Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA

More documents

Recommendations

Info

A.5 REFERENCES. A-1. Loscocco, P., Smalley, S., Muckelbauer, P., Taylor, R., Turner, S., and Farrell, J., “The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments,” Proceedings of the 31 st National Information Systems Security Conference, October, 1998, pp. 303-314. http://www.nsa.gov/selinux/papers/inevit-abs.cfm A-2. Skoudis, E., Counter Hack, Prentice Hall, 2002. A-3. Klevinsky ,T.J., Laliberte, S., and Gupta, A., Hack I.T., Addison-Wesley, 2002. A-4. A-5. A-6. Hatch, B. and Lee, J., Hacking Linux Exposed, Second Edition, McGraw-Hill/Osborne, 2003. Mourani, G., Securing and Optimizing Linux, The Hacking Solution, Third Edition, Open Network Architecture, Inc., 2001. McClure, S., Scambray, J., and Kurtz, G., Hacking Exposed: Network Security Secrets and Solutions, Osborne/McGraw-Hill, 1999. A-7. Rubin, A., White-Hat Security Arsenal: Tackling the Threats, Addison-Wesley, 2001. A-8. Barrett, D., Silverman, R., and Byrnes, R., Linux Security Cookbook, O’Reilly and Associates, 2003. A-9. Hatch, B. and Lee, J., Hacking Linux Exposed, Second Edition, Osborne Press, 2003. A-10. Toxen, B., Real World Linux Security, Second Edition, Prentice Hall, 2003, pp. 29. A-11. DoD 8551.1, Department of Defense Instruction Number 8551.1, “Ports, Protocols, and Services Management (PPSM),” August 13, 2004. A-12. Devanbu, P., Fong, P., and Stubblebine, S., “Techniques for Trusted Software Engineering,” Proceedings of the 20 th International Conference on Software Engineering, Kyoto, Japan, 1998. A-13. McGraw, G. and Felten, E., “Mobile Code and Security,” IEEE Internet Computing, Volume 2, Number 6, November/December 1998, pp. 26-29. A-14. Kay, R., “QuickStudy: Rootkits,” ComputerWorld Magazine (electronic version), January 30, 2006. http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,108119,00 .html?source=NLT_SEC&nid=108119 A-19
A-15. Barbir, A., Murphy, S., and Yang, Y., “Generic Threats to Routing Protocols,” RFC 4593, October 2006, 22 pages. http://www.ieff.org/rfc/rfc4593.txt A-16. Jones, E. and Le Moigne, O., “OSPF Security Vulnerabilities Analysis,” June 16, 2006. (a former [now expired] Internet-Draft document) A-17. Murphy, S. “BGP Security Vulnerabilities Analysis,” RFC 4272, January 2006. http://www.ietf.org/rfc/rfc4272.txt A-18. Department of Defense Directive (DoDD) 8500.1, “Information Assurance (IA),” October 24, 2002, ASD(C3I). A-20
Page 1 and 2:
DOT/FAA/AR-08/31 Air Traffic Organi
Page 3 and 4:
1. Report No. DOT/FAA/AR-08/31 4. T
Page 5 and 6:
5.4.2 Aircraft as a Node (MIP and M
Page 7 and 8:
11.1 Findings and Recommendations 1
Page 9 and 10:
22 Customer’s L3VPN Protocol Stac
Page 11 and 12:
LIST OF ACRONYMS AND ABBREVIATIONS
Page 13 and 14:
PBN PC PE PEP PFS PIB PIM-DM PIM-SM
Page 15 and 16:
This report states that the primary
Page 17 and 18:
1. INTRODUCTION. This is the final
Page 19 and 20:
protocol (IP)-based communications.
Page 21 and 22:
of linking aircraft-resident system
Page 23 and 24:
Industry and governments are extrem
Page 25 and 26:
2.1 NOTIONAL NETWORKED AIRCRAFT ARC
Page 27 and 28:
Other Control Sites Controller ATC
Page 29 and 30:
• The security viability of curre
Page 31 and 32:
alternative requires that parallel
Page 33 and 34:
Aircraft network security is a syst
Page 35 and 36:
4. NETWORK RISKS. This section spec
Page 37 and 38:
General Threat Identifiers FAILURE
Page 39 and 40:
esources so that the required real-
Page 41 and 42:
“With the rise of client-side att
Page 43 and 44:
• During an 11-month period (Apri
Page 45 and 46:
attempt the theft of passwords. Non
Page 47 and 48:
IP networks are organized in terms
Page 49 and 50:
either the user or the trusted soft
Page 51 and 52:
However, the previous paragraph beg
Page 53 and 54:
Table 1. Internet Engineering Task
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
• Lightweight directory access pr
Page 61 and 62:
mechanism to overcome the key distr
Page 63 and 64:
Deployments that need to support mu
Page 65 and 66:
Today’s Reality: Islands of Commu
Page 67 and 68:
Simultaneously, IP addresses are al
Page 69 and 70:
in-depth manner. Defense-in-depth m
Page 71 and 72:
Protection Detection Reaction / Neu
Page 73 and 74:
encrypted and then encapsulated wit
Page 75 and 76:
Internet (grouping of autonomous sy
Page 77 and 78:
via that same IP address. Specifica
Page 79 and 80:
deployments. Regional flights that
Page 81 and 82:
neighbor as a next hop after “Hol
Page 83 and 84:
Interface Interface Customer Site S
Page 85 and 86:
Interface Customer’s Application
Page 87 and 88:
Although the vast majority of PBN s
Page 89 and 90:
6. RELATING SAFETY AND SECURITY FOR
Page 91 and 92:
6.1.1 Integrity. As section 4.3 ind
Page 93 and 94:
As mentioned in section 4.4, the hi
Page 95 and 96:
6.1.4 Confidentiality. Confidential
Page 97 and 98:
their own classification level nor
Page 99 and 100:
integrity is not permitted to obser
Page 101 and 102:
software has been confirmed as leve
Page 103 and 104:
• Both safety and security are co
Page 105 and 106:
Device at Safety level X Device at
Page 107 and 108:
in a Biba Integrity Model environme
Page 109 and 110:
Common Criteria Classes ACM—Confi
Page 111 and 112:
(see section 9.10). A secure mechan
Page 113 and 114:
employed in security-critical appli
Page 115 and 116:
concept, which is needed to create
Page 117 and 118:
4. Learn from past mistakes. Poor d
Page 119 and 120:
exemplar airborne network architect
Page 121 and 122:
• Requirement 8: Biba Integrity M
Page 123 and 124:
Figure 31 shows how the recommended
Page 125 and 126:
to-live (TTL) field in the IP heade
Page 127 and 128:
using the traditional dual router i
Page 129 and 130:
mechanism relies upon the controlle
Page 131 and 132:
HAGs are high-assurance devices tha
Page 133 and 134:
8.3.5 Firewall. The firewall needs
Page 135 and 136:
(AJ) or low probability of intercep
Page 137 and 138:
design decisions that need to be de
Page 139 and 140:
9.2 INTEGRATED MODULAR AVIONICS IMP
Page 141 and 142:
9.3 USING PUBLIC IPs. The model and
Page 143 and 144:
alerted the pilots because the fail
Page 145 and 146: environments. If the certification
Page 147 and 148: DSS (FIPS 186 [81]). Code signing i
Page 149 and 150: elationship with other equipment in
Page 151 and 152: approach is to keep the log informa
Page 153 and 154: 11. SUMMARY. Current civilian aircr
Page 155 and 156: environments should be extended to
Page 157 and 158: 12. COTS computer systems cannot be
Page 159 and 160: 14. NAS and airborne network archit
Page 161 and 162: 22. If SWAP considerations permit,
Page 163 and 164: 11.2 TOPICS NEEDING FURTHER STUDY.
Page 165 and 166: 9. Lee, Y., Rachlin, E., and Scandu
Page 167 and 168: 32. Loscocco, P., Smalley, S., Muck
Page 169 and 170: 59. Raisinghani, V. and Sridhar, I.
Page 171 and 172: the following is a pointer to a rel
Page 173 and 174: Department of Defense Instruction N
Page 175 and 176: Information Assurance—The Departm
Page 177 and 178: Threat source—Either (1) intent a
Page 179 and 180: information found within these data
Page 181 and 182: (HTTP) traffic (port 80), port scan
Page 183 and 184: The simple network management proto
Page 185 and 186: opportunities to crack the hosting
Page 187 and 188: authorized to perform. 13 However,
Page 189 and 190: sniffers, log-cleaning scripts, and
Page 191 and 192: A.3.1 DENIAL OF SERVICE ATTACKS. Th
Page 193 and 194: • Disclosure: Disclosure of routi
Page 195: affected by the signal intermittenc
Page 199 and 200: Survey Question What is the primary
Page 201 and 202: Survey Question What is the primary
Page 203 and 204: should be emphasized that there is
show all

Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?