The solutions provided by ASELSAN public safety communication systems for voice and data communication meet the needs of users in many different scenarios. However, they also have features that improve the information security and ensure that critical information remains only among users. These systems have a network that cannot be accessed from outside and cannot be tracked / listened by unauthorized users thanks to end-to-end (E2E) crypto solutions.
Features that public security communication systems have in the area of information security, can be listed as;
Cryptographic solutions on radios
Crypto devices in the system management center
Access to location and data related applications only with user account and password
New crypto key generation
Updating the crypto key with Fillgun and / or air key distribution (OTAR)
Temporarily blocking (stunning) or permanently prohibiting (killing) the radios.
Cryptological Solutions on Radios
Software or hardware based cryptographic solutions can be used on ASELSAN radios. For hardware based cryptographic solutions, a crypto module is installed in addition to the radios. Standard algorithms (AES-256, etc.) can be used on the radios according to the customer's choice, as well as customer-specially developed algorithms. Coded voice and data packets from other radios and / or from the system center are not decoded on repeater radios, they are cryptographically repeated. Thus, there is no information security vulnerability in the system and end-to-end (E2E) crypto usage is provided. It is also possible to delete the crypto keys on the radio (emergency delete) in the situations that the user see any risk.
Crypto Devices in System Management Center
There are applications such as configuration and management software, personnel and vehicle tracking (AVL), console (dispatcher) application, messaging application, database queries application etc. on the computers which are connected to the system in the system management center. Different types of crypto devices are used in the system so that the encrypted voice and data packets from the radios and / or other units in the system can be decoded and transmitted to the users authorized to use these computers.
Access to Location and Data Related Applications Only by User Account and Password
Users must have a user account and password defined on the system to access the applications both on the computers in the system management center and on the radios. A detailed hierarchy definition can be made for each user account about which applications can be used, and which fields / features to use within a single application. This prevents to access critical information (sent or received) by the users who are not authorized.
New Crypto Key Generation
The "Key Generation Center" in ASELSAN public safety communication systems is used to periodically update the keys of the radios that use the crypto key and crypto devices.
Updating the Crypto Key with Fillgun and / or Over the Air Rekeying (OTAR)
There are two solutions for uploading new crypto keys generated by the Key Generation Center to the radios.
The first solution is to load keys to the key transport device which is named "fillgun" first and then to transmit from fillgun to the radio. This solution may be preferred when the radio is out of the coverage area and / or when the simplex communication mode is used instead of the wide area communication system.
The second solution is the over-the-air-rekeying (OTAR) of the keys generated by the Key Generation Center when the wide area communication system is used. The workload and time loss caused by collecting the radios in a single center or key loading through the fillgun by walking around the field can be prevented with this method. The crypto keys of the radios can be updated much more quickly.
Temporarily Blocking (Stunning) or Permanently Prohibiting (Killing) the Radios
In some undesirable situations such as theft or loss of radios; the risk may arise that unauthorized users can access critical information. To remove this risk, the radios can be commanded to "stunning" or "killing" via the system management center.