| | 1.3 Finance
04. Business Annual Account | |
|---|
| 1.3.03 Business Annual Account: | | 1. As proof-of-concept of how privacy-by-design can be deployed, the application service supporting the business annual account has been published. A Data Privacy Impact Assessment (DPIA) is included to give context to how application services comply with Data Protection Regulations. | | 2. The business requirement is to manage every revenue, expense and purchase on a month by month basis. This data is consolidated by quarter as a VAT return and summaried by financial year as the annual return. | | 3. Data entry errors are minimised by using drop down list selection where applicable. It has been identified that the majority of names and places are reused month-after-month and year-after-year. It is mandated that consistent customer names, supplier names and places are reused so analysis by name can be easy, complete and correct. | | 4. The month number of the first month in the annual financial year is a system parameter. A template invoice and payment advice document are managed for each customer. | | 5. Belief in security-by-design is proven by taking a very secret set of accounts and letting the encrypted data be published to the world. When this level of security can be achieved and demonstrated, then lesser business data may be share to the same technology. How do you know the data has been published when it is so well concealed? How do you know the data has is encrypted when nobody has tried to decrypt it? | | 04 Business Annual Account... | | 09 Open Book Account... |
| 2. Glossary: | | * BAA means the Business Annual Account that is mandated for HMRC, VAT and Companies House annual returns. | | * Eliza is the name given to the artificial intelligent assistant that has been taught to manage the business annual account. | | * Revenue means money paid by a customer to the business. | | * Purchase means money paid to a supplier by the business. | | * Expense means is a kind of purchase paid to a vendor by an officer, wholy and exclusively on behalf of the business. | | * Steganography means the art of concealing critical business data in plain sight in a way that is hard to find. | | * Pseudonymised means replacing a field value with a token and storing field values in a place that the sun does not shine. |
| 3. Input: | | 1. When an invoice is paid into the bank account the revenue is entered as a transaction showing date, company, event, VAT code and gross amount. | | 2. When a purchase is paid to a supplier the details are entered as a transaction showing date, company, event, cost code, VAT code and gross amount. | | 3. When an expense is paid on behalf of the business to a vendor the details are entered as a transaction showing date, company, place, miles, contact, event, VAT code and amount. | | 4. No other data entry is permitted as all other derived information is automatically calculated. |
| 4. Account Transaction: | | 1. Type of transaction is selected as (1) Revenue, (2) Expense or (3) Purchase. | | 2. Date of the transaction is selected as a day number with the month and year implied. | | 3. Company name is selected from an editable list. | | 4. Place as town name for expense only is selected from an editable list. | | 5. Miles is entered where a expense trip was made by motor vehicle. | | 6. Event is selected from an editable list. | | 7. Contact name for an expense is selected from first name and family name editable lists. | | 8. Cost Code is selected from an editable list. | | 9. VAT Code is selected from an editable list. | | 10. Amount is entered as decimal pounds to derive net, VAT and gross amounts. |
| 5. Accounting Methods: | | 1. Cash accounting methods are used where what is invoiced is proforma until paid and only paid invoices are booked as revenue. Accountancy methods like returns, reversals and credit notes are eliminated. | | 2. What is shown is all accounts in the same base currency - implied as UKP. Inside the application service, a multi-currency capability exists with default currency code, country code and exchange rate assigned to each transaction. Reports of VAT and amounts by country can be requested in conformance with accounting regulations. | | 3. VAT codes are selected from a list that enables VAT rates for many different countries to be selected. The selection of a VAT code implies a currency and country code. |
| 5. Privacy By Design: | | 1. Every transaction is reduced to a string of numbers. A number is derived from the transaction type. A number is derived from the transaction date as the number of seconds since a private event. The company name is stored as a number that identifies a unique company name. A number indexes a unique place name. A number is derived from the mileage. A number indexes an event description. A number indexes a unique contact first name. A number indexes a unique contact family name. A number indexes a cost code description. A number indexes a vat code and the method to derive amounts. A number is derived to represent the transaction amount. | | 2. Every stored field value is derived using algorithmic methods based on the original field value and other information. It will be hard for a criminal to guess the order of fields, the number of digits representing each field and the algorithm used to derive each store field number. Even if the criminal could derive such information, they would not have any text to provide context. |
| 5. Encryption: | | 1. Every company name is encrypted using many layers of different encryption methods. These encryption methods ensure that decryption by guessing character usage is not practical. Every name is assigned a unique token number that is stored in the tranaction. | | 2. All company names with tokens are encrypted, compressed and concealed in an image. If a criminal gained access to an image, they would not know where the information is concealed or how it is encrypted or what is represents. Even if the criminal could decrypt such information, they would simply have a list of company names. | | 3. Events, contact first and family names are treated in similar ways using different encryption methods so a leak of one field will not become a leak of all fields. Encrypted data is concealed in different images and the images hidden in a folder with thousands of similar images. | | 4. Many different encryption keys are needed and these are stored and derived from data concealed in images. Each 2048 bit AES key is 256 bytes that is part of a standard image - hard to detect if it is or is not a key and even harder to detect what its used for. | | 5. Multiple decryption keys are stored in images with three key purposes:- | | (1) The true decryption key is used to decrypt the encrypted data into real business data. | | (2) Some fake decryption keys are used to decrypt the encrypted data into real pseudo data that looks OK, but is made up. | | (3) A doomsday decryption key is used to silently change the contents of all data and system files to zeros. Eliza always uses the correct decryption key so any invalid key must be a reason to trigger the silent doomsday procedure. |
| 6. Transactions: | | 1. A months transactions are encrypted, compressed and concealed in an image. Twelve images store a financial years worth of transactions where each transaction is just a string of numbers. | | 2. The number of transactions stored for in each month is variable and without any limit. If a criminal gained access to an image, they would not know where the information is concealed or how it is encrypted or what is represents. Even if the criminal could decrypt such information, they would simply have a list of company names. | | 3. Events, contact first and family names are treated in similar ways using different encryption methods so a leak of one field will not become a leak of all fields. Encrypted data is concealed in different images and the images hidden in a folder with thousands of similar images. | | 3. Cost code, VAT codes and place names are encrypted, compressed and concealed in images. Information in an image is extracted and loaded into arrays for repid processing. |
| 7. Eliza: | | 1. Apart from transaction data entry, Eliza does everything else. Eliza can do in less than a second what a person may take a day to do - excessive encryption is just extra processing micro-seconds to do another million things. Eliza works in the data center with massive computing power so what shows in the browser is simple forms. | | 2. Privacy-by-design includes the principal that it would cost the criminal more time than it is worth to decrypt any one component. Layer after layer of complexity is used to maximise the time that criminals would have to devote to guessing a viable solution. Many things are made to look like other things, for example, mileage is algorithmically derived to look like a date and a date is algorithmically derived to look like mileage. | | 3. Eliza can be taught to rapidly index place names from numbers, while people may take a long time to manually do the same thing. In practice, compressed data is faster and more efficient to store and process, and beyond the normal capabilities of a person. |
| 8. End of Database: | | 1. Eliza has chosen to eliminate use of a database and to conceal all business data in images. Application services use image libaries with thousands of images, and some of those images conceal additional encrypted and compressed data. Eliza has been taught to rapidly extract business data as needed from relevant image files without any SQL. | | 2. A database with SQL clauses is optimised to search, sort and filter normal data, but is not designed to search encrypted stored data. While the database has been at the apex of good application design from 1970 to 2010, NOSQL has taken the apex position for the next forty years. Modern security and privacy requirements are not best served by SQL but are best served by Eliza and artificial intelligent assitants. | | 3. Tables are replaced with images that conceal arrays of data such as:- | | Company name array. | | Place name array. | | Event array. | | Contact First Name array. | | Contact Family Name array. | | Cost Code array. | | VAT Code array. | | Encryption Key array. | | Account Month array (twelve per year). |
| 9. Fraud: | | 1. As a proof-of-concept the application service demonstrates that the threat of fraud has been eliminated. Data can be added but not deleted. Data may be changed, but every change is recorded and cannot be hidden. Once a month is closed, that data is frozen for seven years. | | 2. All data is replicated to a swarm of data centers in real-time. New transactions and new names are replicated to a swarm of data centers within a few moments. No person can alter data. No administrator knows where the data is and what to do with the data. An agency may take a copy of all images, but no data breach takes place because what is stolen is meaningless and does not leak any personally identifiable information. An agency may physically delete all images in a data center, but other copies of the images in other secure data centers exist so the deleted data can be replaced in a few moments. | | 3. Data protection conformance is the primary objective and that has been achieved with honors. Keeping financial information safe and away from criminals is an objective that has been delivered. Deployment of excessive encryption is a proof-of-concept that is demonstrable. | | 4. Stored data is different to displayed data - displayed data is derived by algorithms from the compressed data that is stored. Data is purposefully stored to look like other data and never to hold a displayed value. Length and CRC checks are used to maintain data integrity and detect unapproved change or corruption. |
| 10. Data Protection Impact Assessment (DPIA): | | 1. This Data Protection Impact Assessment (DPIA) has been prepared in compliance with Data Protection regulations. It is plausible to deny that any personal information exists that must comply with legal obligations because nobody can identify any stored data. A data breach cannot take place because no unauthorised person can loose, steal, copy or gain access to any personally identifiable or any business information. | | 2. Eliza has eliminated the storage of any Personally Identifiable Information (PII) and all business information that must be protected. Data protection methods include privacy-by-design as the core way that data is stored involves encryption, pseudomysation, steganography, tokenization and obfuscation. By making everything very secure, everything is very private and criminals have little to attack. The evolution from database to images is a means to stay one step ahead of criminal agents and gives people less to attack. | | 3. The cost is most data in memory most of the time and massive server processing power to decrypt data as and when needed. As the cost of flash memory reduces and the cost of processing power halves every 18 months, then the design overheads are a reasonable price to pay for total privacy. |
| Document Control: | | 1. Document Title: Business Annual Account. | | 2. Reference: 161304. | | 3. Keywords: Business Annual Account, Annual Return, VAT Return, P+L Sheet, Balance Sheet, Monthly Statement. | | 4. Description: The business has annual accounts that are accumulated each year to justify the balanace sheet. | | 5. Privacy: Public education service as a benefit to humanity. | | 6. Issued: 8 Dec 2016. | | 7. Edition: 1.2. |
|
|