D.A. Melnikov1, V.G. Belenkov2, P.A. Keyer3, V.I. Korolev4, E.I. Belova5

1 National Research Nuclear University MEPhI (Moscow, Russia)
1, 5 Financial University under the Government of the Russian Federation (Moscow, Russia)
1-4 Federal Research Center «Computer Science and Control» of the Russian Academy of Sciences (Moscow, Russia)
 

The global development and extension of the Internet, and, in particular, the large-scale hypertext information technology system (World Wide Web), has accelerated the transition from paper to electronic document management in the interaction of citizens and organizations with federal, regional and municipal legislative and executive authorities.

Most economically developed countries have successfully switched to paperless technology for filing accounting and tax reports via the Internet. The Russian Federation did not stand aside. The Federal Tax Service of the Russian Federation is actively developing, implementing and improving the use of new modern information and financial technologies.

Today, the development of Russian society is accompanied by the digital transformation of all its spheres, including the economy, science, healthcare, education, culture, etc. The transition of the Russian economy to «digital rails» requires the creation of a national trust system based on the federal public keys infrastructure (PKI). Such a system will be able to solve the vast majority of existing problems related to the information security management, including the protection of citizens and businesses. An example of a system of trusted verification centers (verification center combines functions of the certification and registration centers) of the Federal Tax Service of the Russian Federation showed that it is possible to create a national trust system based on PKI.

The paper presents an analysis and defines the main approaches to the organization of a national trust system based on PKI using the example of a departmental trust system of the Federal Tax Service of the Russian Federation with the involvement of domestic commercial verification centers.

Melnikov D.A., Belenkov V.G., Keyer P.A., Korolev V.I., Belova E.I. About the first experience of creating a trust system based on public key infrastructure in Russia. Highly Available Systems. 2022. V. 18. № 4. P. 28−43. DOI: https://doi.org/ 10.18127/j20729472-202204-03 (in Russian)

1. Diffie W., Hellman M.E. Privacy and Authentication: An Introduction to Cryptography. Proceedings of the IEEE. March 1979. V. 67. № 3. P. 397–427. (Rus. perevod: Diffi U. i Hellmen M.E. Zashchishchennost' i imitostojkost': Vvedenie v kriptografiyu. TIIER, mart 1979. T. 67. № 3. P. 71–109.)
2. Gärdenfors P., Sahlin N.-E. Unreliable probabilities, risk taking, and decision making. Synthese. 1982. V. 53 № 3. P. 361–386.
3. Josang A. An algebra for assessing trust in certification chains. In J. Kochmar, editor, Proceedings of the Network and Distributed Systems Security Symposium (NDSS’99). The Internet Society, 1999. URI: https:// folk.universitetetioslo.no/josang/papers/Jos1999-NDSS.pdf.
4. Josang A. Subjective Logic. A Formalism for Reasoning Under Uncertainty. – Springer International Publishing, Switzerland, 2016. 337 p. DOI 10.1007/ 978-3319-42337-1.
5. Mel'nikov D.A., Homenok A.V. Sovremennoe sostoyanie otechestvennoj infrastruktury elektronnoj kommercii. Ekonomika, statistika i informatika. 2012. № 1. S. 169–173. URI: https://cyberleninka.ru/article/n/sovremennoe-sostoyanie-otechestvennoy-infrastruktury-elektronnoy-kommertsii (in Russian).
6. Pope S., Josang A. User Centric Identity Management. Proceedings of AusCERT, Gold Coast, May 2005. URI: https://folk.universitete­tioslo.no/josang/papers/JP2005-AusCERT.pdf.
7. Simmons G., Meadows C. The role of trust in information integrity protocols. Journal of Computer Security. 1995. V. 3. № 1. P. 71–84.
8. DIRECTIVE 1999/93/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities 19.01.2000. P. 0012 – 0020. URI: https://eur-lex.europa.eu/eli/dir/ 1999/93/oj.
9. European Telecommunications Standards Institute. ETSI TS 102 853 Electronic Signatures and Infrastructures (ESI); Signature validation procedures and policies, Technical Specification, V1.1.2, October 2011. URI: https://www.etsi.org/deliver/etsi_ts/102800_102899/ 10285 3/01.01.02_60/ts_102853v010102p.pdf.
10. Olnes J. PKI Interoperability by an Independent, Trusted Validation Authority. In Proceedings of the 5th Annual PKI R&D Workshop, NIST, Gaithersburg MD, April 2006.
11. Mel'nikov D.A. Metody i sredstva postroeniya sistemy upravleniya kriptograficheskoj zashchitoj na osnove infrastruktury otkrytyh klyuchej dlya shirokomasshtabnyh informacionno-telekommunikacionnyh sistem. Dissertaciya na soiskanie uchenoj stepeni doktora tekhnicheskih nauk. M., 2022. 350 s.URI: https://www.frccsc.ru/diss-council/00207302/diss/list/melnikov_da (in Russian).
12. Melnikov D.A. About the problem of trust in verification centers in Russian Federation. Highly Available Systems. 2022. V. 18. № 1. P. 5−15. DOI: https://doi.org/10.18127/j20729472-202201-01 (in Russian)