This document outlines the information security model and infrastructure of the Karnataka State Police (KSP). It discusses the people, processes, and technology that comprise the KSP security operations. The key aspects of the KSP security model include user awareness training, security policies and guidelines, centralized antivirus and firewall protection, network monitoring tools, and role-based access controls. The document also provides an overview of the KSP computer network and data centers, and discusses some ongoing challenges and areas for further improvement.

1. Sanjay Sahay, IPS.,
ADGP, Police Computer Wing,
Bangalore

2. Text
Presentation Structure
• Introduction
• Attack Methods
• Hacking groups
• Best Security model
• KSP Security model
• Tool and technology in use
• Challenges / Bottleneck
• Gaps
• Wish list
• Conclusion.
•

3. Information Security: Preservation of confidentiality, integrity and
availability of information

4. Protection from what ?

5. Protection from whom ?

6. Text
Is technology is enough ?

7. Text
PEOPLE
PROCESSES
TECHNOLOGY
•User Awareness
•Guidance
•Administration
•Monitor
• Policies
•Standards
•Guidelines
•Audit
•IPS
•Firewall
•AV
•DLP
•SIEM
What builds the best information security

8. Text
KSP Infrastructure and Security solution

9. KSP Computerization Model
Enterprise Model
People Process Technology Infrastructure Governance
• Internal
Champions
• Capacity
Building
• Nodal
Officers
• Sys Admins
• Handholding
• BPR
• Integration
• Automation
• ERP
• Web Service
• Active
Directory
• SMS
Gateway
• e-Pen
• KSP DC
• KSP WAN
• DR Centre
• EMS
• Centralized
AV
• Automated
Backup
• Core Team
• SCRB Nodal
Officer
• District Nodal
Officer
• Central NOC
• Helpdesk

10. Text
Core Infrastructure

11. KSP Wide Area Network
Text
45 locations
1,2 & 4 Mbps leased line
1458 locations
512 Kbps and 1 Mbps
VPNoBB
45 Mbps
aggregation bandwidth
16 Mbps
Internet leased line
KSPWAN
• LAN infrastructure at All locations
• Fixed IP for all VPNoBB
connections
• Network Monitoring Software to
monitor the availability.
• End router security through ACL
• Zone based LAN architecture
through VLANs
• MAC authentication servers
• Hardening of Network Devices
• SOP for network management.
• Warranty / Support

12. Text
Karnataka State Police Wide Area Network
Type of Network Number of
Links at
Initiation
Number of
Links at
Present
MPLS 39 45
VPNoBB 1350 1458
ILL 2 2
• Karnataka State Police Wide Area Network, (KSPWAN) was created in the year 2009 with BSNL
• This was successfully implemented jointly by BSNL and the Karnataka State Police.
• This Network is a combination of 45 MPLS and 1458 VPNoBB connections
• Connects all police station and higher offices across the state.
• Fixed IP has been implemented on VPNoBB connection
• In addition 16 Mbps Internet leased line has also been provided.
10
Mbps
16
Mbps
32
Mbps
45
Mbps
DC Aggregation Bandwidth
Up-gradation

13. Core Functionalities
• Crime
• Law & Order
• Traffic
Administration
• Administration
• Finance
• Stores
Ancillary support
• Armed Reserve
• Motor Transport
• Training
Technical Modules
• Wireless
• Forensic Science
• Laboratory
Police IT - ERP
11
Modules
64
Roles
522
Screen
417
Reports MIS

14. Police IT - ERP

15. Police IT - ERP
 Layered architecture
 Authentication and Authorization process
 Encrypted communication
 Fail over Clustering to avoid single point of failure.
 .Net Framework used to develop the application for
better availability, performance and security.

16. Police IT – ERP Security Guidelines
 Prevention of un-authorized access, Role based access
 Auditing should be enabled for DML statements.
 User name and password for authentication
 Standard password policy.
 The process for removing unnecessary code from the application after it is released should
be documented
 Application code should not contain invalid references to network resources The solution
should not display the entire path of URL in the browser based application
 The solution should support multi-tier authentication where required
 Solution should provide logout option to terminate the session
 Data Encryption at traveling and at rest.
 All the credentials and sensitive data always will store at Database end
 The Solution should not be vulnerable for OWASP top 10 attacks.

17. Text
Security Solution of KSP
Defense in Depth technology has been adopted for KSP to ensure the
maximum protection at each layer from attacks.
• IT Security Policy
• Regular audits.
• End user awareness program.
• DC protected with surveillance and biometric access
• Two Tier Security Architecture.
• Full fledge Intrusion Prevention System.
• SIEM for log management and Event Analysis for real time alerts.
• Internal Zone are created based on the functionality
• Centralized End point protection antivirus for Servers and Desktops
• Centralized Authentication and Authorization through LDAP Server.
• Role based Access.
• Hardening of OS, Applications and Network devices.
• Regular patch management.
• Data Stored in Encrypted format

18. DC / DR Technology / Tools used
Unified Threat Management
System
Network Intrusion Prevention
System
Firewall
Security Information and Event
Management
Centralized Antivirus Software
Patch Management Software
LDAP Server
IP Sec Tunnel Between Branch and
DC
Access Control List for end router
security
Network Monitoring Software
Traffic Monitoring Software
Role Based Access
Hosted in Secured zone and
accessible only on Intranet
Role based Access
Audit logs
CAB to control the changes
Application Monitoring Software
Stored in Encrypted mode
Stringent testing policy
Security layer Network layer Application layer

19. End Computer/ User Security
• Computers are under the supervision of LDAP Server
• Centralized Authentication, Authorization and Accounting through LDAP Server
• Computers are operated with least Privileged account.
• Local administrator and user accounts are restricted.
• End Point Protection installed on all computers to battle against the advance threat.
• Stringent Policies to enforce end computer security through LDAP and Centralize AV
Management Server.
• Regular patch management to fix the OS and application level Vulnerabilities.
• SOP for computer usage
• Usage of External Device is strictly prohibited.
• Authorized / Approved applications are allowed to use.
• Centralized Log monitoring through SIEM to identify and mitigate the internal threats.
• Computer security is a part of Basic computer training program.
• Regular Security awareness program to end users.

20. Text
Internal Resources of KSP
Resources Number
Key Security resources
MCSE, CCNA, VCP, CEH, CHFI
3
Middle tier security resources
System Administrators (MCSE and CCNA)
75
Security Enforcement Team 120
Police IT Operators 3000

21. Text
Operation Principals of KSP
Secure
MonitorAudit/Test
Manage/
Improve
Policy
Training
Awareness

22. Text
• Challenges / Bottleneck
Challenges
• Creating of security
awareness.
• Resistance to change
• Management skill
• Regular Monitoring
• Knowledge upgradation
• Rediness for DDoS attack
• Fighting against distruptive
attacks.
•
Bottlenecks
• No Direct control on the
other country cyber
criminals
• Zero day attack
• TOR based communication
•

23. Safe and Seurece
Internet
Forensic Rediness
Security
Awereness
Program.
Wish list

24.  Security architecture should be a dynamic process that
consistently enforces security among all users to protect
corporate information.
 Regular IT security audit would help the organization to find the
vulnerabilities and gaps to fix it proactively before it get
exploited by an hacker.
 People are the major pillar of the security, should be trained
regularly better security.
 As 100% security is impossible, you need to decide what
needs to be secured and how well it needs to be secured.
Conclusion