Aeronautical security management over broadband air/ground network

US 8,656,162 B2
Filed: 10/22/2009
Issued: 02/18/2014
Est. Priority Date: 10/22/2009
Status: Active Grant

First Claim

Patent Images

1. A method to facilitate securing of air-to-ground communications, the method comprising:

receiving security management information at the aircraft via at least one broadband data link prior to takeoff of the aircraft, wherein the security management information is received for ground entities that can be communicatively coupled with the aircraft traveling on a flight path, the security management information including certificates for the respective ground entities;

validating the security management information for the ground entities;

storing the validated security management information for the ground entities in the aircraft, wherein the validating and storing security management information occur prior to takeoff of the aircraft;

establishing secure associations with the ground entities via the at least one broadband data link, the secure associations being based on the validated security management information, wherein the establishing secure associations occurs prior to takeoff of the aircraft; and

managing previously established secure associations to communicate with the ground entities, via either at least one broadband data link or at least one bandwidth-constrained data link, while in-flight.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method to facilitate securing of air-to-ground communications for an aircraft is provided. The method includes receiving security management information at the aircraft via at least one broadband data link prior to takeoff of the aircraft. The security management information is received for ground entities that can be communicatively coupled with the aircraft traveling on a flight path. The method of securing avionics also includes validating the security management information for the ground entities, and storing the validated security management information for the ground entities in the aircraft. The validating and storing of security management information occur prior to takeoff of the aircraft.

Citations

20 Claims

1. A method to facilitate securing of air-to-ground communications, the method comprising:
- receiving security management information at the aircraft via at least one broadband data link prior to takeoff of the aircraft, wherein the security management information is received for ground entities that can be communicatively coupled with the aircraft traveling on a flight path, the security management information including certificates for the respective ground entities;
  
  validating the security management information for the ground entities;
  
  storing the validated security management information for the ground entities in the aircraft, wherein the validating and storing security management information occur prior to takeoff of the aircraft;
  
  establishing secure associations with the ground entities via the at least one broadband data link, the secure associations being based on the validated security management information, wherein the establishing secure associations occurs prior to takeoff of the aircraft; and
  
  managing previously established secure associations to communicate with the ground entities, via either at least one broadband data link or at least one bandwidth-constrained data link, while in-flight.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - storing in the aircraft security parameters associated with the secure associations for the ground entities.
  - 3. The method of claim 2, further comprising:
    - using the stored security parameters established prior to takeoff to exchange protected messages, while in-flight, with the ground entities that are communicatively coupled in with the aircraft traveling along the flight path.
  - 4. The method of claim 3, further comprising:
    - implementing the at least one bandwidth-constrained data link to exchange the protected messages with the communicatively coupled ground entities while in-flight.
  - 5. The method of claim 1, further comprising establishing secure associations with the ground entities during the flight based on the validated security management information.
  - 6. The method of claim 1, further comprising:
    - determining if the security management information of the aircraft is valid prior to take off; and
      
      renewing the security management information of the aircraft based on a negative determination of the validity of the security management information of the aircraft.
  - 7. The method of claim 1, wherein receiving the security management information comprises:
    - receiving a certificate revocation list via a broadband data link, andwherein the validating the security management information for each ground entities comprises;
      
      validating certificate revocation list signatures;
      
      determining if one or more of the certificates associated with one or more of the ground entities is on the certificate revocation list, wherein receiving the security management information further comprises obtaining a new certificate for each ground entity determined to be on the certificate revocation list via the at least one broadband data link.
  - 8. The method of claim 7, wherein determining if one or more of the certificates associated with one or more of the ground entities is on the certificate revocation list comprises:
    - checking received certificates associated with the ground entities against the certificate revocation list; and
      
      checking previously stored certificates associated with the ground entities against the certificate revocation list.
  - 9. The method of claim 1, further comprising:
    - requesting the security management information from a public key infrastructure certificate distribution service via at least one broadband data link.
  - 10. The method of claim 1, further comprising:
    - receiving information indicative of a preferred flight path at the aircraft prior to takeoff, wherein the information indicative of the preferred flight path includes information indicative of at least one ground entity that can be communicatively coupled with the aircraft traveling on at least the preferred flight path.
  - 11. The method of claim 10, further comprising:
    - receiving information indicative of an alternative flight path at the aircraft prior to takeoff, wherein the information indicative of the alternative flight path includes information indicative of at least one ground entity that can be communicatively coupled with the aircraft traveling on at least the alternative flight path.
  - 12. The method of claim 1, wherein the validating the security management information for the ground entities comprises:
    - determining if the certificate for any of the ground entities are stored in memory;
      
      validating certificates and certificate revocation list signatures;
      
      checking received certificates against a certificate revocation list; and
      
      checking previously stored certificates against the certificate revocation list.

