Security architecture for law enforcement agencies

In order to carry out their duty to serve and protect, law enforcement agencies (LEAs) must deploy new tools and applications to keep up with the pace of evolving technologies. However, police information and communication technology (ICT) systems have stringent security requirements that may delay the deployment of these new applications, since necessary security measures must be implemented first. This paper presents an integrated security architecture for LEAs that is able to provide common security services to novel and legacy ICT applications, while fulfilling the high security requirements of police forces. By reusing the security services provided by this architecture, new systems do not have to implement custom security mechanisms themselves, and can be easily integrated into existing police ICT infrastructures. The proposed LEA security architecture features state-of-the-art technologies, such as encrypted communications at network and application levels, or multi-factor authentication based on certificates stored in smart cards.

[1]  Harald. Kleppe Performance impact of deploying HTTPS , 2011 .

[2]  Nikolai Stoianov,et al.  Security Infrastructures: Towards the INDECT System Security , 2012, MCSS.

[3]  Marcin Niemiec,et al.  A new symmetric block cipher based on key-dependent S-boxes , 2012, 2012 IV International Congress on Ultra Modern Telecommunications and Control Systems.

[4]  Marcin Niemiec,et al.  Quantum Cryptography Protocol Simulator , 2011, MCSS.

[5]  Andrzej R. Pach,et al.  The measure of security in quantum cryptography , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[6]  Dan S. Wallach,et al.  Performance analysis of TLS Web servers , 2006, TOCS.

[7]  Miroslav Voznak,et al.  Security analysis system to detect threats on a SIP VoIP infrasctructure elements , 2011 .

[8]  Carlisle Adams,et al.  Understanding PKI: Concepts, Standards, and Deployment Considerations , 1999 .

[9]  Marcin Niemiec,et al.  Towards Hardware Implementation of INDECT Block Cipher , 2012, MCSS.

[10]  Nikolai Stoianov,et al.  INDECT Advanced Security Requirements , 2010, ArXiv.

[11]  Manel Guerrero Zapata Secure Ad hoc On-Demand Distance Vector (SAODV) Routing , 2006 .

[12]  Mahesh K. Marina,et al.  On-demand multipath distance vector routing in ad hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[13]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[14]  Markus Feilner,et al.  Beginning OpenVPN 2.0.9 , 2009 .