A Decentralised Public Key Infrastructure for X-Road

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F23%3A00133941" target="_blank" >RIV/00216224:14330/23:00133941 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1145/3600160.3605092" target="_blank" >http://dx.doi.org/10.1145/3600160.3605092</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3600160.3605092" target="_blank" >10.1145/3600160.3605092</a>

Jazyk výsledku

angličtina

Název v původním jazyce

A Decentralised Public Key Infrastructure for X-Road

Popis výsledku v původním jazyce

X-Road is an open-source solution that acts as a data exchange layer and enables secure data exchange between organisations. X-Road serves as the backbone of digital infrastructure in the public sector (e.g., enabling Estonia's digital public services) and private sector (e.g., enabling clients' data exchange in the Japanese energy sector). An approach and architecture were recently proposed for the X-Road data exchange systems to move from public key infrastructure (PKI) with centralised certification authorities to de-centralised PKI (DPKI). In this paper, we develop a proof of concept for the designed DPKI-based architecture that leverages distributed ledger-based identifiers and verifiable credentials to establish trust between information systems using Hyperledger Indy and Hyper-ledger Aries. We evaluate the proof of concept implementation against the design and functional requirements. The results show that the proposed system architecture is technically feasible and satisfies the identified design goals and functional requirements. To the best of our knowledge, this paper presents the first open-access system prototype for an organisation's identity management following self-sovereign identity principles. The presented proof of concept proves that DPKI helps to address some of the scalability issues of PKI, improve control over identity and mitigate replay attacks and a single point of failure in the X-Road system.

Název v anglickém jazyce

A Decentralised Public Key Infrastructure for X-Road

Popis výsledku anglicky

X-Road is an open-source solution that acts as a data exchange layer and enables secure data exchange between organisations. X-Road serves as the backbone of digital infrastructure in the public sector (e.g., enabling Estonia's digital public services) and private sector (e.g., enabling clients' data exchange in the Japanese energy sector). An approach and architecture were recently proposed for the X-Road data exchange systems to move from public key infrastructure (PKI) with centralised certification authorities to de-centralised PKI (DPKI). In this paper, we develop a proof of concept for the designed DPKI-based architecture that leverages distributed ledger-based identifiers and verifiable credentials to establish trust between information systems using Hyperledger Indy and Hyper-ledger Aries. We evaluate the proof of concept implementation against the design and functional requirements. The results show that the proposed system architecture is technically feasible and satisfies the identified design goals and functional requirements. To the best of our knowledge, this paper presents the first open-access system prototype for an organisation's identity management following self-sovereign identity principles. The presented proof of concept proves that DPKI helps to address some of the scalability issues of PKI, improve control over identity and mitigate replay attacks and a single point of failure in the X-Road system.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY &amp; SECURITY, ARES 2023

ISBN

9798400707728

ISSN

—

e-ISSN

—

Počet stran výsledku

20

Strana od-do

1-20

Název nakladatele

ACM

Místo vydání

Benevento, Italy

Místo konání akce

Benevento, Italy

Datum konání akce

1. 1. 2023

Typ akce podle státní příslušnosti

CST - Celostátní akce

Kód UT WoS článku

001122662500124