Mutual recognition mechanism of e-documents and data exchanging across borders: centralized and decentralized approaches Vladimir N. Kustova, Ekaterina S. Silantevab a Saint Petersburg Railway Transport University of Emperor Alexander I, 9 Moskovsky Ave., Saint-Petersburg, 190031, Russia b LLC New space of trade, 5 Orlikov lane, 2 Build. 9 Fl. 34 Room, Moscow, 107078, Russia Abstract An integral part of a company's business processes global digitalization and automation is the transition to cross-border electronic legally significant document circulation. This article is devoted to reviewing two different methods of mutual recognition mechanisms: centralized and decentralized. Keywords Mutual recognition mechanism, e-documents, data exchanging, cross-border, centralized, decentralized, approaches 1. Introduction The structure overgrew, rising ever higher toward the sky, which made people extremely happy. Do you remember the biblical legend [1] that tells Simultaneously, with the tower, the World Flood's how and why people began to speak different things had to wash away - human pride and vanity- languages, the Babel Tower legend? For the revived and strengthened. respondent positively to this question, we will God learned about this tower, and he did not like refresh the memories, but we will briefly describe people's ideas. However, God did not punish people those who do not know such a tradition1. by death, but punished them differently: one day, Once upon a time, all people, Noah's clan when they started to work, people suddenly stopped descendants who escaped during the Flood in the ark understanding each other's speech. They could not built by himself and found refuge near the Ararat continue tower building because they began to Mountains, spoke the same language. Gradually, the quarrel, not understanding what the other wants. human race grew, acquired new knowledge and Watching this, God decided to help people forcing skills. Besides, having accumulated specific skills them to leave the city and leave. People left the luggage, people decided to apply them in practice unfinished tower and settled in different earth parts. and build a city and build a high tower, to the very Over time, they forgot about their relationship, they heavens seen from everywhere. had their traditions, language, rites, customs, and the unfinished city, where the tower was erected, was called Babylon, which means "mixing." Models and Methods for Researching Information Systems in Transport, Dec. 11-12, St. Petersburg, Russia Why did we remember that? The answer is an EMAIL: kvnvika@mail.ru (A. 1); the_best_kat@mail.ru (A. 2); orientation toward the world (international, cross- ©️ 2020 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). border) digitalization and automation of many CEUR Workshop Proceedings (CEUR- business processes. However, despite this, do not WS.org) forget about the individual states' desire to preserve 150 and develop their language, writing, traditions, straightforward architecture. Nevertheless, it can be customs, and digital sovereignty. In keeping part of used in cases when several State Parties of the this digital sovereignty in global digitalization and Framework Agreement on Facilitation of Cross- automation conditions, the principal contradiction border Paperless Trade in Asia and Pacific arises: different states' cryptographic standards (Framework Agreement, FA) agree to use the incompatibility. From time immemorial, every general CA for paperless trade [9]. people have gone along his development line and do The model of this Architecture is presented in not plan to retreat from it by the current day. Figure 1. 2. Methods of implementation of the mutual recognition mechanism based on the centralized infrastructure RFC 5217 «Memorandum for Multi-Domain Figure 1. Simple PKI Architecture Public Key Infrastructure Interoperability» [8] provides a terminology framework for operational A simple PKI consists of a single CA with a self- requirements, which can be used by different Public signed certificate that issues End Entities (EEs) Key Infrastructure (PKI) authorities for establishing certificates. End entity is the subject of a certificate trust relationships with each other. that is using, or is permitted and able to use, the RFC 5217 classifies mechanisms of mutual matching private key only for a purpose or purposes recognition of Trust services based on an other than signing a certificate. infrastructure of open keys. 2.2. Different Multiple CA Architectures 2.1. Single Certification Authority (CA) Architecture Trust relations between Certification Authorities could be classified on the following basis: So, let's take a closer look the single CA 1) The common use of crypto algorithms; architecture. 2) Common Policy of certificates. In this model, the Mutual Recognition Different Multiple CA Architectures is presented Mechanism (MRM) is provided with trust to the in Table 1. common Certification Authority. It is the most Table 1. Models of the mutual recognition mechanism The common use of crypto algorithms Common policy of Crypto algorithms are commonly Crypto algorithms of at least one party have certificates used a limitation on the cross-border distribution (not common use) • Hierarchical PKI Architecture • Mesh PKI Architectures Crypto algorithms of at least one party have a Common • Hybrid PKI Architectures limitation on the cross-border distribution (not certificate commonly use) policy Different Cross-certification with policy Trusted Third Party (TTP) certificate mapping policy In case when the parties use different CA, but all cryptographic algorithms and certificate policy of participants of interaction commonly use this CA, mutual recognition could be used: • Hierarchical PKI Architecture; 151 • Mesh PKI Architectures; 5. A PKI member may choose to participate in • Hybrid PKI Architectures. the PKI domain but restrict or deny trust in one or In case the parties use different CA cryptographic more other members PKIs of that same PKI domain. algorithms. Certificate policies in the created chains The establishment of trust relationships has a of certification are various; cross-certification with direct impact on the trust model of relying parties. policy mapping can be used for mutual recognition. As a result, consideration must be taken to create and Two or more PKIs may choose to enter into trust maintain PKI domains to prevent building relationships with each other. Each PKI retains its inadvertent trust relationships. own set of Certificate Policy Object Identifier PKI Domain Models are: (Policy OID) and its own Principal CA for these 1. Unifying Trust Point (Unifying Domain) relationships. In addition to making a business Model. decision to consider a trust relationship, each PKI 2. Independent Trust Point Models. determines the level of trust of each external PKI by 3. Direct Cross-Certification Model. reviewing external PKI Certificate Policy 4. Bridge Model. Document(s) and any other PKI governance Trust Models External to PKI Relationships documentation through a process known as policy remains to consider ways to implement the mutual mapping. Trust relationships are technically recognition mechanism for cases where other formalized through the issuance of cross-certificates. cryptography is used in PKI domains. Such methods Such a collection of two or more PKIs is known as a include: PKI domain. 1. Trust List Models. PKI domain: A set of two or more PKIs that have 2. Trust Authority Model. chosen to enter into trust relationships with each 3. Trusted Third Party Model. other through the use of cross-certificates. Each PKI Here, the option to use a trusted third party as the that has entered into the PKI domain is considered a most common and most universal one should be member of that PKI domain. considered in more detail. The remaining models can A domain Policy Object Identifier (OID) is a be considered in more fact later. Policy OID that is shared across a PKI domain. Each The trusted security services provided by the CA in the PKI domain must be operated under the specialized providers can be used to provide security domain Policy OID. Each CA may also have its in information interaction. Trusted security services Policy OID(s) in addition to the domain Policy OID. can perform functions similar to notaries, apostille, In such a case, the CA must comply with both and trusted delivery in paper documents exchange policies. The domain Policy OID is used to identify flow. The trusted security services operators must be the PKI domain. the trusted third parties (TTP) of the information Policy Mapping: A process by which members of exchange parties. The activities of TTP must be a PKI domain evaluate the Certificate Policies (CPs) governed by the international law of the States- and other governance documentation of other participants of the information interaction, or potential PKI domain members to determine the bilateral agreements of the parties of informational level of trust that each PKI in the PKI domain places interaction. on certificates issued by each other PKI in the PKI Thus TTP is the electronic equivalent of notaries, domain. apostille, and trusted delivery institutions. TTP is not PKI Domain Properties: an entirely new institute; it continues the tradition of 1. A PKI domain may operate a Bridge CA or a confirming the document's integrity and authenticity. Unifying CA that defines the domain members by From a legal point of view, the electronic document's issuing cross-certificates to those members. function must pass from the document owner to a 2. A single PKI may simultaneously belong to third party - the operator of TTP. It is a key two or more PKI domains. specificity of the informational interface. 3. A PKI domain may contain PKI domains The trust is supported by a warranty of within its membership. authenticity of electronic documents, financial 4. Two or more PKI domains may enter into a liability for the electronic documents' actuality. It is trust relationship with each other, creating a new the basic principle relevant for legally significant PKI domain. They may choose to retain the existing transboundary electronic document circulation when PKI domains and the new PKI domain or collapse the contractors are far apart and in different the existing PKI domains into the new PKI domain. jurisdictions. 152 It is a classic solution for providing secure Validation of Digitally Signed (VDS) Document transmission of information via a non-trusted service is used when a signed document's validity is channel. asserted. TTP description was provided in ITU-T The DVCS verifies [3]: Recommendation X.842 «Information technology – 1. All signatures attached to the signed Security techniques – Guidelines for the use and document using all appropriate status information management of trusted third party services.» [4] and public key certificates; Following this document, а TTP is an organization 2. The mathematical correctness of all or its agent that provides one or more security signatures attached to the document and checks services and is trusted by other entities concerning whether the signing entities can be trusted by these security services' activities. The same validating the full certification path from the signing document contains the most general description of entities to a trusted point (e.g., the DVCS's CA or the the TTP services' architecture from different PKI root CA in a hierarchy). domains. The DVCS may be able to rely on relevant CRLs One of the most well-known implementations of or may need to supplement this with access to more the trusted third-party model is Data Validation and current status information from the CAs, for Certification Server (DVCS) by the example, by accessing an OCSP service, a trusted recommendations RFC 3029 «Internet X.509 Public directory service, or other DVCS services. Key Infrastructure. Data Validation and Certification The DVCS will perform verification of all Server Protocols» [2]. It can be used as one signatures attached to the signed document. A failure component in building reliable non-repudiation to verify one of the signatures does not necessarily services. fail the entire validation, and vice versa. A global One of the protocols realized by the DVCS failure may occur if the document has an insufficient service is intended for verification of the electronic number of signatures. documents signed with the digital signature. The Validation Validation Signed receipt Authority B Authority A 5 4 Certificate 1 issuing Validation 1 request Certificate 3 issuing Signed receipt Certification Certification Authority B Authority A Validation request 1 1 6 Certificate Certificate issuing issuing 2 Legal significant State B State A document (Sender) (recipient) Figure 2. The Diagram of the functioning of MRM based on DVCS for supporting the trust in case of cross- border exchange of electronic trade-related legal and significant documents The Diagram of the functioning of MRM based Processing of a request of DVCS received from on DVCS for supporting the trust in case of cross- user 1 includes the following stages (according to border exchange of electronic trade-related legal and Figure 2): significant documents (the sender and the receiver 1. Participants of information interaction are residents of the different states) is shown in Figure 2. included in their public key infrastructure; that is, 153 they create their key pairs and receive certificates in 5. The various national and international their Certification Authorities (CAs). requirements to the Certification Authorities may be 2. User B (the resident of the state B) signs the considered as an analogy. ED of the EDS created according to the national To provide Mutual recognition of trade-related legislation requirements and sends it to User A. electronic information when PKIs use different, 3. The user A (through a private office (web incompatible between each other Cryptography interface) or using a special software sends a request measures or their domains have separate legal bases, to the validation authority A. we should use DVCS functioning by RFC 3029 4. Validation Authority A executes «Internet X.509 Public Key Infrastructure. Data determination of the cryptographic algorithm using Validation and Certification Server Protocols». which the EDS is created (the certificate of a key of DVCS receipt allows providing trust between verification of the EDS is issued) according to the different PKI domains in the case when their cross- object identifier specified in the certificate of a key certification technically or legally is impossible. of verification of the EDS and will readdress it to the For correlation of the certificates policy, the Validation Authority B located in the state B. On it receipt of DVC service can map the Policy in the using the execution of the sequence of cryptography same manner as it is mapped in cross-certification conversions check of the received request is procedures. executed. Following the completed checks, the DVC In the extension of policy mapping, the receipt signed with the EDS of Validation Authority intermediate Certification Authority guarantees to B is created. the user of the certificate that it will fulfill general 5. The DVC receipt signed with Validation guarantees and obligations, even although the other Authority B with the check results is transferred to users of the certification chain work in the different Validation Authority A. policy areas. 6. Validation Authority A checks the Certification Authority (CA) of the integration correctness of the DVC receipt accepted from segment should include one or several mappings for Validation Authority B. At the same time, there is an each set of the policies according to which it has appeal to the server of service TSP for adding of a issued TTP certificates. This CA shouldn't include stamp of time in the receipt created by results of mappings for other policies. Thus, the group of verification of the DVC receipt created by Certification Authority of an integration segment and Validation Authority B and also check of the status the TTP services using certificates of this CA fulfill of the certificate of a key of the EDS of Validation the TTE role between domains with the various Authority B using the appeal to service of check of levels of reliability. the relevant status of the certificate (OCSP) or According to which Sender of Certification certificate revocation lists of CAs which issued the authority acts, suppose one or several Certificate certificate of a key of the EDS of Validation policies are identical to those, by which Certification Authority B is executed. Validation Authority A Authority of TTP integration segment operates. In creates the report signed with the certificate of a key that case, these identifiers should be excluded from of check of Validation Authority A and transfers him the extension of policy mapping but included in the to User A. extension of certificate policies. Policy mapping has The requirements for TTP should be the the effect of transforming all policy identifiers in the following: sender domain's certificates to the identifier of 1. TTP has absolute credibility among the equivalent Policy recognized by the user of the information exchange participants. certificate (recipient). In this schema identifier of 2. TTP uses the mechanisms of evaluation and equivalent, Policy is described in the receipt of TTP compensation of damages. service. 3. TTP uses the methods of conflict resolution; 4. TTP provides the necessary guarantees. 154 Figure 3. TTP for the domain with different levels of trust A distributed network is a type of computer 3. Methods of the mutual recognition network that is spread over different networks. It provides a single data communication network, mechanism implementation based which can be managed jointly or separately. Besides on the decentralized structure shared communication within the network, a distributed network often also distributes processing. 3.1. Blockchain technology In a distributed network, the responsibilities for data transactions and computations are not given to any The required trust level may also be supported by specific node. On the contrary, they are spread the trust infrastructure, built on a decentralized across the web, which is responsible as a whole for model. One of the technologies allowing to the results of a given process, like in some biological implement of a decentralized model is the ecosystems, such as an ant community, where the blockchain. The idea of blockchain technology is construction of an ants' nest is the result of simple. Its broader and more encompassing form, independent contributions by each ant. Blockchain blockchain can be defined as a technology to technology guarantees that the distributed network's develop trusted processes and data transactions on an overall behavior, programmed to execute a particular open and distributed network via decentralized process, is trustworthy. In this context, blockchain consensus among computer systems. tries to respond to contemporary real-world In its more common, widely used form, «a scenarios' complexity by offering technology and a blockchain is essentially a distributed database of methodology for designing distributed applications records or public ledger of all transactions or digital that operate with private data in an openly verifiable events that have been executed and shared among way. participating parties.» Each transaction in the public A distributed transactions system based on ledger is verified by the consensus of most of the blockchain technology by its nature implements a participants in the system. And, once entered, ledger. This concept is at the core of the regulatory information can never be erased. The blockchain activities carried out by a wide range of authorities, contains a certain and verifiable record of every institutions, and businesses. A more transparent, single transaction ever made. trusted, and globally recognized accounting 155 mechanism of this kind could dramatically facilitate using blockchain technology, creating clear and open and harmonize processes in