Security infrastructures: towards the INDECT system security

Abstract

This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI, the different technologies employed in the VPN testbed, the INDECT Block Cipher (IBC) – a new cryptography algorithm that is being integrated in OpenSSL/OpenVPN libraries, and how TLS/SSL and X.509 certificates stored in smart-cards are employed to protect INDECT applications and to implement the access control of the INDECT Portal. All the proposed mechanisms have been designed to work together as the security foundation of all systems being developed by the INDECT project.