Electronic International Standard Serial Number (EISSN)
This paper provides an overview of the security architecture for Law Enforcement Agencies (LEAs) designed by the INDECT project, and in particular the security infrastructures that have been deployed so far. These security infrastructures can be organized in the following main areas: Public Key Infrastructure (PKI) and user management, communications security, and new cryptographic algorithms. This paper presents the new ideas, architectures and deployed testbeds for these areas. In particular, it explains the inner structure of the INDECT PKI employed for federated identity management, the different technologies employed in the VPN testbed, the INDECT Block Cipher (IBC) &- a novel cryptographic algorithm that has being integrated into OpenSSL library, and how IBC-enabled TLS/SSL sessions and X.509 certificates are employed to protect INDECT applications. All proposed mechanisms have been designed to work in an integrated fashion as the security foundation of all systems being developed by the INDECT project for LEAs.
law enforcement agency; public key infrastructure; virtual private network; indect block cipher; x.509 certificates; smart card; federated identity management; transport layer security