challenges to implementing enterprise blockchain applications, This weeks reading discussed some of the challenges to implementing enterprise blockch

challenges to implementing enterprise blockchain applications,
This weeks reading discussed some of the challenges to implementing enterprise blockchain applications, along with a discussion of best practices.

Choose one of the best practices presented in the paper assigned as this weeks reading that you find most interesting (and clearly state which best practice you have chosen).
Explain why you chose this best practice as the most interesting.
Describe how implementing your chosen best practice (from the assigned research paper) will increase the probability of implementation success.

Don't use plagiarized sources. Get Your Custom Assignment on
challenges to implementing enterprise blockchain applications, This weeks reading discussed some of the challenges to implementing enterprise blockch
From as Little as $13/Page

Im interested to read what YOU learned from this weeks reading. Do NOT submit a research paper. Tell me what you think.

Think of three questions youd like to ask other students and add these to the end of your thread.

The questions must be taken from material you read in Chapter 12, and each question should start a discussion topic.
Youre not trying to test each other, but you are trying to start a discussion.

Finally, go to three other students threads and post comments, answering at least one of their questions.

For EACH comment you post, use the 3CQ approach (described above.)
When someone asks you a question, answer it!

Exploring Preliminary Challenges and Emerging Best Practices

in the Use of Enterprise Blockchains Applications

Mary Lacity

Blockchain Center of Excellence

University of Arkansas

[emailprotected]

Shaji Khan

College of Business Administration

University of Missouri-Saint Louis

[emailprotected]

Abstract

Enterprise blockchain applications can allow

trading partners to transact directly without relying

on trusted third parties and promise to: eliminate the

need for reconciliations, instantly track and trace

assets through a supply chain, provide unbeatable

data provenance, settle transactions quickly and

cheaply, and enable an information security model

that is fault tolerant, resilient, and available. Many of

these promised benefits seemingly address the

challenges of non-blockchain based inter-

organizational systems. However, this research

indicates that blockchain based inter-organizational

applications pose significant challenges of their own.

Based on interview and participant observation data,

we identified five challenges: (1) competing

blockchain standards, (2) adjusting to different

shared governance models, (3) intellectual property

concerns (4) industrial espionage risks, and (5)

regulatory uncertainty. We also identified emerging

practices stakeholders are using to address those

challenges when considering enterprise blockchain

applications.

1. Introduction

Use of blockchain technologies in the

interorganizational enterprise applications context

has garnered tremendous attention in the industry.

Reports and opinions predict that blockchain based

enterprise applications will revolutionize business

and reshape the economy [3, 9, 12, 26]. Enterprises

are interested in blockchain technologies because

they promise a significant amount of business value

by providing the ability to transact directly with

trading partners without the use of trusted third

parties, eliminating the need for reconciliations,

instantly tracking and tracing assets, providing data

provenance, settling transactions quickly and cheaply

and enabling a resilient information security posture.

Put simply, blockchain based applications promise to

solve many types of issues (e.g., those related to

technical aspects, governance, transparency,

efficiency, transaction costs, provenance, information

security, and so on.) surrounding existing

interorganizational systems [9, 10].

Despite the explosion of interest, our prior research

found that there were very few enterprise blockchains

applications in production in 2017-2018

notwithstanding the billions of dollars in blockchain

investments worldwide [12], the thousands of proofs-

of-concepts across all industries, and the high-profile

groups like R3, Hyperledger Project and Enterprise

Ethereum Alliance working to facilitate enterprise

adoption. A 4th quarter 2017 study of 200 blockchain

projects by HfS, a research and consulting firm,

corroborates our findings. HfS found that 90 to 95

percent of enterprises were still conceptualizing

blockchains, conducting proof-of-concepts or piloting

applications. Only 5 to 10 percent of pilots were

progressing to production [8]. Whats taking so

long?

Indeed, while generally sharing the optimism,

some have expressed concerns about the hype

surrounding blockchain applications in business

contexts [9] suggesting that significant issues must be

overcome before the promise of blockchain

technologies is realized. Others have argued that

many of the issues surrounding existing

interorganizational systems, such as interoperability

concerns, will manifest within the blockchain

contexts as well [23]. Yet others have compared

blockchain technologies to the proverbial hammer

looking for the nails, arguing that many of the

potential business applications blockchain is being

tested for, do not need blockchains and existing

institutions, applications etc. may be just enough [7].

