A Decentralised Public Key Infrastructure for X-Road
Date
2023
Journal Title
Journal ISSN
Volume Title
Publisher
ACM DIGITAL LIBRARY
Abstract
X-Road is an open-source solution that acts as a data exchange
layer and enables secure data exchange between organisations. X Road serves as the backbone of digital infrastructure in the public
sector (e.g., enabling Estonia’s digital public services) and private
sector (e.g., enabling clients’ data exchange in the Japanese en ergy sector). An approach and architecture were recently proposed
for the X-Road data exchange systems to move from public key
infrastructure (PKI) with centralised certification authorities to de centralised PKI (DPKI). In this paper, we develop a proof of concept
for the designed DPKI-based architecture that leverages distributed
ledger-based identifiers and verifiable credentials to establish trust
between information systems using Hyperledger Indy and Hyper ledger Aries. We evaluate the proof of concept implementation
against the design and functional requirements. The results show
that the proposed system architecture is technically feasible and
satisfies the identified design goals and functional requirements. To
the best of our knowledge, this paper presents the first open-access
system prototype for an organisation’s identity management fol lowing self-sovereign identity principles. The presented proof of
concept proves that DPKI helps to address some of the scalability
issues of PKI, improve control over identity and mitigate replay
attacks and a single point of failure in the X-Road system.
Description
Keywords
decentralised public key infrastructure, proof of concept, decen tralised identifier, verifiable credentials, distributed ledger, X-Road
Citation
Bakhtina, M. et al. (2023) “A Decentralised Public Key Infrastructure for X-Road,” in Proceedings of the 18th International Conference on Availability, Reliability and Security.