№1, 2021


Yadigar N. Imamverdiyev, Hebib H. Abbasov

By examining the existing technical and logical capabilities of the national e-signature infrastructure related to electronic signatures (e-signatures), the optimal management of the load on the system and the investigation of problems are identified. As e-signature provides the role of identity card for the identification of citizens in the electronic environment, ensuring access to informative and interactive e-services generated in e-government solutions and safe use of these services is carried out through e-signature. The article analyzes the problems of improving the national e-signature infrastructure in terms of new technological challenges, increasing mobility, ensuring high productivity in devices with limited resources, high security requirements for widespread use of e-services and identifies current scientific and practical issues. The research areas for modeling the work of the centers in the field of security and confidence chain assessment of the components of the national infrastructure are analyzed by studying the international experience in solving the identified problems. The article identifies the effectiveness of the national e-signature infrastructure as a security component in the service areas of the centers by identifying its own security issues (pp.33-45).

Keywords: e-signature, public key infrastructure, national e-signature infrastructure, trust, Internet of Things, certificate.
  • Albarqi A., Ethar A., Fatimah Al G., Somaya A., Kar J. Public key infrastructure: A survey // Journal of Information Security, 2015, vol.6, pp.31–37.
  • Kubicek H., Noack T. Different countries – different paths extended comparison of the introduction of eIDs in eight European countries // Identity in the Information Society, 2010, vol.3, no.1, pp.235–245.
  • Əliquliyev R.M., İmamverdiyev Y.N. Kriptoqrafiyanın əsasları. Bakı: İnformasiya Texnologiyaları, 2006, 698 s.
  • Patsos D., Ciechanowicz C., Piper F. The status of national PKIs – A European overview // Information Security Technical Report, 2010, vol.15, Issue 1, pp.13–
  • Hoff J.V., Hoff F.V. The Danish eID case: Twenty years of delay // Identity in the Information Society, 2010, vol.3, no.1, pp.155–174.
  • Jain V., Kumar R., Saquib Z. An approach towards digital signatures for e-Governance in India / Proceedings of the 2nd International Conference on Electronic Governance and Open Society: Challenges in Eurasia (EGOSE), 2015, pp.82–88.
  • Park H.M. The web accessibility crisis of the Korea's electronic government: Fatal consequences of the digital signature law and public key certificate / 45th Hawaii International Conference on  System Science (HICSS), 2012, pp.2319–2328.
  • Malik N.M., Khalil T., Khalid S., Malik F.M. PKI implementation issues: A comparative Study of Pakistan with some Asian Countries // International Journal on Computer Science and Engineering, 2009, vol.1(2), pp.105–110.
  • Zefferer T., Teufl P. Leveraging the adoption of mobile eID and e-Signature solutions in Europe / International Conference on Electronic Government and the Information Systems Perspective, 2015, pp.86–100.
  • Rössler T. Giving an interoperable e-ID solution: Using foreign e-IDs in Austrian e-Government // Computer Law & Security Review, 2008, vol.24, no.5, pp.447–453.
  • Ansper A., Buldas A., Freudenthal M., Willemson J. High-performance qualified digital signatures for X-road / Nordic Conference on Secure IT Systems, 2013, pp.123–138.
  • Husni E. Digital signing using national identity as a mobile ID / International Seminar on Intelligent Technology and its Applications, 2016, 261–264.
  • Liu D.Y.W., Xue G.Z., Xie Y., Luo X.P., Au M.H. Performance of digital signature schemes on mobile devices // Mobile security and privacy. Advances, Challenges and future research directions, 2017, vol.12, pp.247–256.
  • Xuan Z., Du Z., & Chen R. Comparison research on digital signature algorithms in mobile web services / International Conference on Management and Service Science, 2009, pp.1–4.
  • Gina G.G., Raul A. F.E., Horacio T.R., Alejandro V.A., Gualberto A.T. A lightweight digital signature cryptographic protocol for authentication and integrity based on location // Journal of Applied Sciences, Engineering and Technology, 2016, vol.12(5), pp.550–555.
