Computer network, network node and method for providing certification information
First Claim
1. A network node for a computer network for data transmission between network nodes, the network nodes being authenticatable to one another by authentication information of a public key infrastructure, the computer network comprising:
- a root certificate authority disposed in a first region with limited physical access disposed within a cockpit of an aircraft, and arranged separate from the computer network without being linked to the computer network, the functions of the root certificate authority are directly accessible to only persons with access authorization for the first region with limited physical access disposed within the cockpit of the aircraft, the root certificate authority comprising;
a signing device configured to generate the authentication information for the public key infrastructure, and a wireless short-distance data transmission device with a communication range that does not extend beyond the first region, the wireless short-distance data transmission device communicating with the network node while the network node is within the communication range that does not extend beyond the cockpit; and
the network node comprising;
an authentication information storage;
a processor;
a network communication device; and
an initialization device including an initialization communication device and a temporary authentication information storage, the processor being configured to read information from the temporary authentication information storage.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer network for data transmission between network nodes, the network nodes being authenticatable to one another by authentication information of a public key infrastructure, with a root certificate authority configured to generate the authentication information for the public key infrastructure. The root certificate authority is arranged separate from the computer network and is not linked to the computer network. A network node of the computer network comprises an authentication information storage, a processor, a network communication device and an initialization device having an initialization communication device and a temporary authentication information storage that can be read out by the processor.
-
Citations
16 Claims
-
1. A network node for a computer network for data transmission between network nodes, the network nodes being authenticatable to one another by authentication information of a public key infrastructure, the computer network comprising:
-
a root certificate authority disposed in a first region with limited physical access disposed within a cockpit of an aircraft, and arranged separate from the computer network without being linked to the computer network, the functions of the root certificate authority are directly accessible to only persons with access authorization for the first region with limited physical access disposed within the cockpit of the aircraft, the root certificate authority comprising; a signing device configured to generate the authentication information for the public key infrastructure, and a wireless short-distance data transmission device with a communication range that does not extend beyond the first region, the wireless short-distance data transmission device communicating with the network node while the network node is within the communication range that does not extend beyond the cockpit; and the network node comprising;
an authentication information storage;
a processor;
a network communication device; andan initialization device including an initialization communication device and a temporary authentication information storage, the processor being configured to read information from the temporary authentication information storage. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating a network node of a computer network, the method comprising:
-
providing a root certificate authority disposed in a first region with limited physical access disposed within a cockpit of an aircraft, and arranged separate from the computer network and without being linked to the computer network, wherein the functions of the root certificate authority are directly accessible to only persons with access authorization for the first region with limited physical access disposed within the cockpit of the aircraft, the root certificate authority comprising a signing device configured to generate authentication information for the public key infrastructure and a wireless short-distance data transmission device with a communication range that does not extend beyond the first region, the authentication information including key information assigned to the network node and signature information, and the network node comprising an authentication information storage, a processor, a network communication device and an initialization device including an initialization communication device and a temporary authentication information storage, the processor of the network node being configured to read information from the temporary authentication information storage; operating the signing device to generate the signature information from the key information and the root key information assigned to the root certification authority; operating the wireless short-distance data transmission device to wirelessly transmit the authentication information formed from the key information and the signature information to the initialization communication device of the network node while the network node is in the first region within the communication range that does not extend beyond the cockpit; storing the authentication information in the temporary authentication information storage; connecting the network node to the computer network; and transferring the authentication information from the temporary authentication information storage into the authentication information storage. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification