A digitális kitűző- és tanúsítványtárak problematikája és megoldási lehetőségei

A Budapesti Műszaki és Gazdaságtudományi Egyetem Mérnöktovábbképző Intézet (BME MTI) részvételével zajló DISCO VET projekt keretén belül kitűzött cél egy Open Badge szabványra épülő digitális kitűző és tanúsítvány-kezelő rendszer kialakítása. Nyílt forráskódban elérhető Badgr program képességei jelentik az alapszintet, de ezek továbbfejleszthetők. A képzési folyamatok eredményes teljesítésekor kiállítható digitális kitűzők (tüzzencsek, tanjelvények) kezelésének könnyítésére, általános használatba vételéhez, a közhasználatba való elterjesztéséhez megfelelő szolgáltatás, platform építhető. Within the framework of the DISCO VET project with the participation of the Institute of Continuing Engineering Education in Budapest (BME MTI) of the Budapest University of Technology and Economics (BME), the goal is to develop a digital badge and certificate management system based on the Open Badge standard. The capabilities of the open source Badgr program are the basics, but they can be improved. In order to facilitate the handling of digital badges (training badges) that can be issued upon the successful completion of the training processes, a suitable service and platform can be built for their general use and dissemination to the public.

Pelayanan Publik Berbasis Teknologi Informasi di Kelurahan Semarapura Kaja

Advances in technology provide convenience in the implementation of public services in the global era. Ease in public services, among others, by providing facilities that facilitate the process of public service itself, such as the management of various certificates related to the needs of the community in Semarapura Kaja Village. The problem is that there is no system at the kelurahan level that makes it easier for the community to administer a residence certificate. The method of activity in this case is making application for certificate management and socialization as well as assisting the use of applications in managing population certificates in the village. The output of this activity is an application for managing a residence certificate and optimal use of information technology by the people of Semarapura Kaja Village as a form of implementing public services.

Decentralized Certificate Management for Network Function Virtualisation (NFV) Implementation in Telecommunication Networks

The certificate management complexity and cost increase when PKI technology is leveraged into Network Function Virtualisation (NFV), a significant enabling technology for 5G networks. The expected security of PKI cannot be met due to the unavailability of the certificate revocation inquiry in the telecommunication operator’s core network. This paper analyses the issues and challenges during the NFV implementation and proposes a blockchain-based decentralized NFV certificate management mechanism. During instantiation, the Virtual Network Functions (VNF) instance generates certificates according to the certificate profile provided in the VNF package. The certificate management unit is responsible for the certificate enrolment, renewal, and revocation. The certificates submitted to the decentralized certificate management system by the instance will be recorded into the ledger after validation and consensus. The experiment and analysis show the transaction throughput, and the transaction delay is noncritical in practice, which could be fulfilled by the proposed mechanism. The certificate inquiry performance is critical, which can be facilitated by the decentralized deployment of inquiry nodes.

DIIA: Blockchain-Based Decentralized Infrastructure for Internet Accountability

The Internet lacking accountability suffers from IP address spoofing, prefix hijacking, and DDoS attacks. Global PKI-based accountable network involves harmful centralized authority abuse and complex certificate management. The inherently accountable network with self-certifying addresses is incompatible with the current Internet and faces the difficulty of revoking and updating keys. This study presents DIIA, a blockchain-based decentralized infrastructure to provide accountability for the current Internet. Specifically, DIIA designs a public-permissioned blockchain called TIPchain to act as a decentralized trust anchor, allowing cryptographic authentication of IP addresses without any global trusted authority. DIIA also proposes the revocable trustworthy IP address bound to the cryptographic key, which supports automatic key renewal and efficient key revocation and eliminates complexity certificate management. We present several security mechanisms based on DIIA to show how DIIA can help to enhance network layer security. We also implement a prototype system and experiment with real-world data. The results demonstrate the feasibility and suitability of our work in practice.

Efficient Privacy-Preserving Certificateless Public Auditing of Data in Cloud Storage

Cloud computing is a fast-growing technology which supplies scalable, innovative, and efficient business models. However, cloud computing is not fully trusted, and the security of the data outsourced in cloud storage needs to be guaranteed. One of the hottest issues is how to ensure the integrity of the data in cloud storage. Until now, many researchers have proposed lots of provable data possession (PDP) schemes to deal with the problem of data integrity audition. Nevertheless, very little effort has been devoted to preserve the data uploader’s privacy while auditing the integrity of data shared in a group. To overcome the shortcoming, we propose a novel certificateless PDP protocol to efficiently audit the integrity of data shared in a workgroup with user privacy preserving. Due to the inherent structural advantage of the certificateless crypto mechanism, our PDP scheme eliminates the key escrow problem and the certificate management problem simultaneously. Moreover, the audition process in our scheme does not need any user’s identity which helps to keep the anonymity of data uploader. We give for our scheme a detailed security proof and efficiency analysis. Experiment results of performance evaluation demonstrate that our new scheme is very efficient and feasible.

Lightweight Digital Certificate Management and Efficacious Symmetric Cryptographic Mechanism over Industrial Internet of Things

The certificate authority, a trusted entity, issues digital certificates which contain identity credentials to help Industrial Internet of Things (IIoT) devices to represent their authenticity in a secure means. The crucial challenge of a digital certificate is to how design a secure certification authority management system that can counteract cyberattacks on the IIoT network. Moreover, current IIoT systems are not capable of implementing complex mathematical operations due to their constrained power capacity and processing capability. This paper proposes an effective, secure symmetric cryptographic mechanism (ESSC) based on the certificate authority management and Elliptic Curve Diffie Hellman (ECDH) to share a digital certificate among IIoT devices. The proposed certificate authority is used to securely exchange the shared secret key and to resolve the problem of spoofing attacks that may be used to impersonate the identity of the certificate authority. Also, ESSC uses the shared secret key to encrypt the sensitive data during transmission through the insecure communication channel. This research studies the adversary model for ESSC on IIoT and analyzes the cybersecurity of ESSC in the random oracle model. The findings that result from the experiments show that ESSC outperforms the baseline in terms of communication, computation, and storage costs. ESSC thus provides an adequate lightweight digital certificate management and cryptographic scheme which can help in the detection and prevention of several cyberattacks that can harm IIoT networks.