exploiting bharatnet and wifi for secure...
TRANSCRIPT
Exploiting BharatNet and WiFi for Secure OperationsDevendra JalihalDept of EE, IITM, [email protected]
Outline● Can Government agencies exploit widespread
presence of BharatNet for secure operations, increased efficiency and reduced cost?
Outline● Can Government agencies exploit widespread
presence of BharatNet for secure operations, increased efficiency and reduced cost?
● Example from a Police Network
Outline● Can Government agencies exploit widespread
presence of BharatNet for secure operations, increased efficiency and reduced cost?
● Example from a Police Network● Are these ideas applicable to other organisations?
BharatNet Architecture● Connect ALL 2.5 lakh Village Panchayats by high
BW Fiber● Basic architecture: Ring of Rings, for high
availability
BharatNet Architecture● Connect ALL 2.5 lakh Village Panchayats by high
BW Fiber● Basic architecture: Ring of Rings, for high
availability
Police Network (Privately owned, operated)
HF, 3-30 MHz, long range, 1000s km
VHF, 30-300 MHz, medium rangeInter district by μ-wave links
HQ
UHF
Police Network (Privately owned, operated)
HF, 3-30 MHz, long range, 1000s km
VHF, 30-300 MHz, medium rangeInter district by μ-wave links
UHF, 300 MHz-3 GHz, Short range (city scale)
HQ
UHF
Police Network (Privately owned, operated)
HF, 3-30 MHz, long range, 1000s km
VHF, 30-300 MHz, medium rangeInter district by μ-wave links
UHF, 300 MHz-3 GHz, Short range (city scale)
HQ
● Advantages: Private, Command communication, voice● Disadvantages: Maintenance heavy, expensive, prone to obsolescence,
voice only
UHF
Police Network (Public)
2000+ Police stn Police HQ
Crime Database
8 Mbps100 Mbps
100 Mbps
INTERNET
GSM CUG
Police Network (Public)
● Advantages: Distributed, Command communication
● Disadvantages: Insecure (data goes on internet), limited Speed, constrained by congestion
2000+ Police stn Police HQ
Crime Database
8 Mbps100 Mbps
100 Mbps
INTERNET
GSM CUG
Can the Police use BharatNet?
● Can it provide high (extremely high) BW and secure means of communication?
● Can the police own and operate the infra?● Can the police augment their communication
repertois without significant outlay? ● Can the Police effectively beat the game of
technological obsolescence?
Proposed Closed Architecture
For long range: HF/VSAT
UHF HQ
HQ to other Districts
Bharatnet fiber provides back bone, high security VPN intranets
and state-wide voice connections
Trunking Radio
Proposed Closed Architecture
INTERNET
For long range: HF/VSAT
UHF HQ
HQ to other Districts
Bharatnet fiber provides back bone, high security VPN intranets
and state-wide voice connections
Trunking Radio
Proposed Closed Architecture
GSM CUG
INTERNET
For long range: HF/VSAT
UHF HQ
HQ to other Districts
Bharatnet fiber provides back bone, high security VPN intranets
and state-wide voice connections
Trunking Radio
Proposed Arch (main components)
● Police lease dark fiber from BharatNet which connects every Police Stn
– Police own and operate the optical switches – Unlimited BW - Multiple VPNs, VC, VoIP,
Proposed Arch (main components)
● Police lease dark fiber from BharatNet which connects every Police Stn
– Police own and operate the optical switches – Unlimited BW - Multiple VPNs, VC, VoIP,
● Extensive deployment of WiFi
– VoIP provides another layer of communication– Will help in gathering evidence
Proposed Arch (main components)
● Police lease dark fiber from BharatNet which connects every Police Stn
– Police own and operate the optical switches – Unlimited BW - Multiple VPNs, VC, VoIP,
● Extensive deployment of WiFi
– VoIP provides another layer of communication– Will help in gathering evidence
● Database access faster and secure
Proposed Arch (main components)
● Police lease dark fiber from BharatNet which connects every Police Stn
– Police own and operate the optical switches – Unlimited BW - Multiple VPNs, VC, VoIP,
● Extensive deployment of WiFi
– VoIP provides another layer of communication– Will help in gathering evidence
● Database access faster and secure● Trunking Systems (DMR/TETRA/P25) to replace VHF as the primary
means of private comm
– Their BS are connected by Bharatnet
Proposed Arch (main components)
● Police lease dark fiber from BharatNet which connects every Police Stn
– Police own and operate the optical switches – Unlimited BW - Multiple VPNs, VC, VoIP,
● Extensive deployment of WiFi
– VoIP provides another layer of communication– Will help in gathering evidence
● Database access faster and secure● Trunking Systems (DMR/TETRA/P25) to replace VHF as the primary means of
private comm
– Their BS are connected by Bharatnet● HF/VSAT for long range
Proposed Heirarchy of Ring ArchitectureLevel 3 : Dist Police Office in ring
Level 2 : Linking Blocks
Leve1: Linking Village Panchayat
Level 3 Fiber Implementation
BS
BS
BSBS
BS
BS
BS
BS
BS
BS
Trunking System
Data base + storage Server
Router + media converter
Call center + user terminal
Mirror site
TNP HQ
● Advantages: ● Backhaul for trunking BSs in each
district● provides uniform numbering scheme ● WiFi Aps in Police Stn enable IP Voice● High BW enables VC, high speed
access to dB● Data Stays inside
● Disadvantages: Main fiber plant owned by some other agency
Strengths• Trunking systems and exchange
systems are robust, digital and need little maintenance
• Data security due to VPN • Multiple modes of communications
such as video conferencing and VoIP
• Police continue to own all communication equipment as before
• Other than GSM CUG
• Orders of magnitude higher bandwidths than what is presently possible
• Communication during congestion and natural calamities
Strengths• Trunking systems and exchange
systems are robust, digital and need little maintenance
• Data security due to VPN • Multiple modes of communications
such as video conferencing and VoIP
• Police continue to own all communication equipment as before
• Other than GSM CUG
• Orders of magnitude higher bandwidths than what is presently possible
• Communication during congestion and natural calamities
Weaknesses• Multiple frequency
bands needs WPC clearance and license fees
• Main fiber plant is owned by other (government) agencies
Mahamaham Kumbakonam 2016 Test Deployment of WiFi
• 16 Access Points deployed• 5 with 5.8 GHz
backhaul• 6 with fiber backhaul• 5 with direct cables in
control room
Asterisk IP-PBX Sever
PSTN Interface with 30 simultaneous outside calls
8 port Ethernet switch
5GHz backhaul
WiFi Access Point (connected by cable)
WiFi Access Points (connected by 5GHz backhaul)
5GHz backhaul
Network Elements
CSIPSIMPLE
Congestion Comm System● Advantages
– Provides another layer of communication
– High BW – Both voice and data
– Good solution for congestion communication
– Easy to deploy and Low cost
– Provides backhaul to outside world
Congestion Comm System● Advantages
– Provides another layer of communication
– High BW – Both voice and data
– Good solution for congestion communication
– Easy to deploy and Low cost
– Provides backhaul to outside world
● Disadvantage– May suffer from
interference from unamanaged APs
– Needs intelligent management of channels
Summary● Many organisations (Govt Offices, Banks, ….) have
similar structure– Needs: Communication BW, database access, many
branches, data security– All face the challenge of rapid obsolescence