  • Ahamad S.S., Udgata S.K., & Nair M. A secure lightweight and scalable mobile payment framework / Proceedings of the International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA), 2013, 545–553.
  • Ruiz-Martínez A., Inmaculada Marín-López, C., Sánchez-Martínez D., & Castell Egea I. SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol // Software: Practice and Experience, 2014, vol.44(5), pp.511–535.
  • El-Rahman S.A., Aldawsari D., Aldosari M., Alrashed O., & Alsubaie G. A secure cloud based digital signature application for IoT // International Journal of E-Services and Mobile Applications (IJESMA), 2018, vol.10(3), pp.42–60
  • Pourghomi P., Saeed M.Q. A secure cloud-based NFC mobile payment protocol // International Journal of Advanced Computer Science and Applications, 2014, vol.5, no.10, pp.24–31.
  • Gómez-Arevalillo A.R., Papadimitratos P. Blockchain-based Public Key Infrastructure for inter-domain secure routing / International Workshop on Open Problems in Network Security, 2017, pp.20–38.
  • İmamverdiyev Y. E-dövlət üçün bulud texnologiyaları əsasında mobil elektron imza / İnformasiya təhlükəsizliyinin multidissiplinar problemləri üzrə II respublika elmi-praktiki konfransının əsərləri, 2015, s.138–141.
  • Kinastowski W. Digital signature as a cloud-based Service / Cloud Computing: The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization, 2013, pp.68–72.
  • Lee N.Y., Chen Z.L. Cloud server aided computation for ElGamal elliptic curve cryptosystem / Computer Software and Applications Conference Workshops,2013, pp.11–15.
  • Zefferer T. A server-based signature solution for mobile devices / Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia, 2014, pp.175–184.
  • Zefferer T., & Zwattendorfer B. An implementation-independent evaluation model for server-based signature solutions / International Conference on Web Information Systems and Technologies, 2014, pp.302–309.
  • Rath C., Roth S., Schallar M., Zefferer T. Design and application of a secure and flexible server-based mobile eID and e-signature solution // International Journal on Advances in Security, 2014, vol.7, no.3-4, pp.50–61.
  • Xu L., Li J., Tang S. & Baek J. Server-aided verification signature with privacy for mobile computing // Mobile Information Systems, Article ID 626415, 2015, pp.1–11.
  • Kinastowski W. Signing cloud: Towards qualified electronic signature service in cloud / IEEE 5th International Conference on Cloud Computing Technology and Science, 2013, 2, pp.224–227.
  • Zhang J., Hu N., Raja M.K. Digital certificate  management: Optimal pricing and CRL  releasing strategies //  Decision Support Systems, 2014, vol.58, pp.74–78.
  • Haidar A.H., Abdullah A.E. Formal modelling of PKI based authentication // Electronic Notes in Theoretical Computer Science, 2009, vol.235, pp.55–70.
  • Chariton A.A., Degkleri E., Papadopoulos P., Ilia P., Markatos E.P. CCSP: A compressed certificate status protocol / IEEE Conference on Computer Communications, 2017, pp.1–9.
  • Liu Y., Tome W., Zhang L., Choffnes D., Levin D., Maggs B., Wilson C. An end-to-end measurement of certificate revocation in the web's PKI / Proceedings of the 2015 Internet Measurement Conference, 2015, pp.183–196.
  • Zhu L., Amann J. & Heidemann J. Measuring the latency and pervasiveness of TLS certificate revocation / International Conference on Passive and Active Network Measurement, 2016, pp.16–29.
  • Won J., Singla A., Bertino E. & Bollella G. Decentralized public key infrastructure for Internet-of-Things / IEEE Military Communications Conference, 2018, 907–913.
  • Prodanović R. & Vulić I. Classification as an approach to public key infrastructure requirements analysis // IET Software, 2019, vol.13(6), pp.518–527.
