DECENTRALIZED IDENTITY AND CERTIFICATION SYSTEM

Authors

DOI:

https://doi.org/10.28925/2663-4023.2019.6.1931

Keywords:

blockchain technology, public key infrastructure, integrity, authenticity, decentralized system, identification, certification

Abstract

This article describes an approach to identification and certification in a decentralized environment. The protocol defines the way to integrate blockchain technology and web-of-trust concepts to create a decentralized public key infrastructure with easy user ID management. The essence of the scheme is to differentiate the entire infrastructure into 2 levels: the level of certification authorities (service providers) that jointly keep track of events related to user certificates; and the level of end users, systems and applications. During creating, updating, and revoking certificates, higher-level members reach a consensus on the confirmation of transactions associated with them, which ensures a higher level of validity of the certificates and synchronization of their status between certification centers. In turn, lower-level members do not need to perform complex verification procedures for a corresponding certificate: unlike the classic X.509 architecture and web-of-trust approach, the maximum number of checks in a chain can be two. An important feature of such a system is its ability to refuse certification centers: in the case of failure and / or compromise of the keys of one certification center, other network members continue to work seamlessly with others, and blockchain technology may make it impossible to add a certificate to a center whose keys have been compromised, because all the events in the system are connected by cryptographic methods. In particular, such a system can be used on the Internet of Things. Each individual sensor must communicate properly with other components of the system as a whole. In order to enable the secure interaction of these components, they must exchange encrypted messages to verify their integrity and authenticity, the provisioning scheme of which is in the described scheme.

Downloads

Download data is not yet available.

Downloads


Abstract views: 606

Published

2019-12-26

How to Cite

Kurbatov, O., Kravchenko, P., Poluyanenko, N., Shapoval, O., & Kuznetsova, T. (2019). DECENTRALIZED IDENTITY AND CERTIFICATION SYSTEM. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 2(6), 19–31. https://doi.org/10.28925/2663-4023.2019.6.1931