Performance evaluation of INDECT security architecture

  • Petr Machník VSB-Technical University of Ostrava
  • Marcin Niemiec AGH University of Science and Technology
  • Manuel Urueña Universidad Carlos III de Madrid
  • Nikolai Stoianov Bulgarian Defense Institute
DOI: https://doi.org/10.15332/iteckne.v15i1.1962
Keywords: INDECT project, INDECT security architecture, performance evaluation, Police ICT systems, security

Abstract

This paper evaluates the performance of the key elements of the security architecture developed by the INDECT project. In particular it first evaluates three different concurrent error detection mechanism (parity check, Berger code, and cyclic redundancy check) developed in software- and hardware-based implementations of the INDECT block cipher. It also analyses the performance hit in secure web servers when enabling TLS/SSL with mutual authentication. Finally, it evaluates the throughput and delay of traffic in the virtual private network based on the OpenVPN software package with the implemented INDECT block cipher. The results of these evaluations demonstrate that the proposed mechanisms, and by extension the whole INDECT security architecture, are viable and can be used in high-performance Police information and communication systems.

Downloads

Download data is not yet available.

Author Biographies

Petr Machník, VSB-Technical University of Ostrava

Ph. D. Telecommunication Technology, VSB-Technical University of Ostrava, Ostrava

Marcin Niemiec, AGH University of Science and Technology

Ph. D. Telecommunications, AGH University of Science and Technology, Krakow

Manuel Urueña, Universidad Carlos III de Madrid

Ph.D. Telecommunication Technologies, Universidad Carlos III de Madrid, Leganés (Madrid)

Nikolai Stoianov, Bulgarian Defense Institute

Ph.D. Information Security, Bulgarian Defense Institute, Sofia

References

[1] INDECT Project, http://www.indect-project.eu

[2] M. Urueña, P. Machník, M. Niemiec, N. Stoianov, “INDECT Security Architecture,” Multimedia Communications, Services and Security, CCIS, vol. 368, pp. 273-287, 2013. Heidelberg: Springer

[3] M. Niemiec, L. Machowski, “A new symmetric block cipher based on key-dependent S-boxes,” International Congress on Ultra-Modern Telecommunications and Control Systems, ICUMT 2012, pp. 474-478, Saint Petersburg, 2012.

[4] N. Stoianov, M. Urueña, M. Niemiec, P. Machník, G. Maestro, “Integrated security infrastructures for law enforcement agencies,” Multimedia Tools and Applications, vol. 74, pp. 4453-4468, 2015. Springer.

[5] C. Adams, S. Lloyd, Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd ed., Addison Wesley, 2002.

[6] OpenVPN, http://openvpn.net/index.php/open-source.html

[7] StrongSwan, http://www.strongswan.org

[8] N. Stoianov, M. Urueña, M. Niemiec, P. Machník, G. Maestro, “Security Infrastructures: Towards the INDECT System Security,” Multimedia Communications, Services and Security. CCIS, vol. 287, pp. 304-315, 2012. Heidelberg: Springer.

[9] INDECT Consortium. D9.44: New methods of error detection, February, 2014.

[10] M. Niemiec, J. Dudek, L. Romański, M. Święty, “Towards hardware implementation of INDECT Block Cipher,” Multimedia Communications, Services and Security. CCIS, vol. 287, pp. 252-261, 2012. Heidelberg: Springer.

[11] G. Apostolopoulos, V. Peris, D. Saha, “Transport layer security: how much does it really cost?” Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’99), vol. 2, pp. 717-725, New York, 1999.

[12] C. Coarfa, P. Druschel, DS Wallach, “Performance Analysis of TLS Web Servers,” ACM Transactions on Computer Systems, vol. 24, no. 1, pp. 39-69, 2006.

[13] H. Kleppe, “Performance impact of deploying HTTPS,” Technical Report. Universiteit van Amsterdam, 2011.
How to Cite
Machník, P., Niemiec, M., Urueña, M., & Stoianov, N. (1). Performance evaluation of INDECT security architecture. ITECKNE, 15(1), 34-42. https://doi.org/https://doi.org/10.15332/iteckne.v15i1.1962
Issue
Vol 15 No 1 (2018)
Section
Research and Innovation Articles