Unfortunately, little is empirically known on just

what challenges organizations are facing so as to

shed light on the potential of blockchain technologies

Proceedings of the 52nd Hawaii International Conference on System Sciences | 2019

URI: https://hdl.handle.net/10125/59904
ISBN: 978-0-9981331-2-6
(CC BY-NC-ND 4.0)

Page 4665

mailto:[emailprotected]

mailto:[emailprotected]

in the enterprise context. Theres even less empirical

basis to determine what organizations are doing to

address those challenges as they explore and develop

blockchain applications.

This paper addresses this gap and contributes to the

practice and research of interorganizational systems

by empirically exploring the preliminary challenges

organizations are facing in adoption of blockchain

technologies and by identifying emerging best

practices for addressing those challenges. We draw

on data from a broader multi-year, mixed-method

research program to specifically addresses the

following questions:

What challenges to adoption of enterprise
blockchain applications do enterprises face?

What practices are enterprises using to address
those challenges?

Understanding these challenges and organizational

practices to address them is important both from a

practice perspective and from a theoretical

perspective. To the extent organizations see potential

for business value, we believe that a better

understanding of challenges and best practices is

crucial for any real progress. On the other hand, if

indeed, there are significant issues that cannot be

overcome in feasible ways then it is also important to

take note. From a theory perspective, senior

Information Systems (IS) scholars have often

reminded us to pay attention to the Information

Technology (IT) artifacts due to the crucial role they

play in shaping organizations and societies [14, 22].

To the extent, one considers the very nature of

blockchain technologies as fundamentally different

than previous generations of technological

innovations and to the extent that one appreciates the

truly transformative and upending potential of

blockchain technologies [24], it becomes imperative

to better understand and study blockchains evolution

into the context of business applications.

The rest of this paper is organized as follows. To

orient readers new to blockchain technologies,

section 2 provides some background and overview of

a blockchain application as an inter-organizational

trading system. Section 3 briefly describes our

research methods. Section 4 presents the findings

related to five challenges and five emerging practices

for addressing them. Section 4 provides discussion,

limitations, and directions for future research.

2. Background

A blockchain application is a distributed, peer-to-

peer system for validating, time-stamping, and

permanently storing transactions on a distributed

ledger that uses cryptography to

authenticate digital asset ownership and asset

authenticity and consensus algorithms to add

validated transactions to the ledger and to ensure the

ongoing integrity of the ledgers complete history

[10]. Blockchain technologies are commonly

associated with cryptocurrencies operating with a

permissionless1 model. While enterprises are

interested in the underlying technologies that drive

these blockchains, they require more control in the

form of permissioned2 blockchain applications.

Moreover, a majority of potential enterprise use-cases

of blockchain technologies revolve around inter-

organizational systems.
In other words, by their very nature, enterprise

blockchain applications involve a network of

stakeholders (business networks, business-

government-quasi-government networks, etc.) where

1 Permissionless blockchain applications like

Bitcoin, Ethereum, and Stellar do not restrict

accessanyone with access to the Internet may

participate.
2 Permissioned blockchain applications restrict

access to pre-authorized users and will likely be built

on protocols designed for enterprise adoption, such as

Hyperledger Fabric, R3 Corda, Chain, Multichain,

and Quorum discussed in this paper.

the nature of the transactions as well as the standards

and inter-organizational frameworks within which

those transactions would be executed, need to be

coordinated among the diverse stakeholders. Further,

the technological standards and regulatory

underpinnings must also be delineated.

2.1 A Blockchain Application as an Inter-

organizational Trading System

A distributed blockchain application performs the

vital functions of trusted third-parties (TTPs) by

using computer algorithms and cryptography instead

of relying on institutions to mitigate counter-party

risks. Enterprises are interested in permissioned

blockchain applications, which restrict access to

authorized users and the rights or roles of those

authorized users (see Figure 1).

