WIXLIB

Microservices were used to create a multi-host architecturethat runs independently and replicates blockchain data to eachhost to protect the system against data loss in the event ofnode failure. A web interface was created to allow query anddata validation in the public blockchain.Cyran [11] presents a solution that aims to protect sensitivehealth data in hospital environments. The system architectureconsists of the use of container Docker that enhances systemdeployment. The container contains the web application layer,the key store service, the cache service, and the blockchainservice, all implemented using the microservices architecture.Protection of data is achieved by using cryptographic layersand public and private keys to be encrypted before beinginserted into the blockchain and decrypted when sharing data.The solution also uses smart contracts, which assist in datadiscovery, retrieval, and decryption.Nagothu et al. [20] suggest the development of a microservice surveillance monitoring system. To overcome architectural security vulnerabilities due to the use of distributed data,it is proposed the use blockchain in the application. The authors implemented the system with Facial Recognition, AudioAnalysis, License Plate Recognition, and Behavior Analysismicroservices, each of them with a dedicated database whoseinformation is synchronized and stored in the blockchain. Inaddition, smart contracts record and sign certain surveillancedata according to what is bound to nodes.Tonelli et al. [15] discuss that microservices and smartcontracts share many similarities, such as decentralization.The main point in common is that smart contracts can communicate with each other, just like traditional microservices.Furthermore, each smart contract provides its service, suchas changes, updates, login, and general transaction types. Theauthors suggest a use case whose the primary goal is to enabledoctors to keep track of their patients’ disease diagnoses.Three smart contracts were implemented: DoctorPseudoRest,PatientPseudoRest, DiagnosisPseudoRest.TABLE IU SER STORIESIDR1R2R3R4R5R6R7R8IIIIIIIIUser Story - Notary Employeeam able to log in to the notary’s system.can list the services provided by the notary.can list the customers registered in the notary.can select the customer, its requested service, and start an order.am able to register a customer with the system.can register a certificate record in the system.can perform a digital signature on behalf of the notary.can generate a payment slip for the customer.B. Quality RequirementsWe specify quality requirements considering the demands ofthe proposed approach and how microservices and blockchaincan contribute, both together and individually, to achieve thequality attributed, as shown in Figure 1.Fig. 1. Advantages of microservice and blockchain technologiesIn general, the use of blockchain technology, along withthe microservice architecture, can generate benefits on scalability, security, and information sharing, among others. Theproposed approach uses the terminology “distributed” in twoperspectives. On the application side, a microservice architecture is comprised of several independent and distributed subapplications that can provide several benefits as detailed inSection II. Regarding the blockchain, the fact that informationis stored in a distributed manner brings other advantages suchas resilience, decentralized and multi-party operations, forexample.Considering resilience of the application side, a problemin a specific service would only affect it. Other serviceswould continue to handle requests typically. In a monolithicsystem, the whole system would be damaged if one componentmisbehaves. The resilience of blockchain technology is due tothe replication of the information on each node of the network,allowing them to be quickly recovered if any node loses it. Inboth situations, the problem of a single point of failure can bemitigated.One of the key features of blockchain is enabling a sharedinfrastructure in which there is no control by the participatingorganizations. This technology is suitable for multi-part scenarios in which intermediaries are acting within the currentsystems. Since there are multiple parties, the same microservice may be requested by different entities, depending onwhat the microservice is designed to do. Besides, decentralizedIV. R EQUIREMENTS AND M ICROSERVICESThis section presents the functional and quality requirements of the proposed system that were identified based on themain services provided by a notary’s office. From this analysis,the microservices were delimited according to the businessrules and data modeling of the identified requirements.A. Functional RequirementsAs mentioned, the requirements were raised from the mainflow of a notary’s employee performing his/her service, ranging from logging on the system to realizing a customerrequested service. To elicitate the requirements, we used localobservation, brainstorming and scenarios. Those requirementswere represented in the form of short, abstract and highlevel descriptions through user stories [21]. Initially, only thenotary’s employee will interact with the system, as presentedin Table I.124Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 26,2020 at 09:13:24 UTC from IEEE Xplore. Restrictions apply.

