ACP-WG I-04/WP-11
                   International Civil Aviation Organization             12/5/2007


                   ...
TABLE OF CONTENTS


1. INTRODUCTION..........................................................................................
1. Introduction

This paper identifies security options for air-ground security for three general classes
of Internet Prot...
2.2 Legacy ATN Applications

Legacy ATN applications include Controller Pilot Data Link Communications
(CPDLC), Context Ma...
3.3 ATN Security

ATN application security as currently defined is implemented in the ULCS. To use
the ATN security approa...
4. Summary

Figure 4-1 depicts a summary of the IPS application classes and candidate methods of
security.
               ...
Upcoming SlideShare
Loading in...5
×

1. Introduction

224

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
224
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "1. Introduction"

  1. 1. ACP-WG I-04/WP-11 International Civil Aviation Organization 12/5/2007 WORKING PAPER Aeronautical Communication Panel Working Group I – Internet Protocol Suite (IPS) December 5 - 9, 2007 Montreal Canada IPS Air-Ground Security Options Prepared By: Vic Patel, FAA and Tom McParland, BCI SUMMARY This paper identifies several options for air-ground security in the Internet Protocol Suite (IPS) environment and suggests which options are suitable for legacy ATN applications, for standard TCP/IP applications, and for future service oriented applications. The working group is invited to consider the proposed classes of applications and security options to be further analyzed for IPS air/ground security.
  2. 2. TABLE OF CONTENTS 1. INTRODUCTION...............................................................................................................................3 2. IPS APPLICATIONS.........................................................................................................................3 2.1 STANDARD TCP/IP APPLICATIONS.......................................................................................................3 2.2 LEGACY ATN APPLICATIONS..............................................................................................................4 2.3 SERVICE ORIENTED APPLICATIONS........................................................................................................4 3. SECURITY OPTIONS.......................................................................................................................4 3.1 INTERNET PROCTOCOL SUITE (IPSEC)....................................................................................................4 3.2 SECURE SOCKETS LAYER (SSL)/TRANSPORT LAYER SECURITY (TLS).....................................................4 3.3 ATN SECURITY.................................................................................................................................5 3.4 HTTP OVER SSL/TLS (HTTPS)......................................................................................................5 3.5 XML ENCRYPTION AND XML SIGNATURE...........................................................................................5 3.6 WS-SECURITY....................................................................................................................................5 4. SUMMARY.........................................................................................................................................6 5. RECOMMENDATIONS....................................................................................................................6
  3. 3. 1. Introduction This paper identifies security options for air-ground security for three general classes of Internet Protocol Suite (IPS) air/ground applications. The classes of air ground applications are: • Legacy ATN Applications, • Standard TCP/IP Applications, • Service Oriented Applications The security options considered are: • Internet Protocol Security (IPsec), • Secure Sockets Layer (SSL)/Transport Layer Security (TLS), • ATN Security at the Dialogue Service Boundary, • HTTP over SSL/TLS (HTTPS), • XML Encryption and XML Signature, • WS-Security 2. IPS Applications Figure 2.1 depictes three general classes of IPS air-ground applications. Service ATN Oriented Application Application SOAP ASE XML TCP/IP Upper Layer Application Convergence HTTP Function TCP TCP TCP IPv 6 IPv 6 IPv6 Network Network Network Access Access Access Figure 2-1: IPS Air-Ground Application Types 2.1 Standard TCP/IP Applications The standard TCP/IP applications are those which operate directly over TCP or UDP. These applications generally have a dedicated port number which identifies the particular application.
