Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
6.1.3 Authentication.<br />
Authentication directly impacts the follow<strong>in</strong>g entities:<br />
• Communications protocols should be deployed with their security turned on (see section<br />
4.5). This means that rout<strong>in</strong>g protocols should be configured to use the appropriate<br />
password and HMAC for that deployment. The password needs to be unique for that<br />
system and protected via best current practices password protection mechanisms. Mutual<br />
authentication should be used whenever possible. This implies that human users and<br />
devices should both be assigned an appropriate identity by the authentication system used<br />
by the deployment (e.g., Kerberos, PKI, [82]). This, <strong>in</strong> turn, implies that the best<br />
common practice for that authentication system should be followed.<br />
• Devices (both end system and <strong>in</strong>termediate system) and software with higher safety<br />
requirements should be designed so that they cannot be misconfigured, <strong>in</strong>clud<strong>in</strong>g their<br />
nam<strong>in</strong>g (if any) and address<strong>in</strong>g assignments, if possible. Devices and applications with<br />
more modest safety requirements need to ensure that their adm<strong>in</strong>istrators are<br />
authenticated and that adm<strong>in</strong>istrative authorizations (<strong>in</strong>clud<strong>in</strong>g access control) are <strong>in</strong><br />
accordance with the separation of duties with least privilege pr<strong>in</strong>cipals.<br />
• Applications should ensure that their users (both processes and humans) are authenticated<br />
and, if applicable, their access control limited by separation of duties with least privilege.<br />
Authentication of human users should preferentially require two factored authentication<br />
(e.g., password plus PKI identity).<br />
The ultimate goal of airborne security controls (<strong>in</strong>clud<strong>in</strong>g the authentication system) is to prevent<br />
safety failures. Physical techniques, along with policies and procedures, should be considered<br />
where practical. Remote access to safety-critical components should be m<strong>in</strong>imized; however,<br />
where they are justified, authentication must be required.<br />
Authentication of airborne entities would be materially strengthened if the airborne<br />
authentication system were a constituent part of the same <strong>in</strong>tegrated authentication <strong>in</strong>frastructure<br />
serv<strong>in</strong>g both airborne and NAS systems. A number of candidate technologies could serve as the<br />
basis for such an authentication <strong>in</strong>frastructure. The requirements of such an <strong>in</strong>frastructure are<br />
that a common identity system needs to be created system-wide for humans and devices that<br />
populate the total system. These identities need to be authenticated by means of a common<br />
technology <strong>in</strong>frastructure <strong>in</strong> accordance with best IA practices. The authentication system may<br />
or may not also be associated with authorization or access control. Well-known candidates for<br />
authentication systems <strong>in</strong>clude PKI (see RFC 3280, RFC 4210, and RFC 3494), Kerberos (see<br />
RFC 4120); Remote Authentication Dial In User Service (see RFC 2138 and RFC 3580); and<br />
Authentication, Authorization, and Account<strong>in</strong>g (see RFC 3127 and RFC 3539) <strong>in</strong>clud<strong>in</strong>g<br />
Diameter (see RFC 3588 and RFC 4005). References 79 and 82 describe a PKI-based<br />
authentication system for the ATN. A choice of PKI to become an avionics authentication<br />
<strong>in</strong>frastructure correlates well with the extensive DoD PKI <strong>in</strong>frastructure that is currently be<strong>in</strong>g<br />
built by the DoD to support PKI with<strong>in</strong> DoD systems.<br />
78