CN104486300A - Aviation exchange system and method based on virtual machine - Google Patents

Aviation exchange system and method based on virtual machine Download PDF

Info

Publication number
CN104486300A
CN104486300A CN201410714131.6A CN201410714131A CN104486300A CN 104486300 A CN104486300 A CN 104486300A CN 201410714131 A CN201410714131 A CN 201410714131A CN 104486300 A CN104486300 A CN 104486300A
Authority
CN
China
Prior art keywords
territory
source language
language message
virtual machine
digital
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410714131.6A
Other languages
Chinese (zh)
Other versions
CN104486300B (en
Inventor
崔西宁
周银萍
戴小氐
李亚晖
张志为
王宁
张树兵
习宁
韩春阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
AVIC No 631 Research Institute
Original Assignee
Xidian University
AVIC No 631 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University, AVIC No 631 Research Institute filed Critical Xidian University
Priority to CN201410714131.6A priority Critical patent/CN104486300B/en
Publication of CN104486300A publication Critical patent/CN104486300A/en
Application granted granted Critical
Publication of CN104486300B publication Critical patent/CN104486300B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Astronomy & Astrophysics (AREA)
  • Aviation & Aerospace Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention belongs to the technical field of computer system software, and particularly relates to an aviation exchange system and a method based on a virtual machine. The system comprises an aircraft network system, a virtual interaction system and a ground system, wherein the virtual interaction system comprises a virtual machine, a security module and a managing virtual machine. Through the system, identity authentication is carried out through original information of the security module, and integrity verification is carried out on the original information through a Biba model, so that secure communication between the aircraft network system and the ground system, and among various domains of the aircraft network system is achieved.

Description

Based on aviation switching system and the method for virtual machine
Technical field
The invention belongs to computer system software technical field, relate to the system and method for the entity security communication of different level of security between avionics system multiple domain, be specifically related to a kind of aviation switching system based on virtual machine and method.
Background technology
Synthetic aviation electronic system can divide multiple territory usually, and the level of security in each territory is not quite similar, and inter-domain communication and the communication security between each territory and ground become particularly important, are subject to extensive concern both domestic and external.In the avionics system of high integrity, the entity of a large amount of different level of security intercoms mutually, brings no small challenge to the communication security of avionics system.
Traditional approach carry out division VLAN according to the safe class of information sender and receiving party between each territory and ground system and between territory, that is the Subjective and Objective being in same safe class is divided in same VLAN, such as safe class is that the Subjective and Objective of secret coexists in secret VLAN, such benefit is that of avoiding numerous and diverse access control policy, makes communication relatively simple.But simultaneously simple, the Subjective and Objective communication of different level of security receives severe constraints, is unfavorable for the mutual of information.
Therefore, traditional communication mode cannot meet the security requirement between inter-domain communication in the avionics system of Present Attitude synthesization and the communication between each territory and ground.
Summary of the invention
In order to solve the problem in background technology, the present invention proposes a kind of aviation switching system based on virtual machine and method, not only achieve the secure communication of aircraft network system and ground system, realize the entity security communication of different level of security between aircraft network system multiple domain simultaneously.
Technical scheme of the present invention is as follows:
Based on an aviation switching system for virtual machine, it is characterized in that: comprise aircraft network system, virtual interaction system and ground system; Described aircraft network system is intercomed mutually by virtual interaction system and ground system;
Described virtual interaction system comprises virtual machine, security module and managing virtual machines;
Described managing virtual machines receives and treats interactive information and send it to security module;
Described security module by treating that mutual information is encrypted/deciphers, authentication, fire compartment wall, access control, integrity verification;
Described virtual machine is used for realizing different security level information between aircraft network system domain and can intercoms mutually.
According to said system, now propose a kind of method that aircraft network system and ground system carry out information interaction, it is characterized in that, comprise the following steps:
1) communication starts, and aircraft network system is sent to the managing virtual machines of virtual interaction system by after the source language message encryption;
2) managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
2.1) authentication of the source language message;
2.1.1) aircraft network system carries out computing to the source language message sent, and obtains digital digest MD;
2.1.2) the aircraft network system private key PVA of oneself, is encrypted digital digest MD, obtains digital signature DS;
2.1.3) the PKI PBA of aircraft network system symmetric key to the source language message, digital signature DS and aircraft network system certificate is encrypted, and obtains enciphered message E;
2.1.4) the PKI PBB of aircraft network system ground system, symmetric key SK encrypt, and form digital envelope DE;
2.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines by aircraft network system;
2.1.6) after ground system receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
2.1.7) ground system is with symmetric key SK by decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
2.1.8) ground system certifying digital signature DS, first obtains digital digest MD by the public key decryptions digital signature of aircraft network system;
2.1.9) ground system simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 2.2); Otherwise refuse this signature, think that the source language message is not safe transmission, then the transmission of exclude information;
2.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 3); If authentication failed, then the transmission of exclude information;
3) the source language message is sent to ground system by managing virtual machines, sign off.
According to said system, now propose a kind of method of carrying out information interaction between aircraft network system domain, it is characterized in that, comprise the following steps:
1) communication starts, and originating party territory is sent to the virtual machine of virtual interaction system by after the source language message encryption;
2), after virtual machine receives the source language message, whether the originating party territory of judgement and the safe class grade in debit territory mate;