e-Business and cross- conditions for their use. broader trade scenarios. Even if, at the current stage This platform contains various blocks that allow of development, blockchain technology hasn't served to track-and-trace goods from farm to retailer. the purpose of trade facilitation directly, it is already These parts are: clear that, in the next decade, its contribution could • The source of the crop or the be substantial. These positive expectations shouldn't agricultural process prevent us from evaluating the limitations of an • Lab Testing information. international trade approach enabled by blockchain • Organic and Halal Certificates. technology, for example, in the context of legally • Dispatch Details and Logistics binding agreements among traders. provider details starting to add value. • Recording of receipt from the 3.2. Case study: Transparent e-documents and agricultural source. data exchange with the use of blockchain • Lab Testing and reports on receipt. • Halal or Organic certifications or Blockchain technology in the supply chain can be any other accreditations. used to monitor costs, labor, losses, and emissions at • Lot or batch numbers and processing each point in the supply chain. A distributed registry information. can also be used for verification of authenticity or • Any contamination reports and compliance with fair trade rules by providing holding actions. information on the origin of the goods. The delivery • Storage information (temperature information can be a transaction every time you and humidity control). interact with a shipment. A related technology called «Smart Contract» can • Batch release info and id codes. be embedded in a block and triggered when a certain • Logistics release info and logistics condition is met. For example, a payment transfer provider. can occur automatically when a shipment reaches the • Crop yield, Dietary info for live customer's location. animals, mortality rates. • Tagging of live animals. 3.3 PKI and Blockchain: Key study for • Crop Harvesting information and agriculture value chain (AVC) data tagging, with batch, date of release. In this article, the authors would like to present • Suppose we are exporting any the key study for agriculture value chain (AVC) shipping details. Bills of Lading / Airway based on the combination of PKI and blockchain bills and destination Final Value add to technologies. the Supply Chain and the most vulnerable to First, we will start from the decentralized abuse. approach based on the digital blockchain platform. • Goods in from source or primary The most convenient way to implement processor. blockchain technology is to create a digital platform • Recipe formulations and ingredients that organizes interaction between different groups traceability. of participants who need to know certain information • Production batch codes and about each other's activities. The ability to organize production dates. interaction is essential for forming long-term • Nutritional Information. productive business relations between the • Storage Information participants of the agricultural value chain. The idea • Certifications. of this platform was provided by Evoteq Company. • Issued Barcodes or other identifiers. The digital platform [5] (see Figure 4) is open to • Expiry date information. interaction and integration through the cloud, • Logistics Information. making it accessible to all agricultural value chain • Shipping details dispatch date and participants. The digital platform architecture can destination. significantly scale up without loss in quality and • Goods out info. efficiency that will expand it to new product groups • Vehicle Temperature monitoring. and new participants of the platform. The platform provides a high level of trust between participants 156 Figure 4. Blockchain use in the value chain • Delivery confirmation. 5. Protects the integrity of the products and • Protecting the consumer. provides the possibility of recalling the • Goods in and Temperature check. manufacturer's goods to correct defects. • Expiry date check (remaining 6. Allows checking for compliance with shelf life complies). special needs (diabetic, organic, Halal goods). • Storage details. 7. Allows suppliers to track products on the • EPOS Data. market. Blockchain platform gives a possibility to 8. Allows users to check the supply chain. provide supplier managed inventory service and 9. Allows inspectors to verify the validity develop a complete dietary information database. and acceptability of goods. The consumer can check the product through 10. Protects the supply chain from barcoding information. counterfeiting. Allows the consumer to know where a product The introduction of blockchain technology into is sold. the track&trace system will enable manufacturers, The digital platform of the agricultural value importers, and distributors to track their internal chain can be connected and interact with the processes better. digital platform of the EAEU. The introduction of a digital track&trace The economic benefits offered by this cloud platform, according to experts estimates, will solution can improve the efficiency of the entire achieve 99% accuracy of inventory data compared value chain. It solves the following tasks: to 40-70% accuracy as it currently stands, which 1. Allows downloading product data at any will optimize production and imports and stage of the value chain. significantly affect the reduction of the cost of 2. Provides continuous access to data. goods [6]. 