Data Vaults for Blockchain-Empowered Accounting Information Systems

When designed, technologies and frameworks are not created to be as dynamic and flexible as to cater to the requirements of other domains, and so is the case with Blockchain technology. Specifically designed for cryptocurrency, Blockchain was not intended to be used in other domains. However, during the past few years, critics argued that Blockchain has the potential to deal with some unique requirements like confidentiality and immutability and can therefore be deployed in several areas other than cryptocurrency. The use of Blockchain to support Accounting Information Systems (AIS) through enterprise resource planning (ERP) is another motivating domain to investigate in this research. ERP is another promising technology that has gained significant attention across the globe. In this research, a hybrid solution is proposed to ensure AIS data integrity against any deliberate attempt or mala-fide intention for alteration or deletion from the database that can be verified at any later stage. Since Blockchain can be used to prevent any mutability in the stored data, the proposed solution presents a concept of Data Vaults backed by the Blockchain. To this end, we apply cryptographic primitives like SHA256 on the data inside the block and then chain that block to secure data vaults. So far, Blockchain has not yet proven itself as an alternative to any traditional database system. However, it can be applied in conjunction with the Relational Database Management Systems (RDBMS) to provide cost-effective yet robust solutions. This research demonstrates the application of a simple and lean version of Blockchain to assist enterprises in storing their financial and accounting data into data vaults, ensuring their data integrity against any alterations. The suggested cost-effective framework can be easily integrated into AIS and ERP systems to identify data breaches.


I. INTRODUCTION
Data is an integral part of an accounting information system (i.e., AIS); therefore, it requires special consideration while dealing and handling, and data stores in the DB are secure and safe but to a certain extent. The data may be compromised, where at least one person with unrestricted access can manipulate the data as per her will or the company requirements. Therefore, a computer-based system should be proposed for companies to save their financial information The associate editor coordinating the review of this manuscript and approving it for publication was Wei Huang . on a location other than their systems. Such systems can ensure that the auditors and financial regulatory authorities can ensure that the data are authentic, tamper-proof, and there would be no data alteration in the future as a replica or true copy is available and saved in the Data Vault. Traditional databases (i.e., DBs) are used to store the data, but data integrity is never out of the question. DBs are not as efficient as the Blockchain is. Blockchain has essential features, which ensure the integrity of data and stop unwanted mutability. Luckily, data vaults apply similar concepts. However, storing data using Blockchain is quite complex, and the process is often difficult to understand. When Blockchain is applied in cryptocurrency, its complexity increases many folds, which restrain many developers and researchers from initiating any work in the Blockchain domain. A simple and easyto-understand version of Blockchain should be applied in the application so that the work is done with limited resources and without the need for a high level of expertise. Blockchain is all about the arrangement of data in blocks and the coupling of blocks in a chain using cryptographic primitives. It depends on the requirements to satisfy the problem for which the Blockchain is using. A simple and lean version of Blockchain for data arrangement using cryptographic primitives is the core idea of this research work.

A. ACCOUNTING INFORMATION SYSTEMS (AIS)
AIS refers to a structure used by businesses to collect, store, manage, process, and retrieve financial information of the organization. AIS considers accounting as an essential part of an organization [1]. The input of AIS takes the form of business activities-related data, and the output is generated as financial reports. Such financial reports are essential to make decisions and analyze business outcomes; these reports can be shared by auditors, financial experts, and financial regulatory authorities. Modern AIS is a computer-based system that uses software and hardware for bookkeeping and is administered by qualified accountants. Internal and external users use the conceptual model of an AIS within an organization [1]. The purpose of the AIS is to process and generate financial and non-financial reports [2]. The management accounting process constitutes three main steps, including transactions, reports, and decision making. Most management accounting processes are implemented through an advanced level of ERP system and vary from one company to another [2]. The quality of the output entirely depends on the input data since correct and timely information helps the management make more effective and efficient decisions. Low-quality inputs or the absence of quality data produce imprecise outputs, leading to wrong decisions, and ultimately the business has to bear losses [3].
Nowadays, technology is evolving daily, and individuals and companies expect more and seek optimized solutions to meet modern challenges. Such phenomenon is also witnessed in accounting, which strives to support managerial strategies and decision-making processes [4]. AIS systems combine hardware and software resources and work through joint modules connected to a central DB. An effective AIS system prevents users from making mistakes, processes data quickly, and produces insightful reports. Traditional accounting practices, like Generally Accepted Accounting Principles (GAAP), are preliminarily flexibly embedded into the systems to be customized and replaced as per the requirements and needs of the companies. Figure 1 shows the process flow of AIS in an IT-enabled environment.
The building blocks of an ERP system are integrated modules, which work cooperatively and span maximum functions and processes. All modules are fully integrated, where users can access real-time information related to all business functional areas [5]. AIS implemented through a dedicated ERP system always has a significant impact on the performance of an enterprise. The competency level of accounting staff in an ERP environment is improved as work is carried out more efficiently, resulting in positive outcomes for the enterprise [6].

B. ENTERPRISE RESOURCE PLANNING (ERP)
ERP systems have gained considerable attention in the past few years due to their ability to handle resources and transactions within a single system [7]. An efficient system is required to control the information flow in an organization. ERP systems are developed based on the principle that all system modules use a shared data repository, enabling the integration of transactional and processed data [8]. Persistent information on business functions is vital in decision-making. There is a need for a reliable and efficient system that should provide real-time information when required [9].
Information Systems (IS) enabled organizations to improve their outputs manifold as they automated many mundane processes. MRP (Manufacturing Resource Planning) was the first version of ERP systems introduced in the 70s, which was later upgraded to MRPII systems [10]. MRPII systems covered some other business processes that were not included in the early MRP versions. In the early 90s, the ERP vendors created more flexible ERP systems than the legacy ERPs. It was thirty years since the ERP or ERP-like systems were used, and ERP vendors brought innovations in this field. These ERPs were able to integrate many business processes to serve internal and external customers. The public sector also started to adopt ERP systems on an experimental basis. The purpose was to manage public resources for the welfare of the citizens [11].
An ERP system is an effective and cost-saving solution for many businesses, ranging from education, supply chain management, retail management, banking, financial services, and insurance. By function or by verticals, ERP has become one of the most critical aspects of financial services [12]. These days, ERP vendors offer solutions that cater to the demands of vertical industries. ERP sales were estimated at US$ 41.69 billion in 2020 with a CAGR (compound annual grown rate) of 7.2% annual increase [13]. They were highly sophisticated and integrated to satisfy the requirements of different areas of business. Modern ERP systems are developed using the multitier or multilayer architecture. These ERP systems always use a database layer that is linked to the other tiers of the system. The database tier incorporates different technologies, such as SQL Server, Oracle, or Db2, as shown in Figure 2.

C. BLOCKCHAIN
Blockchain is in the limelight since its invention and has become one of the top-ranked items in the IT industry during the past few years. Blockchain is a data storage technique that keeps data immutable, transparent, confidential, open-source, and located on a P2P decentralized network. Blockchain has some unique characteristics, such as the data blocks are distributed over the network and thereby unexposed to deletion or alteration. The data are stored in blocks, which are tightly coupled with each other using cryptographic hash functions, like SHA256, for ensuring data integrity. It is anticipated that 10% of the global gross domestic product (GPD) will be stored using Blockchain by 2025 [14], while the value of Blockchain will reach 2 trillion USD by 2030 [15]. Figure 3 explains the formation of Blockchain, which shows three chains. The longest chain is called the main and original chain, while all blocks outside the main chain are called orphan blocks. The first block in the chain is called the geneses block. Technologies and frameworks are, when designed, not developed to be as dynamic and flexible as to cater to the requirements of other domains and so is the case with Blockchain. Blockchain was developed explicitly for cryptocurrency. However, due to some indispensable features like confidentiality and immutability, Blockchain has become a favorable choice in various domains other than cryptocurrency. Blockchain has numerous unmatched properties that distinguish it from traditional data storage technologies. Besides technical challenges, advancements in technology, and hardware, Blockchain still claims superiority because of its cryptographic primitives [16].
The major value of Blockchain is its ability to store data securely on distributed locations. As far as data security is concerned, there is no evidence of security breaches in Blockchain solutions till now. Blockchain is backed by solid cryptographic primitives that are infeasible to break. Despite its simple architecture, Blockchain has gained widespread attention recently and is considered more disruptive than any other area of computer science. It is claimed that Satoshi Nakamoto was the person behind the innovation of Blockchain. He developed it purposefully for the Bitcoin cryptocurrency in 2008. The idea for creating Blockchain was to eliminate the involvement of any third party in the transactions and store data on a peer-to-peer, decentralized network [12]. Nakamoto, in his whitepaper, discussed the challenges involved in the ownership of the cryptocurrency and presented a solution that formed the conceptual foundations of Blockchain [17].
Blockchain ownership does not belong to a single person or a group of people but to each node on the network; therefore, it works without the involvement of any centralized authority or trusted third party. Blockchain operates as the underlying data storage technique for storing transactions of Bitcoin. However, Blockchain is not Bitcoin or vice versa and should be differentiated clearly. Bitcoin and other cryptocurrencies use Blockchain as an underlying data storing technique. We can also call it data storage, where data or records are located in raw form. Blockchain is a combination of cryptography and an economic model that works on a P2P decentralized network. Blockchain stores data in a block which consists of two parts; first, a Block Header, and second, a Block Body, as illustrated in Figure 4.
Block Header contains the following items: • Block ID: Every block in the chain is assigned a unique ID to get recognized.
• Timestamp: Current time is stamped every time a new block is created. This time is taken from the UNIX time server as a universal time in seconds since 1970 [18].
• Hash -Current Block: The hash value of the current block, which is to be mined.
• Hash -Previous Block: The hash value of the previous block.
• Nonce: A 32-bit random number to be searched by the miners to produce the correct hash value. This number ensures that any computation which has already been done during the block mining process is never used again in any other block. • Merkle Root: A Merkle root is the hash value of all transactions hashes in the block body.
• nBits: The difficulty level determines how difficult it would be for a miner to mine the block. In Bitcoin, transactions are stored in the blocks in a specific format. Each transaction is digitally signed by the participants, i.e., the sender, the receiver, and the quantity of the coins. Two cryptographic primitives are used to secure transactions, the Hash Function and Digital Signature Algorithms (DSA) [19]. Transactions are stored in the body of a block. Figure 5 describes the transaction process in Bitcoin. Blockchain and Bitcoin are not the same, just like the Internet and email are not the same. Blockchain is a technique for storing data and is initially developed for the Bitcoin cryptocurrency. Due to its unmatched features, various industries have started to explore its potential for other services. Ripple is a Blockchain-based financial service application used by various international banks for international remittances and payments [22]. Famous international banks are now looking for a common Blockchain-based platform for remittances and payments [23]. R3 is a software company that provides a Blockchain-based ecosystem to more than 300 companies from different domains working in a collaborative environment [24].
Estonia is ranked first in the world, with 99% of its services offered to its citizen online, and due to this reason, the transparency in the public sector is exceptional [25]. The Chinese government is also focusing on e-Government services for its citizens with the help of ICT to tackle transparency issues [26]. Dubai provides all government services to its citizens online, and Blockchain is also under consideration [27]. It is estimated that Dubai would save up to 25 million person-hours of work per year which will save up to US$1.5 billion per annum [28]. The Swiss government initiated a new approach to deal with healthcare data and is planning to develop a Health Bank with the help of Blockchain. This health bank will be used for storing and sharing healthcare data of Swiss citizens. [29]. The exchange of healthcare information and its use for diagnosis and research purposes can be achieved by implementing smart contracts without involving third parties. These data can be accessed through Public, Private, and consortium Blockchain [30]. The world's top retail companies and major software vendors are actively working on Blockchain [31]. Some universities and institutes have also applied Blockchain to secure their academic records on an experimental basis. [32]. For example, the University of Nicosia is the pioneer in this race and has already issued its first degree, which is saved in Blockchain. Now, the degrees can be verified publically without visiting the university [33]. Sony Global Education applied Blockchain to store and manage more than 150,000 participants from over 80 countries [34], [35].

II. PROBLEM STATEMENT
Practically accounting information systems and ERPs work on some principles. One of these principles states that if any wrong entry has been entered into a system, there is only one way to deal with this situation, to rectify the entry. However, opening the database, changing the amount(s) or accounting code(s) of a transaction, and reprinting the voucher is an open violation of accounting principles. Before posting the data into the General Ledger (GL), there must be no provision to change the entered transactions from the database. There are chances that the data could be compromised majorly or minutely even after completing the financial audit or submitting final accounts to the financial regulatory authorities. Human errors cannot be avoided entirely but can be minimized to a certain extent by applying different input validation mechanisms. Moreover, input data can be checked and verified at different levels in the management hierarchy before it is available to add to AIS. Any deliberate attempt or mala-fide attention to alter or delete data from DB cannot be prevented as long as the system is used and run by many users. If everything goes well, there are still chances that the data can be compromised not by the users but by the system or DB administrator who has unrestricted access to the overall system. Our research work aims to achieve data integrity in AIS. If the data have been altered, we seek to identify that particular change and check the authenticity of data produced by a company for financial regulatory authorities, auditors, or concerned third parties.
The purpose of our research work is to investigate the current status of Blockchain and its implementation in AIS. Our research attempts to answer the fundamental research question: to implement Blockchain, do we always need a long list of peers, high-tech equipment to mine a block, a significant investment in terms of finance and resources, and a complex programming code and expertise?

III. SIGNIFICANCE OF OUR STUDY
Blockchain is a data storing technique that can be applied anywhere, depending on the requirements. The data stored in Blockchain remains immutable, and there is no chance of data tampering at any stage. Blockchain can be used as a responsible party and can act as a custodian of data. This research work focuses on a new dimension of Blockchain and introduces the concept of Data Vaults, which is conceptually a lean version of Blockchain. Similar to bank vaults, Data Vaults will be available to companies to keep a true copy of their financial data produced through their AIS. For this purpose, we use the trial balance to save in the Data Vaults. The concept of Data Vaults backed by Blockchain is quite different from the use of Blockchain in Bitcoin. The implementation of Data Vaults is quite simple and can be trusted for sure. Strong cryptographic primitives are applied, and data are replicated on many network locations, so there is no chance of data tampering. The Data Vaults can store the data of other domains like healthcare, education, municipal records, and criminals and prisoners information.

IV. RELATED WORK A. SEARCH CRITERIA
We explored several Blockchain approaches and their usage, mainly in Accounting, Finance, Auditing ERPs, and related areas. The articles were retrieved from major databases, such as IEEE Xplore (IEEE), ACM Digital Library (ACM), Google Scholar (GS), Science Direct (SD), Springer Link (SL), and Multidisciplinary Digital Publishing Institute (MDPI), with a focus on the latest works published in the last three years. Furthermore, student theses from renowned sources were also included and examined.
The following search terms were used in our searches: ''Blockchain for Data Security and Integrity'', ''ERP System and Blockchain'', ''Blockchain in Accounting and Finance'', ''Blockchain in AIS'', ''Blockchain-based Financial Applications'', ''Blockchain in FinTech''. Our searches produced more than a hundred research articles. However, we included only the research works that discussed the potential of Blockchain concerning AIS in using ERP and Management Information Systems (MIS).

B. EXISTING WORK IN BLOCKCHAIN
Authors in [36] presented the impact of Blockchain on the financial transaction for payment applications. They stated that Blockchain could reduce the cost of cross-border transactions and operational costs. The authors further argued that due to immutability and timestamp on the data, Blockchain is suitable for tracking assets and related activities with the utmost trust between the involved parties. Blockchain can manage identities with complete confidence and allow ''self-sovereign identity'', where users are more comfortable controlling and managing their identities and related content.
Authors in [37] highlighted that the healthcare domain has some unique problems, like a patient-centric approach, in connecting to the central system, poor inter-system portability, and patients record accuracy. Authors suggested that Blockchain can resolve many significant problems while offering privacy, security, validation, and authentication. It can also support unreported clinical trials, data breaches, and misleading errors in data.
In reference [38], the authors discussed the usage of Blockchain with BIM for coordination and collaboration in different buildings life cycle stages. Authors stipulated that BIM added to Blockchain can produce sustainable building designs, covering technical, management, financial and legal risks while building confidence between multiple teams working on different projects.
In reference [39], the authors suggested that Blockchain can resolve two prominent issues in the accounting ecosystem: first, checking and validating the inputs by multiple parties involved in the transactions; second, if the audit process is involved in the transaction, the audit evidence would be as attestation engagement.
Authors in reference [40] proposed a Blockchain-based framework for a transaction processing system that uses Zero-knowledge proof (ZKP). ZKP is a cryptographic method in which one of the involved parties proves that the other party initiated a transaction without revealing any sensitive information. An example is given as the initiator of the transaction can confirm the transactions validity without revealing the identity of the involved parties, values, and amount of the transaction.
Authors in [41] discussed the implementation of Blockchain in FinTech, a next-generation technology that will replace traditional accounting, auditing, and finance methods. The authors concluded that the impact of the Blockchain on FinTech would be remarkable. FinTech is expected to create new business models without the involvement of any third party.
In reference [42], Japan's Ministry of Economy, Trade, and Industry analyzed the usage and impact of Blockchain on various areas and the overall economy. The ministerial report discussed the advantages and challenges of Blockchain and framed some guidelines to exploit Blockchain by the industry.
Authors in [43] suggested that Blockchain can achieve scalability and global interconnectivity for the Spanish banking sector. The author introduced a three-innovation process model, including a search phase, selection, and implementation phase. Blockchain can tackle three key challenges, especially reduction of overhead costs inflicted by third parties, minimization of running out of capital risks, and speeding the transactions processing time. Blockchain is disruptive but does not constitute a threat to the existing systems since the only challenge is technology adoption.
In reference [44], the authors claim that Block-based solutions can reduce auditors' workload, minimize the chances of fraud, and optimize existing auditing systems. The authors recommended integrating Blockchain with emerging technologies like Computer Assisted Audit Tools and Techniques (CAATT) and Big Data and Analytics to cut the overhead work of auditors, provide access to an increased volume of data for auditing, and assist in the continuous monitoring and use of AI-enabled audit software. In reference [45], the authors discussed the impact of the Blockchain on the financial sector and other industries. Through four distinct scenarios of using Blockchain in the financial section, the authors demonstrated that Blockchain could provide a unique and secure mechanism for establishing trust in any financial transactions and simplify the money or information transfer process anywhere in the world.
In reference [46], the authors discussed the implementation of Blockchain as a database for AIS applications where financial reports are generated using the data stored within the blocks to ensure authenticity and accuracy. Typically, AIS databases are likely to be modified at their core level through essential operations like storing, processing, and data security. However, the authors demonstrated that the role of Blockchain in AIS would be for validation purposes and argued that accountants would no longer be the central authority on the system. The Blockchain-based database is suggested to be available on every node on the network. Any change would be validated through the consensus of all users. The authors concluded that the Blockchain would transform the AIS and accounting profession.
The authors in reference [47] presented a case study of a Dutch company that provides IT-based reverse factoring supportive services to SMEs operating with low financial resources. The company explored the possibilities to implement Blockchain for recording transactions between the parties to improve the services. Unlike traditional transaction processing systems (TPS), using Blockchain for recordkeeping, an open and transparent transaction processing system can be designed without a third party. In the case study, the author presented a model for validating transactions using a Blockchain-based prototype. The prototype was applied to the existing design showing that the blockchain reference model is practically possible for transaction processing.
In reference [48], the authors evaluated double-entries and triple-entries in an accounting system using Blockchain and suggested that the accounting industry write their transactions directly into joint bookkeeping by creating and interlocking the transactions using Blockchain. The authors found that triple-entry accounting adds a further level of clarity, trust, and honesty in the transactions. The benefits included error reduction (e.g., human errors), fraud prevention, workflow simplification, costs saving, and the creation of reliable financial reports.
The authors in [49] discussed the implications of applying Blockchain in the auditing and accounting domains. The authors presented the implementation of Blockchain for a real-time, reliable, and transparent accounting ecosystem and its transformation from traditional audit to automatic assurance system. Moreover, they explored different apps use to encapsulate the existing audit procedures and induced a guideline framework for Blockchain-based app development.
The author presented an accounting and assurance ecosystem that is based on Blockchain. This ecosystem adopts a triple-entry accounting system, a relatively new method to record transactions independently in transparently in a secure paradigm to process the data for financial reporting. In a triple-entry system, a neutral intermediary party is required for the authorization of the transaction process. There are some downsides, like the system is exposed to cyber-attacks and chances of data manipulation with mala-fide intentions. Blockchain can mitigate the flaws and improve the performance and reliability of the triple-entry system. Storing the data in the blocks within Blockchain prevents reversion, alteration, or deletion of transactions. Moreover, using smart contracts will enable the rapid processing and verification of transactions.
In reference [50], the authors discussed the decentralized transaction ledger of Blockchain and its implementation to register, confirm, and send different kinds of contacts to other parties. A critical review was presented in the research concerning state-of-the-art Blockchain-based applications, including financial services, healthcare, business, and industry. Blockchain can be used in an environment where the parties do not trust each other or if some parties are not trustworthy. Before the transaction enters into the block, all parties must confirm the transaction amount, terms, and conditions because of the non-mutatable nature of blocks. Blockchain has some remarkable features, such as processing speed, robustness, and openness. However, Blockchain is not a universal solution for all problems. Some issues that require further investigation include criminal records, legality, and other economic risks.
The authors [51] analyzed the use of Blockchain in AIS systems and highlighted the potential issues. Fields of implementation of Blockchain in AIS included governance, transparency and trust, continuous auditing, smart contracts, and accounting. The authors believe that the double-entry system can be categorized as a centralized system where a high risk of manipulation is involved, and more workforce is required to process a large volume of operations. On the other hand, a Blockchain-based system uses a triple-entry system, which distributes authority and control across the network nodes to reduce the risk of manipulation and processing efforts. The possibility of integrating smart contracts with the Blockchain-based AIS will also allow a self-executing process and improve capacity control. A triple-entry system provides greater transparency of information ensures the immutability of data.
In reference [52], the authors presented an in-depth analysis of Blockchain usage in accounting and similar professions. Dominant companies like PwC, Deloitte, EY, and KPMG have already started to explore the opportunities to adopt Blockchain in their business practices. For instance, PwC has started using a Blockchain-based platform to develop a digital asset as its global client services. EY adopted a different approach and is working on an editable Blockchain in which an alert would be generated if an error occurs while entering the transaction. KPMG is partnering with Microsoft for the development of the BaaS (Blockchain-as-a-Service) model. The authors expand their study of Blockchain evaluation in three phases. In the first phase, Blockchain can be applied by professional service firms in the accounting industry to meet the clients' requirements. In phase two, the adoption of Blockchain would be to remove the unnecessary and complicated processes in the field of taxation and insurance. The most significant change would be shifting from double-entry to triple-entry systems as the current accounting systems have become vulnerable, and there is a high risk involved in data management and storage. In this phase, the adoption of Blockchain would ensure accurate data representation and leave no room for any biased judgment by the accountants as there is an added layer for real-time dimension to track transactions. In the third phase, Blockchain could be used by CPAs and accountants to manage financial records, transactions and generating financial reporting.
In reference [53], the authors stated that with the advancement of wearable technologies and mobile computing, a vast amount of healthcare data is generated daily. The datasets contain critical and confidential information of the users, and therefore should be owned and controlled by them only. Currently, the datasets are stored in a centralized data storage where security is the prime concern. The authors proposed a conceptual design for sharing data using Blockchain on cloud storage and implemented a data quality inspection mechanism that employs machine learning for better controls and management. The proposed healthcare data storage and sharing system apply three key roles, namely Users, Key Keeper, and Customers, and for each role, an app has been proposed. The author concluded that the proposed Blockchain-based system would enable users to own, control, and share their data. The integration of Blockchain with cloud storage can assist in storing, managing, and sharing data that is produced continuously. The data quality validation module plays a vital role in controlling and maintaining data quality using machine learning techniques.
In [54], the authors discussed the interoperability issues in the UK medical records systems. Security of online medical data, potential breaches, and regulations for governing data ownership are the critical parameters for developing efficient methods for the administration of medical records. This research applied a novel distributed ledger technology to store and secure healthcare records and maintain patient data ownership without compromising privacy and security. In the MedRec19 system, data can be accessed by medical doctors and researchers only following patient consent. The demonstrated system is a cloud-based system backed by Blockchain and uses smart contracts for interaction between multiple parties. Interfacing different systems using Blockchain can considerably reduce administrative delays and interoperability issues.
In reference [55], the authors argue that patients are deprived of accessing and managing their personal health information (PHI) stored in the healthcare provider infrastructure. The authors proposed a Blockchain-based conceptual model for managing PHI derived from multiple sources on a P2P network. The proposed architectural model will manage PHI data with the help of Blockchain and other embedded protocols. The model will thus enable patients and healthcare professionals to collect information from multiple sources on a single location with guaranteed data integrity. Healthcare professionals act as miners, and PoW (proof of work) is done at their end. Once changes are validated on all network nodes, the block containing the record will become part of the chain.
In reference [56], the authors presented a novel tamper-proof Blockchain architecture for electronic health record (EHR) management. In the proposed system, cloud-based storage is used. There is always a threat of data security in such storage as someone can hide, delete or alter the data. With the help of Blockchain, the proposed system prevents any tampering, manipulation, or altering of healthcare data. Replacing existing systems with Blockchain technology is expensive; therefore, the authors introduced an efficient wrapper layer integration technique named Blockchain Handshaker (BH). Initially, the user app will send the transaction, which contains the patient health information, to the BH for sharing on the public Blockchain network. The BH processes the transaction by generating a Blockchain compliance transaction and broadcasts it on the public Blockchain network for validation. The network will validate the transaction using a smart contract before adding it to the Blockchain. Next, the network will send an acknowledgment to the BH after validating the data, and then the BH will send the validated transaction to the cloud for further processing and storing in the cloud. In the proposed system, the BH has an essential role as every transaction needs to be validated first by the BH. Parties or users remain anonymous throughout the procedure.
In reference [57], the authors presented a Blockchain solution to facilitate the sharing of private and auditable healthcare records and permission handling on data access. The authors identified three entities concerned with entering, managing, and processing healthcare records, namely patients, web/cloud platforms, medical centers. 1) Patients: It represents those who want to share their healthcare data and they are aware of the effect it will have to improve their own medical treatment and overall outcome in the long run. 2) Web/Cloud Platforms: This entity is responsible for providing a web interface having its own database(s) for storing patients' data. Data can be exported in the required format and at this stage, there is still no need to employ Blockchain or any of its nodes. 3) Medical Research Centers: Those who want to use healthcare data stored on cloud platforms for medical research. Validators: A group of nodes on the network which are responsible for validating the data, creating and appending the new blocks into the Blockchain.
The above model is based on the consortium Blockchain technology in which medical research centers work as nodes on the Blockchain network and are validated off-chain. Once verified, they become available as network nodes and are considered to be trustworthy.
The presented Blockchain-based architecture works in three layers; Layer 1: Web/cloud platforms, this layer provides multiple platforms which are either hosted on the web or hosted as a cloud service over the cloud and store data locally in their databases, Layer 2: Cloud middleware, where multiple VMs are set up on one dedicated server including middleware infrastructure. The multiple VMs ensure that no single point of failure occurs during the operation. This layer connects web or cloud platforms at layer 1 with the consortium Blockchain hosted on layer 3. Layer 3: Blockchain network, smart contracts are deployed on this layer through which all permissions are managed. Communication between the layers takes place with the help of the APIs. The authors concluded that their proposed system enables healthcare data sharing and helps manage permission efficiently, securely, and in an auditable manner. The Blockchain added enhanced security features for permissions management using smart contracts.
In [58], the authors discussed the importance of information sharing in power grids and they presented a Blockchain-based solution for information sharing in smart grids. Blockchain enables data sharing reliably and resiliently to different types of attacks like MITM or data spoofing. The use of Hyperledger Fabric in a permission network, where the grid acts as a node, makes information sharing more secure and transparent.
The proposed design is based on four components; Power network, the design relies on the Wide Area Monitoring & Control system (WAMC). The purpose of the proposed system is to use and share information with WAMC, which will be helpful for smart grids in the future. The issues that have been identified with the use of traditional Supervisory Control and Data Acquisition (SCADA) will be solved by employing the Blockchain. Internal Network, a MySQL database, is installed in the facility of United States Military Academy (USMA), which reads data from a hosted location at USMA by an OPVN (Open Virtual Network) client using SQL queries. Then the data is sent to a VPN concentrator with the request to update the data on all network nodes for confirmation and validation. Upon validation, the nodes send confirmation to the client with appropriate information. DB Query Algorithm enables querying the database using PyMyDQL and JSON. Scalability, after a successful proof of concept, the framework can communicate with many nodes on the network and can be adopted on a commercial scale in smart grids. The authors concluded that the proposed model is practically possible to be adopted for communication in power grids at a global level, and Hyperledger Fabric is a helpful tool in this regard.
In a whitepaper in [59], the author highlighted some issues in the ERP system regarding Blockchain and studied its impact on businesses in the future. A high-level overview is presented by the author on Blockchain and ERP systems. Moreover, the authors discussed Blockchain, its components, working mechanism, advantages and cryptographic primitives in detail. Current development in this field has been highlighted, and some of the initiatives taken by key players like Hyperledger, Multichain, Quorum, and Corda have been mentioned in the study.
The use of Blockchain has also been discussed comprehensively in various domains such as smart contracts. These contracts are a form of self-executing contacts that get triggered upon meeting specific conditions already mentioned in the contract. It is a kind of a non-disclosure agreement and is recorded into the Blockchain once all involved parties agree on the contract terms. In ERP, Supply Chain Management (SCM), and traditional systems, where customers and suppliers use their own database, there are chances of conflicts between the parties on transactions recording issues. However, when customers and suppliers use the Blockchain to record their transactions, many errors can be avoided since transactions start from the contract agreement and are executed in a specific order, i.e., processing, payment settlement, and delivery of goods or services. In this fashion, the same data is entered multiple times from different locations and entities. Blockchain-based electric meters is another such application where errors and omissions can be avoided by implementing Blockchain-based electricity meters at power generator for recording and reading electricity consumption. The author concluded by suggesting that the combination of ERPs and Blockchain can positively impact both the end-users and the enterprises. However, it will take a considerable amount of time before becoming standard practice in these enterprises.
The report published in [60] highlighted the initiatives implemented by the Estonian government to secure the overall data bank of their country. Estonia has developed an efficient, secure, and transparent ecosystem through which 99% of government services are available online and secured mainly by Blockchain. Their role during the COVID-19 pandemic was remarkable since an efficient and robust healthcare system was put in place. The Estonian government is now focusing on making the online services better and faster and improving the quality of services for the public and the private sector while trying to reduce the overall cost of all operations.
Today, virtually all government services and operations can be carried out digitally via online services except marriage registrations, divorce records, and real estate transactions. VOLUME 9, 2021 Filing a tax return would not take more than five minutes. Citizens can vote online, patients' data is safe and available online, and establishing a company is relatively easy as all information and registration processes are online. With the help of digital ID, documents are signed digitally. Digital ID, X-Road, e-Residency, and Blockchain Pioneers are the source hub for the Blockchain-related services in Estonia. Blockchain is the underlying technology for enforcing data and system integrity in Estonia.
Estonian Information Systems Authority (RIA) is the key service provider to the government for the management of e-services and guaranteeing access to the Blockchain network for the government agencies through their X-Road infrastructure.
In [61], authors carried out their research work in relatively a new domain of Unmanned Aerial Vehicles (UAV) such as drones. The authors proposed a Blockchain-based solution for UAVs that can be used for surveying and surveillance in remote and sensitive areas. The authors claim that the proposed Blockchain-based solution is capable enough to ensure the privacy and security of the IoT-based virtual circuits. The instructions to the UAV, like authentication instructions and the vehicle's reaction, are to be placed on a cloud platform and will be secured with the help of Blockchain technology by using SHA and Elliptic curve cryptographic primitives.The authors further discussed the secure communication between the ground-level devices and flying objects. For every device, a block is created with the instructions set. The data that will be received from the devices will be validated through Pentatope based ECC (PECC) digital signature algorithm. The authors concluded that a Blockchain-based solution, when compared with the traditional systems, can fulfill the requirements of secure communication while maintaining the security and privacy of the data.
In [62], authors discussed Fake Media or the Internet of Fake Media Things (IoFMT), which is emerging due to social media's advancement and popularity, primarily once used for news and politics. The digital society emphasized taking revolutionary steps to stop the spread of IoFMT. The authors further claimed that Blockchain technology holds the solution to block the spread of IoFMT, and it can be used for the authenticity of fake media. In their proposed solution, the authors also discussed a customized proof-of-authority consensus mechanism and weight-ranking algorithms that can be implemented through gamification components to evaluate any fake news. Their proposed mechanism works with five entities, i.e., user, publisher, validator, transaction, and news. All these entities work collectively to prevent fake news from being submitted and help to stop it from spreading. The proposed solution works on text, images, videos, or audio data types and uses hash values for validation purposes.

