Secure Course Completion Credentialing Using Hyperledger Fabric Stefan Gogić1 , Nemanja Zdravković1,* , Emilija Kisić1 and Ponnusamy Vijayakumar2 1 Faculty of Information Technology, Belgrade Metropolitan University, Tadeuša Košćuška 63, 11000 Belgrade, Serbia 2 SRM IST, ECE Department, Kattankulathur, Chennai, India Abstract In this paper, we present a blokchain solution, based on Hyperledger Fabric, for issuing and validating documents from Higher Education Institutions (HEIs), such as diplomas and diploma supplements. By utilizing Hyperledger Fabric, the most popular distributed ledger technology for private blockchains, we propose a lightweight and secure credentialing three layer blockchain system – the smart contract layer, the blockchain layer itself, and the network layer. With a minimal needed number of functionalities such as issuance and verification, our lightweight system can be deployed on a trustful environment, e. g. faculties from the same university, or a consortium of universities. With such an environment, we eliminate the need for a computationally complex consensus mechanism for adding blocks to the ledger, while retaining easy implementation with the HEIs information system and/or learning management system. Based on previous research and prototyping, our model acts as an additional security layer on top of and HEI’s information system and utilizes blockchain’s immutable property to keep student’s records secure. Keywords blockchain, credentialing, distributed ledger, Hyperledger 1. Introduction ify the validity of certificates in a direct manner, without contacting the HEI that originally issued the documents Blockchain technologies (BCTs) and distributed ledger [7]. Indeed, the authors of [8] state that BCT/DLT-based technologies (DLTs) have surpassed their initial use systems promise a permanent authentication and stor- in cryprocurrencies, and are already being used in a age solution for the alternative credentials market. This plethora of fields – from supply chain managements and continuously growing market consists of various kinds healthcare, to predictive maintenance systems and pub- of microcredentials, nanodegrees, MOOCs/SPOCs, cer- lic sector [1, 2, 3, 4, 5]. With the rise of Ethereum and tificates and/or badges from various types of training its smart contracts written in Solidity, presenting code and pre-qualification programs. The authors also empha- which can be directly run on the chain itself, paired with size scalability issues, most noticeably if the BCT/DLT a robust consensus mechanism, a secure and immutable use the computationally complex Proof-of-Work (PoW) record keeping solution in a trustless environment with- consensus mechanism, as does Bitcoin and many other out the need of third-party stakeholder has risen, identi- cryptocurrency networks. The PoW approach will likely fying BCTs/DLTs as disruptive technologies [6]. remove the need for educational organizations to vali- Credentialing solutions for Higher Education Institu- date credentials, and other lightweight approaches are tions (HEIs) based on blockchain and similar technologies needed. are still few. As of writing this paper, only a small number Since the initial hype of using BCT/DLT for various of papers have been published [7, 8, 9] compared to other use cases including ones in education, the authors of [9] blockchain-based use cases. For instance, one of the main conducted a literature review of solutions based on public conclusions found in one of the earliest studies on the blockchains, highlighting the need for a standardized topic of blockchain in education state that BCTs (and later approach built on a public blockchain to promote faster DLTs) should allow users to be able to automatically ver- adoption and acceptance. This recent study states that full functioning and active prototypes are still low in BISEC’23: 14th International Conference on Business Information numbers; however, one of the conclusions was that the Security, November 24, 2023, Niš, Serbia blockchain application should run on a stable, secure, * Corresponding author. and trustworthy network. $ stefan.gogic.6354@metropolitan.ac.rs (S. Gogić); Indeed, in a trustless environment where actors are not nemanja.zdravkovic@metropolitan.ac.rs (N. Zdravković); emilija.kisic@metropolitan.ac.rs (E. Kisić); vijayakp@srmist.edu.in known, public BCTs with robust consensus mechanisms (P. Vijayakumar) such as Biction are imperative [10, 11, 12]. However,  0000-0002-2631-6308 (N. Zdravković); 0000-0003-3059-2353 mechanisms such as PoW or various variations of Proof (E. Kisić); 0000-0002-3929-8495 (P. Vijayakumar) of Stake (PoS) are computationally complex and require © 2024 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). powerful, often dedicated computers equipped with a CEUR Workshop Proceedings http://ceur-ws.org ISSN 1613-0073 CEUR Workshop Proceedings (CEUR-WS.org) CEUR ceur-ws.org Workshop ISSN 1613-0073 Proceedings powerful central processing unit (CPU) and/or graphic copy of the ledger, all network nodes are updated in real processing unit (GPU). Conversely, in a more specific time, simultaneously. Furher, a block can be viewed as a environment, i. e. where the nodes in the blockchain data structure consisting of the follwing: network are known (and trusted) parties, a blockchain- 1. a header which connects the new block to the based solution with less complex consensus mechanism previous one. can be implemented, retaining security with the added benefit of not needing a powerful CPU/GPU to handle 2. a list of transactions; blockchain transactions. Usually, this approach is called Each transaction, besides the data, contains a header a distributed ledger technology (DLT). with a timestamp, paired with an unique cryptographic The authors’ main motivation is to utilize a trustful en- signature, thus enablig the ledger to be resistant to mod- vironment and propose a lightweight framework for doc- ifications. This chain of blocks that is formed and con- ument credentialing, tailored specifically to HEIs and the tinuously updated can be traced back all the way to the issuance and validation of student diplomas and diploma first block, named the genesis block. supplements. The combination of peer-to-peer networking, public- Based on literature, commercially (un)available solu- key cryptography, and distributed consensus is what tions and our own previous attempts, we have identified secures blockchain transactions. Conversely to a central- the following research questions: ized system, no single entity i.e. node should be able to control the process of adding a block to the chain. As • RQ1: Is it possible to design a lightweight frame- the blockchain is a distributed system, each new block work for the specific needs of HEIs to incorpo- addition is managed by all nodes who share equal rights. rate document issuance and validation in a secure This mechanism is utilized in order to overcome secu- manner, without relying on complex solutions? rity issues, and is achieved through the process known • RQ2: Can the flexibility of Hyperledger Fabric as distributed consensus. This process can be viewed be used as a basis for incorporating a BCT/DLT- as an agreement among the nodes in the network how based addition to an existing HEI information to validate each block yet to be added to the chain. De- system (IS)? pending on the consensus mechanism, nodes can either The rest of the paper is organized as follows. Section compete for correct transaction validation (PoW), be cho- 2 gives a brief introduction on blockchain technolgies, sen randomly (PoS and its variations), or apply a different focusing on Hyperledger Fabric. Afterwards, Section algorithm altogether. The algorithms used can vary in 3 gives presented the proposed system, developed at computational complexity. Belgrade Metropolitan University’s (BMU’s) Blockchain Finally, it is important to note that blockahins are a Technology Laboratory. Finally, Section 4 gives a con- class of technology; the term refers to different forms of clusion, with current limitations and further research distributed databases with variations in their technical ideas. and governance arrangements and complexity. 2.2. Hyperledger and its use cases 2. Blockchain and Hyperledger Hyperledger is the leading open source community fo- overview cused on developing various stable frameworks, tools and In this Section, we firstly provide a briew overview of libraries for enterprise-grade distributed ledger deploy- the building blocks of a general blockchain system. Af- ments [14]. This community aims to advance BCT/DLT terwards, we focus on the Hyperledger DLT solution, of technologies by identifying and more importantly real- which Hyperledger Fabric is used to develop the creden- izing a cross-industry open standard platform for DLTs. tialing system. The aim of the open standard is to transform the approach to business transactions on a global level [14]. Hyper- ledger has a modular approach to hosting projects similar 2.1. Brief blockchain overview to the approach of the Linux Foundation, as shown in Fig. In general, BCTs impose a fundamental change to manner 1. All Hyperledger projects are open source, they are easy various types of data are processed, and can improve ex- to obtain [15]. All Hyperledger projects, with the excep- isting data security solutions. A blockchain can be viewed tion of Hyperledger Indy, are used for general purpose as a shared, append-only distributed ledger, in which all blockchain-based applications and solutions, whereas events are stored in linked blocks [13]. These events are Hyperledger Indy focuses on decentralized identity [16]. often referred as transactions. A copy of the ledger is One of the key differences between the various BCT- therefore kept by all nodes which form the blockchain s/DLTs systems is the utilized consensus mechanism. Due network. Due to the fact that all member nodes have a Figure 1: The Hyperledger Project umbrella [15]. to the variety of blockchain usage requirements, Hyper- Table 1 ledger provides several different consensus mechanisms Hyperledger Fabric features [17]. For instance, Fabric uses the Apache Kafka platform Advantages Enterprise backing [18] as the main Crash Fault Tolerance (CFT) protocol Relative maturity on the network which is permissioned i.e. private, and it Private channels is voting-based. Hyperledger Indy utilized a consensus Modular architecture