Navigation path

Open source observatory

4.69/5 | 175 votes
Editor's choice

'Open source only' at Dutch police Internet forensics

5/5 | 1 votes |
Editor's Choice

The Dutch police's Internet Research and Investigation Network (iRN) by default only uses free and open source solutions based on open standards and developed publicly. "The source code must be available on the Internet, we have to be able to audit the code that is in use." The specialist police unit is now using 2200 Ubuntu Linux workstations, and has been using Linux desktops since its inception in 2003.

Last Friday, Peter de Beijer, project manager for the Internet forensics research unit presented on its use of the open source cloud solution Openstack, at a conference in Amsterdam, organised by open source services provider Red Hat. "Why Openstack? The amount of data just keeps growing, yet by using cloud solutions, management and development remain compact. It is scalable and since it is open source, it is future-proof."

The police unit allows police investigators to perform specialised, forensically stored searches on the Internet in such a way that evidence obtained may be used for prosecution. Its services are available to other government organisations. The iRN has since its inception in 2003 grown from 20 specialists to 9500 users, in 460 police stations.

Prohibitive budget

De Beijer: "To perform our tasks, we must follow closely the developments on the Internet, share knowledge and innovate our services. This technology is constantly changing, and using proprietary software for such tasks would be prohibitively expensive. We started out with 'no budget' and at the time that was a very good reason to use open technologies. It now is a strategic choice to use open source technology and open standards."

Assisted by the Dutch IT firm Snow, the Internet forensics unit actively develops its own software tools. It uses internal software forges, similar to those commonly used by open source developers, such as Github and Sourceforge. Scientists, specialist firms and public authorities have access to these code repositories, but the use of the developed tools is restricted. "The technologies are open. We are all performing the same tasks, we want to share and re-use and that is why we only consider open source tools."


All software solutions in use at the iRN fit in the unit's cloud strategy, says De Beijer. Examples include the Storm computation framework system, the Hadoop storage framework, image data analysis tool Opencv, search index engine Elasticsearch, graph database Flockdb and document oriented database system Mongodb. As for Ubuntu Linux, De Beijer says: "It could have been any other flavour of Linux distribution. We like that it has many developers, we like Ubuntu's current vision on cloud development, and we're accustomed to using it."


More information:

OpenStack Private Cloud for Dutch National Police
Internet Research and Investigation Network
Internet Research Network on Github