System Overview

System Components

A number of evolving demonstrations have been given to National Authorities, end-users and industry during the project to show the potential, obtain feedback and achieve support. This has culminated in a major initiative in the Netherlands where SUPHICE technology has been placed at the core of a crisis management demonstration scenario. This demonstration site, as with others, will continue to be available beyond the end of the SUPHICE project. Briefly, the un-planned security architecture comprises 4 main elements:

1. Cryptographic Services Registry

A registry of SUPHICE services offered by organisations participating in a SUPHICE network. Organisations publish the services that they provide into the registry, which allows other organisations to query the registry to discover the location of potential collaborators.

2. Authorisation Server

Authorisation servers are responsible for controlling access to SUPHICE services. A degree of automated decision-making is built-in to authorisation servers through the use of rules-based technology. This enables the authorisation servers to automatically decide whether to accept a request based on the value of attributes in the request. The behaviour of the authorisation servers can be dynamically updated by loading a different set of rules.

3. Cryptographic Parameters Server

Each organisation participating in a SUPHICE network hosts a parameters server that provides a repository of crypto parameters (algorithms and keys) that are downloaded and used by reconfigurable IP crypto devices.

4. Reconfigurable IP Crypto Device

Reconfigurable IP crypto devices are capable of being reprogrammed with different key and algorithm material that is obtained from a parameters server.

For more information on the system interfaces see SUPHICE Architecture Definition