| The sources of information of modern air traffic control system is related to navigation, weather information , airspace and traffic management, airport operations and other applications. At the present time, these applications are independent and the system information is quite different in the type, structure and protocols. With the diversity of air traffic control information, the requirements of air traffic control information processing, data exchange and services have been greatly improved. How to effective integrate these services has gradually become an important factor of the efficiency of aviation operations and the safety of air transport. It is a bottleneck problem and urgent to be solved in the field of air traffic control. Service-Oriented Architecture (SOA) is an effective way to solve the problem. However, the unique features of SOA introduce some new security threats to the system. So it is particularly important to establish a set of security model to meets the needs and to get effective protection for the air traffic control system.In this paper, Combined with the features of China's civil aviation management information system, from the actual situation of China's civil aviation control, it propose the security threats, the corresponding security requirements and the security problems need to be solved. And then based on Web service's standards for security protocols and some related safety technology, I detailed analyze and design a security model, which is apply to the use of Web services technology to implement civil aviation management system based on SOA. In this article, I focus on the following three main elements of the security model:1. How to ensure the safety release of service? By adhering to the standards of Web service's security protocols, we can extend the head of service registration message to achieve the release of service correctly, safely and effectively.2. How to ensure the safety and efficacy of data transmission in the system? Combined with the real business needs of civil aviation management, we can extend the head of SOAP message to achieve the safety of the transmission of messages in the inner of each service and between various services. In addition, at some special scenarios, this paper introduces an improved group signature encryption to meet the security requirements on identity and data validation. 3. How to achieve safe and effective implementation of the cross-domain access control and rights management between the various services in the system? By analyze some traditional access control models, I point out some inadequacies of them. Then I introduced a new type of next-generation access control models– usage control (UCON) model, which can resolve the issues of cross-domain access control between subsystems and rights management based on SOA.In the end of the article, accordance with the above security model, I partly simulate the proposed security model. |
PDF Full Text Request