CN104486300B - Aviation exchange system and method based on virtual machine - Google Patents
Aviation exchange system and method based on virtual machine Download PDFInfo
- Publication number
- CN104486300B CN104486300B CN201410714131.6A CN201410714131A CN104486300B CN 104486300 B CN104486300 B CN 104486300B CN 201410714131 A CN201410714131 A CN 201410714131A CN 104486300 B CN104486300 B CN 104486300B
- Authority
- CN
- China
- Prior art keywords
- domain
- source language
- virtual machine
- language message
- digital
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/185—Space-based or airborne stations; Stations for satellite systems
- H04B7/1851—Systems using a satellite or space-based relay
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Astronomy & Astrophysics (AREA)
- Aviation & Aerospace Engineering (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention belongs to computer system software technical fields, and in particular to a kind of aviation exchange system and method based on virtual machine.The system includes aircraft network system, virtual interaction system and ground system;Virtual interaction system includes virtual machine, security module and management virtual machine;By above system, authentication is carried out by security module the source language message, integrity verification is carried out to the source language message by Biba models, realizes the secure communication between aircraft network system and ground system and each domain of aircraft network system.
Description
Technical field
The invention belongs to computer system software technical fields, are related to the entity of different security levels between avionics system multiple domain
The system and method for secure communication, and in particular to a kind of aviation exchange system and method based on virtual machine.
Background technology
Synthetic aviation electronic system would generally divide multiple domains, and the security level in each domain is not quite similar, inter-domain communication with
And the communication security between each domain and ground becomes particularly important, by extensive concern both domestic and external.In the boat of high integrity
In empty electronic system, the entity of a large amount of difference security levels is in communication with each other, and is brought to the communication security of avionics system no small
Challenge.
According to information sender and the peace of receiving party between each domain of traditional approach and ground system and between domain
Congruent grade carries out division VLAN, that is to say, that the Subjective and Objective for being in same safe class is divided in same VLAN, than
If the Subjective and Objective that safe class is secret is in secret VLAN, such benefit is that of avoiding numerous and diverse access control
Strategy so that communication is relatively simple.But while simple, host and guest's body communication of different security levels receives seriously about
Beam is unfavorable for the interaction of information.
Therefore, traditional communication mode can not meet in the avionics system of Present Attitude synthesization inter-domain communication and
The security requirement between communication between each domain and ground.
Invention content
In order to solve the problems in background technology, the present invention proposes a kind of aviation exchange system and side based on virtual machine
Method, not only realizes the secure communication of aircraft network system and ground system, while realizes difference between aircraft network system multiple domain
The entity security communication of security level.
Technical scheme is as follows:
A kind of aviation exchange system based on virtual machine, it is characterised in that:Including aircraft network system, virtual interaction system
And ground system;The aircraft network system is in communication with each other by virtual interaction system and ground system;
The virtual interaction system includes virtual machine, security module and management virtual machine;
The management virtual machine reception treats interactive information and sends it to security module;
Information to be interacted is encrypted/decrypted by the security module, authentication, fire wall, access control, complete
Property verification;
Different security level informations can be in communication with each other between the virtual machine is used to implement aircraft network system domain.
According to above system, it is proposed that a kind of method that aircraft network system carries out information exchange with ground system, it is special
Sign is, includes the following steps:
1) communication starts, and aircraft network system is sent to virtual interaction system management after being encrypted to the source language message is virtual
Machine;
2) management virtual machine call security module carries out authentication and integrity verification to the source language message;
2.1) authentication of the source language message;
2.1.1) aircraft network system carries out operation to the source language message of transmission, obtains digital digest MD;
2.1.2) the aircraft network system private key PVA of oneself, is encrypted to get digital signature digital digest MD
DS;
2.1.3) aircraft network system symmetric key is to the source language message, digital signature DS and aircraft network system certificate
Public key PBA is encrypted, and obtains encryption information E;
2.1.4) the public key PBB of aircraft network system ground system, symmetric key SK are encrypted, and form digital envelope DE;
2.1.5) encryption information E and digital envelope DE is sent to ground system by aircraft network system by management virtual machine
System;
2.1.6 after) ground system receives digital envelope DE, digital envelope, taking-up pair are decrypted using the private key PVB of oneself
Claim key SK;
2.1.7) ground system symmetric key SK restores the source language message, digital signature DS by decrypting encryption information E
And the public key PBA of originating party Closed domains certificate;
2.1.8) ground system verification digital signature DS, is first obtained digital with the public key decryptions digital signature of aircraft network system
Make a summary MD;
2.1.9) ground system simultaneously by the source language message with step 1.3.1.1) same operation, acquire a new number
Word abstract MD ';Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, is then performed
Step 2.2);Otherwise refuse the signature, it is believed that the source language message is not safe transmission, then refuses the transmission of information;
2.2) integrity verification is carried out to the source language message using Biba models;If being proved to be successful, step 3) is performed;If it tests
Card failure, then refuse the transmission of information;
3) the source language message is sent to ground system, sign off by management virtual machine.
According to above system, it is proposed that a kind of method that information exchange is carried out between aircraft network system domain, which is characterized in that
Include the following steps:
1) communication starts, and originating party domain is sent to the virtual machine of virtual interaction system after being encrypted to the source language message;
2) after virtual machine receives the source language message, whether the originating party domain of judgement and the safe class grade in debit domain match;
If matching, performs step 3);
If mismatching, the promotion and demotion that safe class is carried out using virtual machine are handled so that the peace in originating party domain and debit domain
After congruent grade matches, step 3) is performed;
3) the source language message is sent to management virtual machine by virtual machine, management virtual machine call security module to the source language message into
Row authentication and integrity verification;
3.1) authentication of the source language message;
3.1.1) originating party domain carries out operation to the source language message of transmission, obtains digital digest MD;
3.1.2) originating party domain is encrypted to get digital signature DS digital digest MD with the private key PVA of oneself;
3.1.3) originating party domain symmetric key is to the public key PBA of the source language message, digital signature DS and originating party domain system certificate
It is encrypted, obtains encryption information E;
3.1.4) the public key PBB of originating party domain ground system, symmetric key SK are encrypted, and form digital envelope DE;
3.1.5) encryption information E and digital envelope DE is sent to ground system by originating party domain by management virtual machine;
3.1.6 after) debit domain receives digital envelope DE, digital envelope is decrypted using the private key PVB of oneself, is taken out symmetrical
Key SK;
3.1.7) symmetric key SK in debit domain is by decrypting encryption information E, restore the source language message, digital signature DS and
The public key PBA of originating party Closed domains certificate;
3.1.8) debit domain verification digital signature DS, first obtains digital digest MD with the public key decryptions digital signature in originating party domain;
3.1.9) debit domain simultaneously by the source language message with step 1.3.1.1) same operation, acquire a new number
Make a summary MD ';Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, is then performed
Step 3.2);
Otherwise refuse the signature, it is believed that the source language message is not safe transmission, refuses the transmission of information;
3.2) integrity verification is carried out to the source language message using Biba models;If being proved to be successful, step 4) is performed;
If authentication failed, refuse the transmission of information;
4) management virtual machine the source language message is sent to debit domain, sign off.
Include being closed domain, privately owned domain and open domain between above-mentioned domain;The closure domain is for the flight that ensures safety;It is described
Privately owned domain represents the service for providing the airplane operation or passenger requirements for access unrelated with safe flight;The open domain, which represents, to be provided
To the open network service of passenger;
There are three the virtual machine settings, and three virtual machines correspond setting with three domains respectively.
The advantage of the invention is that:
1st, present system structure realizes in Present Attitude synthetic aviation electronic system aircraft network system and ground
Secure communication in plane system and aircraft network system between each domain.
2nd, the present invention carries out authentication using security module to the originating party of communication and the information of debit, substantially increases logical
The safety of letter.
3rd, the present invention completes the security implementation of inter-domain communication, virtual machine using the easily controllable advantage of virtual machine virtual machine
Technology is capable of the isomerism and dynamic of effective shielding platform so that resource is shared and is multiplexed to greatest extent, and makes behaviour
Make it is more flexible, while simplify change management.
4th, the present invention carries out integrity verification using Biba models to file, and verification result reliability greatly improves.
Description of the drawings
Fig. 1 is the structure diagram of aviation exchange system of the present invention;
Fig. 2 is the schematic diagram of aircraft network system;
Fig. 3 is BLP access control schematic diagrams;
Fig. 4 is Biba access control schematic diagrams.
Specific embodiment
It is the aviation exchange system for establishing virtual machine to implement basis of the present invention, which includes aircraft network system, virtually
Interactive system and ground system;
Aircraft network system is in communication with each other by virtual interaction system and ground system;Virtual interaction system includes virtual
Machine, security module and management virtual machine;Management virtual machine reception treats interactive information and sends it to security module;Safe mould
Information to be interacted is encrypted/decrypted by block, authentication, fire wall, access control, integrity verification;Virtual machine is used for
Different security level informations can be in communication with each other between realizing aircraft network system domain.
As shown in Fig. 2, commercial aircraft network system is largely divided into three regions at present:It is closed domain (Closed), it is privately owned
Domain (Private), open domain (Public).Closed domains represent safety keys avionics system, Cockpit Management System;
Private domains represent course line operating system, service on buses or trains terminal system etc.;Public domains, which represent, is supplied to the open network of passenger to take
Business, CNS represent air traffic control system (ATCS) (communication communication navigation navigation monitoring Surveillance),
Aircraft control represent aircraft control, and Carbin services represent cabin services, and SATCOM represents satellite communication,
Crew terminals represent crew's terminal, and Information services represent information service, and Broad band are represented
Wideband transmits, and External 802.11 represents external 802.11 agreements, and nternal 802.11 represents internal 802.11 agreements,
Crew devices represent crew's equipment, and In-flight entertainment represent to entertain in machine, Passenger
Devices represents passenger devices.
Illustrate be:Each domain is correspondingly arranged there are one virtual machine, according to Fig. 1, is closed domain and virtual machine 1 in figure
Corresponding, privately owned domain is corresponding with virtual machine 2, and open domain is corresponding with virtual machine 3.The security level in each domain is not quite similar, they it
Between be in communication with each other can it is more complicated, need to control inter-domain communication accordingly, just can guarantee can both keep each other it
Between independence, while ensure the communication security between domain.
First, specifically to be closed letter of the information exchange in domain and ground system between aircraft network system and ground system
The method of breath interaction is described:
1) communication starts, and is closed the management virtual machine that virtual interaction system is sent to after domain will encrypt the source language message;
2) management virtual machine call security module carries out authentication and integrity verification to the source language message;
2.1) authentication of the source language message;
2.1.1 it) is closed domain and Hash operation is carried out to the source language message of transmission, obtain a cryptographic Hash, as digital digest
MD;
2.1.2) closure domain system private PVA (the private key PVA of oneself:The private cipher key private key of A, take
Two letters of p and v of private) digital digest MD is encrypted to get digital signature DS using asymmetric RSA Algorithm;
2.1.3 domain symmetric key) is closed to the source language message, digital signature DS and the public key PBA (PBA for being closed domain certificate
Represent the public key of A, take two letters of p and b of public) it is encrypted using symmetry algorithm, obtain encryption information E;
2.1.4) (PBB represents the public key of B to the public key PBB of closure domain ground system, takes the p and b two of public
A letter), symmetric key SK is encrypted using RSA Algorithm, forms digital envelope DE;
2.1.5 it) is closed domain and encryption information E and digital envelope DE is sent to ground system by management virtual machine;
2.1.6 after) ground system receives digital envelope DE, digital envelope, taking-up pair are decrypted using the private key PVB of oneself
Claim key SK;
2.1.7) ground system decrypts encryption information E with symmetric key SK by DES algorithms, restores the source language message, number
The public key PBA of word signature DS and originating party Closed domains certificate;
2.1.8) ground system verification digital signature DS, first obtains digital digest with the public key decryptions digital signature for being closed domain
MD;
2.1.9) ground system simultaneously by the source language message with step 1.3.1.1) same operation, acquire a new number
Word abstract MD ';Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, is then performed
Step 2.2);Otherwise refuse the signature, it is believed that the source language message is not safe transmission, refusal information transmission
2.2) integrity verification is carried out to the source language message using Biba models;If being proved to be successful, step 3) is performed;If it tests
Information transmission is then refused in card failure
3) the source language message is sent to ground system, sign off by management virtual machine.
Other each domains are identical with above-mentioned closure domain and ground system communication mode with the secure communication flow of ground system.
Then, information exchange is specifically carried out between aircraft network system domain for being closed the information exchange in domain and privately owned domain
Method be described:
1) communication starts, and originating party domain (being closed domain) is sent to the virtual machine of virtual interaction system after being encrypted to the source language message
(virtual machine 1);
2) after virtual machine (virtual machine 1) receives the source language message, the originating party domain (being closed domain) of judgement and debit domain are (privately owned
Domain) safe class grade whether match;If matching, performs step 3);If mismatching, what kind of carries out using virtual machine
After processing, step 3) is performed;
3) the source language message is sent to management virtual machine by virtual machine (virtual machine 1), manages virtual machine call security module pair
The source language message carries out authentication and integrity verification;
3.1) authentication of the source language message;
3.1.1) originating party domain (being closed domain) obtains one to the source language message Hash operation of transmission
A cryptographic Hash obtains digital digest MD;
3.1.2) originating party domain (be closed domain) carries out digital digest MD using asymmetric RSA Algorithm with the private PVA of oneself
Encryption is to get digital signature DS;
3.1.3) originating party domain (be closed domain) with symmetric key to the source language message, digital signature DS and originating party domain system certificate
Public key PBA is encrypted, and obtains encryption information E;
3.1.4) originating party domain (be closed domain) is added using RSA Algorithm symmetric key SK with the public key PBB in debit domain (privately owned domain)
It is close, form digital envelope DE;
3.1.5) originating party domain (being closed domain) sends out encryption information E and digital envelope DE by management virtual machine (virtual machine 1)
It send to ground system;
3.1.6 after) debit domain (privately owned domain) receives digital envelope DE, digital envelope is decrypted using the private key PVB of oneself,
Take out symmetric key SK;
3.1.7) debit domain (privately owned domain) decrypts encryption information E with symmetric key SK by DES algorithms, restores original text letter
The public key PBA of breath, digital signature DS and originating party Closed domains certificate;
3.1.8) debit domain (privately owned domain) verification digital signature DS, first with the public key decryptions number label of originating party domain (being closed domain)
Name obtains digital digest MD;
3.1.9) debit domain (privately owned domain) and meanwhile by the source language message with step 1.3.1.1) same operation, acquire one
New digital digest MD ';Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, is then performed
Step 3.2);
Otherwise refuse the signature, it is believed that the source language message is not safe transmission, refusal information transmission
3.2) integrity verification is carried out to the source language message using Biba models;If being proved to be successful, step 4) is performed;If it tests
Information transmission is then refused in card failure
4) management virtual machine the source language message is sent to debit domain (privately owned domain), sign off.
Secure communication flow between other each domains is similar with above-mentioned closure domain and privately owned field communication mode.
Herein, it needs to illustrate the model that information integrity verification uses in the above method:
The access control of aviation exchange system is divided into top-secret, secret, secret and open etc. several according to Permission Levels
Class;--- BLP models are to be existed in 1973 by D.Bell and J.LaPadula《Mathematical founda-ons and
model》It is proposed and be subject to it is perfect, it according to the safety policy of the military design, solution essence topic be to level of confidentiality divide believe
The access control of breath, be first ratio more fully formalization method to system safely carry out Strict Proof mathematical model, quilt
It extensively should be in the safety problem of description computer system.User is strictly controlled to be visited according to the level of confidentiality belonging to oneself using BLP models
It asks.In BLP models, level of confidentiality is the either element in set { top-secret, secret, secret, openly }, this set is total order, i.e.,:Absolutely
It is close>Secret>It is secret>It is open.In BLP models, the set of security attribute forms the lattice for meeting partial ordering relation
(Lattice), this partial ordering relation is known as dominating (Dominate) relationship.BLP models distribute one to each user in system
Security attribute (also known as sensitive grade), it is reflected to user not by sensitive information leakage to not holding corresponding security attribute user
Confidence level.User activated process will also authorize this security attribute.BLP models also distribute one to each object in system
Security attribute, it reflects the susceptibility of information in object, also reflects without permission to the user for not allowing to access the information
Reveal the potential threat caused by these information.
The access of main object must satisfy following two rules, such as Fig. 3 in BLP models:
1st, simple and safe rule, only when the sensitivity level of main body includes visitor not less than object sensitivity level and the category set of main body
During body, the main body is just allowed to read the object.I.e. main body can only read level of confidentiality equal to or less than its object, that is to say, that main body can only
From lower reading, and cannot be from upper reading;
2nd, star rule, only when the sensitivity level of main body includes not higher than the category set of object sensitivity level and object the class of main body
When not gathering, the main body is just allowed to write the object.I.e. main body can only write level of confidentiality equal to or higher than its object, that is to say, that main body
It can only write, and cannot write downwards upwards.
Above-mentioned two rule ensure that the one-way flow of information, i.e. information can only be flowed to the direction of high safety attribute, energy
Enough meets the needs of avionics system high safety.
But BLP model Special attention will be given to information is flowed to the direction of high safety grade, but to the complete of high safety grade information
Property protection have insufficient emphasis on.For the integrality demand of avionics system information, ensured using Biba models.
Biba models are the first models for being related to computer system integrity, are issued within 1977.Biba models will be complete
Property threaten and be divided into from subsystem internal and external threat.If a component of subsystem is malice or incorrect,
Then generate inside threat;If subsystem attempt by wrong data or it is incorrect call a function to change another be
System, then generate outside threat.Biba thinks that inside threat can be solved by program test or inspection.So main needle of model
To outside threat, solves the first aim of integrality:Prevent distorting for unauthorized user.Biba models are primarily directed to letter
In terms of ceasing integrity protection.Similar with BLP models, Biba models integrity levels are instead of sensitivity in BLP models etc.
Grade, and the limitation of access control is just with BLP models on the contrary, such as Fig. 4.
(1) simple complete rule is only more than or equal to the full stage of object and the category set of main body when the full stage of main body
During classification collection comprising object, the main body is just allowed to write the object.I.e. main body can only be write downwards, and cannot write upwards, that is,
Say that main body can only write (modification) integrity grade equal to or less than its object;
(2) integrality restricts rule (star rule), only when the full stage of main body is not higher than object full stage and the class of object
When Ji He not include the category set of main body, the main body is just allowed to read the object.I.e. main body can only be from upper reading, and cannot be under
It reads.
Claims (1)
1. a kind of aviation exchange system based on virtual machine, it is characterised in that:Including aircraft network system, virtual interaction system with
And ground system;The aircraft network system is in communication with each other by virtual interaction system and ground system;
The virtual interaction system includes virtual machine, security module and management virtual machine;
The management virtual machine reception treats interactive information and sends it to security module;
Information to be interacted is encrypted/decrypted by the security module, authentication, fire wall, access control, integrality are tested
Card;
Different security level informations can be in communication with each other between the virtual machine is used to implement aircraft network system domain;
The aircraft network system is comprised the concrete steps that by virtual machine system with what ground system was in communication with each other:
A1) communication starts, and aircraft network system is sent to the management virtual machine of virtual interaction system after being encrypted to the source language message;
A2) management virtual machine call security module carries out authentication and integrity verification to the source language message;
A2.1) the authentication of the source language message;
A2.1.1) aircraft network system carries out operation to the source language message of transmission, obtains digital digest MD;
A2.1.2) the aircraft network system private key PVA of oneself, is encrypted to get digital signature DS digital digest MD;
A2.1.3) aircraft network system symmetric key is to the public affairs of the source language message, digital signature DS and aircraft network system certificate
Key PBA is encrypted, and obtains encryption information E;
A2.1.4) the public key PBB of aircraft network system ground system, symmetric key SK are encrypted, and form digital envelope DE;
A2.1.5) encryption information E and digital envelope DE is sent to ground system by aircraft network system by management virtual machine;
A2.1.6 after) ground system receives digital envelope DE, digital envelope is decrypted using the private key PVB of oneself, is taken out symmetrical
Key SK;
A2.1.7) ground system symmetric key SK is by decrypting encryption information E, restore the source language message, digital signature DS and
The public key PBA of originating party Closed domains certificate;
A2.1.8) ground system verification digital signature DS, first obtains digital pluck with the public key decryptions digital signature of aircraft network system
Want MD;
A2.1.9) ground system simultaneously by the source language message with step A2.1.1) same operation, acquire a new number and pluck
Want MD ';Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, then performs step
A2.2);Otherwise refuse the signature, it is believed that the source language message is not safe transmission, then refuses the transmission of information;
A2.2 integrity verification) is carried out to the source language message using Biba models;If being proved to be successful, step A3 is performed);If verification
Failure, then refuse the transmission of information;
A3) the source language message is sent to ground system, sign off by management virtual machine;
The virtual machine is used to implement the specific steps that different security level informations can be in communication with each other between aircraft network system domain
It is:
B1) communication starts, and originating party domain is sent to the virtual machine of virtual interaction system after being encrypted to the source language message;
B2 after) virtual machine receives the source language message, whether the originating party domain of judgement and the safe class grade in debit domain match;
If matching, performs step B3);
If mismatching, the promotion and demotion that safe class is carried out using virtual machine are handled so that the safety in originating party domain and debit domain etc.
After grade matches, step B3 is performed);
B3) the source language message is sent to management virtual machine by virtual machine, and management virtual machine call security module carries out the source language message
Authentication and integrity verification;
B3.1) the authentication of the source language message;
B3.1.1) originating party domain carries out operation to the source language message of transmission, obtains digital digest MD;
B3.1.2) originating party domain is encrypted to get digital signature DS digital digest MD with the private key PVA of oneself;
B3.1.3) originating party domain carries out the public key PBA of the source language message, digital signature DS and originating party domain system certificate with symmetric key
Encryption, obtains encryption information E;
B3.1.4) the public key PBB of originating party domain ground system, symmetric key SK are encrypted, and form digital envelope DE;
B3.1.5) encryption information E and digital envelope DE is sent to ground system by originating party domain by management virtual machine;
B3.1.6 after) debit domain receives digital envelope DE, digital envelope is decrypted using the private key PVB of oneself, is taken out symmetrical close
Key SK;
B3.1.7) symmetric key SK in debit domain restores the source language message, digital signature DS and hair by decrypting encryption information E
Side is closed the public key PBA of domain certificate;
B3.1.8) debit domain verification digital signature DS, first obtains digital digest MD with the public key decryptions digital signature in originating party domain;
B3.1.9) debit domain simultaneously by the source language message with step B3.1.1) same operation, acquire a new digital digest
MD’;Two digital digests MD and MD ' are compared, whether verification original text is changed;
If both MD and MD ' are equal, illustrate that data are not tampered with, the source language message is safe transmission, then performs step
B3.2);
Otherwise refuse the signature, it is believed that the source language message is not safe transmission, refuses the transmission of information;
B3.2 integrity verification) is carried out to the source language message using Biba models;If being proved to be successful, step B4 is performed);
If authentication failed, refuse the transmission of information;
B4) management virtual machine the source language message is sent to debit domain, sign off;
Include being closed domain, privately owned domain and open domain between the domain;The closure domain is for the flight that ensures safety;The privately owned domain generation
Table provides the service of the airplane operation or passenger requirements for access unrelated with safe flight;The open domain, which represents, is supplied to passenger's
Open network service;
There are three the virtual machine settings, and three virtual machines correspond setting with three domains respectively.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410714131.6A CN104486300B (en) | 2014-11-29 | 2014-11-29 | Aviation exchange system and method based on virtual machine |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410714131.6A CN104486300B (en) | 2014-11-29 | 2014-11-29 | Aviation exchange system and method based on virtual machine |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104486300A CN104486300A (en) | 2015-04-01 |
CN104486300B true CN104486300B (en) | 2018-07-03 |
Family
ID=52760804
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410714131.6A Active CN104486300B (en) | 2014-11-29 | 2014-11-29 | Aviation exchange system and method based on virtual machine |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104486300B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10652027B2 (en) * | 2015-10-20 | 2020-05-12 | The Boeing Company | Airplane identity management with redundant line replaceable units (LRUs) and composite airplane modifiable information (AMI) |
CN105933284B (en) * | 2016-04-01 | 2019-05-28 | 西安电子科技大学昆山创新研究院 | A kind of Biba improved model and system based on BTG mechanism |
CN107181765A (en) * | 2017-07-25 | 2017-09-19 | 光载无限(北京)科技有限公司 | Network digital identity identifying method based on block chain technology |
CN109831438B (en) * | 2019-02-19 | 2022-03-11 | 中国航空工业集团公司西安航空计算技术研究所 | Two-way communication system and method between avionic network domain and information network domain based on virtualization |
CN114153227B (en) * | 2021-11-30 | 2024-02-20 | 重庆大学 | Unmanned aerial vehicle group key extraction and security authentication method based on GPS signals |
CN117579275B (en) * | 2024-01-16 | 2024-04-12 | 中国民用航空飞行学院 | Information security management method, system and storage medium based on aviation data |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101908962A (en) * | 2009-12-24 | 2010-12-08 | 中国航空工业集团公司第六三一研究所 | Key management method for integrated avionic system |
CN102609841A (en) * | 2012-01-13 | 2012-07-25 | 东北大学 | Remote mobile payment system based on digital certificate and payment method |
CN102710605A (en) * | 2012-05-08 | 2012-10-03 | 重庆大学 | Information security management and control method under cloud manufacturing environment |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8615384B2 (en) * | 2007-10-31 | 2013-12-24 | The Boeing Company | Method and apparatus for simulating aircraft data processing systems |
-
2014
- 2014-11-29 CN CN201410714131.6A patent/CN104486300B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101908962A (en) * | 2009-12-24 | 2010-12-08 | 中国航空工业集团公司第六三一研究所 | Key management method for integrated avionic system |
CN102609841A (en) * | 2012-01-13 | 2012-07-25 | 东北大学 | Remote mobile payment system based on digital certificate and payment method |
CN102710605A (en) * | 2012-05-08 | 2012-10-03 | 重庆大学 | Information security management and control method under cloud manufacturing environment |
Non-Patent Citations (2)
Title |
---|
云计算虚拟机防护系统设计与实现;王景学;《中国优秀硕士学位论文全文数据库》;20141115;正文第17-36页 * |
综合化航空电子系统中基于可信计算的访问控制模型;崔西宁,沈玉龙,马建峰,谢克嘉;《通信学报》;20091130;第30卷(第11A期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN104486300A (en) | 2015-04-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104486300B (en) | Aviation exchange system and method based on virtual machine | |
CN104639516B (en) | Identity identifying method, equipment and system | |
US8380981B2 (en) | System and method that uses cryptographic certificates to define groups of entities | |
CN104539598B (en) | A kind of improvement Tor secure anonymous network communicating system and method | |
CN104735065B (en) | A kind of data processing method, electronic equipment and server | |
CN105162797B (en) | A kind of mutual authentication method based on video monitoring system | |
CN103238305A (en) | Accelerator system for use with secure data storage | |
CN103974255B (en) | A kind of vehicle access system and method | |
CN106295374B (en) | A kind of encryption Hub device for supporting multiple UFS equipment | |
CN106100836A (en) | A kind of industrial user's authentication and the method and system of encryption | |
CN105873031A (en) | Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform | |
CN109361718A (en) | Identity identifying method, device and medium | |
CN112532656B (en) | Block chain-based data encryption and decryption method and device and related equipment | |
CN106302334A (en) | Access role acquisition methods, Apparatus and system | |
CN110365486A (en) | A kind of certificate request method, device and equipment | |
CN107465681A (en) | Cloud computing big data method for secret protection | |
CN107332858A (en) | Cloud date storage method | |
CN103475474A (en) | Method for providing and acquiring shared enciphered data and identity authentication equipment | |
CN103259689A (en) | Method for changing password of equipment and recovering password after failure | |
CN103310159A (en) | Method and system for safely taking out electronic file with mobile intelligent terminal | |
CN106789928A (en) | Unlocking method and device based on system bidirectional authentication | |
CN110198320A (en) | A kind of ciphered information transmission method | |
CN106295372B (en) | A kind of encryption Hub device realized based on EMMC interface | |
CN106254341A (en) | Data fingerprint extracting method and system for centralized electronic data safety system | |
Garg et al. | Investigation of Cloud Computing Security Issue. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |