Security Infrastructures: Towards the INDECT System Security
This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI, the different technologies employed in the VPN testbed, the INDECT Block Cipher (IBC) – a new cryptography algorithm that is being integrated in OpenSSL/OpenVPN libraries, and how TLS/SSL and X.509 certificates stored in smart-cards are employed to protect INDECT applications and to implement the access control of the INDECT Portal. All the proposed mechanisms have been designed to work together as the security foundation of all systems being developed by the INDECT project.
KeywordsPublic Key Infrastructure (PKI) Virtual Private Network (VPN) symmetric block ciphers application security smartcard certificates access control Transport Layer Security (TLS)
Unable to display preview. Download preview PDF.
- 1.INDECT Consortium. D8.1: Specification of Requirements for Security and Confidentiality of the System, http://www.indect-project.eu/files/deliverables/public/INDECT_Deliverable_D8.1_v20091223.pdf/view
- 2.INDECT Consortium. D8.3: Specification of new constructed block cipher and evaluation of its vulnerability to errors (December 2010), http://www.indect-project.eu/files/deliverables/public/deliverable-8.3
- 3.INDECT Consortium. D9.13: New block ciphers (December 2010), http://www.indect-project.eu/files/deliverables/public/deliverable-9.13
- 4.INDECT project web site, http://www.indect-project.eu
- 5.Hickman, K.: The SSL Protocol. Netscape Communications Corp. (February 1995)Google Scholar
- 6.Thomas, S.A.: SSL and TLS Essentials: Securing the Web. Wiley Computer Publishing (2000)Google Scholar
- 7.Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2, RFC 5246 (August 2008)Google Scholar
- 8.Zhelyazkov D., Stoianov, N.: PKI Infrastructure in the BA – Prerequisite for Minimization of the Risk and Enhancement of the Information Security, CIO, Special issue Communication & Information Technologies for the Defense, pp. 19-20 (September 2009) ISSN 13112-5605 Google Scholar