A Decentralised Public Key Infrastructure for X-Road

D 2023

A Decentralised Public Key Infrastructure for X-Road

BAKHTINA, Mariia, Kin Long LEUNG, Raimundas MATULEVICIUS, Ahmed AWAD, Petr ŠVENDA et. al.

Základní údaje

Originální název

A Decentralised Public Key Infrastructure for X-Road

Autoři

BAKHTINA, Mariia, Kin Long LEUNG, Raimundas MATULEVICIUS, Ahmed AWAD a Petr ŠVENDA (203 Česká republika, domácí)

Vydání

Benevento, Italy, 18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY & SECURITY, ARES 2023, od s. 1-20, 20 s. 2023

Nakladatel

ACM

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Kód RIV

RIV/00216224:14330/23:00133941

Organizační jednotka

Fakulta informatiky

ISBN

979-8-4007-0772-8

DOI

http://dx.doi.org/10.1145/3600160.3605092

UT WoS

001122662500124

Klíčová slova anglicky

decentralised public key infrastructure; proof of concept; decentralised identifier; verifiable credentials; distributed ledger; X-Road

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 8. 4. 2024 06:56, RNDr. Pavel Šmerk, Ph.D.

Anotace

V originále

X-Road is an open-source solution that acts as a data exchange layer and enables secure data exchange between organisations. X-Road serves as the backbone of digital infrastructure in the public sector (e.g., enabling Estonia's digital public services) and private sector (e.g., enabling clients' data exchange in the Japanese energy sector). An approach and architecture were recently proposed for the X-Road data exchange systems to move from public key infrastructure (PKI) with centralised certification authorities to de-centralised PKI (DPKI). In this paper, we develop a proof of concept for the designed DPKI-based architecture that leverages distributed ledger-based identifiers and verifiable credentials to establish trust between information systems using Hyperledger Indy and Hyper-ledger Aries. We evaluate the proof of concept implementation against the design and functional requirements. The results show that the proposed system architecture is technically feasible and satisfies the identified design goals and functional requirements. To the best of our knowledge, this paper presents the first open-access system prototype for an organisation's identity management following self-sovereign identity principles. The presented proof of concept proves that DPKI helps to address some of the scalability issues of PKI, improve control over identity and mitigate replay attacks and a single point of failure in the X-Road system.

Citovat

BAKHTINA, Mariia, Kin Long LEUNG, Raimundas MATULEVICIUS, Ahmed AWAD a Petr ŠVENDA. A Decentralised Public Key Infrastructure for X-Road. Online. In 979-8-4007-0772-8. 18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY & SECURITY, ARES 2023. Benevento, Italy: ACM, 2023, s. 1-20. ISBN 979-8-4007-0772-8. Dostupné z: https://dx.doi.org/10.1145/3600160.3605092.

@inproceedings{2392239,
   author = {Bakhtina, Mariia and Leung, Kin Long and Matulevicius, Raimundas and Awad, Ahmed and Švenda, Petr},
   address = {Benevento, Italy},
   booktitle = {18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY & SECURITY, ARES 2023},
   doi = {http://dx.doi.org/10.1145/3600160.3605092},
   editor = {979-8-4007-0772-8},
   keywords = {decentralised public key infrastructure; proof of concept; decentralised identifier; verifiable credentials; distributed ledger; X-Road},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Benevento, Italy},
   isbn = {979-8-4007-0772-8},
   pages = {1-20},
   publisher = {ACM},
   title = {A Decentralised Public Key Infrastructure for X-Road},
   year = {2023}
}

TY  - JOUR
ID  - 2392239
AU  - Bakhtina, Mariia - Leung, Kin Long - Matulevicius, Raimundas - Awad, Ahmed - Švenda, Petr
PY  - 2023
TI  - A Decentralised Public Key Infrastructure for X-Road
PB  - ACM
CY  - Benevento, Italy
SN  - 9798400707728
KW  - decentralised public key infrastructure
KW  - proof of concept
KW  - decentralised identifier
KW  - verifiable credentials
KW  - distributed ledger
KW  - X-Road
N2  - X-Road is an open-source solution that acts as a data exchange layer and enables secure data exchange between organisations. X-Road serves as the backbone of digital infrastructure in the public sector (e.g., enabling Estonia's digital public services) and private sector (e.g., enabling clients' data exchange in the Japanese energy sector). An approach and architecture were recently proposed for the X-Road data exchange systems to move from public key infrastructure (PKI) with centralised certification authorities to de-centralised PKI (DPKI). In this paper, we develop a proof of concept for the designed DPKI-based architecture that leverages distributed ledger-based identifiers and verifiable credentials to establish trust between information systems using Hyperledger Indy and Hyper-ledger Aries. We evaluate the proof of concept implementation against the design and functional requirements. The results show that the proposed system architecture is technically feasible and satisfies the identified design goals and functional requirements. To the best of our knowledge, this paper presents the first open-access system prototype for an organisation's identity management following self-sovereign identity principles. The presented proof of concept proves that DPKI helps to address some of the scalability issues of PKI, improve control over identity and mitigate replay attacks and a single point of failure in the X-Road system.
ER  -

BAKHTINA, Mariia, Kin Long LEUNG, Raimundas MATULEVICIUS, Ahmed AWAD a Petr ŠVENDA. A Decentralised Public Key Infrastructure for X-Road. Online. In 979-8-4007-0772-8. \textit{18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY \&{}amp; SECURITY, ARES 2023}. Benevento, Italy: ACM, 2023, s.~1-20. ISBN~979-8-4007-0772-8. Dostupné z: https://dx.doi.org/10.1145/3600160.3605092.

Podrobný výpis o publikaci