Different technologies exist that usually address one or two of these aspects. Needless to say, it is more difficult (read: costly) to address all of them at the same time. Information system managers need to evaluate these three aspects based on their relative importance in their specific context.
Confidentiality: In the AIS domain in general, information is rarely confidential. An exception may be in some AIS-related military information. For the rest, it is usually in the interest of the publishing authority that access to AIS data is as open as possible.
Integrity: This is a growing concern.
Availability: In the context of static AIS data, availability is not the primary concern. It should not be a serious problem if an AIP is not available for a few minutes or even for a few hours for an on-line document. Simple solutions, such as local storage are available. However, this is obviously not the case with NOTAM, which must be immediately available to those concerned.
An interesting IT security technique for the AIS domain is electronic signature. An electronic signature not only ensures data integrity, but also guarantees the sender's identity. This means that a recipient can be sure that he received AIS information from the legitimate sender (au-thentication) and it also means that the sender cannot deny having sent the information (non-repudiation). When applied to a specific document, an electronic signature ensures that doc-ument's integrity as well.
8.3. eAIP integrity
The use of an electronic signature scheme is the favourite candidate for ensuring the eAIP integrity. This will provide users with three levels of protection:
1.
AIS data integrity: protection against modification on the path from originator to user;
2.
AIS data authentication: certification of the data originator;
3.
AIS data non-repudiation: originator cannot deny having signed the data.
Note
Non-repudiation normally concerns a transaction and applies to both parties, namely originator and recipient. In this document, the recipient side is not addressed, but it can be addressed in a very similar way if necessary (for example, through the use of a trusted third party).
8.3.1. Electronic signature process
The concept of the electronic signature is very similar to the hand signature:
1.
The originator electronically signs a document using a private "key".
2.
The originator sends the document to the user with a copy of his public key or certificate.
3.
The user opens the document and checks the electronic signature against his copy of the originator's public key or certificate.
The main difference lies in the way to check for an electronic signature's validity. An elec-tronic signature is created using strong encryption technology and is virtually impossible to forge (with current computer technology). With appropriate software, a user can read the electronic signature, which contains information about its owner and issuer.
This issuer can be a centrally-managed organisation (called Certificate Authority, or CA), which is trusted by the user community to certify public keys of legitimate owners. For ex-ample, a CA would verify thoroughly a user's identity before certifying public keys containing that user's name.
A private key is protected by a password, known only by its owner. If the password were to be disclosed, the owner would revoke his certificate and obtain a new one. The CA can be queried for certificates that have been revoked by their owners.
For more a more detailed explanation, you can refer for example to Learning About Crypto-
graphy [http://www.ciphersbyritter.com/LEARNING.HTM] by Terry Ritter.
8.4. Existing implementation in the AIS community
Electronic signatures (also called security certificates) are common in the Internet community. They are notably used to authentify Web servers, for example for Web banking services (when you connect to your bank's Web site, you want to be sure that it is indeed your bank and not a fake Web site that has hijacked your connection). Consequently, several companies offer CA services: Thawte, VeriSign, GlobalSign to name a few. They sell public certificates and also CA delegation, when an organisation wants to issue certificates directly to its members or employees.
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:Electronic AIP Specification(17)
