Planning Application Networks
Planning an application network The set of all possible entities onboarded according to the rules of the network. Application networks enable people and businesses to interact with each other on Corda. (business network) requires some thought and consideration with regard to cluster A complete set of worker processes. Clusters require a fully functioning virtual node infrastructure. deployment and topology, onboarding processes, security policy, and data sovereignty.
Network Onboarding
Corda is a permissioned network, where the Network Operator makes decisions as to who can and cannot join the network. Typically, there are commercial and contractual agreements defined as part of the onboarding process.
The onboarding process may fall under regulations, such as Know Your Customer (KYC) in order to address anti-money laundering. Network Operators must decide the level of due diligence that must be performed before participants can be onboarded to their network. Network Operators will also decide whether to use automated approval or manual approval processes to accept and decline registration requests.
Security Policy
Network participants are identified by an X.509 A widely used standard for digital certificates in public key infrastructure (PKI) systems. An X.509 certificate contains an identity (such as an individual or hostname) and a public key. certificate issued to that entity An organization or individual that participates in one or more application networks that can provide attestation that they are whom they claim to be. . The certificate issuing authority (Certificate Authority) is part of a ( PKI Public key infrastructure. A comprehensive system of hardware, software, policies, and procedures that enables the secure creation, distribution, management, and revocation of digital certificates and public-key cryptography. ) that is trusted by the Network Operator. The PKI could be a public infrastructure whose public keys are published and typically stored in web browsers, so that they do not need to be manually downloaded and trusted.
Alternatively, the PKI used to issue certificates to network participants could be a private PKI, typically owned and managed by the Network Operator. These private Certificate Authorities must be trusted by the network participants.
Data Sovereignty
Network participants will each have a virtual node in the Corda infrastructure. The virtual node’s data, specifically its view of the distributed ledger A database of facts that is replicated, shared, and synchronized across multiple participants on a network. , will be stored in its database vault A database containing all data from the ledger relevant to a participant. The database tracks spent and unspent (consumed and unconsumed) states. .
If there is a need to distribute network participant virtual nodes across geographic regions, this leads to a multi-cluster deployment topology and a more decentralized network model.
Network Decentralization
A key planning consideration for deploying Corda application networks is the level of decentralization of the network and participants. Questions to consider are:
- Who is responsible for the governing policy for application distribution?
- Who decides participation in the network?
- Who is performing data processing?
The Corda cluster can be deployed either in a single cluster or multi-cluster topology, depending on the level of centralization: description:
- In a centralized model (typically a single Corda cluster approach) the application network is managed centrally, along with managing any participating members, all under a single infrastructure.
- In a decentralized model (typically a multi-cluster approach) the network participants run their own Corda infrastructure and deploy their own virtual nodes. Network Operators will need to consider the security of inter-cluster communications and latency.
Additionally, there is the consideration of the notary Corda’s uniqueness consensus service. The notary’s primary role is to prevent double-spends by ensuring each transaction contains only unique unconsumed input states. virtual node and the Corda infrastructure that it is to be deployed to, whether centralized or de-centralized.
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.