As a security research team member at the Royal Holloway University of London, I developed this on-premises Public Key Infrastructure (PKI) system for the TIHM project's medical IoT testbed in 2017 (https://www.sabp.nhs.uk/tihm). The system's main purpose was to create, validate, and revoke digital certificates for entities including users and devices, that utilise the testbed. Moreover, some of the certificates generated by this system were used to establish secure connections between communicating parties using security protocols like TLS 1.2. As shown above, the system architecture consists of three main virtual Linux machines running different PKI services, for example, registration, issuance, validation and revocation. I took advantage of Java and OpenSSL shell scripts as a basic language to build this system including the Tomcat and MySQL tools.
- Registration Authority - RA: Tomcat web server+ Frontend (Java Server Page -JSP) + SSH, please check the folder --> tihm-pki-ra V36 (VMware SSL enabled)
- Registration Authority MySQL Database: please check this zip file for more details --> Database Schema.zip
- Certification Authority - CA: OpenSSL + shell scripts for creation and revocation + private CA Key and root CA certificate+ crontab : check the folder --> /Certification-Authority-Directory/Shell Scripts/CA Main)
- Validation Authority - VA: OpenSSL + shell scripts (CRL update): please check the shell script --> ca/Shell Scripts/CA Main/update_va.sh
- Ubuntu Linux Virtual Machine (VirtualBox or VMWare)
- Eclipse IDE: https://www.eclipse.org/downloads/
- Apache Tomcat v8.5: https://tomcat.apache.org/download-80.cgi
- JDK 1.8.0_101
- MySQL Database: https://www.mysql.com/downloads/
