hyhorshuv - United Kingdom Hydrographic Office

More documents

Recommendations

Info

ARCS Implementation Additional Notes for Licensed Developers Version 1.4 February 2000 ‘1234’ within your software. Thus the PIN will always be available to the application rather than needing the end user to type it in. In this case consideration should be given to providing a screen display showing both User Permit and PIN number so that the user cannot ‘loose’ this important information. The display of the User Permit, either at system start up or via an information display screen, is very useful to all users as the system documentation you supply to the user can sometimes get lost. The screen display of the User Permit number will enable the user to order chart permits without recourse to the system documentation. If your software supports several data types, it is possible for the user to want to buy his first set of ARCS charts some time after buying the system. Consequently, the system should be capable of displaying the User Permit without the user having loaded any ARCS charts. Invalid licence file (ARCS01) As with the PIN number above, the check sum on the licence file is not part of the mechanism securing the ARCS data from copying. Hence, although ARCS01 must be displayed whenever the system displays data from a modified licence file, its presence should not prevent the system functioning at other times. Systems should therefore be designed so that charts can be displayed even if the licence file is corrupt or missing altogether. However, the check sum (MAC) must be checked each time the licence file is accessed and, if corrupt (or missing), ARCS01 is to be displayed alongside the displayed information. Skipper service warnings ARCS 16, 17 and 18 (Loaded chart data not in line with Chart Permit): These messages do not now have to be permanently displayed. The messages were designed to alert users to the fact that the chart being used is out of date for Notices to Mariners. An existing Skipper user, when purchasing additional ARCS charts is given the latest available Update CD. If his system uses the entire CHART.CAT file on the Update CD when installing the additional charts he is likely to get ARCS 16 messages when using the original charts. Whilst such a message is informative it should not detract from the usability of the chart or system. Repeated display of this information each time a chart is viewed, especially if the error message is prominent or disrupts the area of chart display itself, can be annoying to the user. See also section 4.5 below. Navigator service warnings ARCS 08 (Licence near to expiry): This message is to alert the user that the licence will have to be renewed by the end of the month. Feedback has indicated that the user does not want to clear a message every time a different chart is displayed but he should be alerted to the fact that the licence is in its final month at least twice a day. It is for manufacturers to decide how this error message is conveyed, although user feedback suggests that a clearable message prompted by a timer function is preferable. ARCS 09 (licence expired): This remains as the only permanent warning message that is displayed whilst charts are in use. Although the warning must be prominent it should not prevent sensible use of the charts. 3.4 Null characters Null characters can occur in any of the encryption variables (e.g. UIDs, User Permit, chart keys etc). You should be aware that string-handling functions, especially within ‘C’ do not cope well with a null character within a string. This has resulted in the creation of invalid user permits and the incorrect decryption of certain charts. Since this aspect is not specifically tested during the system evaluation, please ensure that all software handling the encryption variables can cope with null characters in any location. 14
ARCS Implementation Additional Notes for Licensed Developers Version 1.4 February 2000 3.5 Protection of manufacturer codes and chart keys at run-time Where a hardware security device (dongle) is being used the UID, PIN and MCDP values are generally stored in it. The application software must obtain this information to calculate the chart key. Once used to calculate the chart key this information should be cleared from RAM. The chart key may reside in RAM and can be used to decrypt additional tiles as required whilst the chart remains active. Please contact the UKHO if you wish to hold more than one chart key in RAM; this must be explained in your Security Implementation Report. The clearing of the UID etc from RAM after each use ensures that the dongle has to be present when a chart is loaded for display. Manufacturers must also ensure that the system ceases to operate if the dongle is removed after the application has been started. 3.6 Network Implementations On a networked system, a ‘dongle’ or some other security device must control the number of concurrent users of the application. UKHO Proprietary Information stored in the dongle and required for chart decryption must be passed across the network in encrypted form. Within network systems, the local system must perform the decryption. It is not permissible for the server to undertake the decryption and then pass the decrypted image across the network. If you supply multi user versions of you software, you should include, with your 6 monthly User Permit returns, details of how many users each dongle allows. This will enable us to confirm that the customer actually ordered a similar number of licences. 3.7 Speeding up Decryption - Storage of IVs The initialisation vectors (IVs) for the decryption algorithm are chart / tile specific but are not ‘sensitive’ like the chart key. You may therefore create IVs when loading chart data from CD. The values could be stored in a modified index (.CHI, .LOI) file or as a separate file of your choosing. By accessing ‘preprocessed’ IVs some processing time will be saved during decryption. IVs must be re-created when a new version of a base chart is loaded from either an Area or an Update CD, they remain valid for tiles corrected for notice to mariners on the Update CD. 15
Page 1 and 2: ARCS Implementation Additional Note
Page 13: ARCS Implementation Additional Note

hyhorshuv - United Kingdom Hydrographic Office

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?