Airport security system

US 8,769,608 B2
Filed: 02/16/2011
Issued: 07/01/2014
Est. Priority Date: 02/16/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

an e-enabled aircraft including an aircraft data processing system;

a network data processing system configured for use at an airport, the network data processing system in communication with the aircraft data processing system;

a policy manager comprising a processor, the policy manager configured to manage a number of policies based on a threat level for the airport, the policy manager further configured to identify a number of undesired events for the network data processing system and the aircraft data processing system and identify a number of actions to be performed in response to the number of undesired events, the number of undesired events including undesired events in categories selected from the group consisting of safety events, security events, business events, and operational events, and the policy manager further configured to adjust the threat level based on identifying a number of undesired events from more than one category of events;

a policy specifier configured to receive input, to identify information for use in identifying the threat level for the airport, and to generate the number of policies for the data processing system and the aircraft data processing system; and

a number of agents configured to run on the network data processing system and configured to implement the number of policies on the network data processing system and the aircraft data processing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, apparatus, and system for managing network security at an airport. A threat level for the airport is identified. A number of policies for a network data processing system is identified at the airport based on the threat level identified for the airport in response to identifying the threat level for the airport. Enforcement of the number of policies is initiated in the network data processing system.

Citations

21 Claims

1. An apparatus comprising:
- an e-enabled aircraft including an aircraft data processing system;
  
  a network data processing system configured for use at an airport, the network data processing system in communication with the aircraft data processing system;
  
  a policy manager comprising a processor, the policy manager configured to manage a number of policies based on a threat level for the airport, the policy manager further configured to identify a number of undesired events for the network data processing system and the aircraft data processing system and identify a number of actions to be performed in response to the number of undesired events, the number of undesired events including undesired events in categories selected from the group consisting of safety events, security events, business events, and operational events, and the policy manager further configured to adjust the threat level based on identifying a number of undesired events from more than one category of events;
  
  a policy specifier configured to receive input, to identify information for use in identifying the threat level for the airport, and to generate the number of policies for the data processing system and the aircraft data processing system; and
  
  a number of agents configured to run on the network data processing system and configured to implement the number of policies on the network data processing system and the aircraft data processing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The apparatus of claim 1, wherein an agent in the number of agents is configured to enforce the number of policies on a data processing system in the network data processing system on which the agent is located and to enforce the number of policies on the aircraft data processing system.
  - 3. The apparatus of claim 1, wherein the policy manager is configured to identify the threat level for the airport.
  - 4. The apparatus of claim 3, wherein the policy manager is configured to select a group of policies for enforcement in the network data processing system in response to identifying the threat level for the airport and initiate the enforcement of the group of policies.
  - 5. The apparatus of claim 4, wherein in being configured to initiate the enforcement of the group of policies, the policy manager is configured to send the group of policies to at least a portion of the number of agents.
  - 6. The apparatus of claim 4, wherein the threat level includes at least one of a cyber-security threat level and a physical threat level.
  - 7. The apparatus of claim 1, wherein the policy manager is further configured to identify a change to the threat level for the airport and update the number of policies in response to identifying the threat level for the airport.
  - 8. The apparatus of claim 1, wherein in being configured to implement the number of policies on the network data processing system, the number of agents is configured to manage communications with the aircraft data processing system including specifying a type of communications link in response to a changed threat level.
  - 9. The apparatus of claim 8, wherein in being configured to manage the communications with the aircraft data processing system, the number of agents is configured to specify at least one of a particular data processing system in the network data processing system used to communicate with the computer on the aircraft, a wireless access point, and a time during which the communications between the particular data processing system and the data processing system on the aircraft is permitted.
  - 10. The apparatus of claim 1, wherein the network data processing system comprises:
    - a network; and
      
      a plurality of data processing systems connected to the network.
  - 11. The apparatus of claim 1, wherein the number of policies comprises at least one of a security policy, a safety policy, a business policy, an airport policy, an aircraft access policy, a communications policy, a computer access policy, a physical access policy, and a network access policy.

