曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
B. Innovative Security Tools 113
which they inspect, are compromised and tampered with, the Public Key Infra-structure (PKI) scheme was developed by the TAG/MRTD, which has been pioneering work on the MRTD for over a decade.290 The scheme is not calculated to prescribe global implementation of public key encryption, but rather acts as a facilitator enabling States to make choices in areas such as active or passive authentication, anti skimming and access control and automated border crossing, among other facilitative methods. The establishment of a public key directory, through means of public key cryptology and in a PKI environment, is consistent with ICAO’s ultimate aim and vision for the application of biometric technology on the fundamental postulate that there must be a primary interoperable form of biometric technology for use at border control with facilities for veri.cation, as well as by carriers and the issuers of documents. This initial premise is inevitably followed by the assumption that biometric technologies used by document issuers must have certain speci.cations, particularly for purposes of identi.cation, veri.-cation and the creation of watch lists. It is also ICAO’s vision that States, to the extent possible, are protected against changing infrastructure and changing sup-pliers, and that a technology, once put in place, must be operable or at least retrievable for a period of 10 years.
The Public Key Directory is a central repository for all public keys that are establishedindividuallyby States.Akeyisa stringof characters whichis used to encrypt or decrypt critical information in a document. Therefore the PKI system ensuresthatdigital signaturesassignedtodata(andnotthedata itself)inaMRTD are encrypted or decrypted using both a private key – which is used by the passportissuing authority to encryptthe digital signature –anda public key – to be used by the party reading the document to decrypt the signature. Both the privatekey andthepublickeyplaycritical roles in theprocessof encryptionand decryption, which is the essence of the public key directory. It is integral to the programme to have an ef.cient and commonly accepted means of sharing and updatingthepublickeysineffectforall non-expiredpassportsinexistenceforall participating countries at a given time. Each participating State will therefore install its ownsecurefacilitiestogeneratekeypairs.In each casetheprivatekey, usedto encrypt digitalsignatures,willbeheld secretbythe State.Thepublickey, on the other hand, can be released for circulation in the public domain. The
290ICAO’s terms of reference in the development of speci.cations for machine readable passports stem from the Chicago Convention which provides for ICAO’s adoption of international Standards and Recommended Practices dealing, inter alia, with customs and immigration procedures. Convention on International Civil Aviation (Chicago Convention), signed at Chicago on 7 December 1944 (ICAO Doc 7300/9, Ninth Edition, 2006), Article 37(j). It is interesting that, although passports apply to other modes of international travel as well, ICAO has been singly recognized as the appropriate body to adopt speci.cations for MRTDs. This alone speaks for the uniqueness of ICAO’s facilitation programme. See Machine Readable Travel Documents, ICAO Doc 9303/3 Third Edition 2005, 1–1 to 1–3.
reading authority at the point of entry would use the appropriate public key to decryptthe informationinorderto verify whetherthe datain theMRTDhas been alteredinanyway.
Public key encryption is purely a mathematical process designed to scramble and unscramble messages using two keys (the public key and the private key) and numerical data which contain information the process scrambles the contents of a message. The keys are shared between the scrambler and the un-scrambler. When translated to the e-passportthe process works in the following way. The State which issues the passport encrypts information that is placed in the passport using its private key. The State which examines the passport (on arrival of the passenger) obtains the issuing State’s public key and uses it to decrypt the information in the passport.
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
Aviation Security Law 航空安全法(87)
