Skip to main content

SEcurity CRitical applications based in open source InternET protocolS

Objective

The objective of the SECRETS project is to evaluate the use of open source security protocols in distinct industrial applications in terms of appropriateness, reliability, performance, portability and openness. The project will evaluate the Open SSL and IPSec freeware security protocols in the areas of e-commerce, mobile applications (WAP, GPRS) and telecommunications, thus covering a broad scope of industrial needs. The IPSec and the OpenSSL protocols provide the sufficient ground for technical viability and interoperability. The expected outcome of the project will be to further strengthen the use of open source security protocols, the promotion of the relative standards and the market position of the partners involved. The foremost advantage is that a European evaluation - solution covering different market areas will be accomplished to offer strong security means in a fully controllable manner to European companies.

Objectives:
To evaluate the suitability of the open source SSL and IPSec protocols in respect to the user authentication, data integrity and data encryption over different type of networks. To evaluate the appropriateness of the open source security protocols in terms of performance and reliability over different types of industrial applications. To evaluate the performance of the open source software security mechanisms over mobile network configurations and mobile terminals for WAP/GPRS applications. To propose potential enhancements on the selected freeware protocols in order to be safer, faster and provide security services customised to high-end applications. To conduct four distinct Best Practice experiments in the areas of e-commerce, mobile communications, VoIP applications and Intelligent Networks applications and to provide a roadmap for the utilisation of open source security software in the commercial environment.

Work description:
The SECRETS project is organised in four (4) workpackages.The first workpackage (WP1) deals with the collection of requirements for the 4 application experiments, concerning security constraints for the respective applications. Additionally, it specifies potential extensions required to the OpenSSL and IPSec modules and provides an overall functional specification and architectural design of the experiments to be conducted. Finally it selects appropriate evaluation metrics in order to correctly assess the project results. The next workpackage (WP2) is the main phase where the actual experiments will take place. More specifically within this workpackage the OpenSSL and IPSec modules will be integrated in the E-Tender application, the IPSec module will be integrated in the GPRS application experiment, the OpenSSL and IPSec modules will be integrated in the A8619 VoIP Conformance tester and the OpenSSL module will be integrated in the IN over IP infrastructure. Additionally the use of the OpenSSL module as an alternative for the TLS protocol in the WAP infrastructure will be investigated. In all of the above cases the open source OpenSSL and IPSec security modules will be validated in industrial operation in reference laboratory configurations, in order to extract the required information as an input to the evaluation workpackage. WP3 is the workpackage where monitoring information will be collected according to the evaluation criteria defined in WP2. Additionally a significant task in WP3 is the evaluation of the collected results, which will provide the roadmap for the wider adoption of the open source SSL, and IPSec protocols. Finally, WP4 deals with the administrative and technical management of the project, the dissemination of the project results, and the exploitation activities which will ensure the successful continuation of the SECRETS efforts.

Milestones:
The main expected result is the adoption of open source security software in the SECRETS industrial applications, thus strengthening the market value and potentials. Milestones:
T0+5 Definition of Evaluation Metrics;
T0+9 Mid Term Assessment;
T0+16 Completion of Experiments;
T0+18 Experiments Evaluation.

Funding Scheme

ACM - Preparatory, accompanying and support measures

Coordinator

INTRASOFT INTERNATIONAL SA
Address
89-91 Route De Thionville
2611 Luxembourg
Luxembourg

Participants (3)

ALCATEL SEL AG
Germany
Address
Lorenzstrasse 10
70435 Stuttgart
MOTOROLA LIMITED
United Kingdom
Address
Jays Close, Viables Industrial Estate
RG22 4PD Basingstoke Hants
SOLINET GMBH TELECOMMUNICATIONS
Germany
Address
Mittlerer Pfad 26
70499 Stuttgart