If coupling, then perform step 3);
If do not mate, then utilize virtual machine to carry out the promotion and demotion process of safe class, after the safe class in originating party territory and debit territory is matched, perform step 3);
3) the source language message is sent to managing virtual machines by virtual machine, and managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
3.1) authentication of the source language message;
3.1.1) computing is carried out to the source language message sent in originating party territory, obtains digital digest MD;
3.1.2) the originating party territory private key PVA of oneself is encrypted digital digest MD, obtains digital signature DS;
3.1.3) the PKI PBA of originating party territory symmetric key to the source language message, digital signature DS and originating party domain system certificate is encrypted, and obtains enciphered message E;
3.1.4) the PKI PBB of originating party territory ground system, symmetric key SK encrypt, and form digital envelope DE;
3.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines by originating party territory;
3.1.6) after debit territory receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
3.1.7) debit territory is with symmetric key SK by decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
3.1.8) debit territory certifying digital signature DS, first obtains digital digest MD by the public key decryptions digital signature in originating party territory;
3.1.9) debit territory simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 3.2);
Otherwise refuse this signature, think that the source language message is not the transmission of safe transmission, exclude information;
3.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 4);
If authentication failed, then the transmission of exclude information;
4) managing virtual machines the source language message is sent to debit territory, sign off.
Closed territory, privately owned territory and open territory is comprised between above-mentioned territory; Described closed territory is used for the flight that ensures safety; Described privately owned territory representative provides the service of airplane operation or the passenger's requirements for access had nothing to do with safe flight; Described open territory representative is supplied to the open network service of passenger;
Described virtual machine is provided with three, and three virtual machines are mutually corresponding with three territories respectively to be arranged.
The invention has the advantages that:
1, the secure communication achieved in aircraft network system and ground system in Present Attitude synthetic aviation electronic system and aircraft network system between each territory of present system structure.
2, the present invention adopts security module to carry out authentication to the originating party of communication and the information of debit, substantially increases the fail safe of communication.
3, the present invention adopts virtual machine virtual machine to be easy to the advantage of control to complete the security implementation of inter-domain communication, virtual machine technique can the effectively isomerism of shielding platform and dynamic, resource is shared to greatest extent with multiplexing, and makes operation more flexible, simplify change management simultaneously.
4, the present invention adopts Biba model to carry out integrity verification to file, and the result reliability improves greatly.
Accompanying drawing explanation
Fig. 1 is the structural representation of aviation switching system of the present invention;
Fig. 2 is the schematic diagram of aircraft network system;
Fig. 3 is BLP access control schematic diagram;
Fig. 4 is Biba access control schematic diagram.
Embodiment
Implementing the present invention basis is the aviation switching system setting up virtual machine, and this system comprises aircraft network system, virtual interaction system and ground system;
Aircraft network system is intercomed mutually by virtual interaction system and ground system; Virtual interaction system comprises virtual machine, security module and managing virtual machines; Managing virtual machines receives and treats interactive information and send it to security module; Security module by treating that mutual information is encrypted/deciphers, authentication, fire compartment wall, access control, integrity verification; Virtual machine is used for realizing different security level information between aircraft network system domain and can intercoms mutually.
As shown in Figure 2, aircraft network system commercial at present is mainly divided into three regions: closed territory (Closed), privately owned territory (Private), open territory (Public).Closed territory represents safety crucial avionics system, Cockpit Management System, Private territory represents course line operational system, service on buses or trains terminal system etc., the representative of Public territory is supplied to the open network service of passenger, CNS represents air traffic control system (ATCS) (communication communication navigation navigation monitors Surveillance), Aircraft control represents that aircraft controls, Carbin services represents cabin services, SATCOM represents satellite communication, Crewterminals represents crew's terminal, Information services represents information service, Broad band represents that wideband transmits, External 802.11 represents outside 802.11 agreements, nternal 802.11 represents inner 802.11 agreements, Crew devices represents crew's equipment, In-flight entertainment represents amusement in machine, Passenger devices represents passenger devices.
Special instruction: each territory correspondence is provided with a virtual machine, according to Fig. 1, closed territory is corresponding with virtual machine in figure 1, and privately owned territory is corresponding with virtual machine 2, and open territory is corresponding with virtual machine 3.The level of security in each territory is not quite similar, and the meeting of the intercommunication mutually more complicated between them, need to control accordingly inter-domain communication, guarantee both can keep independence each other, ensured the communication security between territory simultaneously.
First, be specifically described with the method for information interaction to the information interaction between aircraft network system and ground system of closed territory and ground system:
1) communication starts, and closed territory is by the managing virtual machines being sent to virtual interaction system after the source language message encryption;
2) managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
2.1) authentication of the source language message;
2.1.1) Hash operation is carried out to the source language message sent in closed territory, obtains a cryptographic Hash, is digital digest MD;
2.1.2) the closed domain system private PVA (the private cipher key private key of private key PVA:A gets p and v two letters of private) of oneself adopts asymmetric RSA Algorithm to be encrypted digital digest MD, obtains digital signature DS;
2.1.3) the closed territory PKI PBA (PBA represent the public key of A, get p and b two letters of public) of symmetric key to the source language message, digital signature DS and closed territory certificate adopts symmetry algorithm to be encrypted, and obtains enciphered message E;
2.1.4) the closed territory PKI PBB (PBB represents the public key of B, gets p and b two letters of public) of ground system, adopts RSA Algorithm to encrypt symmetric key SK, forms digital envelope DE;
2.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines by closed territory;
2.1.6) after ground system receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
2.1.7) ground system is with symmetric key SK by DES algorithm decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
2.1.8) ground system certifying digital signature DS, first obtains digital digest MD by the public key decryptions digital signature in closed territory;
2.1.9) ground system simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 2.2); Otherwise refuse this signature, think that the source language message is not safe transmission, exclude information transmits
2.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 3); If authentication failed, then exclude information transmission
3) the source language message is sent to ground system by managing virtual machines, sign off.
Other each territories are identical with ground system communication mode with above-mentioned closed territory with the secure communication flow process of ground system.
Then, specifically for the information interaction in closed territory and privately owned territory, the method for carrying out information interaction between aircraft network system domain is described:
1) communication starts, and originating party territory (closed territory) is by the virtual machine (virtual machine 1) being sent to virtual interaction system after the source language message encryption;
2), after virtual machine (virtual machine 1) receives the source language message, whether the originating party territory (closed territory) of judgement and the safe class grade in debit territory (privately owned territory) mate; If coupling, then perform step 3); If do not mate, then, after utilizing virtual machine to carry out what kind of process, perform step 3);
3) the source language message is sent to managing virtual machines by virtual machine (virtual machine 1), and managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
3.1) authentication of the source language message;
3.1.1) originating party territory (closed territory), to the source language message Hash operation sent, obtains one
Individual cryptographic Hash, obtains digital digest MD;
3.1.2) originating party territory (closed territory) is with the private PVA of oneself, adopts asymmetric RSA Algorithm to be encrypted digital digest MD, obtains digital signature DS;
3.1.3) originating party territory (closed territory) is encrypted with the PKI PBA of symmetric key to the source language message, digital signature DS and originating party domain system certificate, obtains enciphered message E;
3.1.4) originating party territory (closed territory) is with the PKI PBB in debit territory (privately owned territory), adopts RSA Algorithm symmetric key SK encryption, forms digital envelope DE;
3.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines (virtual machine 1) by originating party territory (closed territory);
3.1.6) after debit territory (privately owned territory) receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
3.1.7) debit territory (privately owned territory) is with symmetric key SK by DES algorithm decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
3.1.8) debit territory (privately owned territory) certifying digital signature DS, first uses the public key decryptions digital signature in originating party territory (closed territory) to obtain digital digest MD;
3.1.9) debit territory (privately owned territory) simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 3.2);
Otherwise refuse this signature, think that the source language message is not safe transmission, exclude information transmits
3.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 4); If authentication failed, then exclude information transmission
4) managing virtual machines the source language message is sent to debit territory (privately owned territory), sign off.
Secure communication flow process between other each territories and above-mentioned closed territory and privately owned field communication mode similar.
Herein, the model to information integrity checking in said method uses is needed to be described:
The access control of aviation switching system is divided into top secret, secret, secret and a few class such as open according to Permission Levels;---BLP model to be proposed and in addition perfect at " Mathematical founda-ons and model " by D.Bell and J.LaPadula in 1973, it designs according to the safety policy of the military, the essence topic solved is the access control to having level of confidentiality division information, be first more intactly formalization method system safety is carried out to the Mathematical Modeling of Strict Proof, by extensively should in describing the safety problem of computer system.BLP model is adopted strictly to control user according to the level of confidentiality access belonging to oneself.In BLP model, level of confidentiality is the arbitrary element in set { top-secret, secret, secret, open }, and this set is total order, that is: the secret > of top-secret > secret > openly.In BLP model, the set of security attribute forms the lattice (Lattice) that meets partial ordering relation, and this partial ordering relation is called domination (Dominate) relation.BLP model distributes a security attribute (also known as responsive grade) to each user in system, to it reflects user not by sensitive information leakage to not holding the confidence level of corresponding security attribute user.User activated process also will authorize this security attribute.BLP model also distributes a security attribute to each object in system, it reflects the susceptibility of object internal information, also reflects without permission to the potential threat not allowing the user accessing this information to reveal these information to cause.
In BLP model, the access of main object must meet following two rules, as Fig. 3:
1, simple and safe rule, only when the sensitivity level of main body is not less than object sensitivity level and the category set of main body comprises object, just allows this main body to read this object.Namely main body can only read the object that level of confidentiality is equal to or less than it, and that is main body can only be read from down, and can not read from above;
2, star rule, only when the sensitivity level of main body not higher than object sensitivity level and the category set of object comprises the category set of main body time, just allow this main body to write this object.Namely main body can only write the object that level of confidentiality is equal to or higher than it, and that is main body can only upwards be write, and can not write downwards.
Above-mentioned two rules ensure that the one-way flow of information, and namely information can only flow to the direction of high security attribute, can meet the demand of the high safety of avionics system.
But BLP model Special attention will be given to information flows to the direction of high safe level, but has insufficient emphasis on the integrity protection of high security class information.For the integrality demand of avionics system information, Biba model is used to ensure.
Biba model relates to the first model of computer system integrity, within 1977, issues.Integrality threatens to be divided into and derives from subsystem internal and outside threat by Biba model.If subsystem assembly is malice or incorrect, then produce inside threat; If a subsystem attempt revises another system by misdata or incorrect call function, then produce outside threat.Biba thinks that inside threat can be solved by program test or inspection.So model is mainly for outside threat, solve the first aim of integrality: prevent distorting of unauthorized user.Biba model is mainly for information integrity protection aspect.With BLP model class seemingly, Biba model integrity levels instead of the responsive grade in BLP model, and the restriction of access control is just in time contrary with BLP model, as Fig. 4.
(1) simple complete rule, only when the full stage of main body is more than or equal to the full stage of object and the category set of main body comprises the classification collection of object, just allows this main body to write this object.Namely main body can only be write downwards, and can not upwards write, and that is main body can only write the object that (amendment) integrity grade is equal to or less than it;
(2) integrality restriction rule (star rule), only when the full stage of main body not higher than object full stage and the category set of object comprises the category set of main body time, just allow this main body to read this object.Namely main body can only be read from above, and can not read from down.

