For a long time, an effort to achieve a comprehensive nuclear test-bantreaty banning all nuclear explosions world-wide has been made. TheComprehensive Nuclear-Test-Ban Treaty (CTBT) is the result of thiseffort.
A monitoring regime, which is to assist the participating countries inverifying compliance with the Treaty, is being set up by a preparatorycommission. To protect the data from a global network of monitoringstations (the IMS network), digital signatures are applied, and apublic key infrastructure (PKI) has been set up to accommodate keyexchange.
In this thesis, we will describe the IMS network, the proposedsecurity architecture, its protocols and the PKI. We also make athreat analysis for the system.
We have designed and implemented an application, imsparse, for one partof the security scheme: receiving and executing commands at themonitoring stations.
Finally, we have commented on the appropriateness of the proposedarchitecture, and how it meets the threats we defined.
Our conclusion is that most of the threats are dealt with by theimplementation of this security scheme, but the physical securing ofthe sensors may cause problems.