Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Private key<br />
signature as part of the code-sign<strong>in</strong>g process provides the assurance that the CA has certified that<br />
the signer of the code is who they claim to be. Integrity occurs by us<strong>in</strong>g a signed hash function<br />
that authoritatively <strong>in</strong>dicates whether or not the result<strong>in</strong>g code has been tampered with s<strong>in</strong>ce it<br />
was signed.<br />
Executable<br />
Code<br />
Executable<br />
Code<br />
Hash<br />
algorithm<br />
One-way<br />
hash<br />
Certificate<br />
Code signer’s<br />
Certificate and<br />
public key<br />
Signed<br />
Certificate<br />
Signed Code<br />
Figure 24. Code- and Document-Sign<strong>in</strong>g Process<br />
Step 2: Generate Hash<br />
Executable<br />
Code<br />
Signed<br />
Certificate<br />
Signed Code<br />
Certificate<br />
Step 1:<br />
Inspect<br />
Certificate<br />
Executable<br />
Code<br />
Signed<br />
Hash<br />
algorithm<br />
Public key<br />
Step 3:<br />
Apply public key<br />
One-way<br />
hash<br />
Step 4:<br />
Compare<br />
One-way<br />
hash<br />
Figure 25. Code- and Document-Sign<strong>in</strong>g Verification Process<br />
A document may also be signed and verified. In all cases, what is assured by code and document<br />
sign<strong>in</strong>g is the authorship, <strong>in</strong>clud<strong>in</strong>g the verification that third parties have not subsequently<br />
modified the code (or document). In no case does the user receive any assurance that the code<br />
itself is safe to run or actually does what it claims. Thus, the actual value of code sign<strong>in</strong>g<br />
rema<strong>in</strong>s a function of the reliability and <strong>in</strong>tegrity of the <strong>in</strong>dividual that signed that software and<br />
the processes that support software development and ongo<strong>in</strong>g life cycle support. Code sign<strong>in</strong>g,<br />
therefore, is solely a mechanism for a software creator to assert the authorship of the product and<br />
validate that others have not modified it. It does not provide the end-user with any claim as to<br />
the code’s quality, <strong>in</strong>tent, or safety.<br />
76