Permissioned blockchains rely upon a front-end

gatekeeper to enforce the rights of access. Unlike a

trusted-third party that sits in the middle of

transactions, the gatekeeper is like a security guard

that checks a badge before allowing entry. It has no

Page 4666

ability to alter the ledger or to stop smart contracts

from executing.3

Transactions on the shared ledger are immutable,

thus every party can be confident they are dealing

with the same data. With one version of the truth

transparent to all parties, there are no reconciliations,

enabling faster settlement times and lower transaction

costs.

Organization B
(Node 2)

Organization A
(Node 1)

Ledger X

Organization C
(Node 3)

Ledger X

Regulator
(Node 4)

Ledger X

Permissioned Blockchain
Trading System

Ledger X

E 1 2 3E 1 2

E 1 3 E 1 2 3

Observe only

Gatekeeper

E
Public States:
Every member of the permissioned
blockchain network may access the
public state transactions

Private States:
Only parties to a particular Smart
Contract can access the private state
transactions

1 2 3

Figure 1. Permissioned blockchain trading system

with three trading partners, one regulator and no
TTP. Organization A is party to smart contracts 1

and 3 but cannot observe smart contract 2;
Organization B is party to smart contracts 1, 2, and

3; Organization C is party to smart contracts 1 and 2
but cannot observe smart contract 3; The regulator
in this example is granted observation only access

to all transactions.
Use of cryptography-based identity and

authentication in conjunction with immutability

further enhances assurances of authorized access and

data integrity. Permissioned blockchains can also use

3 This is true provided that the organization that

serves as the gatekeeper operates fewer than 50

percent of the nodes; If a gatekeeper does operate 50

percent or more of the nodes, there is little point in

using a blockchain except under specific

circumstances, such as an intra-organizational

blockchain across divisions and if concerns about

organizational control are not an issue for the

particular application.

smart contracts4 to nuance roles within a blockchain

application. Particular parties may play different roles

within different smart contracts, such as observe,

transact, validate, and add transactions to the ledger.

For example, a permissioned blockchain may use

smart contracts to create multiple, separate mini-

ledgers as depicted in Figure 1.

Blockchain applications also promise heightened

availability (a key security objective). Blockchain

applications still function properly even if a high

percentage of nodes are faultyor even malicious

enabling resiliency and 100 percent availability. In

theory, the only way to break a blockchain

application is to commandeer more than 50 percent

of the nodes before any of the other nodes notice.

In summary, the potential relative advantages of

blockchain applications compared to trading systems

that rely on TTPs are:

The ability to transact directly

No need for reconciliations

Instant tract and trace of assets

Reliable data provenance

Control over ones own identity

Faster settlement times

Lower transaction costs

Reduced threat of opportunism because
agreements execute automatically

Heightened security that is fault tolerant,
redundant, and available

Despite the immense promised value, our research

and industry reports suggest that adoption is still in

nascent stages [8]. This slow pace has been attributed

to technology immaturity and significant challenges

that must be overcome. This paper focuses on

identifying those challenges and emerging practices

organizations are using to address them.

3. Research Methods

As mentioned above, this paper draws on a broader

multi-year, mixed-method research program on use

of blockchain technologies in enterprise contexts. In

2017, the lead author joined the Center for

Information Systems Research, Massachusetts

Institute of Technology as a Visiting Scholar to lead a

research project on how enterprises were exploring

blockchains. The research team included Jeanne

Ross, Principal Research Scientist, and Kate

Moloney, Research Specialist. In this paper, we

report findings based on analyses of interview and

4 A smart contract is a piece of software that stores

and then executes the terms of an agreement between

parties.

Page 4667

participant observation data drawn from this broader

research program.

3.1 Interviews

During interviews, we asked managers about their

blockchain adoption journeys, their participation in

blockchain ecosystems, and the practices and lessons

they have learned so far. We asked research

participants the following questions:

How is the organization building blockchain

capabilities? What strategies are being considered?

Which applications are deemed to be the most

promising, are already under development, or have

been deployed?

What challenges do organizations need to

overcome to deploy blockchain applications into

production? What are the key project and change

management practices? How well have expectations

been met so far? What are the preliminary outcomes

and lessons learned?

As of this writing, confidential interviews were

conducted with 38 key informants in 30

organizations. In order to minimize the potential for

bias, we selected highly knowledgeable interview

participants representing diverse perspectives,

industries, and organizational characteristics [4]. We

interviewed blockchain innovation leaders in large

US national or global firms, including leaders from

six global financial services firms, three global

manufacturers, and two US healthcare providers. We

have permission to specifically cite BNP Paribas, JP

Morgan, Moog, and State Street as examples. We

also interviewed blockchain heads in professional

services firms, service providers, startups and

nonprofit organizations. We conducted interviews in

19 such organizations, of which we have permission

to cite Axiom, Blockchain of Things, Capgemini,

Center for Supply Chain Studies, Cognizant, KPMG,

LO3 Energy, and Stellar.

3.2 Participant Observation

The lead author also participated in the Center for

Supply Chain Studies project to define blockchain

standards for tracing pharmaceuticals through the

United States (U.S.) supply chain. The project

examined ways the pharmaceutical industry can

comply with the U.S. Drug Supply Chain Security

Act (DSCSA) of 2013. The law requires that by year

2023 all parties in the U.S. supply chain must trace

certain classes of pharmaceuticals from source to

destination. Bob Celeste, Chief Executive Officer

(CEO) and Founder of the Center for Supply Chain

Studies, led the group of about 50 participants who

represented pharmaceutical manufacturers,

wholesalers, distributors, and retail and hospital

pharmacies. The lead author was a participant in the

event and took extensive notes aimed at capturing the

key aspects of the issues and discussions. When

possible, the lead author asked clarifying questions to

other participants. This experience helped the lead

author to better understand the perceived benefits,

challenges, and concerns that supply chain partners

have about shared blockchain applications.

3.3 Data Analysis

Interview and participant observation data were

analyzed in an inductive and iterative fashion to help

themes emerge and coalesce into 1) the major

challenges in applying blockchain technologies for

enterprise applications, and 2) the best practices

indicated by the participants to help address those

challenges. All interviews were recorded and

transcribed into over 500 pages of text. Notes from

participation observation were also analyzed. We

followed a two-stage process. During the first stage

of data analysis, we attempted to identify themes

pertaining to organizational actions in exploring

enterprise blockchain applications. The lead author

read each interview and participant observation notes

and coded the data to extract themes. Five major

themes emerged from this process. When possible,

details about specific blockchain technologies or

consortia were compiled and written to supplement

discussion of major themes by using those

technologies or consortia as paradigmatic of the

underlying theme. For example, when discussing a

diversity of blockchain standards, we researched and

presented four such major standards to highlight the

issue.

During the second stage, we focused our attention

on what participants identified as important best

practices aimed at addressing each emergent

challenge identified during the first-stage of analysis.

When a particular best practice emerged, we explored

the industry literature and our interview and

participant observation data to identify instances of

the emergent best practices or specific organizations

employing them, to serve as exemplars in our

research findings.

After the initial themes pertaining to challenges

and best practices emerged, we next created written

summaries (aimed at a practitioner audience). The

summary write-ups were then sent to each participant

who was quoted and the participant was requested to

review their excerpt for accuracy. Participants made

suggested revisions to improve clarity and precision.

Separately, the lead author wrote a case study based

Page 4668

on participant observation data. This case study was

then reviewed and edited based on input from the

CEO of the case study site, Center for Supply Chain

Studies. Each participant was asked whether they

preferred to remain anonymous or to be identified.

Fifteen participants granted permission to use their

names and titles.

4. Findings

Our analyses revealed five major challenges that

participants believe must be overcome before broader

adoptions of blockchain technologies in enterprise

contexts. Specifically, participants identified (1)

competing blockchain standards, (2) adjusting to

shared governance models, (3) intellectual property

concerns (4) industrial espionage risks, and (5)

regulatory uncertainty. We next explore each

challenge and the emerging practices to address

them.

4.1 Competing Blockchain Standards: The

Race is Afoot

Our data suggest that a variety of different

underlying blockchain standards are taking shape

during the initial exploration of the use-cases as well

as technological bases of blockchains. It appears that

an assortment of industry alliances and consortia are

competing in the standards arena.

