1 / 7

PKI Trust Root Concepts

PKI Trust Root Concepts. ACP Working Group – I April 2009. Root Concepts. The "global trust root" concept for the NextGEN that has been developed from piece parts of several groups and that it has been conceptually validated with PKI industry leaders.

thomas-mclaughlin
Télécharger la présentation

PKI Trust Root Concepts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PKI Trust Root Concepts ACP Working Group – I April 2009

  2. Root Concepts • The "global trust root" concept for the NextGEN that has been developed from piece parts of several groups and that it has been conceptually validated with PKI industry leaders. • The concept is to create three unique individually signed digital components as follows that taken together should provide an internationally acceptable authentication and identification for the next generation of global air traffic management systems.

  3. Trust Root Construction • Aircraft manufacturer creates the aircraft digital identity similar to that proposed in the “Aircraft Digital Identity” paper and signs the "aircraft digital identity" modules as conceptually presented in the Airbus ARTIST presentation.

  4. Trust Root Construction 2. ICAO assign the aircraft it's 24 bit ID (maybe its ATN DNS name) and its network addresses then digitally signs across the ADI and the manufacturer signature and their own designators.

  5. Trust Root Construction 3 The airline assigns the aircraft it tail numbers and other designators (maybe DNS names) then digitally signs across manufacturers ADI and signature and the ICAO's designators and signatures and its own designators. This completes the construction of the three part trust root. To compromise the aircraft’s digital identity, the three digital signatures from completely independent entities must all be comprised simultaneously.

  6. Trust Root Use The airline then applies to the various NSPs through whose airspace they will operate the aircraft. The NSPs could then accept the aircraft “trust root” as it exists or may individually sign across all the above identities and designators as the final step. If each NSP requires their signature on the aircraft, it then ends up with the aircraft carrying a “digital key ring" of certificates with one for each NSP in whose airspace they will operate.

  7. Root Construction Airline/Operator Digital Signature Airline/Operator Aircraft Designations ICAO Digital Signature ICAO Aircraft Designators Manufacturer’s Signature Aircraft Digital ID

More Related