Skip to content
Menu
Technical University of Munich
Technical University of Munich

Rethinking Cybersecurity: Trust-building IT Architecture for Digital Credentials in Higher Education Institutions

Thesis Type (BA/MA)

Betreuer: Dr. Matthias Gottlieb

Kontext

Rethinking cyber security requires trust. This trust is a basis for introducing new types of IT systems. IT systems and the protection of data require a special consideration of information systems (Eckert 2018). With regard to the entire chain of action from processing, storage, and warehousing to ensure confidentiality, availability, and integrity so that unauthorized third parties, be it persons or systems, do not have access to the data. (Balzert 2010, Balzert 2011) Various standards, for example ISO/IEC 27000, IEC 62443, must be considered to minimize risks and prevent damage. In addition to trust-building standards, zero trust IT architectures are an approach.

Analog education certificates have features to avoid falsification. Nowadays, education certificates are subsequently scanned and sent digitally. However, these digital copies are not forgery-proof and are not machine-readable. Verifiable credentials, on the other hand, enable forgery-proof exchange.

Based on the whitepaper "Building the digital credential infrastructure for the future" (2020) of the DCC, a proof of concept (PoC) for various use cases at German universities is being conducted in the BMBF-funded project DiBiHo. One use case is "Diploma". Diploma stands for the digital transformation of the analog certificate to a Verifiable Credential using the example of TUM with the IT systems there.

One basis for this is the work being done in the Digital Credentials Consortium (DCC): in 2018, twelve leading international universities, including MIT, Harvard, UC Berkeley, TU Delft, HPI, and TUM, founded the Digital Credential Consortium (https://digitalcredentials.mit.edu/) (2020) to design and build forgery-proof credentials using blockchain technology and aiming for a global standard for a trustworthy infrastructure to exchange digital credentials and academic achievement certificates.

Task(s)

As part of the work you will explore:

  • Analysis of the state of research on trust-building IT architectures for digital education certificates in universities
  • Development of a trust-building IT architecture concept for digital educational certificates in higher education institutions
  • Evaluation of the found results

Possible Questions

  • What is the state of research on Zero Trust Architectures for Digital Credentials in Higher Education?
  • How does a zero trust architecture for digital educational credentials for higher education institutions look like?
  • What are the advantages and disadvantages of the solutions found

 

Further Information

The work can be written in English or German. If you have any further questions, please feel free to contact me directly. Please send your application with a current "Notenauszug" from TUMonline, and your CV to matthias.gottlieb@tum.de. Please note that we can only consider applications with complete documents.

References

  1. Balzert, H. (2010). Lehrbuch der Softwaretechnik: Basiskonzepte und requirements engineering, Springer-Verlag.
  2. Balzert, H. (2011). Lehrbuch der Softwaretechnik: Entwurf, Implementierung, Installation und Betrieb, Springer-Verlag.
  3. BCdiploma. (2021, 17. Dezember). Digital credentials: testimonialswww.bcdiploma.com/en/blog/ebsi-universite-de-lille-2021-01-11
  4. CEF Digital. (2021, 17. Dezember). EBSIec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/ebsi
  5. Digital Credential Consortium. (2020). Offical Website. Massachusetts Institute of Technology. digitalcredentials.mit.edu
  6. Duffy, K. H., Pongratz, H. & Schmidt, P. (2020). Building the digital credential infrastructure for the futurehttps://digitalcredentials.mit.edu/wp-content/uploads/2020/02/white-paper-building-digital-credential-infrastructure-future.pdf
  7. Eckert, C. (2018). IT Sicherheit, De Gruyter Oldenbourg.
  8. Lee, C. (2021). EDUCAUSE Review. Adopting a Zero Trust Approach in Higher Education https://er.educause.edu/articles/2021/3/adopting-a-zero-trust-approach-in-higher-education

Further Literature

  1.  Anderson, R. (2020). Security engineering: a guide to building dependable distributed systems, John Wiley & Sons.
  2. More, S., Grassberger, P., Hörandner, F., Abraham, A. & Klausner, L. D. (2021). Trust Me If You Can: Trusted Transformation Between (JSON) Schemas to Support Global Authentication of Education Credentials, 625(4), 19–35. https://doi.org/10.1007/978-3-030-78120-0_2 
  3. Sedlmeir, J., Smethurst, R., Rieger, A. & Fridgen, G. (2021). Digital Identities and Verifiable Credentials. Business & Information Systems Engineering63(5), 603–613. https://doi.org/10.1007/s12599-021-00722-y 
To top