Our colleagues Víctor Figueroa, Antonio Santos-Olmo, Luis Enrique Sánchez, David G. Rosado and Eduardo Fernández-Medina of the GSYA group have published the article “Extending X-Road with metaservice code validation: A security-oriented contribution”, in the journal SoftwareX (IF 2.4, Q2). DOI: https://doi.org/10.1016/j.softx.2025.102320. The article is accessible under an Open Access license.

Summary

X-Road is a secure data exchange platform widely used in e-Government infrastructures. A vulnerability was identified in its service registration mechanism, where users could inadvertently or maliciously use reserved codes intended for internal metaservices. This paper presents a software contribution that extends X-Road with a validation mechanism to prevent such misuse. Implemented as part of the GAUCHO, a e-Government cybersersecurity framework, this enhancement improves system integrity, prevents conflicts, and strengthens overall cybersecurity. The solution is integrated into the X-Road source code, follows its architectural conventions, and has been proposed to the upstream repository through a formal Pull Request.