UT Institute of Computer Science Graduation Theses Registry

Name

Kin Long Leung

Abstract

Today, Public Key Infrastructure with X.509 (PKIX) is the building block for establishing secure connections over the Internet and creating digital signatures. In PKIX, Certificate Authority (CA) is responsible for the creation of certificates and the resolution of certificate statuses. Due to the centralized architecture, CA becomes a single-point-of-failure to any network that relies on it to establish trust. By utilizing distributed ledger technology (DLT), decentralized identifiers and verifiable credentials can be verified without intermediates like CAs. They can be used to construct a Decentralized Public Key Infrastructure (DPKI) which eliminates the shortcomings of PKIX. In this thesis, we studied X-Road, a centrally managed distributed data exchange system depending on PKIX, and presented an alternate DPKI architecture that uses DLT-based decentralized identifiers and verifiable credentials to build up trust between information systems. A proof-of-concept was implemented and evaluated. The findings demonstrate that the alternative DPKI architecture enhances the trustworthiness of the data exchange system, particularly in terms of security and reliability.


Funded by the European Union under Grant Agreement No. 101087529. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or European Research Executive Agency. Neither the European Union nor the granting authority can be held responsible for them.

Graduation Thesis language

English

Graduation Thesis type

Master - Software Engineering

Supervisor(s)

Mariia Bakhtina, Ahmed Awad, Raimundas Matulevičius

Defence year

2023