  • Berbecaru D. & Lioy A. Towards simplifying PKI implementation: Client-server based validation of public key certificates. arXiv preprint arXiv:1910.06641, 2019.
  • İmamverdiyev Y.N. E-dövlətin informasiya təhlükəsizliyinə etimadın qiymətləndirilməsi modeli // İnformasiya texnologiyaları problemləri, 2015, №1, s.25–32.
  • Имамвердиев Я.Н., Гаджирагимова М.Ш. Архитектура инфраструктуры доверия электронным документам в среде электронного государства // Телекоммуникации, 2011, №11, c.18–26.
  • Huang J., Nicol D.M. An anatomy of trust in public key infrastructure // International Journal of Critical Infrastructures, 2017, vol.13(2-3), pp.238–258.
  • Liu Z., Ma J., Jiang Z. & Miao Y. LCT: A lightweight cross-domain trust model for the mobile distributed environment // KSII Transactions on Internet and Information Systems (TIIS), 2016, vol.10, no.2, pp.914–934.
  • Heinl M.P., Giehl A., Wiedermann N., Plaga S. & Kargl F. MERCAT: A metric for the evaluation and reconsideration of certificate authority trustworthiness / Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop, 2019, pp.1–15.
  • Yüce E., & Selçuk A.A. Server notaries: a complementary approach to the web PKI trust model // IET Information Security, vol.12(5), pp.455–461.
  • Ferdinand A.I. & Gaol F.L. Evaluation level of trust on implementing public key infrastructure in Procurement System Certificate Authority which is held by National Crypto Agency // Advanced Science Letters, 2018, vol.24(7), pp.5255–5258.
  • Rahoof P.P. & Nair L.R. Incorporating trust in public key infrastructure certificates // Advances in Computational Sciences and Technology, 2017, vol.10(5), pp.671–686.
  • Mantas G., Lymberopoulos D., Komninos N. PKI security in large-scale healthcare networks // Journal of Medical Systems, 2012, vol.36(3), pp.1107–1116.
  • Hinarejos M.F., Almenárez F., Arias-Cabarcos P., Ferrer-Gomila J.L., Marín A. RiskLaine: A probabilistic approach for assessing risk in certificate-based security // IEEE Transactions on Information Forensics and Security, 2018, vol.13(8), pp.1975–1988.
  • Szalachowski P., Chuat L. Perrig A. PKI safety net (PKISN): Addressing the too-big-to-be-revoked problem of the TLS ecosystem / IEEE European Symposium on Security and Privacy (EuroS&P), 2016, pp.407–422.
  • Kim D., Kwon B.J., Dumitraş T. Certified malware: Measuring breaches of trust in the Windows code-signing PKI / Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017, pp.1435–1448.
  • Qin B., Huang J., Wang Q., Luo X., Liang B. & Shi W. Cecoin: A decentralized PKI mitigating MitM attacks // Future Generation Computer Systems, 2020, vol.107, pp.805–815.
  • Vishwakarma S., Samant P.K. & Sharma A. Attacks in a PKI-based architecture for m-commerce // IEEE International Conference on Computational Intelligence & Communication Technology, 2015, pp.52–56.
  • Samant P. K., Saini P. & Challa R.K. A combined request/response and time delay technique to detect attacks in a PKI-based architecture for m-commerce / Proc. of the 3rd IEEE International Advance Computing Conference (IACC), 2013, pp.1357–1361.
  • Hawanna V., Kulkarni V.Y., Rane R.A., Mestri P., Panchal S. Risk rating system of X.509 certificates // Procedia Computer Science, 2016, vol.89, pp.152–161.
  • Suhaimi A.I.H., Noordin N., & Yakub M.F. Assessment of Malaysian e-passport PKI based on ISO 27000 series international standards // Journal of Physics: Conference Series, 2020, vol.1551, no.1, p.012003.