Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols
| dc.contributor.author | Saleem, Ahsan | |
| dc.contributor.author | Turtiainen, Hannu | |
| dc.contributor.author | Costin, Andrei | |
| dc.contributor.author | Hämäläinen, Timo | |
| dc.contributor.editor | Lehto, Martti | |
| dc.contributor.editor | Karjalainen, Mika | |
| dc.date.accessioned | 2024-06-27T12:22:58Z | |
| dc.date.available | 2024-06-27T12:22:58Z | |
| dc.date.issued | 2024 | |
| dc.identifier.citation | Saleem, A., Turtiainen, H., Costin, A., & Hämäläinen, T. (2024). Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols. In M. Lehto, & M. Karjalainen (Eds.), <i>Proceedings of the 23rd European Conference on Cyber Warfare and Security</i> (23, pp. 446-456). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. <a href="https://doi.org/10.34190/eccws.23.1.2250" target="_blank">https://doi.org/10.34190/eccws.23.1.2250</a> | |
| dc.identifier.other | CONVID_220853449 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/96208 | |
| dc.description.abstract | During the past few decades, the aviation, maritime, aerospace, and search-and-rescue domains have witnessed tremendous improvement thanks to technological, digitalization and Internet of Things (IoT) advances such as Automatic Dependent Surveillance–Broadcast (ADS-B) (e.g., Aviation IoT, Airports IoT) and Automatic Identification System (AIS) (e.g., Maritime IoT). All these are high-profile examples of new digital communication protocols combined with IoT devices that make efficient use of wide-area earth and space radio communications to provide real-time, truly globally interoperable, and optimised services required by these domains. However, the protocols and technologies mentioned above, both from an architectural and implementation point of view, exhibit fundamental cybersecurity weaknesses (both at protocol and IoT device level). These weaknesses make them an easy target for potential attackers. The two fundamental flaws of these protocols are the lack of digital signatures (i.e., integrity and authenticity) and the lack of encryption (i.e., confidentiality and privacy). The risks associated with these, and other weaknesses have been over the last decade repeatedly demonstrated with ease by ethical cybersecurity researchers. In this paper, we design, propose, and discuss a single generic PKI-enabled message integrity and authenticity scheme that works seamlessly for any of the ADS-B, and AIS, with the possibility of easy extension and integration into other protocols (e.g., ACARS). Our scheme can be added as backward-compatible software upgrades (e.g., third-party library) to existing systems without requiring expensive architectural redesign, upgrades, and retrofitting. Our present work is aimed to serve as a bootstrap to securing such insecure protocols without completely replacing or redesigning the systems. It also aims to provide a discussion background of advantages and limitations of such backward-compatible securing methods. | en |
| dc.format.mimetype | application/pdf | |
| dc.language.iso | eng | |
| dc.publisher | Academic Conferences International Ltd | |
| dc.relation.ispartof | Proceedings of the 23rd European Conference on Cyber Warfare and Security | |
| dc.relation.ispartofseries | Proceedings of the European Conference on Cyber Warfare and Security | |
| dc.rights | CC BY-NC-ND 4.0 | |
| dc.subject.other | cybersecurity | |
| dc.subject.other | protocol upgrades | |
| dc.subject.other | message authentication | |
| dc.title | Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols | |
| dc.type | conferenceObject | |
| dc.identifier.urn | URN:NBN:fi:jyu-202406275050 | |
| dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
| dc.contributor.laitos | Faculty of Information Technology | en |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | |
| dc.type.coar | http://purl.org/coar/resource_type/c_5794 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 446-456 | |
| dc.relation.issn | 2048-8602 | |
| dc.relation.numberinseries | 1 | |
| dc.relation.volume | 23 | |
| dc.type.version | publishedVersion | |
| dc.rights.copyright | © 2024 European Conference on Cyber Warfare and Security | |
| dc.rights.accesslevel | openAccess | fi |
| dc.relation.conference | European Conference on Cyber Warfare and Security | |
| dc.subject.yso | kyberturvallisuus | |
| dc.subject.yso | todentaminen | |
| dc.subject.yso | protokollat (tietoliikenne) | |
| dc.format.content | fulltext | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p26189 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p24130 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p9894 | |
| dc.rights.url | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.relation.doi | 10.34190/eccws.23.1.2250 | |
| jyx.fundinginformation | Hannu Turtiainen thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (www.skr.fi) for supporting his Ph.D. dissertation work and research (grant decision no. 00231412). | |
| dc.type.okm | A4 |
Aineistoon kuuluvat tiedostot
Aineisto kuuluu seuraaviin kokoelmiin
Ellei muuten mainita, aineiston lisenssi on CC BY-NC-ND 4.0