Extending X-Road with metaservice code validation: A security-oriented contribution

08 de Octubre del 2025

Nuestros compañeros Víctor Figueroa, Antonio Santos-Olmo, Luis Enrique Sánchez, David G. Rosado y Eduardo Fernández-Medina del grupo GSYA han publicado el artículo “Extending X-Road with metaservice code validation: A security-oriented contribution”, en la revista SoftwareX (IF 2.4, Q2). DOI: https://doi.org/10.1016/j.softx.2025.102320. El artículo está accesible bajo licencia Open Access.

Resumen

X-Road is a secure data exchange platform widely used in e-Government infrastructures. A vulnerability was identified in its service registration mechanism, where users could inadvertently or maliciously use reserved codes intended for internal metaservices. This paper presents a software contribution that extends X-Road with a validation mechanism to prevent such misuse. Implemented as part of the GAUCHO, a e-Government cybersersecurity framework, this enhancement improves system integrity, prevents conflicts, and strengthens overall cybersecurity. The solution is integrated into the X-Road source code, follows its architectural conventions, and has been proposed to the upstream repository through a formal Pull Request.

Volver a noticias