Secure partitioning of devices connected to aircraft network data processing systems
First Claim
Patent Images
1. An apparatus comprising:
- a first operating environment on a single data processing device configured to access an aircraft network data processing system on an aircraft, wherein the first operating environment comprises a first logical partition comprising an operating system;
a second operating environment on the single data processing device configured to request access to the aircraft network data processing system, wherein the second operating environment comprises a second logical partition comprising a virtual machine;
a network access controller on the first operating environment configured to control the access to the aircraft network data processing system by the second operating environment based on rules defining the access to the aircraft network data processing system; and
a separation between the first operating environment and the second operating environment preventing the second operating environment from affecting the aircraft except when controlled by the network access controller.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for controlling access to an aircraft network data processing system on an aircraft. A first operating environment on a data processing device is configured to access the aircraft network data processing system. A second operating environment on the data processing device is configured to request access to the aircraft network data processing system. A network access controller on the first operating environment is configured to control the access to the aircraft network data processing system by the second operating environment based on rules defining the access to the aircraft network data processing system.
62 Citations
20 Claims
-
1. An apparatus comprising:
-
a first operating environment on a single data processing device configured to access an aircraft network data processing system on an aircraft, wherein the first operating environment comprises a first logical partition comprising an operating system; a second operating environment on the single data processing device configured to request access to the aircraft network data processing system, wherein the second operating environment comprises a second logical partition comprising a virtual machine; a network access controller on the first operating environment configured to control the access to the aircraft network data processing system by the second operating environment based on rules defining the access to the aircraft network data processing system; and a separation between the first operating environment and the second operating environment preventing the second operating environment from affecting the aircraft except when controlled by the network access controller. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for accessing an aircraft network data processing system on an aircraft, the method comprising:
-
accessing the aircraft network data processing system by a first operating environment on a single data processing device connected to the aircraft network data processing system, wherein the first operating environment comprises a first logical partition comprising an operating system; requesting access to the aircraft network data processing system by a second operating environment on the single data processing device, wherein the second operating environment comprises a second logical partition comprising a virtual machine and wherein a separation between the first operating environment and the second operating environment prevents the second operating environment from affecting the aircraft except when controlled by a network access controller on the first operating environment; and controlling, by the network access controller on the first operating environment, the access to the aircraft network data processing system by the second operating environment based on rules defining the access to the aircraft network data processing system. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for changing software on a single data processing device, the method comprising:
-
identifying, by a first operating environment on the single data processing device, update software in a designated location for the update software in a second operating environment on the single data processing device, wherein the first operating environment comprises a first logical partition, wherein the second operating environment comprises a second logical partition, and wherein a separation between the first operating environment and the second operating environment prevents the second operating environment from affecting an aircraft except when controlled by a network access controller; and changing, by the first operating environment, the software in the first operating environment using the update software in response to identifying the update software in the second operating environment. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification