3.
The end-user receives the eAIP and checks the signature [secValidateSignature.xml#sec_validate_signature].
9.4.2. Limitations
Introducing cryptography in a document work-flow solves some security problems, as seen above. However, it also introduces other issues, such as:
9.4.2.1. Overconfidence
Once using cryptography, it is easy for producer and end-users to believe that ultimate security has been achieved. This is not the case. Cryptography is only a tool, which can be used to increase security. It is nothing without proper security practises (e.g. strong password policy, efficient physical security, etc.). The secure state of mind is often described as "healthy paranoia".
9.4.2.2. Key theft
Public/private key cryptography (both PGP and x509) relies on the secrecy of the private key. The theft of the private key (and the knowledge of its associated password) is dramatic: the attacker now has the ability to impersonate the publisher in the eyes of the end-users. The issue is to create a security environment where it becomes possible to detect such an event, and have appropriate procedure to revoke and change the incriminated keys and associated certificates.
9.4.2.3. Look-alike certificates
It is easy to create forged certificates and PGP keys which bear the same contact and organ-isation information as the legitimate one. If an attacker manages to convince an end-user to trust such a look-alike certificate, he can avoid other more difficult attack scenarios. Therefore, it is vital to organise a verification procedure: when the end-user receives any certificate, he must check its validity with the originating party using an alternative communication channel (i.e., not the channel used to distribute the certificate). Note that if the attacker manages to convince the end-user to send him an email or phone him on his "direct line", he has effectively bypassed the verification procedure. So the end-user must use trusted contact information for this verification procedure.
9.4.3. Conclusion
The use of electronic signatures ensures that the data integrity of the eAIP product can be ensured with relatively little efforts, at the same level as for the paper document. In addition, authenticity and non-repudiation may be ensured, which is not the case with the paper docu-ment. Therefore, it is recommended that electronic signatures are used in all eAIP package distribution to end-users.
Chapter 10. Frequently Asked Questions
10.1. General
Q: What is the eAIP?
A: The EUROCONTROL eAIP is a specification for the publication and exchange of the Aeronautical Information Publication in electronic format.
.
Specification: the eAIP defines an electronic format and the general process to use it;
.
Publication: the eAIP is designed to be published, be it on screen or on paper and used by people;
.
Exchange: to a certain extent, the eAIP can be used for computer-to-computer data exchange. However, the eAIP Specification does not offer the same capabilities for structured aeronautical data exchange as the Aeronautical Information Exchange Model (AIXM).
Q: What are the eAIP advantages?
A: When compared to the current paper AIP, the implementation of an eAIP has advantages for both the Organisation producing the eAIP and for its Users.
Advantages for users of an eAIP:
.
possibility to visualise changes (both in text and graphics)
.
no maintenance effort (no time spent on page replacement at every amendment)
.
no postal delays (if distributed through the Internet)
.
available at hand for the whole company (no need to go to the library)
Advantages for producers of an eAIP:
.
better AIP (consistency, integrity , usability)
.
70-80% of users do no longer ask for paper amendments (this has resulted from a recent survey)
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:Electronic AIP Specification(21)