Claims (4)

1. based on an aviation switching system for virtual machine, it is characterized in that: comprise aircraft network system, virtual interaction system and ground system; Described aircraft network system is intercomed mutually by virtual interaction system and ground system;
Described virtual interaction system comprises virtual machine, security module and managing virtual machines;
Described managing virtual machines receives and treats interactive information and send it to security module;
Described security module by treating that mutual information is encrypted/deciphers, authentication, fire compartment wall, access control, integrity verification;
Described virtual machine is used for realizing different security level information between aircraft network system domain and can intercoms mutually.
2. the aircraft network system of the aviation switching system based on virtual machine according to claim 1 and ground system carry out the method for information interaction, it is characterized in that, comprise the following steps:
1) communication starts, and aircraft network system is sent to the managing virtual machines of virtual interaction system by after the source language message encryption;
2) managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
2.1) authentication of the source language message;
2.1.1) aircraft network system carries out computing to the source language message sent, and obtains digital digest MD;
2.1.2) the aircraft network system private key PVA of oneself, is encrypted digital digest MD, obtains digital signature DS;
2.1.3) the PKI PBA of aircraft network system symmetric key to the source language message, digital signature DS and aircraft network system certificate is encrypted, and obtains enciphered message E;
2.1.4) the PKI PBB of aircraft network system ground system, symmetric key SK encrypt,
Form digital envelope DE;
2.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines by aircraft network system;
2.1.6) after ground system receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
2.1.7) ground system is with symmetric key SK by decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
2.1.8) ground system certifying digital signature DS, first obtains digital digest MD by the public key decryptions digital signature of aircraft network system;
2.1.9) ground system simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 2.2); Otherwise refuse this signature, think that the source language message is not safe transmission, then the transmission of exclude information;
2.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 3); If authentication failed, then the transmission of exclude information;
3) the source language message is sent to ground system by managing virtual machines, sign off.
3. carry out the method for information interaction between the aircraft network system domain of the aviation switching system based on virtual machine according to claim 1, it is characterized in that, comprise the following steps:
1) communication starts, and originating party territory is sent to the virtual machine of virtual interaction system by after the source language message encryption;
2), after virtual machine receives the source language message, whether the originating party territory of judgement and the safe class grade in debit territory mate;
If coupling, then perform step 3);
If do not mate, then utilize virtual machine to carry out the promotion and demotion process of safe class, after the safe class in originating party territory and debit territory is matched, perform step 3);
3) the source language message is sent to managing virtual machines by virtual machine, and managing virtual machines calls security module and carries out authentication and integrity verification to the source language message;
3.1) authentication of the source language message;
3.1.1) computing is carried out to the source language message sent in originating party territory, obtains digital digest MD;
3.1.2) the originating party territory private key PVA of oneself is encrypted digital digest MD, obtains digital signature DS;
3.1.3) the PKI PBA of originating party territory symmetric key to the source language message, digital signature DS and originating party domain system certificate is encrypted, and obtains enciphered message E;
3.1.4) the PKI PBB of originating party territory ground system, symmetric key SK encrypt, and form digital envelope DE;
3.1.5) enciphered message E and digital envelope DE is sent to ground system through managing virtual machines by originating party territory;
3.1.6) after debit territory receives digital envelope DE, utilize the private key PVB decrypting digital envelope of oneself, take out symmetric key SK;
3.1.7) debit territory is with symmetric key SK by decrypt encrypted information E, restores the PKI PBA of the source language message, digital signature DS and originating party Closed territory certificate;
3.1.8) debit territory certifying digital signature DS, first obtains digital digest MD by the public key decryptions digital signature in originating party territory;
3.1.9) debit territory simultaneously by the source language message with step 1.3.1.1) same computing, try to achieve a new digital digest MD '; Compared by two digital digest MD and MD ', whether checking original text is modified;
If both MD and MD ' are equal, then illustrate that data are not tampered, the source language message is safe transmission, then performs step 3.2);
Otherwise refuse this signature, think that the source language message is not the transmission of safe transmission, exclude information;
3.2) Biba model is utilized to carry out integrity verification to the source language message; If be proved to be successful, then perform step 4);
If authentication failed, then the transmission of exclude information;
4) managing virtual machines the source language message is sent to debit territory, sign off.
4. the aviation switching system based on virtual machine according to claim 1, is characterized in that: comprise closed territory, privately owned territory and open territory between described territory; Described closed territory is used for the flight that ensures safety; Described privately owned territory representative provides the service of airplane operation or the passenger's requirements for access had nothing to do with safe flight; Described open territory representative is supplied to the open network service of passenger;
Described virtual machine is provided with three, and three virtual machines are mutually corresponding with three territories respectively to be arranged.
CN201410714131.6A 2014-11-29 2014-11-29 Aviation exchange system and method based on virtual machine Active CN104486300B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410714131.6A CN104486300B (en) 2014-11-29 2014-11-29 Aviation exchange system and method based on virtual machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410714131.6A CN104486300B (en) 2014-11-29 2014-11-29 Aviation exchange system and method based on virtual machine

