2010 ATA e-Business Forum
Effective information sharing through industry-wide collaboration
The ATA e-Business Forum is the industry's premier event to learn about the latest developments in information exchange standards to support engineering, maintenance, materiel and flight operations. The educational forum provides a high-level overview of the ATA e-Business Programme and the many specifications and industry initiatives underway to facilitate effective and efficient information sharing between airlines and their trading partners.
In addition to learning about the industry's most widely accepted e-business specifications for data exchange (iSpec 220, Spec 42, Spec 2300, Spec 2000 and S1000D), learn how the industry has attributed significant savings and operational efficiencies to the use of these global specifications.
SITA speakers
Mansour Rezaei-Mazinani: Secure and reliable regulatory e-Form exchange
Now that Chapter 16, Spec 2000 is well established, and FAA and EASA are authorizing the use of electronic Authorized Release Certificates, Industry is finalizing plans to introduce e-Forms on a significant scale. However, SITA market research indicates that many industry people outside the Purchasing / Logistics domain remain unsure about what constitutes an "e-Form", a "digital signature" and "reliable exchange". Many respondents believe that a scanned image of a signed, paper form is an e-Form or they are simply unaware of the changing regulatory position.
Recent work at the ATA and adaptation of regulations by the National Airworthiness Authorities have resulted in the definition of schemas for authorized release certificates, their digital signature and reliable exchanges of these regulatory e-Forms. Standardization forums including ATA, IATA and W3C have created the necessary specifications defining the framework and protocols to achieve the secure and reliable exchange of regulatory e-Forms namely; W3C XML signature, W3C XML encryption and IATA Type X standards.
The presentation provides a recap on the definition of an e-Form and provides an overview of W3C XML signature, W3C XML encryption and IATA Type X standards and shows how the combination of these standards can be used to enable the secure and reliable exchange of regulatory e-Forms to meet the air transport requirements for security and reliable exchange.
Mario Sabourin: What is an interoperable Public Key Infrastructure (PKI)?
Individuals, applications and machines all need digital identities (digital IDs). Digital IDs are critical for accessing, sharing and securing digital information. Without digital IDs, organizations cannot safely manage online relationships and transactions, nor can they grant or gain access to information on laptops, desktops, networks and servers. Most significantly, digital identities must be deployed and managed in a way that allows security services to be delivered consistently in line with auditable policies. Digital IDs must also be low cost to administer; easy-to-use; and, essentially within the Air Transport Industry, interoperable without compromising cyber security.
New generation aircraft incorporate network architectures and interfaces that may introduce new systems' security vulnerabilities to the aircraft. These new vulnerabilities have the potential, at least theoretically, to jeopardize aircraft safety. Ensuring secure communication is a critical success factor for the growth of existing and emerging broadband service ecosystems such as Wi-Fi, WiMAX, GSM Long Term Evolution (LTE) and others, and for the deployment of new 'connected' aircraft types. The end-game is to achieve the operational benefits and efficiencies offered by new generation aircraft, whilst securely leveraging the latest communications technologies and protecting these from cyber-attack.
This presentation will present the results of recent work conducted by the ATA Digital Security workgroup (DSWG) in the area of interoperability. Through the sharing of community experiences and lessons learned, the author will present ATA DSWG recommendations specific to two areas said to be of high priorities to airlines:
- What should a PKI environment include to support the various use cases that an airline needs to address today or is to address in the near future?
- What should an airline do, in terms of PKI, to ensure that they could leverage the Gatelink standard implementation in a global scale, both at their hubs and outstations?
Share or bookmark with:
Facebook
Twitter
Digg
Delicious
Technorati