based on Redundant Byzantine Fault Tolerance (RBFT), a Smart contracts protocol inspired by Plenum Byzantine Fault Tolerance Consensus mechanism Kafka (Plenum). Hyperledger Iroha used a variant of the BFT al- RAFT gorithm called Sumeragi, which tolerates more than one Solo Byzantine faulty network nodes. Hyperledger Sawtooth facilitates the so-called pluggable consensus for both lot- Smart contract technology Chaincode tery and voting algorithms. By default, Hyperledger Saw- Smart contract type Installed tooth uses a lottery-based, Nakamoto consensus algo- Smart contract language Go rithm called Proof of elapsed time (PoET). Hyperledger Java Burrow comes with Byzantine Fault-Tolerant Tendermint Javascript protocol with a greater transaction rate, whereas Buru Solidity implements various consensus algorithms that are in- State storage CoudhBD volved in transaction validation, block validation, and leveldb block production, i.e. mining in the PoW mechanism, while Hyperledger Sawtooth has the most support for smart contract languages [16]. The core Hyperledger-based use cases include banking, 3. System model healthcare, supply chain management, financial services, BMU’s ongoing internal R&D includes implement- information technology, government, and media and en- ing blockchain in education and e-learning. BMU’s tertainment. Indeed, the Hyperledger Foundation pro- Blockchain Technology Laboratory (BCT Lab) is investi- motes a range of business DLTs, including many libraries gating which blockchain technology is most suitable for and tools that provide support for the creation, mainte- applying in education, with emphasis on data protection. nance, deployment, providing cryptographic work, etc BMU’s BCT Lab is collaborating with ISUM (Informa- [15]. tion System of University Metropolitan) and BMU’s e- For the proposed system, the authors have opted to Learning center. During a four month testing developing use Hyperledger Fabric, as it is the Hyperledger project and period, a working prototype for credentialing was with most testing, working real-world applications com- developed. The proposed model is comprised of three munity, and documentation. The details of Hyperledger layers, stacked on top of the zeroth layer, which is the Fabric are listed in Table 1. HEI’s IS: Data entry Test network Orderer orderer org1 org2 Server peer0.org1 Peer0.org2 DBMS Relational Database chaincode Local chaincode Local Client app CouchDB CouchDB CA for peer0 CA for peer1 API CA for peer0.org1 CA for peer0.org2 Figure 2: Proposed system consisting of a data entry system and the test blockchain network, communicating over an API. 1. the smart contract layer; 2. the blockchain layer itself; 3. the network layer. The smart contract layer runs the chaincode to add the data to a block. It is present on every node, denoted as a peer. The blockchain layer consists of the peer itself, a Certification Authority (CA) for that peer, and a local Figure 3: Asynchronous promise function. NoSQL database - CouchDB. The network layer consists of the test network with two peers, denoted with org1 and org2. const diplomas = The system was developed in two stages – Stage 1 [ consists of using an isolated GIT branch of the HEIs to add { a functionality to export diploma supplemental materials "name": "Firstname", as an API to the blockchain network. Stage 2 comprised "surname": "Surname", of developing a lightweight blockchain application, based "studygroup": "StudyGroup", on Hyperledger Fabric, to connect the the API and add "grades": the data to a block. The architecture of the two-stage [ system is shown in Fig. 2. { The main parameter which Hyperledger Fabric uses "grade": "GradeValue", is the transaction context ctx. It holds the needed in- "course": "CourseCode", formation for transaction logic "per transaction" or "per }, contract". IT enables to access the stub which allows var- ... ious blockchain operations such as state returns, adding ] a new item to the block, or getting all blocks (in our case } diploma supplements). ... To add a diploma supplement, it is needed to connect ] toe the peer node using a gateway, and to get the chain- code from the network. When data is added, a message can be viewed in the To write the transaction i.e. diploma object, an asyn- console terminal to confirm a successful transaction, as chronous promise function will get all the necessary shown in Fig. 4. In our testbed, and endpoint was not parameters for add a new diploma supplement, as shown deployed from the IS’s side; therefore we have manually in Fig. 3. It will create a new object with those param- added the data in the same format as the HEI’s IS would eters which will be later added to teh blockchain using provide. stub API operations. The data which is added to the blockchain has the following structure: Figure 4: Transaction successfully added. 4. Conclusion Acknowledgment In this paper, we have used Hyperledger Fabric to de- This paper was supported by the Blockchain Technol- velop a lightweight blockchain network for credentialing ogy Laboratory at Belgrade Metropolitan University, Bel- HEI’s diplomas and diploma supplements. Currently, grade, Serbia. our system only addresses the issuance use-case, while validation use-case remains open. As prototyping was conducted in an isolated environment, several open is- References sues still remain. Firstly, should the blockchain remain [1] B. K. Mohanta, S. S. Panda, D. Jena, An overview private, or be public (where anyone can be a part of the of smart contract and use cases in blockchain tech- network)? As the target group of the system are first and nology, in: 2018 9th international conference on foremost HEIs, the authors, as was discussed in other computing, communication and networking tech- literature as well, opt for a private blockchain solution, nologies (ICCCNT), IEEE, 2018, pp. 1–4. where the HEIs comprise the network. Still, there exists [2] K. Zı̄le, R. Strazdin, a, Blockchain use cases and their a possibility to add the learners as nodes as well. feasibility, Applied Computer Systems 23 (2018) Using Hyperledger Fabric, data such as diplomas 12–20. and supplements can be issued and verified reliably. [3] P. Zhang, D. C. Schmidt, J. White, G. Lenz, Blockchain can help learning platforms to add an ad- Blockchain technology use cases in healthcare, in: ditional layer to their credentialing process. We have Advances in computers, volume 111, Elsevier, 2018, presented a blockchain-based credentialing system can pp. 1–41. be easily deployable and connected to a learning plat- [4] M. Alabadi, A. Habbal, Next-generation predic- form. Within our proposed system, upon generating the tive maintenance: leveraging blockchain and dy- certificate file for the diploma and/or supplement, the namic deep learning in a domain-independent sys- HEI’s IS will make a transaction to the blockchain. This tem, PeerJ Computer Science 9 (2023) e1712. entry will also have the certificate information, along- [5] V. Milicevic, N. Zdravkovic, J. Jovic, On the selec- side metadata required for the transaction header. This tion of suitable blockchain technologies for supply information will be encrypted, and can be accessed only chain management, International Journal for Qual- by the IS, the student, and an authorized third party. ity Research (2023). This new issuance transaction is sent to the blockchain, [6] N. Zdravković, J. Jović, M. Damnjanović, Secure where the other nodes in the network will verify it and credentialing in e-learning using blockchain, in: add it to the blockchain using a simpler consensus mech- Proceedings of the 11th Conference on eLearning anism. Each node will have a local copy of the blockchain (eLearning-2020), 2020, pp. 39–42. on a NoSQL database like CouchDB. For certificate vali- [7] A. Grech, A. F. Camilleri, Blockchain in education, dation, upon receiving the access link, the student or an Luxembourg: Publications Office of the European authorized third party can verify the digital credential by Union, 2017. accessing the blockchain through a query. If a match is [8] M. Jirgensons, J. Kapenieks, Blockchain and the found on the blockchain, the certificate file is validated future of digital learning credential assessment and and a corresponding message appears. management, Journal of teacher education for sus- The innate immutability property of BCT/DLT does tainability 20 (2018) 145–156. not allow fraudulent or modified certificate files to be [9] G. Caldarelli, J. Ellul, Trusted academic transcripts deemed as verified. Any tampering to the certificate file on the blockchain: A systematic literature review, will result in a vastly different hashed value of the file, Applied Sciences 11 (2021) 1842. ensuring impossible verification. [10] P. Ocheja, B. Flanagan, H. Ueda, H. Ogata, Manag- ing lifelong learning records through blockchain, Research and Practice in Technology Enhanced Learning 14 (2019) 1–19. [11] F. R. Vidal, F. Gouveia, C. Soares, Revocation mechanisms for academic certificates stored on a blockchain, in: 2020 15th Iberian Conference on In- formation Systems and Technologies (CISTI), IEEE, 2020, pp. 1–6. [12] F. Vidal, F. Gouveia, C. Soares, Analysis of blockchain technology for higher education, in: 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), IEEE, 2019, pp. 28–33. [13] Z. Zheng, S. Xie, H. Dai, X. Chen, H. Wang, An overview of blockchain technology: Architecture, consensus, and future trends, in: 2017 IEEE inter- national congress on big data (BigData congress), IEEE, 2017, pp. 557–564. [14] C. Cachin, et al., Architecture of the hyperledger blockchain fabric, in: Workshop on distributed cryptocurrencies and consensus ledgers, volume 310, Chicago, IL, 2016. [15] The Hyperledger Foundation, https: //www.hyperledger.org, 2023. [16] V. Milićević, J. Jović, N. Zdravković, An overview of hyperledger blockchain technologies and their uses, in: Proceedings of the 11th International Conference on Information Society and Technology (ICIST 2021), 2021, pp. 62–65. [17] J. Moubarak, E. Filiol, M. Chamoun, Comparative analysis of blockchain technologies and tor net- work: Two faces of the same reality?, in: 2017 1st Cyber Security in Networking Conference (CSNet), IEEE, 2017, pp. 1–9. [18] B. R. Hiraman, et al., A study of apache kafka in big data stream processing, in: 2018 International Conference on Information, Communication, Engi- neering and Technology (ICICET), IEEE, 2018, pp. 1–3.