Publications (2)

Publication Number Publication Date
CN104486300A true CN104486300A (en) 2015-04-01
CN104486300B CN104486300B (en) 2018-07-03

Family

ID=52760804

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410714131.6A Active CN104486300B (en) 2014-11-29 2014-11-29 Aviation exchange system and method based on virtual machine

Country Status (1)

Country Link
CN (1) CN104486300B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105933284A (en) * 2016-04-01 2016-09-07 西安电子科技大学昆山创新研究院 Biba improved model and system based on BTG mechanism
CN106850529A (en) * 2015-10-20 2017-06-13 波音公司 Using redundant circuit replaceable unit(“LRU”)Information can be changed with compound aircraft(“AMI”)Aircraft Identity Management
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Network digital identity identifying method based on block chain technology
CN109831438A (en) * 2019-02-19 2019-05-31 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains based on virtualization and information network domain
CN114153227A (en) * 2021-11-30 2022-03-08 重庆大学 Unmanned aerial vehicle cluster key extraction and security authentication method based on GPS (Global positioning System) signals
CN117579275A (en) * 2024-01-16 2024-02-20 中国民用航空飞行学院 Information security management method, system and storage medium based on aviation data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101908962A (en) * 2009-12-24 2010-12-08 中国航空工业集团公司第六三一研究所 Key management method for integrated avionic system
CN102216931A (en) * 2007-10-31 2011-10-12 波音公司 Method and apparatus for simulating aircraft data processing systems
CN102609841A (en) * 2012-01-13 2012-07-25 东北大学 Remote mobile payment system based on digital certificate and payment method
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102216931A (en) * 2007-10-31 2011-10-12 波音公司 Method and apparatus for simulating aircraft data processing systems
CN101908962A (en) * 2009-12-24 2010-12-08 中国航空工业集团公司第六三一研究所 Key management method for integrated avionic system
CN102609841A (en) * 2012-01-13 2012-07-25 东北大学 Remote mobile payment system based on digital certificate and payment method
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
崔西宁,沈玉龙,马建峰,谢克嘉: "综合化航空电子系统中基于可信计算的访问控制模型", 《通信学报》 *
王景学: "云计算虚拟机防护系统设计与实现", 《中国优秀硕士学位论文全文数据库》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850529A (en) * 2015-10-20 2017-06-13 波音公司 Using redundant circuit replaceable unit(“LRU”)Information can be changed with compound aircraft(“AMI”)Aircraft Identity Management
CN106850529B (en) * 2015-10-20 2021-11-23 波音公司 Aircraft identity management using redundant line replaceable units ("LRUs") and composite aircraft alterable information ("AMI
CN105933284A (en) * 2016-04-01 2016-09-07 西安电子科技大学昆山创新研究院 Biba improved model and system based on BTG mechanism
CN105933284B (en) * 2016-04-01 2019-05-28 西安电子科技大学昆山创新研究院 A kind of Biba improved model and system based on BTG mechanism
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Network digital identity identifying method based on block chain technology
CN109831438A (en) * 2019-02-19 2019-05-31 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains based on virtualization and information network domain
CN109831438B (en) * 2019-02-19 2022-03-11 中国航空工业集团公司西安航空计算技术研究所 Two-way communication system and method between avionic network domain and information network domain based on virtualization
CN114153227A (en) * 2021-11-30 2022-03-08 重庆大学 Unmanned aerial vehicle cluster key extraction and security authentication method based on GPS (Global positioning System) signals
CN114153227B (en) * 2021-11-30 2024-02-20 重庆大学 Unmanned aerial vehicle group key extraction and security authentication method based on GPS signals
CN117579275A (en) * 2024-01-16 2024-02-20 中国民用航空飞行学院 Information security management method, system and storage medium based on aviation data
CN117579275B (en) * 2024-01-16 2024-04-12 中国民用航空飞行学院 Information security management method, system and storage medium based on aviation data

Also Published As

Publication number Publication date
CN104486300B (en) 2018-07-03

Similar Documents

Publication Publication Date Title
CN104486300A (en) Aviation exchange system and method based on virtual machine
US9053332B2 (en) Policy for secure packet transmission using required node paths and cryptographic signatures
Celesti et al. An approach for the secure management of hybrid cloud–edge environments
CN103430183B (en) For the physical security mandate of utility application
CN106709313B (en) Secure removable storage for aircraft systems
Baek et al. How to protect ADS-B: Confidentiality framework and efficient realization based on staged identity-based encryption
WO2015103986A1 (en) Method and device for acquiring message certificate in vehicle networking system
CN105873031A (en) Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform
CN109040063A (en) Determination method, apparatus, equipment and the storage medium of vehicle ECU key
CN113609508A (en) Block chain-based federal learning method, device, equipment and storage medium
CN105162797B (en) A kind of mutual authentication method based on video monitoring system
CN110690959A (en) Unmanned aerial vehicle safety certifiable information communication processing method based on cloud platform
CN105049877A (en) Encryption method and device for live and recorded broadcast interaction system
CN101115060A (en) Method for protecting user encryption key in asymmetric cipher key transmitting process of user key management system
Jianwei et al. Survey on key security technologies for space information networks
CN111698263B (en) Beidou satellite navigation data transmission method and system
JP2011228777A (en) Key generating device, data providing device, terminal device, and program
CN112532656A (en) Block chain-based data encryption and decryption method and device and related equipment
JP2017112597A (en) Identification management of airplane using redundant line exchange unit (lru) and composite information changeable by aviation company (ami)
Khan et al. AKAASH: A realizable authentication, key agreement, and secure handover approach for controller-pilot data link communications
Alghamdi et al. Effective security techniques for automatic dependent surveillance-broadcast (ADS-B)
Zaidi et al. Diva-digital identity in vanets: A multi-authority framework for vanets
Ilyenko et al. Program Module of Cryptographic Protection Critically Important Information of Civil Aviation Channels
Garg et al. Investigation of Cloud Computing Security Issue.
Mathew et al. A survey on different privacy-preserving authentication schemes in VANET

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant