10 research outputs found
Authentication in virtual private networks based on quantum key distribution methods
Quantum physics has a major influence on modern computer science and communications.
New quantum-based solutions continue to be proposed by researchers. However,
only a few techniques are possible to implement in practice. One of them is quantum key
distribution, which ensures the confidentiality of digital data. This article introduces a new
concept: quantum distribution of pre-shared keys. This approach provides end-users with very
secure authentication, impossible to achieve using currently-available techniques. Secure
authentication is a key requirement in virtual private networks (VPN)—popular protection in
computer networks. The authors simulated quantum-based distribution of a shared secret in a
typical VPN connection. Using a dedicated simulator, all individual steps of the quantum key
distribution process were presented. Based on the created secret, a secure IPsec tunnel in a
StrongSwan environment was established between AGH (Poland) and VSB (Czech Republic).
It allows end-users to communicate at very high security levels.Web of Science7517107071069
Security architecture for law enforcement agencies
In order to carry out their duty to serve and protect, law enforcement agencies
(LEAs) must deploy new tools and applications to keep up with the pace of evolving
technologies. However, police information and communication technology (ICT) systems
have stringent security requirements that may delay the deployment of these new applications,
since necessary security measures must be implemented first. This paper presents an integrated
security architecture for LEAs that is able to provide common security services to novel and
legacy ICT applications, while fulfilling the high security requirements of police forces. By
reusing the security services provided by this architecture, new systems do not have to
implement custom security mechanisms themselves, and can be easily integrated into existing
police ICT infrastructures. The proposed LEA security architecture features state-of-the-art
technologies, such as encrypted communications at network and application levels, or multifactor
authentication based on certificates stored in smart cards.Web of Science7517107321070
Evaluación del rendimiento de la arquitectura de seguridad INDECT
This paper evaluates the performance of the key elements of the security architecture developed by the INDECT project. In particular it first evaluates three different concurrent error detection mechanism (parity check, Berger code, and cyclic redundancy check) developed in software- and hardware-based implementations of the INDECT block cipher. It also analyses the performance hit in secure web servers when enabling TLS/SSL with mutual authentication. Finally, it evaluates the throughput and delay of traffic in the virtual private network based on the OpenVPN software package with the implemented INDECT block cipher. The results of these evaluations demonstrate that the proposed mechanisms, and by extension the whole INDECT security architecture, are viable and can be used in high-performance Police information and communication systems.Este artículo evalúa el rendimiento de los principales elementos de la arquitectura de seguridad desarrollada por el proyecto INDECT. En particular, en primer lugar evalúa tres mecanismos diferentes de detección concurrente de errores (comprobación de paridad, códigos Berger y verificación por redundancia cíclica) desarrollados en las implementaciones software y hardware del algoritmo de cifrado de bloque INDECT. También se analiza el impacto en el rendimiento de los servidores web seguros cuando se activa TLS/SSL con autenticación mutua. Por último, evalúa el rendimiento y el retardo del tráfico en una red privada virtual, basada en el software OpenVPN con el algoritmo de cifrado INDECT. Los resultados de estas evaluaciones demuestran que los mecanismos propuestos, y el algoritmo de cifrado INDECT, son viables y pueden usarse en sistemas de información y comunicaciones de alto rendimiento para la Policía
Optimalizace EDCF přístupového mechanizmu u technologie Wi-Fi
Import 30/07/2008Prezenční454 - Katedra elektroniky a telekomunikační technikyNeuveden
Využití bezdrátových sítí WLAN v privátní síti
Import 20/04/2006Prezenční výpůjčkaVŠB - Technická univerzita Ostrava. Fakulta elektrotechniky a informatiky. Katedra (454) elektroniky a telekomunikační technik
Overview of the security components of INDECT project
In this paper an overview of the security components developed by the INDECT project is presented. This paper is focused on creating a multilevel security architecture, and describes the five basics areas for which new algorithms, components and tools are been created. In particular Virtual Private Networks, Symmetric Cryptography Block Ciphers, Quantum Cryptography, Federated ID Management and Secure Ad hoc Multipath Routing are described in detail.Scopu
Integrated security infrastructures for law enforcement agencies
This paper provides an overview of the security architecture for Law Enforcement Agencies (LEAs) designed by the INDECT project, and in particular the security infrastructures that have been deployed so far. These security infrastructures can be organized in the following main areas: Public Key Infrastructure (PKI) and user management, communications security, and new cryptographic algorithms. This paper presents the new ideas, architectures and deployed testbeds for these areas. In particular, it explains the inner structure of the INDECT PKI employed for federated identity management, the different technologies employed in the VPN testbed, the INDECT Block Cipher (IBC) – a novel cryptographic algorithm that has being integrated into OpenSSL library, and how IBC-enabled TLS/SSL sessions and X.509 certificates are employed to protect INDECT applications. All proposed mechanisms have been designed to work in an integrated fashion as the security foundation of all systems being developed by the INDECT project for LEAs.Web of Science74124468445
Security infrastructures: towards the INDECT system security
This paper provides an overview of the security infrastructures being
deployed inside the INDECT project. These security infrastructures can be organized
in five main areas: Public Key Infrastructure, Communication security,
Cryptography security, Application security and Access control, based on certificates
and smartcards. This paper presents the new ideas and deployed testbeds
for these five areas. In particular, it explains the hierarchical architecture
of the INDECT PKI, the different technologies employed in the VPN testbed,
the INDECT Block Cipher (IBC) – a new cryptography algorithm that is being
integrated in OpenSSL/OpenVPN libraries, and how TLS/SSL and X.509 certificates
stored in smart-cards are employed to protect INDECT applications
and to implement the access control of the INDECT Portal. All the proposed
mechanisms have been designed to work together as the security foundation of
all systems being developed by the INDECT project.Scopu