The way we go about investing in blockchain is

really multifaceted since nobody knows today which

players will prevailyou cannot put all your eggs in

one basket, so we have a very diversified approach

with whom we work on the blockchain. Jacques

Levet, Head of Transaction Banking, EMEA at BNP

Paribas

Blockchain standards are needed to specify rights

of access and the rules for how transactions in a

blockchain application will authenticate asset

ownership and asset authenticity, how transactions

will be structured, addressed, transmitted, routed,

validated, sequenced, secured, and added to the

permanent record. Standards will serve as the

blueprints to ensure the integrity of records. As of

year-end 2017, participants reported that many

different groups are working on standards, but no one

standard had emerged. Therefore, most of the

research participants pursue the following practice:

Practice 1. Participate broadly in blockchain

workgroups

As the following quote attests, most of our

interviewees are participating in a number of

blockchain working groups to define standards

because they are not sure which working group will

ultimately prevail:

So, from a strategy point of view, it’s early days.

We’re probably in the situation that all the other big

financial institutions are at the moment. Nobody’s

really backing one [consortium]. We’re all trying to

get to know as much about it as possible and see

where it takes us. All we know is that it’s going to be

extremely disruptive. IT Consultant and

Architect for an Africa-based bank

Working groups, including consortia and non-

profits, are defining blockchain standards and

developing code bases and proof-of-concepts for

business applications. As of August 2017, Deloitte

identified 40 major consortia, of which 26 were

focused on financial services, 10 were cross-sector,

and three were in healthcare [6].

According to some of our research participants,

large working groups may be the best bet for creating

a de facto protocol in the long-run, but some are slow

to agree upon standards. The value of smaller-sized

working groups is that players can move faster; the

downside risks are lack of wider adoption or eventual

obsolescence if a new standard or platform emerges

in the industry. Data suggests, many global firms

mitigate the risk of backing the wrong horse by

participating in both large and small working groups.

Enterprises in our study most commonly belonged

to generic blockchain consortia, such as the

Hyperledger Project and Enterprise Ethereum

Alliance, as well as industry-focused consortia, such

R3, B3i, and the Center for Supply Chain Studies (as

mentioned above). For example, BNP Paribas

participated in both large and small consortia and had

invested in several FinTechs to influence, learn, and

contribute to blockchain initiatives. A large

consortium like R3 was very valuable because it

brings many financial institutions into the

conversation. Jacques Levet said, R3 is very useful

because it’s a way to organize discussions between

the banks. Banks have historically not been very

good at doing that on their own, so having a third

party who organizes that is quite useful. BNP

Paribas also joined two smaller consortia, with the

goal that the banks will define standards and create a

Request for Proposal (RFP) for FinTechs to develop

the specified blockchain application [11].

While the main tasks of these working groups are

to identify blockchain standards, build code bases,

and/or proof-of-concepts, participants are also

struggling with challenges about adjusting to

different shared governance models, industrial

espionage risks, adequate protection of joint

intellectual property (IP) and regulatory uncertainty.

Page 4669

4.2 Adjusting to Shared Governance Models

Business agreements are the hardest things. We

need to have rules of entry and play that protect

consumers and protect the overall ecosystem. Getting

people to play ball, that’s the real tough thing.

Innovation Director for a US healthcare company

If the government had one iota how much fraud

and abuse they could stop especially in

pharmaceuticals, how they can purge the opioid

thing, they would mandate blockchains tomorrow. It

would be a mandated, you must participate on this

within two years. Head of Innovation for a US

healthcare company

Both permissionless and permissioned blockchain

applications rely upon shared governance models. No

one entity should be able to unilaterally make

decisions about changing the rules, upgrading the

code base, or altering the immutable records or smart

contracts.5 Our participants identified several

potential types of shared governance models at the

level of a blockchain application, including

democratic, representative, or regulatory. Each of

these models have trade-offs.

Practice 2. Carefully consider the trade-offs

of shared governance models

With a democratic shared governance model, each

participating member has an equal vote in

deliberations. The members debate, deliberate and

ultimately vote on proposed upgrades or fixes to

address unexpected events like breaches or

unintentional consequences from poorly crafted smart

contracts. Open source communities that govern

Bitcoin and Etherum are examples of democratic

governance models. In those blockchain applications,

miners vote on major decisions. The benefits of a

democratic governance model are openness, which

minimizes the threat of corruption, and power

decentralization. The downsides are minority voices

are muffled and decision-making can take a long

time. When enough members disagree with the

majority vote, hard forks in the blockchain can occur.