12. An aircraft communications system comprising:
- an e-enabled aircraft including a number of aircraft data processing systems;
  
  a network data processing system at an airport, the network data processing system in communication with the number of aircraft data processing systems;
  
  a policy manager comprising a processor configured to manage a number of policies for communicating with the network data processing system at the airport and the number of data processing systems on the aircraft at the airport, the policy manager further configured to identify a number of undesired events for the network data processing system and the number of aircraft data processing systems and identify a number of actions to be performed in response to the number of undesired events, the number of undesired events including undesired events in each category of safety events, security events, business events, and operational events, and the policy manager further configured to adjust the threat level based on identifying a number of undesired events from more than one category of events;
  
  a policy specifier configured to receive input, to identify information for use in identifying the threat level for the airport, and to generate the number of policies for the data processing system and the number of aircraft data processing systems; and
  
  a number of agents configured to run on the network data processing system and configured to implement the number of policies for communicating with the network data processing system and the number of aircraft data processing systems.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The aircraft communications system of claim 12, wherein the number of agents is configured to implement a policy in the number of policies specifying a communications link for use in communicating with the number of aircraft data processing systems.
  - 14. The aircraft communications system of claim 13, wherein the communications link is selected from one of a wired communications link, an optical communications link, a wireless communications link, and the wireless communications link using a selected access point.
  - 15. The aircraft communications system of claim 12, wherein the number of policies comprises at least one of a security policy, a safety policy, a business policy, an airport policy, an aircraft access policy, a communications policy, a computer and access policy, a physical access policy, and a network access policy.
  - 16. The aircraft communications system of claim 12, wherein the number of aircraft data processing systems on the aircraft is a number of electronic devices selected from at least one of a computer, a mobile phone, a tablet computer, a router, a laptop computer, and a wireless interface.

17. A method for managing network security at an airport, the method comprising:
- monitoring for a number of undesired events in a network data processing system and an aircraft data processing system in an e-enabled aircraft and identifying a number of actions to be performed in response to the number of undesired events, monitoring including monitoring the number of undesired events in each category of safety events, security events, business events, and operational events, the monitoring performed by a policy manager in a processor;
  
  responsive to identifying a threat level for the airport, identifying a number of policies for a network data processing system at the airport and the aircraft data processing system based on the threat level identified for the airport, the identifying a number of policies performed by the policy manager;
  
  adjusting the threat level based on identifying the number of undesired events from more than one category of events;
  
  initiating enforcement of the number of policies in the network data processing system and the aircraft data processing system including sending the number of policies to an agent in the network data processing system; and
  
  enforcing, by the agent in the network data processing system, the number of policies on a data processing system in the network data processing system on which the agent is located.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, wherein the initiating step is performed by a policy manager.
  - 19. The method of claim 17, wherein initiating an enforcement of the number policies in the aircraft data processing system comprises downloading a new database for the aircraft data processing system in response to a changed threat level.
  - 20. The method of claim 17 further comprising:
    - responsive to a changed threat level, communicating with an agent in the aircraft data processing system to manage a communications link with the aircraft so as to specify a type of communications link.
  - 21. The method of claim 20, wherein communicating with an agent in the aircraft data process system further comprises communicating a wireless access point and a time during which communication between the network data processing system and the aircraft data processing system is permitted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Sampigethaya, Radhakrishna G., Li, Mingyan, Mitchell, Timothy M.
Primary Examiner(s)
SIMITOSKI, MICHAEL J

Application Number

US13/028,456
Publication Number

US 20120210387A1
Time in Patent Office

1,231 Days
Field of Search

726/1, 726/22
US Class Current

726/1
CPC Class Codes

G08G 5/0013   with a ground station

G08G 5/0095   Aspects of air-traffic cont...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0263   Rule management

H04L 63/104   Grouping of entities

H04L 63/105   Multiple levels of security

H04L 63/1416   Event detection, e.g. attac...

Airport security system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Airport security system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links