C. COMPARISON OF RELATED WORK
We performed a comprehensive review to evaluate the current status of Blockchain-based applications and their implementation in various domains. Blockchain architecture was also reviewed to find out how to lean the current architecture of Blockchain so we can use it to store a unique set of data like Trial Balance. One major gap that has been identified in the current research works is that in all implementations where the Blockchain is used as a storage location, all data or information are proposed to be stored in the Blockchain, which is obviously the ultimate utilization of Blockchain, but this is a costly solution in terms of finance and resources. Table 1 shows the existing work and contributions that have been reviewed in this research work. Figure 6 depicts the conceptual model of our solution designed to protect data integrity.

V. SOLUTION DESIGN AND IMPLEMENTATION A. CONCEPTUAL DESCRIPTION OF THE SOLUTION
The framework works in three steps: first, it uploads the trial balance into the system; second, it requests a trial balance and accesses permission to a company, financial regulatory authorities, and auditors; and third, it verifies the trial balance.

1) DATA VERIFICATION
The proposed framework verifies the source trial balance with the trial balance available in the Data Vaults uploaded previously. The process starts with verifying the metadata information encoded in the user access code and compares the line-by-line hash values. If both source and saved trial balances are found correct and matched, the system responds positively. However, if the source trial balance has been changed in the AIS, the system identifies the particular line number(s) where the information has been altered. The system works as a custodian of the data and acts as a facilitator or third-party; therefore, the ownership of the data remains with the company that uploads the data to the vaults. Permission to view or verify the data would be granted by the owner company.

2) DATA VAULTS
Data Vaults is an abstract concept and is similar to the Blockchain. Applying strong cryptographic primitives in data arrangements while saving the data in the block is the fundamental idea behind the Blockchain. Our proposed system works in a similar fashion. Saving data in a Blockchain is conceptually the same as saving data in a vault that is immutable. Any attempt to manipulate data intentionally or unintentionally is not feasible. The system stores the data into the block and then chains the block into the chain of blocks.

B. DESIGN OF THE SOLUTION
The proposed solution facilitates storing financial data, in our case a trial balance, and keeps it as a true copy that can be validated in the future against the trial balance available in the company's AIS. When uploading the trial balance, the system generates hash values of each line of the trial balance(s) that are available for processing and then creates a block and stores the processed trial balance(s) into the block. At the time of verification, once again, the system generates the hash values of each line in the source trial balance and   companies, trusted parties like auditors or involved parties in a transaction, and financial regulatory authorities, but the data owner must grant permission through the system to view the data.
Our solution consists of three layers: 1, User Interface to interact with the system, 2, Data Processing layer to process the data and make it available for storage within the blocks, 3, Data Vaults layer where the data are stored. Fig. 7 describes the design description of the solution. Data can be entered through an ERP system where the framework is embedded or by using a standalone application where different versions of ERP or AIS systems are running. A web application is also part of the proposed solution.

1) LAYER 1 -USER INTERFACE
There are three types of user interfaces available through which the consortium company, regulatory authorities, auditors, or any partner company can interact with the system for data inputs and verification, as follows.
An Integrated Framework: a framework is integrated with the AIS or ERP system, and a user interface is available within the system. The ERPs or other financial application developers integrate an executable programming code in their system. After the data rearrangement, the framework would directly interact with the database to extract the trial balance and send it onward to Data Vaults.
A Standalone Application: a standalone installable application is proposed for installing and interaction by the user. The user interface and functionality of the application are identical to the integrated framework.
A Web Application: user can interact with the system through a web interface. This option is appropriate if the ERP or AIS is not compatible with the framework or the standalone application cannot be installed. This web application is hosted on a secure web server.

2) LAYER 2 -DATA PROCESSING
The second layer is the central part of the solution, which processes the received data from Layer 1. The information received in this layer is stored in a database that includes the trial balance and other information. The system is open to receive the companies' data every day for 23 hours from 00:00 to 23:00. From 22:00 to 23:00 is the buffer time, and the system would intimate all logged-in users if they are logged in during this period or performing some activities. The system cutoff time is 23:00, after which any logged-in user will be disconnected from the system forcefully. The system starts processing the data from 23:00 till 23:59:59. The data processing is an automated routine and starts working as per the given schedule. The routine processes the data and makes it available for a block, creates a block for data, inserts the processed data into the block, and then chains it into the Blockchain. All essential functions are done in this layer, including the generation of hash values.

3) LAYER 3 -DATA VAULTS
After processing the data in the second layer, the block is now ready for broadcasting to different nodes on network locations to become part of a chain of blocks. Now, the data is saved in digital Data Vaults. It is assumed that a P2P network is already established, nodes are identified and connected to the super-node or main server. Creating or establishing a decentralized network is out of the scope of this research work.

C. VALIDATION PROTOTYPE
This section describes the prototype created to evaluate the outcomes and results of our research work. The aim is to develop a simplified version that can process the data, save it into the block according to the proposed solution, and retrieve it from the block. First, the scope of the prototype is defined, and then its work is presented.

1) SCOPE
The purpose of the prototype is to collect data from the user, process it, and then insert it into a block. In the next step, the processed and inserted data is used for validation. Following are the objectives of the prototype: 1) Upload a trial balance as an input from the user and save it into the DB of the main server. 2) Process the data, apply cryptographic primitives, create a block, and insert all information in the block and make it available for distribution on a P2P network.

3) Develop a module that can access information from
the block and verify that information with a source document. 4) Analyze the data processing and data verification time and accuracy.

2) DATABASE STRUCTURE
Some tables are used in the database for the prototype which are presented as in Table 2:

D. WORKFLOW AND IMPLEMENTATION
The workflow of data processing is done in different steps, where every step depends upon the previous one. All processes are completed in a specific order, and details are given below. As shown in Fig. 8, this module works on the user end. After successful login credentials verification, the user can start uploading the trial balance into the system. This module takes the following inputs and prepares the data for uploading into the main server: FY, Financial Year as 20 and TP, Transaction Periods as 00 to 12, which refer to the periods from January to December as monthly closing trial balance, and 99 as full-year trial balance. By clicking the 'Upload' button, the system starts uploading the data into the transaction table (SY03_YYYY_MM_DD) stored in the main server.
Every day a new table will be created and made available for user transactions but deleted after processing the data. YYYY is replaced as year, MM as month number, and DD as day. The system is available to upload the data from 00:00 to 23:00. Data processing is an automated and scheduled routine that initiates as per the given schedule. For understanding, evaluation, and verification of results proposes, the output of this routine is depicted in Fig. 9.

5)
The system starts generating a line hash of each record, and a specific pattern is adopted. For every odd number record, the system calls the hash function and takes the right eight characters of the hash value. For the even number records, the system takes the left eight characters of the hash value. During this process, the system also counts the number of records to be uploaded and displays NoT (i.e., number of transactions), as shown in Figure 9. The system keeps a record of the company  data from-line numbers and to-line numbers in order to track the data within the block. 6) The next step is to calculate the root hash from the transaction lines. This root hash starts from the previous block hash value, adds the hash value of each line from left or right, and ends up with a root hash, as shown in Figure 9. 7) Next, the system generates the block hash from the metadata. The metadata includes block no, UNIX time values (in seconds), NoT (number of transactions in the block), the hash of the previous block, and the root hash. After creating a block hash, the system writes the metadata at the first line of the block and closes the block. Figure 10 shows the newly created block, which is to be chained in the chain of blocks. 8) The system then generates the hash of the completed physical file and saves it into the SY05 table. This hash value is not saved into the block and is used to validate a complete block in case of changes or alterations. 9) After creating a block, the system updates the block number counter and the hash value of the current block in table SY00. The metadata hash will be used in the next block as a previous block hash value. 10) The block information table SY05 updates and stores the metadata information of each block. Typically, a block has two types of information: Metadata and Block body, as explained below. Fig. 10 shows the structure of the block. MetaData:  (8)  11) Finally, the system informs the user that a block has been created and displays its serial number. 12) The system performs the last process and generates an access code, which is a long string, and stores it into the SY04 table of the DB and shares with the user as a token access code is a combination of different parts of the metadata as shown in Fig. 11.

1) GRANTING ACCESS TO DATA
To verify a document in the Data Vaults, the data owner first authorizes the validator and grants access to a specific trial balance for a particular financial year and transaction period. As depicted in Fig. 12, the data owner will enter an access code (Fig. 11). The system decodes the access code and displays encrypted information. Then, system asks further details as shown and after data entry the user would save the form to finish the process.

2) VERIFYING A DOCUMENT
As soon as the company/user who has been granted access to the document opens the application and initiates the document verification module, a form is displayed as shown in Fig. 13. On this form, the user would import the source document, and an Excel will be imported using the format that was used to upload the document in the system at the initial stage. Fig. 13 and Fig. 14 show the output of the verification process where some records are successfully verified and some are not verified.. Fig. 13 shows an ideal scenario where all 5000 records are checked and verified. However, Fig. 14 shows that some records have been altered. In the source documents, 4996 accounts were found to be intact, while four records did not pass the verification process due to some sort of alteration, as shown in Fig. 14.

