Dinesh Rivankar
11 min readMar 10, 2021


The world has witnessed one of the worst pandemics which has brought the economies under surveillance but also prepared many countries for the disaster. Countries which were more focused on financial sectors have now shifted their focused-on Health Care Industry. Our Scientist, frontline warriors like Doctors, Nurses and other helping hands are doing their best to prevent the spread and keep society safe. Medical experts are busy in vaccine formation and running clinical trials to ensure that vaccines are safe for all humans without even a single trace of allergy or side effect.

Vaccine formation and clinical trials are well organized and have been monitored by many organizations. However, the distribution planning and monitoring of vaccine is very important. Each country has a different judicial or a different model of action depending on the set of processes and principles. Although, the motive is just distribution of the medicine to all the citizens and making sure the country is safe, there needs to be a mechanism to validate the success or analyses the outcomes for the overall process. Few concerns which need to be answered in advance are how do we avoid the distribution failure, verify that doses are given to all individuals, no individuals take multiple doses to get more immunity or substantiate that the individuals are getting the approved dose.

Managing data physically is not an option due to the error prone scenarios like data mismatch, bookkeeping, cost involved, and time taken. Hence, digitization plays a vital role, however, it raises a lot of questions related to data availability, safety and privacy. Getting a complete blend of technology and acceptance is the most critical factor due to lack of trust and human tendency to resist the changing attributes. Selecting a platform for implementation can be a long journey as the decision needs to be more focused on the Business, Data, Application and Technology domain. The outcome of this transition should deliver a secure, highly available and easy to use system for managing and analyzing the overall distribution.

Solution Overview

Technological enhancement has added many contenders who facilitate secure and easy to use applications. One of the most promising and well-structured participants is the Distributed Ledger Technology (DLT). DLT is a decentralized, distributed system where each transaction is cryptographically secured and immutable. Data is distributed to ensure the replication and to avoid the Single Point of Failure (SPOF). The fully decentralized architecture eliminates the dependency on traditional client-server architecture. Organizations do not need third-party vendors to create a trust line with different parties. DLT provides a strong layer of data encryption with Public Key Infrastructure (PKI).

DLT being more suitable for the solutioning of the vaccine distribution, nevertheless, we still need to drill down some major areas like privacy, participants and governance. Some of the critical questions before envisioning the solution are:

● Who will be able to see the data and at what degree of access?

● Who is getting on board and how will they access?

● Do we use the node model or account model where many individuals use the system who are part of a single node?

● What is the governance model of onboarding and monitoring the process?

● How do we uniquely identify the citizens on the ledger?

Governance of the system for overall working is the preliminary activity, where we need to set policy related to all the activities like onboarding, process model starting from Business to Technology domain, the current environments in which the system will run, the existing solution like citizen identity verification which can be leveraged, etc. These policies need to be persistent and any modification needs to be approved by the board.

Privacy and trust are two aspects which are bound together, whether it’s a digital or a traditional era. Citizens are more worried about their data when the trust in the organisation is limited and vice versa. Of course, when it comes to the policy regulations like the system being compliant to GDPR or medical records to be compliant with HIPAA, this intensive care is backed in the system. DLT being cryptographically secured, pivotal issues related to data privacy are handled in a legitimate manner, however, the supporting application layers need to be consistent with the security policies.

The vaccine distribution promotion or the awareness related to the prevention are some of the marketing strategies. Economically well settled countries can handle marketing in a digital way by creating social media programmers, TV commercials or even by sending text messages to the mobile network supported by the telecom companies. However, some countries still need to use the newspapers, banners or door to door awareness programmers.

Network Structure

Vaccine distribution is a national level activity, which comprises of the participant divided at state or district level based on the technical fixability and availability. It’s not necessary that all the citizens need direct access to the system, but instead can have an authority-based access like a designated officer, who will interact with the system for feeding in or analyzing the data. DLT embeds the privacy model based on participant role. If all the State or District nodes are working in silos, then the overall network will be isolated. There need to be one or more participant nodes, which are part of the transaction so that regulatory activities can be effectively conducted with measurable interest.

Network components deployed need to be running in a secured environment, where the communication or the data storage is secured end to end. Although the DLT layer is fully secured with peer-to-peer (P2P) connection over Transport Layer Security (TLS), the presentation or the business layer need to be interoperable with the same level of granularity. Data at rest or in transit with third-party, will need a mutual authentication to access the content or respond to the request.

Data Collection

Identifying citizens uniquely is a core activity in the vaccine distribution process so that, there is not a single individual left or getting vaccinated twice. Many nations use unique identifiers like SSN, NIN or Aadhar. However, how we get this data in the system is very important. There are two approaches for data collection — Bottom-Up or Top-Down.

The Bottom-Up Approach

The Bottom-Up approach works from ground zero, by gathering all the data from the local bodies like conducting surveys in the first phase and then the vaccine distribution. This will make sure all the citizens enroll for the distribution in the first phase and success measuring criteria will be pre-set for the second phase. Citizens who are away from home can still register to the nearest centre to take the vaccine shot. The only overhead here is, the two phased approach where, cost and time is spent for gathering data and vaccine distribution.

The Top-Down Approach

The Top-Down approach is simpler, however fully relies on the existing data with the organization. All the existing data is fed in the system before the distribution and cross verification is done during the vaccine distribution. The success factor is a great challenge as data needs to be up-to date.

Both the data collection approaches have benefits; however, we need a provision of adding or removing new entries based on the verified proofs.

Use case

Based on the data collection approach, citizen data will be added to the system either by conducting surveys or by taking it from the existing sources. Collected data needs to be verified by validating it against the original data sources. The record of this verification will stay on the ledger. The DLT layer will make sure that, there are no duplicate entries for the same citizen and verified trace or the attestation is received from the authorized sources.

The citizen will walk into the hospital with the identification card and this card should be able to authenticate the user as a person who s/he is claiming to be. The authentication is not only based on the demographic information available on the card but also involves enhancements like fingerprint scan, Iris scan or OTP based mechanism. For people who are old enough where the fingerprint scan, Iris scan or OTP based authentication is not possible due to technical or financial flexibility, consent mechanism should be embedded. A digital contract is furnished in the system to make sure that, the citizen is being identified and validated by the designated office.

Analytical service will be hosted on top of the blockchain network. It’s a service which can fetch all the records from the ledger and run analysis. This analysis can be then used as a measuring criterion for, successful vaccine distribution or to send regular notification or spread awareness to the citizens who have not taken the vaccine dose.

Technical Architecture

Technical enhancement and cloud infrastructure have brought many advanced Commercial Off-The-Shelf (COTS) products, which are very handy and need minimal tailoring. Below is the diagram of a layered architecture for a simple process flow. All the components listed will be hosted on the cloud infrastructure for providing better scalability, availability and reliability. The layered architecture will provide the reusable components which gives flexibility and maintainability to the overall application.

Presentation Layer : Presentation layer will be the topmost layer of the architecture, which will be used to present data and application to the users. Since it’s a web-based application, one can use the responsive layout to fit the application on any device. However, the interaction with the processing components which is a companion for the UI needs to be modular. This will enable easy enhancement or improvement to the application over a period.

API Gateway : API gateway is a middle layer, which acts as a request facilitator for the business layer. All the client requests and responses for data are passed through this layer. API gateway can be also used as a reverse proxy to collect all the requests from the client and retrieve contents from different services. Access control for validating the requesting party is a major security consideration and needs to be handled with proper checks.

Business Layer : Business layer is an important layer in the overall architecture used for processing the business logic. This layer is internally segregated as a micro service, where each service holds the responsibility of independent tasks. Services can be developed and deployed independently, where each service can have its independent database which helps to decouple from other services. Micro services will help in eliminating vendor/technology lock in, fault isolation and faster development.

DLT Layer : This layer is distributed and decentralized, each participant will run their own nodes to store or fetch the data. We can run clusters of services to eliminate the bottlenecks on the services like validation service for transaction attestation. The Oracle services can be used if, the third-party data is to be consumed or listeners can be placed to act on any events triggered like data insert or scheduler timeout etc. The communication between the nodes is P2P with mutually authenticated TLS (Transport Layer Security).

Data Layer : Data is the core of any application and needs to be secured throughout the lifespan. This data can be further divided into 2 categories where data which is less sensitive could be stored as application data and the sensitive pieces can be stored as DLT data. Unlike the DLT data is cryptographically secured with latest data standards from the industry, optimum care should be taken for application data. Message queues help to decouple and scale the services in distributed systems, where data in transit is never lost and delivered to the destination.

Attestation Service : A third-party service is used for verification and authorization of the content in the application. This service is API based and has no other interface available for communication. These services are basically hosted by Government organizations for attestation of unique identification for each citizen or validating the presence of a legitimate content. Digital signature on the response for any given request makes it an evident proof.

SMS/Email Service : Communication services are used to send reminders, spared awareness or facilitate the use of authentication methods like OTP based acknowledgement. These services should be modular where features like mailing lists, one to one message triggers and delivery reports should be available to measure the usage and coverage of the audience. Services can be internally incorporated or subscribed based on the technical fixability.

Deployment and Monitoring Tools : Deploying the application and monitoring the performance is a key element, however selecting the right tool to facilitate the process is very important. The tool should be very handy to deploy the distributed application and with the capability to revert if needed. This tool helps to identify if there are any issues / errors, measure the application performance and send alerts if there are any braking changes to the application.

Data Analytics : DLT applications are not suitable to store the analytical data where an analytical engine continuously fetches or processes the data stored in. However, external systems can be leveraged. The data can be replicated in the analytical service for processing and the reports can be stored on DLT.


DLT based Vaccine Distribution system is more efficient for onboarding and managing citizen data securely with the private consortium. Documents related to digital contract or the citizen history are very sensitive and need to be secured from tampering. Some of the benefits provided by the DLT based Vaccine Distribution are;

Decentralization: DLT based systems are decentralized where there is no central authority controlling the entire system. Each organization runs their own node which is not dependent on any centralized service.

Distributed: Each participating organization hosts their own nodes with local copy of data. Every time there is an addition or update to the record, this data is updated for all the organizations in their local storage.

Tamper Proof: DLT by nature is immutable which guarantees that the data is unchanged over a period. Each transaction contains the digital signature of the participant which makes it easy to verify.

Security: Transaction data is cryptographically secured and channelled over mutually authenticated TLS enabled P2P networks. Each participant on the network holds a pair of keys which is used for data encryption and decryption.

Interoperable: No need to modify the existing enterprise system, communication to DLT applications can be done over API layer or incorporate the SDK (Software Development Kit).

Scalable: Application can be easily scaled to support market demands, easy to install and replicate for high availability.

Note : This is just a design thinking on a prototype, suggestion and improvement are welcomed.



Dinesh Rivankar

Architect, Blockchain Innovation Group. #TOGAF #ConfidentialComputing #Corda #Hyperledger #SmartContract