that the declaration was valid, the notary’s office begin theprocedures for registration and issuance of the child’s birthcertificate. After the notary’s office completed the process ofthe requested service, the child’s information and certificateare recorded on the blockchain. Since it is necessary that thenewborn child already has its Individual Taxpayer Registration(“Cadastro de Pessoa Fı́sica” in portuguese - CPF), the parentsrequested the CPF to the Post Office, the place of issue of suchdocument in Brazil. In order to carry out the necessary checks,the Post Office’s employee verified on the blockchain whetherthe child was already registered in a notary’s office. After thatverification was positive, the CPF request carries on.operations are possible since no party controls the system, buteach user can manage his/her own data and assets [22].C. MicroservicesFrom the user stories mentioned in Table I, we delimited themicroservices of the system. Hence, the approach back-end isbeing formed by six microservices: Login microservice: allows notary’s employees to login to the system so that they can perform the servicesrequested by the client. Client microservice: maintains the registry of the notary’s clients. It is possible to register information suchas name, ID, and date of birth, among others. Themicroservice also allows modification and removal of thisinformation. Service microservice: maintains the registry of the notary’s services. A notary’s office performs civil and otherservices, and each service has a description and its price. Order microservice: maintains all customer orders andtheir services requested on a given date. Certificate registration microservice: records all certificates that have been requested by notary’s customers(e.g., birth, marriage, death). Signature validation microservice: the registry mustvalidate and record the veracity of the certificate beforeit can be included in any database. Thus, we designed amicroservice that allows the notary’s digital signature sothat the document is registered only after this procedure.Given this real scenario, the steps presented in Figure 2 willbe described as follows, which will be detailed to present themicroservices involved:1) Blockchain registration: the EI referring to the hospitalwhere the child was born records her DVN on theblockchain so that it is available to the notary’s officenetwork that has access to the blockchain.2) Initial procedures: the client, father or mother of thechild, arrives at a notary’s office and requests a service.In this case, the present paper assumes that the registryis of the type “Civil notary’s office”, which can performregistration and issuance of documents such as birth,marriage and death certificates. For example, a notaryemployee serves the client and logs in to the system tostart the requested service. After logged in, the employeechecks whether the client is already registered in thenotary’s office. If so, the client and his/her requestedservice are selected and included in an order. Note thatthe Login, Client, Order, and Service microservices wererequested.3) Blockchain query: at this time, the clerk will make arequest to authenticate information necessary to continuethe requested service. This step will be performed if theservice needs data shared by an EI. At this time, theemployee can check the newborn’s DNV to validate it.4) Notary service procedures: the employee will requestall necessary data and documents to fill in some forms.Since the client chose the birth certificate registrationand issuance service, for example, then the informationto include will be: ID and CPF, as well as a birthcertificate or parental certificate. DNV would not berequired as it can be accessed through the blockchain.Having the necessary information, the employee will fillin a form and attach a copy of the documents. He/shefinishes the service by generating the certificate anddigitally signing it. For this step, to sign the document,the Signature Validation microservice is required. Beforethe blockchain registration is effective, an invoice forpayment is generated, delivered to the client, who inturn must make the payment in some notary’s cashierdepartment. Note that the Order microservice will alsobe solicited.5) Blockchain registration: after completion of the pro-V. T HE P ROPOSED A PPROACHFigure 2 represents a general flow of activities that shouldbe followed to allow the development of applications that useour proposed approach. We consider two types of participatingentities that will be involved in the approach: Notary’s office: company or institution, public or private,in which the issuance, analysis, authentication, registration, and filling of notes and documents takes place,giving public faith to the presented documents . External institution (EI): organization that the notaryneeds to consult to continue the activities related to therespective service. Each service provided by the notarymay depend on authenticated and validated informationfrom a specific EI. In addition, those entities may alsoconsult and record information on the blockchain inaccordance with their respective services.In the current approach, the flow described in detail will berelated to notary services, since this paper intends to presentthe development of the microservice architecture for thisdomain. We illustrate the proposed approach with a scenariobased on the real process of issuing a birth certificate in Brazil.Scenario: A child was born in a certain hospital that recordedhis/her Statement of Live Birth (“Declaração de Nascido Vivo”in portuguese - DNV) on the blockchain. The parents went tothe notary’s office to apply for certificate registration, and thenotary’s office consulted whether the child’s DNV was alreadycontained in the shared blockchain records. After verifying125Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 26,2020 at 09:13:24 UTC from IEEE Xplore. Restrictions apply.

Fig. 2. Execution flow of a notary service in our proposed approach.cedure and having proof of payment for the service,all information collected, along with the notary’s digitalsignature, will be recorded on the blockchain. Here,the microservice involving the use of the blockchain isrequested (Certificate Registration microservice).6) Final procedures: as each client may have severalorders, the current order will be finalized. Here again theOrder microservice will be requested for its completion.7) Blockchain query: this step occurs in a process similarto step 3. However, the the Post Office’s employee is theone who consults the registered certificate at the notary’soffice.TABLE III MPLEMENTATION T OOLSVI. S YSTEM I MPLEMENTATIONIn this section, we present the development tools andprocesses used, as well as the description of the smart contractfunctions related to the Certificate Registration microservice.As discussed, we implemented a pilot of the proposed approach, i.e, a simplified version of the flow shown in Figure2 considering a notary system. The complete prototype isavailable on GitHub3 poseProvides a development framework that allowsthe use of NodeJs package manager NPM toinstall JavaScript dependencies.Programming language and object-orientedcomputing plataform used to develop ServiceDiscovery in this project.It is an object-oriented programming languageused in this paper to write smart contracts ona blockchain platform, Ethereum.A compact and complete JavaScript library thatallows interaction with the Ethereum network.A library that allows a JavaScript applicationto interact with an Ethereum network nodeusing an HTTP or IPC connection.NoSQL database used at this work to storesystem-generated data.Declarative, efficient and flexible JavaScriptlibrary for creating user interfaces (UI).that this culture provides to the team. The DevOps techniquesused in this work are listed below by categories: Agile methodology: the Scrum methodology was widelyused to perform software project management and planning. The sprints were well defined and a Sprint ReviewMeeting was held at the end of each sprint. Collaboration: as mentioned previously, Trello was usedby the team to manage the project. In addition, weadopted Slack as a collaborative channel for communication between team members and integration with othertools. Continuous Integration (CI): during the project development, we used the “Travis CI” tool to automate thetesting and building of the source code of each commit. Testing: unit tests were used in the system functions toensure that the system is working as specified. We usedthe JS Tape as testing tool. Deployment and Cloud: Docker was used to createa microservice image and to deploy the container onthe cloud. The microservices were deployed on cloudplatforms after being containerized: the Google CloudA. ToolsThe microservices from Section IV-C were listed as tasksin the online tool “Trello”. This allowed developers to havea better understanding of the development process evolution.The development environment consisted of the componentsand tools listed in Table II.B. The DevOps DevelopmentAccording to Dyck et al. [23], DevOps is an organizationalapproach that emphasizes empathy and collaboration betweenIT development and operations teams in systems developmentorganizations to produce resilient systems and promotingcontinuous delivery of changes. We adopted this approach toimprove the quality of development taking into account teamcommunication, process optimization, speed of production,continuous delivery, proper use of tools, and the other benefits3 https://github.com/Notary-BlockMS126Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 26,2020 at 09:13:24 UTC from IEEE Xplore. Restrictions apply.

hosted the Service Discovery application, while Herokuhosted all other microservices.Algorithm 1: RegisterCertificate smart contractfunction includeCertificateBlockchain(id, certificate)if msg.sender ! owner DocumentsList[id].used thenAbort;C. Development Pipelineinsert Document in DocumentsList;return sucess;end functionfunction getAllCertificatesBlockchain()return DocumentsList;end functionfunction getCertificateBlockchain(id)return Document;end functionfunction changeOwner(newOwnerAdress)if msg.sender ! owner thenAbort;We used agile methodology to organize project executiondue to team characteristics and the need for constant delivery.Our team consisted of three first-year students of a master’sdegree in computer science and each delivery was evaluatedby a professor who represented the client of the application.We followed the sprint concepts of the Scrum method, whichwere executed as follows: Sprint Zero: All developers had their first contact withmicroservices development and created a mock microservice to be consumed in the cloud. Sprint 1: Firstly, the Login microservice was developed.The user was included by the team using a collaborationplatform for API development. Then, it was possible login the web application typing the registered email andpassword. The CRUD of the Client microservice wasimplemented. Thus, the functions of listing all clientsregistered in the notary’s office, searching them throughan id, including them in the database, updating thedata, and the possibility of removing it from the clientlist by searching their respective id were implemented.The CRUD of the Service microservice was also implemented. Sprint 2: At this moment, we focused on the developmentof the front-end. The Login, Home and Register Clientpages were developed in the web application. Sprint 3: The Register Certificate and View Documentpages were developed and the API Gateway was build. Sprint 4: Finally, Eureka and Zuul were used to implement service discovery. Both services were deployed tothe Google cloud platform. The Digital Signature pageswere developed in the web application. A CRUD of theCertificate Registration microservice was developed. Weimplemented a smart contract that allows a certificatehash to be entered and viewed when a user searches for itusing its ID, as this microservice communicates with theEthereum blockchain. We used a storage technique whenadding a conventional database so that the document isstored off-chain (see Section VII-A).At the end of each sprint, functional microservices were deployed at the Heroku platform after local tests and executions.A mock service was also developed to simulate the operationof the signature validation microservice. However, in futurework, it is necessary that the signature validation microserviceis integrated with a Certifying Authority (CA).update current owner with new owner adress;return sucess;end functionThe Certificate Registration microservice can perform theregistration of the certificate requested by the client by communicating with the RegisterCertificate smart contract, whichconsists of four functions that (i) add a certificate, (ii) returnall blockchain certificates, (iii) return a registered certificateb

the microservices architecture is maturing as an architectural style for developing distributed software systems with high requirements for scalability and adaptability in companies such as Amazon, Netflix, and LinkedIn [7]. Microservices make the integration of new entities into the system easier and faster, since modularization and scalability