Decentralization, in its simplest (almost archaic form) is the process of distributing power away from the centre of an organisation. In the case of a corporation this usually means divesting authority away from the head office and out to operators in the field. Debate centres on which is the more efficient structure for an organisation that has a number of far-flung arms, especially a multinational with operations in several different countries; is it one where decision-making and control is concentrated at the centre, or one where it is diffused around the organisation?
'Decentralization removes a centralised authority or dependant'
'Decentralization means peer to peer, it chops out the middle man'
The definitions of this terminology go on, whether it is market decentralization, fiscal decentralization or political decentralization etc, but for now, let's consider this practice in the realms of technology and data.
Blockchain, blockchain, blockchain...
Nowadays, you can't mention the world 'decentralization' without at least one comment regarding blockchain. The answer to why this is has a number of different versions, but they all deduce down to the same train of thought, that the lack of trust in central parties is driving people to a more decentralized 'world'.
This distrust has been realised through a number of mediums, the most prominent probably being the large scale crises and data exploiting hacks of recent memory. However, there is an argument for good old fashioned innovation, and the willingness to become more efficient.
Whilst I'd love to talk about why I think a new found appreciation for efficiency is the main driving factor, it's far more exciting to highlight large scale data breaches, like the ones you see below.
- Equifax - 2017 - 143,000,000 data records
- Uber - 2017 - 57,000,000 data records
- Ashley Madison - 2015 - 32,000,000 data records
- Anthem Inc - 2015 - 80,000,000 data records
These all make for good reading, but to confirm their relevance to adopting a decentralised environment, we need to talk about why the use of a decentralized database may have prevented or at least reduced the breaches.
Firstly, the entirety of this argument is based upon technical decentralization, i.e. the way in which data is stored, hosted, verified, accessed and maintained. Like I mentioned above, to talk about this, you have to mention blockchain, so we will go about defining the difference between blockchain and a traditional basis now.
If you don't want to read the examples below, skip past and you should be able to keep up.
Traditional Databases vs. Blockchain (Decentralized databases)
Currently, traditional databases are commonly stored either on the cloud or on physical data servers, located and maintained within a certain location. Control of the database remains with a single designated authority, which authenticates a client's credentials before providing access to the database. Think of it as logging into your online banking app. The login is the server checking your credentials, and once approved the app calls to the database and retrieves your information. On the flip side, should you make a payment, that transaction is sent to the database and written to your record. Since the bank (the data provider) control the entirety of the server, if the banks security is compromised, the subsequent security of the database (on the server) is compromised and the data can be accessed, deleted, altered and tampered with.
Let's take the same example for a blockchain database. The key thing to remember is that the database is decentralized. So, again, you log in to your online banking app and a permission action, such as entering your log in details, allows you to access the database. We're at the same stage so far but it's when considering how records are added and how data is maintained the differences start to appear.
Instead of the database you're accessing being hosted on one server in one location, or even through the cloud, the database is distributed across a number of different servers (nodes) being hosted by various parties. These parties cannot see your data without your permission, but they are responsible for hosting it. The unique quality of this is that the version of the database they're holding is the same across every server and requires something called Multi-Party Approval for changes to be made.
In summary, if an unauthorised individual wanted to hack or tamper with the server in question, they'd have to make the change on every individual version of the database at the exact same time, for it to be accepted by the network. Otherwise, the change would simply be rejected. Similarly, if one of the versions of the database goes down, there are numerous others available to continue offering access, whereas in the first example, if the single server goes down, the entire database is compromised.
Long story short
A centralised server (most common nowadays) is at risk based on the sole fact that it's a single, central source of access to the database and therefore if tampered with, compromises the data.
A decentralised server (blockchain) is less risky, as it distributes the same version of the database to all of it's active parties and therefore requires a considerable amount of computational power to tamper with. Also, should one node (server) be disrupted, the others on the network are all in a position to continue providing access to the database, whatever it may be.
It is blatantly obvious that various factors have to come together to drive decentralization of databases. You need the right mix of a consensus protocol such as Proof of Work and Proof of Authority (the means by which the parties hosting the database agree that a specific actor and/or record is legitimate and can be added) and a network of nodes to actually decentralize or for want of a better term 'share the hosting' of the database. However, these things are becoming increasingly easy to achieve, predominantly through the increase in private blockchains and the technology becoming more sophisticated. Is it easier to achieve? Not really at present. Is it doable? Absolutely. Is it safer? Almost certainly.