  4. 4. 2.2 Legacy ATN Applications Legacy ATN applications include Controller Pilot Data Link Communications (CPDLC), Context Management (CM), Flight Information Services (FIS), and Automatic Dependent Surevillance – Contract (ADS-C). These applications retain their application structure including the Application Service Element (ASE) through the Upper Layer Communications Service (ULCS) Dialogue Service Interface. The Dialogue Service will be converged over TCP. 2.3 Service Oriented Applications Next generation ATN applications may be implemented using web services technology. Web services based on the eXtensible Markup Language (XML) and the SOAP messaging protocol may be deployed in a Service Oriented Architecture (SOA) to access common aviation elements (e.g. Flight Objects). Service Oriented Applications may run over a variety of transport mechanisms with HTTP being the most common. 3. Security Options 3.1 Internet Proctocol Suite (IPsec) The Internet Protocol Suite (IPsec) security standards are defined by an overall architecture and two protocols: the Authentication Header (AH) protcol and the Encapsulating Security Protocol (ESP). AH provices authentication only. ESP may be operated to provide confidentiality and/or authentication. Key establishment may be manual or dynamic using the Internet Key Exchange (IKE) protocol. IKE may be configured to operate with pre-shared keys, a Public Key Infrastructure (PKI) or an Authentication, Authorization, and Accounting (AAA) Server. IKE provides for mutual entity authentication only. 3.2 Secure Sockets Layer (SSL)/Transport Layer Security (TLS) The Secure Sockets Layer (SSL) protocol and its successor Transport Layer Security (TLS) provide transport layer security protection. SSL/TLS is commonly used to secure web-based communications using the HTTP protocol (see section 2.4) but may also be used to secure other applications which run directly over TLS such as SMTP, POP, IMAP, and FTP, that is, TLS may be used to secure standard TCP/IP applications. Key establishment is built-in to the SSL/TLS protocol. Rather than negotiate individual cryptographic functions for key agreement, authentication, confidentiality, etc., SSL/TLS uses “cipher sutites” to define a complete set of cryptographic functions to be used between the communicating entities. Key establishement in SSL/ TLS uses Public Key Certificates. Authentication may be unilateral (e.g. server to client) or mutual.
  5. 5. 3.3 ATN Security ATN application security as currently defined is implemented in the ULCS. To use the ATN security approach in an IPS environment would require a modification to invoke the Security Service Object (SSO) from a sub-layer at the Dialogue Service Interface. This would be similar the ACARS secure messaging adaptation of ATN security. An additonal variation of ATN security could be to operate with one-way authentication. In this case the aircraft has an ephemeral key. This approach would not require a full PKI for aircraft certificates in the ground infrastructure. 3.4 HTTP over SSL/TLS (HTTPS) As described in section 2.2 above SSL and its successor TLS provide transport layer securtiy. SSL/TLS is commonly used with the HTTP protocol to secure a users web browser to a server site or to a portal site where a single page leads to other resources using an “SSL Portal VPN” . SSL/TLS can also be used to establish an “SSL Tunnel VPN” which permits access to multiple network services through a secure tunnel. In this mode the web browser must support active content such as Java, JavaScript, Active X, or similar applications. 3.5 XML Encryption and XML Signature The W3C has developed standards to allow XML content to be signed and encrypted. The XML Encryption standard provides confidentiality by supporting a variety of symmetric and asymmetric cryptographic algorithms. The XML Signature standard provides integrity and authentication using digital signature or other authentication mechanisms which may be applied to XML. Key management for XML Encryption and XML signature is specified in the XML Key Management Specification (XKMS). XKMS defines key management techniques using a PKI or a AAA Server. 3.6 WS-Security The WS-Security standards define how to use XML Encryption and XML Signature to secure SOAP Messaging.
  6. 6. 4. Summary Figure 4-1 depicts a summary of the IPS application classes and candidate methods of security. Service Oriented Application ATN Application SOAP WS-Security ASE XML Signature / ATN Security Encryption TCP/IP Upper Layer Application Convergence HTTP Function SSL/ TLS SSL /TLS HTTPS (SSL/TLS) TCP TCP TCP IPv 6 IPv 6 IPv6 IPsec IPsec IPsec Network Network Network Access Access Access Figure 4-1: Security Options for IPS Air-Ground Application Types As depicted IPsec or SSL/TLS could be applied for any application type. For legacy ATN applications ATN security may be applied with minor modifications as described above. XML Signature and XML Encryption may be applied to any application which uses XML. In a Service Oriented Architecture WS-Security standards may be applied. 5. Recommendations It is recommended that operation of IPsec, SSL/TLS, ans ATN security be further investigated for possible inclusion in the IPS Technical Manual for air-ground security. It is recommended that XML Signature, XML Encryption and WS-security be investigated further for possible inclusion in the Guidance Material.

×