13. A system to facilitate securing of air-to-ground communications for an aircraft, the system comprising:
- a communication manager to;
  
  receive security management information for at least one ground entity at the aircraft via at least one broadband data link prior to takeoff of the aircraft, the security management information including at least one certificate for the at least one ground entity;
  
  validate the security management information for the at least one ground entity;
  
  establish secure associations with the ground entities based on the validated security management information via the at least one broadband data link prior to takeoff of the aircraft; and
  
  manage the previously established secure associations to communicate with the at least one ground entity in a flight path, via either at least one broadband data link or at least one bandwidth-constrained data link, while in-flight; and
  
  a memory communicatively coupled to the communication manager to store a list of the at least one ground entity in the flight path, and the security management information for each ground entity in the flight path.
- View Dependent Claims (14, 15)
- - 14. The system of claim 13,wherein the memory is communicatively coupled to the communication manager to store security parameters associated with the secure associations for the at least one ground entity.
  - 15. The system of claim 13, further comprising:
    - the at least one ground entity communicatively coupled to the ground-to-ground network;
      
      at least one public key infrastructure certificate distribution service communicatively coupled to the ground-to-ground network to provide the security management information to the communication manager via at least one broadband data link; and
      
      at least one certificate authority communicatively coupled to the ground-to-ground network to provide the security management information to the communication manager via the at least one broadband data link, wherein the communication manager is configured to receive data from at least one of the at least one ground entity, the at least one public key infrastructure certificate distribution service, and the at least one certificate authority prior to take-off of the aircraft.

16. A non-transitory computer readable storage medium storing computer interpretable instructions, which, when interpreted by a processor, cause the processor to perform a method to facilitate securing of air-to-ground communications for an aircraft, the method comprising:
- receiving a flight plan at an aircraft, the flight plan including information indicative of ground entities that can be communicatively coupled with the aircraft traveling on a preferred flight path prior to takeoff of the aircraft;
  
  checking certificates associated with the ground entities against a certificate revocation list received via at least one broadband data link prior to takeoff of the aircraft;
  
  obtaining a new certificate for any ground entity determined to be on the certificate revocation list via the at least one broadband data link prior to takeoff of the aircraft;
  
  validating security management information, including the certificates, received for the ground entities at the aircraft via at least one broadband data link prior to takeoff of the aircraft; and
  
  storing the validated security management information for the ground entities in the aircraft prior to takeoff of the aircraft;
  
  establishing secure associations with the ground entities via the at least one broadband data link prior to takeoff of the aircraft, the secure associations being based on the validated security management information; and
  
  managing the previously established secure associations to communicate with the ground entities, via either at least one broadband data link or at least one bandwidth-constrained data link, while in-flight.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer readable storage medium storing computer interpretable instructions of claim 16, which cause the processor to perform the method to facilitate securing of air-to-ground communications for the aircraft, the method further comprising:
    - storing in the aircraft security parameters associated with the secure associations for the ground entities.
  - 18. The computer readable storage medium storing computer interpretable instructions of claim 17, which cause the processor to perform the method to facilitate securing of air-to-ground communications for the aircraft, the method further comprising:
    - using the stored security parameters established prior to takeoff in order to exchange protected messages, while in-flight, with the ground entities that are communicatively coupled with the aircraft traveling along the preferred flight path; and
      
      implementing the at least one bandwidth-constrained data link to exchange the protected messages with the communicatively coupled ground entities while in-flight.
  - 19. The computer readable storage medium storing computer interpretable instructions of claim 16, which cause the processor to perform the method to facilitate securing of air-to-ground communications for the aircraft, the method further comprising:
    - receiving certificates for any ground entities not having certificates associated with the ground entities stored in a memory of the aircraft via the at least one broadband data link prior to takeoff of the aircraft;
      
      checking the received certificates associated with the ground entities against the certificate revocation list prior to takeoff of the aircraft; and
      
      checking previously stored certificates associated with the ground entities against the certificate revocation list prior to takeoff of the aircraft.
  - 20. The computer readable storage medium storing computer interpretable instructions of claim 16, which cause the processor to perform the method to facilitate securing of air-to-ground communications for the aircraft, the method further comprising:
    - receiving a flight plan including information indicative of ground entities that can be communicatively coupled with the aircraft traveling on an alternative flight path prior to takeoff.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Roy, Aloke, Olive, Michael L.
Primary Examiner(s)
NGUYEN, THU HA T

Application Number

US12/603,635
Publication Number

US 20110099371A1
Time in Patent Office

1,580 Days
Field of Search

709/223, 709/224, 370/389, 706/53, 701/9, 701/11, 701/24, 701/25, 701/1, 701/10, 701/16, 713/168, 713/167, 725/106, 340/541, 340/945
US Class Current

713/168
CPC Class Codes

H04B 7/18506   Communications with or from...

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

Aeronautical security management over broadband air/ground network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Aeronautical security management over broadband air/ground network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links