Security consideratiolis for the e-enabled aircraft

The aviation industry continues to adopt Internet Protocol (IP) technology as the design basis for networking the functional domains both onboard and offboard commercial aircraft. The emerging network domains include connections to wireless networks reaching to ground-based services for Business Operations and Air Traffic Control. This increased IP connectivity to e-services is the beginning of the air commerce web. Realizing the benefits of these eservices will be dependent upon the choice of security measures used in domain and cross-domain communications. This paper addresses security considerations to be taken into account for the various eservice domains. Security mechanisms available in today's protocols are described and summarized. The lack of a coherent overall aviation security solution is also discussed. The paper intentionally does not refer to specific technical or procedural vulnerabilities that may exist in today's designs.

[1]  Adi Shamir,et al.  On Digital Signatures and Public-Key Cryptosystems. , 1977 .

[2]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[3]  George Cybenko,et al.  Cognitive Hacking: A Battle for the Mind , 2002, Computer.

[4]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[5]  T. McParland,et al.  Public key infrastructure for air traffic management systems , 2001, 20th DASC. 20th Digital Avionics Systems Conference (Cat. No.01CH37219).

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  William Stallings Secure Hash Algorithm , 2011, Encyclopedia of Cryptography and Security.

[8]  Hilarie K. Orman,et al.  The OAKLEY Key Determination Protocol , 1997, RFC.

[9]  T. McParland,et al.  Securing air-ground communications , 2001, 20th DASC. 20th Digital Avionics Systems Conference (Cat. No.01CH37219).

[10]  Radia Perlman,et al.  Network Security , 2002 .