3. Ensures the integrity and security of the During a pilot program conducted with supply chain. Walmart, the testing showed that by using 4. Ensures that only proven, legally blockchain to track food, you could reduce the compliant products are available on store shelves. time it takes to track mango packaging from farm to store in just two seconds instead of days and 157 weeks. During the pilot, more than 100,000 to build a business network, where the business mangoes from a Queensland supplier in Northern entity can choose the partner, make deals, find Australia were withdrawn by Biosecurity SA after investments, etc. These two systems are fully fruit fly larvae were discovered in mangoes in compatible and provide mutual recognition of e-data Adelaide's foothills. The responsiveness of the and e-documents via the whole AVC. recall allowed the organization to maintain its reputation [7]. So, within a supply chain, blockchain References technology could be used to monitor costs, labor, waste, and emissions at every point of the supply [1] Genesis Book. (11: 1-9). URL: chain, verify the authenticity or fair trade status of http://bibliya-online.ru/chitat-bytie-glava-11/. products by tracking them from their origin, [2] RFC 3029 "Internet X.509 Public Key shipping details could constitute a transaction at Infrastructure Data Validation and every interaction with a shipment – and Certification Server Protocols". URL: customer(s) would know about it, trigger an action http://www.faqs.org/rfcs/rfc3029.html. automatically. [3] Product description "TTPS "Litoria DVCS". However, there is a question: how can we URL: combine decentralized and centralized http://www.gaz-is.ru/produkty/dokumentoobo approaches? The answer is - we will use business rot/gis-dvcs.html. tools: a digital platform for track-and-trace AVC [4] Information technology - Security and a social network for trusted e-documents techniques - Guidelines for the use and exchange. management of trusted third party services A business network is based on a social (X.842). URL: network plus trusted cross-border e-document https://www.itu.int/rec/T-REC-X.842-200010 flow, based on PKI [8], that allows a customer to -I/en. build a business network, choose the partner, and [5] Smarttrack. Global supply platform to ensure make deals, find investments, etc. This network is global supply chain integrity. URL: fully compatible with AVC based on the https://evoteq.com/en/our-projects/smarttrack. blockchain system. [6] M. L. Simanovskaya, E. S. Silanteva, The use Both these systems make AVC transparent and of digital technologies to increase the business processes simpler. competitiveness of small and medium-sized businesses in the food sector / / State 4 Conclusion Management: Russia in Global Politics, Proceedings of the XVII International The authors reviewed two potential approaches Conference (May 16-May 18, 2019), to the mutual recognition mechanism: centralized University Book Faculty of Public and distributed. Suppose Trust services engaged in Administration of Lomonosov Moscow State document lifecycle (incl. the chain of inter-domain University, Moscow Russia, 2019, pp. 159- gateways between the document's issuer and 165. recipient) have different qualification levels. In that [7] Case Study: How Walmart brought case, the overall level of qualification may be equal unprecedented transparency to the food to the lowest of them. The level of trust could be supply chain with Hyperledger Fabric. URL: provided in two different ways: transboundary trust https://www.hyperledger.org/learn/publication environment and blockchain ecosystem. s/walmart-case-study. We discussed a case study on the agriculture [8] RFC 5217 - Memorandum for Multi-Domain value chain example. Within a supply chain, blockchain technology could be used to monitor Public Key Infrastructure Interoperability». costs, labor, waste, and emissions at every point of URL: https://tools.ietf.org/html/rfc5217. the supply chain, verify the authenticity or fair-trade [9] Framework Agreement on Facilitation of status of products by tracking them from their origin, Cross-border Paperless Trade in Asia and shipping details could constitute a transaction at Pacific (Framework Agreement, FA) agree to every interaction with a shipment – and customer(s) use the general CA for paperless trade. URL: would know about it, trigger an action automatically. https://www.unescap.org/resources/framewor Social network plus trusted cross-border k-agreement e-document flow, based on PKI, allows a customer 158 facilitation-cross-border-paperless-trade-asia- and-pacific-0. 159