Hard forks at Ethereum and Bitcoin are two

prominent examples. Ethereum split into Ethereum

and Ethereum Classic in June 2016 when the

Ethereum community could not agree on how to

handle an attack on a poorly worded smart contract;

Bitcoin split into Bitcoin and Bitcoin Cash in August

2017 when the community could not agree on the

5 The only exceptions are under the circumstances

in which an enterprise or a group of colluding

enterprises operate at least 50 percent of the nodes.

proposed increase in block size. Their stories are

important reminders of the implications of

democratic governance. Specifically, an enterprise

must be willing to defer to the communitys will and

live with the consequences of its majority rule.

With a representative shared governance model,

decision makers are elected or appointed to their

roles. For example, a blockchain application in a

pharmaceutical supply chain might have

representatives from manufacturers, distributors,

retail pharmacies and independent physicians who

govern the application. This model will be able to

make decisions quicker than a democratic one, but

cabals may form where representatives collude. For

example, manufacturers might vote as a group

against the will of the retail pharmacies.

The governance might be relegated to a regulatory

body. For example, participants in the Center for

Supply Chain Studies envisioned that a regulatory

body could allow any licensed pharmacies to

participate in the shared blockchain application. In

another context, one participant was helping a

government with a blockchain application for

passport control. The Passport Control Office would

regulate and govern the application. The benefits are

guaranteed regulatory compliance, but the model is

centralized in that it places trust in one institution.

Overall, participants expressed concerns for any

shared governance model. An enterprise may have a

weighted vote in deliberations in proportion to their

stake, but it will not be able to control them. This is a

major mind-shift for many participants in our study.

4.3 Intellectual Property Concerns

Our industry is behind some other industries in

our management of shared IP and our ability to

collaborate and cooperate. We all jumped in to

explore a use case and did some joint design thinking

with two or three traditional competitors without

thinking about who owns the intellectual capital that

comes out the tail end of that workshop.

Innovation Lead for a global bank

Participants in our research expressed concerns

about their working groups intellectual property

rights. For example, a participant in the Center for

Supply Chain Studies asked, How do we protect the

intellectual property weve built as a team? The

following practice emerged:

Practice 3. Be sure to understand the working

groups IP policy

Some consortia like the Hyperledger Project have

visible IP policies, while others like R3 do not. For

Page 4670

example, Hyperledgers charter includes a clearly

worded IP clause that in part reads:

Members agree that all new inbound code

contributions to HLP (Hyperledger Project) shall be

made under the Apache License, Version 2.0. All

contributions shall be accompanied by a Developer

Certificate of Origin sign-off that is submitted

through a Governing Board and LF-approved

contribution process. Such contribution process will

include steps to also bind non-Member Contributors

and, if not self-employed, their employer, to the

licenses expressly granted in the Apache License,

Version 2.0 with respect to such contribution

Subject to available Project funds, HLP may

engage The Linux Foundation to determine the

availability of, and register, trademarks, service

marks, and certification marks, which shall be owned

by the LF [27].

R3s IP policies were not available to the public as

of May 2017. An article by the Business Insider

reported, Details about R3s share structure are not

being disclosed, neither are details about the division

of the intellectual property built atop the open-source

Corda platform. However, Rutter (R3s CEO) did

explain that while Corda itself is being open-sourced,

the results of experiments conducted with partners

within the R3 lab would be guarded more closely

[2].

According to participants, some consortia required

members to sign non-disclosure agreements, but only

one reported that their working group required

participants to sign IP agreements. One interviewee

from a large bank explained, If you do highlight the

need for some agreement [on shared IP], getting to

common ground on what that agreement needs to

look like and who should own the IP, it’s sometimes

weeks or even months in lead time. We as an industry

need to work faster on those kind of repeatable

processes.

4.4 Industrial Espionage Risks

The issue is that some companies are afraid that

information that’s being collected for the blockchain

will be used for other purposes. So, let’s say I’m a

pharmacy. If I verified all the products I have on

hand, I’m announcing my inventory. Companies are

concerned that this added intelligence could be used

for other purposes such as contract negotiations,

etc. Bob Celeste, CEO and Founder