Security architecture for aeronautical networks

Aeronautical networking must fulfill the security objectives of air traffic service providers, operators and passengers. The overall objective is to protect communication, information and infrastructure from attack. This work provides an overview of security mechanisms and technologies and presents a security architecture suitable for the future IP-based aeronautical networks. Application of cryptographic and non-cryptographic security technologies is presented. The differences between and benefits of network and application security are explored. Cryptographic security examines IPsec, VPNs, SSL and the security scheme developed for the ATN. Cryptographic security mechanisms include shared secret and public key systems that provide for authentication, integrity, confidentiality and non-repudiation. The algorithms and key strengths that are suitable for aeronautical networking are presented. Non-cryptographic mechanisms for aeronautical networks are examined, including stateless and stateful packet filters, application level security proxies and circuit level gateways. A reference security model is presented that provides for the protection of communication between the networks of different security levels in aeronautical networking. Air-ground security based on elliptic curve cryptography is presented using the lessons learned from the design of the ATN. A public key infrastructure for key distribution that scales to the size of the global aeronautical community is examined. Intrinsic and management protocol security is covered including routing, security, quality of service, mobility, multicast, voice over IP, and SNMP. Finally, This work investigates defense in depth security, which provides a robust solution involving multiple levels of security, both network and application security and both cryptographic and non-cryptographic security mechanisms.