| SWIM(System Wide Information Management) is defined as the information sharing mechanism of NGATM(Next Generation Air Traffic Management) by ICAO(International Civil Aviation Organization). The Next Gen(Next Generation Air Transportation System) of America and SESAR(Single European Sky Air Traffic Management Research) of European both adopt SWIM to build consolidated, flexible and efficient information sharing framework which is one of the basic and pivotal technology to achieve the message sharing and switching in new air traffic management ATM.To prevent SWIM system and underlying services from being attacked, ensure the data integrity, and manage the data type and its storage or reading approaches by system and users, the access control strategy and method of SWIM system are studied.Firstly, on the basis of comparing and analyzing the merits and demerits of different access control methods, according to the SOA(Service-Oriented Architecture), a SWIM access control strategy based on ABE(Attribute-Based Encryption) is proposed,then the article analyzes the attributes of three entities in SWIM system and defines their attributes; designs the SWIM access control method which is based on the CP-ABE(Ciphertext Policy ABE), and analyzes its security. The result of the simulation experiment indicates that this method can achieve the fine-grained attribute authority of SWIM, ensures the data security and privacy protection in SWIM system.To realize the flexible attribute authority services in SWIM system, a method of attribute revocation is proposed. This method combines the key version number and KEK(Key Encryption Key) tree, introduces the proxy re-encryption technology,implement attribute revocation in SWIM and analyzes its data confidentiality and security. The analyzing result shows this scheme can implement the attribute revocation in SWIM system, ensure the the data security of SWIM, realize the effective permission control and provide guarantee for the SWIM security services framework. |
PDF Full Text Request