trust and consequently brings a multitude of issues. This obstacle can be overcome by implementing truly decentralized infrastructures, working within Edge computing platforms and peer-to-peer.
Furthermore, the UN’s SDGs (Sustainable Development Goals), in connection with the U4SSC (United for Smart Sustainable Cities), acknowledge Open data (SDG Target 16.6 and 16.7) as a crucial KPI (Key Performance Indicator). Something that currently is not being achieved and with a growing, centralized model will never be reached. This comes through the fact that Cyber-criminals and Cyber-terrorists are looking at IoT (Internet of Things) devices and their installations as an opportunity to steal information, extort money and attack critical national infrastructure. One of the most simple but efficient attacks is the Distributed Denial of Service (DDoS) attack. It targets a source server and floods it with mock-up requests so that the server can not answer actual service requests as the mock-up is taking all the bandwidth.
The DDoS is a simple way to take out and extort cloud-based services, which are the basis of IoT and the irruption of Industry 4.0. In addition, there is also targeted ransomware, common malware, DNS hijacking, and other tools these criminals and terrorists use. There is one common trait between these attacks, and that is that they, in one way or another, exploit centralized infrastructure solutions, be it at the index, data, service, or user level. More alarming is that these active risks are not done by some lone “hacker” in a basement; we are talking about sophisticated and well-funded organizations with highly educated staff.
Therefore, to believe that cyber-security in its current form of attacker/defender will work. When any takeout of data flow or service is directly and immensely disruptive to our economy, security and lives are not taking these risks seriously. Moving data to a cloud server center to then move it back to where it is to be used is, in most cases, not a valid solution. Data must be informed as generated; there should be no intermediate steps. In conclusion, deployments using current infrastructure solutions such as cloud technology are catastrophes waiting to happen. In this sense, a fully decentralized infrastructure and service platform are the keys to success.
As we mentioned before, IoT is the driving force of data flow, but it is working on a centralized model, making it inefficient and dangerous. Having millions of sensors throughout a city or nation inputting data to public administrations at a centralized level cannot provide real-time and where it is needed data and opens the cybercriminal, as mentioned earlier, organizations to exploit the vulnerabilities. To overcome the issues at hand, the Internet of Everything (IoE), the service infrastructure that enables the scalability of the Internet of Things (IoT), needs to be decentralized. Thus, the secure decentralized software layer on top of IoT devices clusters them into computation resources and data-lake storage and provides localized D2I (data to information) processing with AI capabilities.
Data flow in IoE needs to be real-time and verifiable, and the security needs to be focused on cyber-extortion, e.g., denial of service attacks and ransomware attacks. Privacy needs to be self-managed, creating solutions that make the Internet of Everything safe, affordable, accessible, and easy to use. A developed infrastructure that develops and manages an Internet-based decentralized End-to-End service platform, consisting of an infrastructure layer, a service layer, and a service management system. Acquiring these technological capabilities for the administrative sector is paramount, and this is why IoE Corp (Internet of Everything Corp) has built the Eden System.
Eden System is a decentralized, autonomous, portable, secure, virtual infrastructure for managing clustered workloads over depos (decentralized pods) and services facilitating declarative configuration and automation. The Eden System is a decentralized model based on scalable device clustering, where it is easy to add new devices as nodes. Making it possible for any device to contribute computing resources over an intelligent mesh network so that computing can happen where it is needed and close to where it will be used.
IoECorp, in addition, has developed quantum-safe tunnels using polymorphic encryption keys and uses a blockchain with consensus to verify the data moved between the nodes over the tunnels, thus creating trusted data walled gardens. The orchestration of computing and storage is done via service manifests that describe services rules, policies, and logic; the underlying orchestration mechanics is managed by an autonomous knowledge-based AI using network consensus over the blockchain as a deciding mechanism.
The orchestration dynamically updates the cluster topography to fit the current workload. Eden System Service depos are generated and deployed similarly to container images. The depos are MPI cluster enabled from the start. Performing administrative processes through the Eden System ignites Edge Computing and zero trust actuators, which will give citizenship privacy, security, and empowerment of the Smart City or Smart Nation data flow within UN’s SDGs.
Deploying the Eden System architecture inside administrations presents many benefits for all citizens, and the institutions obtain a high level of trust. This is possible because using the Eden System services provides the institutions (administrations) and the end-users (citizens) with:
-> Defense against denial of service attacks — The Eden System being fully decentralized mitigates DDoS attacks because there are no centralized points to takeout.
Detection of Malware trying to replicate itself to other nodes — The Eden System verifies data traffic between nodes over a blockchain; malware can be detected and the infected node identified.
-> Bad data and bad player detection — A decentralized network like Eden System uses verification and sanity checks on data entering and transported.
Service discovery and dynamic load balancing — On a real-time basis, the network can expose a service using the Service name from the service manifest or using their Eden System service or over their IP address. A tracking system alerts traffic services are high, resulting in the orchestrator load balancing and distributing the network traffic to stabilize the service.
-> Storage flexibility - Eden System provides access to decentralized storage, be it data-lakes, temporary storage for AI crunches, or persistent storage, as well as allowing you to mount storage systems of your choice, such as:
· Local storage.
· Public cloud providers.
-> Automated rollouts and rollbacks — The Eden System permits you to describe the desired state (rules, policies, and logic) for your deployed services using Service Manifests, changing the actual state to the desired state at a controlled rate. For example:
· You can automate Eden System to create new services for your deployment, remove existing depos and adopt all their resources to the new service.
-> Automatic scaling — You provide Eden System with the size of the starting cluster of nodes that it can or should use to run service tasks. Then Eden System will optimize how much CPU and memory (RAM) each task needs. It can also, with benefits, be installed onto your nodes to make the best use of your resources.
-> Self-healing — The Eden System Orchestrator automates restarts on depos that fail, replacing depos, and killing depos that don't respond to the service manifest-defined health check. These won’t be advertised to users until they are ready to serve.
Secret and configuration management — Eden System lets you securely store and manage sensitive information, such as passwords, OAuth tokens, and encryption keys. Possible because you can deploy and update secrets and application configuration without rebuilding your depos and exposing secrets in your service.
The specifications above work within a decentralized walled garden system with depos which is a good and secure way to bundle and run your services. To understand this principle, a typical production environment needs to manage the containers that run your applications and ensure no downtime.
A practical example is that if a container goes down, another container needs to start, igniting a series of steps to be taken by external actuators. Wouldn't it be easier if the network handled this behavior?
Eden System does precisely that it provides you with a system and a service framework to run distributed services decentralized and resilient. The Eden System orchestrator takes care, among others, of your services:
· Scaling
· Failover
· Deployment Patterns
Using the Eden System in its initial stages provides you, with this design architecture, with the security of a Test Net where you can, for free, deploy and test your services before going “sharp.” This capacity enables you to work within a safe and secure environment that will entrust you with a reliable service that can be deployed to citizenship.
The extra benefits that arise by installing the Eden System within your administrative framework. Compared to centralized services, agile service creation and deployment means that the Service Manifest generation is only an addition to a typical container deployment. It also works as continuous development, integration, and deployment, providing reliable and frequent depo builds and deployment with quick and efficient rollbacks (due to depos immutability).
Other advantages of a decentralized network are that Dev and Ops separation of concerns: create service depo’s at build/release time rather than deployment time, thereby decoupling services from infrastructure. The observability is not only cluster information and metrics but also, e.g., application health. There is an environmental consistency during development, testing, and production, i.e., it runs the same on a laptop as it does in the wild.
The adaptability Eden System offers permits Cloud and OS distribution portability and also runs on Linux, BSD, on-premises, public clouds, and anywhere else. The service-centric management of the Eden System raises the level of abstraction from running an OS on virtual hardware to running a service on a Decentralized network. Being a decentralized base, permits loosely coupled, distributed, elastic, liberated micro-services. A benefit results in applications being broken into smaller, independent pieces and deployed and managed dynamically — instead of a monolithic stack running on one big, single-purpose machine.
For more information about Internet of Everything Corp.’s decentralized solutions for administrative institutions, you can continue reading about how we develop these services for Smart Cities and Nations.
If you prefer to contact us for further information, access our Contact us page, we will answer your questions or get in touch with you as soon as possible.