Multi-level Secure Software Source Code Version Control System Based on Asymmetric Cryptographic Mechanisms

Authors

DOI:

https://doi.org/10.18372/2225-5036.31.21164

Keywords:

version control system, source code, digital signature, data integrity, cryptographic mechanisms, ECDSA, SHA-256

Abstract

This article describes a multi-level secure software source code version control system based on the use of asymmetric cryptographic mechanisms. The main focus is on the development and justification of an authentication method that involves the application of digital signatures to ensure the control of software code integrity, authenticity, and availability, as well as to detect unauthorized modifications. The proposed approach is designed for integration into existing version control systems and involves the implementation of mechanisms that enhance the security level at all stages of the software development life cycle. Specifically, access to making changes to the code is controlled through a mandatory digital signature verification procedure, which limits the possibility of unauthorized interference. Signing each file ensures the detection of any changes in the code, even in cases of partial modification or the addition of new components. An additional advantage of the method is that the use of a signing key does not grant direct access to the repository, which reduces the risks of system compromise. Before signing, all changes undergo a review by an authorized person, allowing the combination of cryptographic mechanisms with software quality control processes. A crucial aspect is also the secure use of the private key, which is not shared with other users and is applied only within defined environments. To confirm the effectiveness of the proposed method, a software product was developed that implements the main stages of the software code signing and verification process. The conducted experimental study confirmed the feasibility of this approach, specifically its ability to detect unauthorized changes, ensure authenticity control, and integrate into automated software development processes. The results obtained indicate the practical value of the proposed method and the possibility of its application in modern software development systems.

Downloads

Published

2025-12-25

How to Cite

Hrytsak, A., Bezpalyi, K., Prysiazhnyi, D., & Lukanov, M. (2025). Multi-level Secure Software Source Code Version Control System Based on Asymmetric Cryptographic Mechanisms. Ukrainian Scientific Journal of Information Security, 31(3), 175–181. https://doi.org/10.18372/2225-5036.31.21164

Issue

Vol. 31 No. 3 (2025): Ukrainian Scientific Journal of Information Security

Section

Cybersecurity & Critical Information Infrastructure Protection (CIIP)

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The scientific journal "Ukrainian Scientific Journal of Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal Ukrainian Scientific Journal of Information Security:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.