VI. PERFORMANCE EVALUATION OF THE SYSTEM
To evaluate the contributions of our research, we tested the prototype against five different throughputs, specifically 5,000, 10,000, 25,000, 50,000, and 100,000 lines of records.  The readings show that when the numbers of records to be processed increase, the output graph trends upward. The records processed in one second were 412. 47   the output graph to trend upward. The system verified 188.98 records per second out of 5,000, 192.96 out of 10,000, 194.00 out of 25,000, 199.15 out of 50,000, and 200.25 out of 100,000 records. The average records verified per second were 195.07. The same tendency is observed where the output of every subsequent test is higher than the previous test.
The numbers of records processed and verified in one second increase after every subsequent test. Results show that based on this prototype, a full capacity version of Data Vaults can be developed to cater to more complex requirements. The results are shown in Table 3 and Fig. 15 and Fig. 16. The prototype is developed in Visual Basic and used SQL Server as a backend DB, and all the results produced using the prototype were validated and found correct. The system was tested on a computer station with the following specification: Intel Core i5-6200U @ 2.3GHz, 08.00 GB RAM, and 1 TB HDD. The numbers of records processed and verified were increased after every test, demonstrating that a full capacity version of Data Vaults can be developed to cater to more demanding requirements based on this prototype.

VII. FUTURE WORKS
The system capacity and further scalability issues are still to be verified. Quantum computing is also a threat for Blockchain as hashes can be broken. It is still unknown how much we can ensure that our proposed solution is ready for Quantum computing resilience. Our implementation did not consider a P2P decentralized network since creating a decentralized network is out of our research scope. The proposed system can be extended to other research areas. Audit and accountability of the blocks on all nodes can be done by comparing their physical file hashes, but it requires a dedicated mechanism. A system based on the proposed solution can also be developed to ensure data integrity within the financial regulatory authorities. The prototype has also identified several areas where the proposed solution can be applied. A lighter version of Blockchain is introduced in this research work, which does not need high-level resources but produces the required results.
As stated in the previous sections, Blockchain is still in its infancy, and its total capacity and drawbacks are still unknown. So far, from the existing development and research work in the area, we assert that Blockchain can build trustworthy relationships between businesses due to its unmatched features. Data in Blockchain remains tamper-proof, and any alternation or deletion is infeasible or nearly impossible. We have seen its potential in Bitcoin and other cryptocurrencies applications, and to date, there is no evidence that, at any stage, the data can be compromised. This unique feature distinguishes Blockchain from its counterpart, e.g., databases.

VIII. CONCLUSION
Technologies and frameworks are, when designed, not developed to be as dynamic and flexible as to cater to the requirements of other domains, and so the case is with Blockchain technology. A full capacity implementation of Blockchain is a huge project and could be suitable for cryptocurrencies. Any engagement of undue or over capacity resources is not a practical idea. Therefore, we have to look carefully at the pros and cons of Blockchain. The features of Blockchain are unmatched, but its drawbacks are also unique. A hybrid solution that works with the combination of Blockchain and traditional DB empowered us to use Blockchain features with a limited capacity to meet our requirements and provided us with all the required features within a resource-limited environment. In fact, we do not always need a hundred of thousands of network nodes, high-tech mining equipment, or complex programming codes to fulfill our requirements. In this research, we introduced a solution that can assist enterprises in saving their financial data in Blockchain, or so-called Data Vaults, and we have selected the trial balance for implementation purposes. The proposed framework can ensure data integrity in AIS or ERP systems, and if at any stage, the data is compromised, with the help of the proposed system, breaches can be identified immediately. Our system also ensures the authenticity of the data that have been provided for business deals or similar purposes. We have analyzed a lean version of Blockchain, which is several times lighter than the one used in cryptocurrency. The proposed framework is based on a hybrid combination of Blockchain and databases, which may be applied to other domains to cater to specific requirements and scarce resources.
MUHAMMAD IMRAN SARWAR (Member, IEEE) received the M.S. degree in information technology from the Department of Computer Science and IT, The Superior College, Lahore, in 2021. He is currently pursuing the Ph.D. degree with Superior University, Lahore. He is also working as an IT Head in a public sector organization. His research interests include blockchain, ERP, AIS, MIS, big data, and industry-based specialized solutions.
MUHAMMAD WASEEM IQBAL received the Ph.D. degree in human-computer interaction from Superior University, Lahore, Pakistan, in 2020. He is currently working as an Assistant Professor with the Software Engineering Department, Superior University. He has more than 15 years of teaching and research experience in well-reputed institutions and has more than 40 research publications in multiple conferences and journals. He worked as the Head as well as an Incharge of the Software Engineering Department, Superior University, for a period of three years. He specializes in human computer interaction (HCI), with special interest in adaptive interfaces for mobile devices in user's context. Further, he focuses in different research areas like usability evaluation of mobile devices for normal and visual impaired people, people centered interfaces, the Internet of Things (IoT), the Internet of Medical Things (IoMT), user context, semantic relations, and ontological modeling. Mostly, the user centered design (UCD) process model is used in his research work for usability evaluation of interfaces according to user's mental model. ABDALLAH NAMOUN (Member, IEEE) received the bachelor's degree in computer science and the Ph.D. degree in informatics from The University of Manchester, U.K., in 2004 and 2009, respectively. He is currently an Associate Professor of intelligent interactive systems and the Head of the Information Systems Department, Faculty of Computer and Information Systems, Islamic University of Madinah. He has authored more than 50 publications in research areas spanning intelligent systems, human-computer interaction, software engineering, and technology acceptance and adoption. He has extensive experience in leading complex research projects (worth more than 21 million Euros) with several distinguished SMEs, such as SAP, BT, and ATOS. He has investigated user needs and interaction with modern interactive technologies, design of composite software services, and methods for testing the usability and acceptance of human-interfaces. His research interests include integrating state of the art artificial intelligence approaches in the design and development of interactive systems.
AHMED ALREHAILI received the bachelor's degree in computer science from Taibah University, Medina, Saudi Arabia, in 2008, and the master's degree in applied computer science from Concordia University, Canada, in 2012. He is currently a Lecturer with the Computer Science Department, Faculty of Computer and Information Systems, Islamic University of Madinah, Saudi Arabia. He has several publications under his name in different research areas. His research interests include cloud computing, blockchain, artificial intelligence, information security, and the Internet of Things. Her research interests include cloud computing, autonomous databases, intelligent system design, and intelligence computation.