System and method for providing security aboard a moving platform
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
H04L-009/00
출원번호
US-0813973
(2010-06-11)
등록번호
US-8402268
(2013-03-19)
발명자
/ 주소
Dierickx, Michael
출원인 / 주소
Panasonic Avionics Corporation
대리인 / 주소
Orrick, Herrington & Sutcliffe LLP
인용정보
피인용 횟수 :
11인용 특허 :
301
초록▼
A system for providing network security on a vehicle information system and methods for manufacturing and using same. The security system comprises an all-in-one security system that facilitates security system functions for the vehicle information system. Exemplary security system functions include
A system for providing network security on a vehicle information system and methods for manufacturing and using same. The security system comprises an all-in-one security system that facilitates security system functions for the vehicle information system. Exemplary security system functions include secure storage of keys used to encrypt and/or decrypt system data, security-related application programming interfaces, a security log file, and/or private data. The security system likewise can utilize antivirus software, anti-spyware software, an application firewall, and/or a network firewall. As desired, the security system can include an intrusion prevention system and/or an intrusion detection system. If the information system includes a wireless distribution system, the security system can include an intrusion prevention (and/or detection) system that is suitable for use with wireless network systems. Thereby, the security system advantageously can provide a defense in depth approach by adding multiple layers of security to the information system.
대표청구항▼
1. A security appliance, comprising: a general purpose computer for running an operating system configured to programmatically execute a plurality of software modules and to interface with a plurality of access points within a distribution system of a selected information system,wherein said plurali
1. A security appliance, comprising: a general purpose computer for running an operating system configured to programmatically execute a plurality of software modules and to interface with a plurality of access points within a distribution system of a selected information system,wherein said plurality of software modules provides a plurality of security functions including at least two of an antivirus module, a security log module, a payment processing module, a firewall module, a hardware security module, an intrusion detection/prevention module, and a network interface module, andwherein said security appliance is disposed within a single line replaceable unit for installation within the distribution system. 2. The security appliance of claim 1, wherein said network interface facilitates bi-directional communications between the selected information system and an external communication connection. 3. The security appliance of claim 2, wherein said external communication connection includes at least one of a secure wired communication connection, a secure wireless communication connection, a broadband communication connection, a cellular communication connection, and a Universal Serial Bus communication connection. 4. The security appliance of claim 2, wherein said external communication connection is configured to transmit secure data to a processing system that is remote from the selected information system. 5. The security appliance of claim 4, wherein said secure data is selected from a group consisting of credit card data, medical data, and data that is protected under applicable law. 6. The security appliance of claim 1, wherein said intrusion detection/prevention module is configured to identify unauthorized access to a wireless distribution system of the selected information system. 7. The security appliance of claim 1, wherein said hardware security module is accredited to at a security level of at least Federal Information Processing Standard (FIPS) Level 2. 8. The security appliance of claim 1, wherein the distribution system interfaces with said security appliance via a fiber communications medium. 9. The security appliance of claim 1, wherein the operating system comprises a Linux-based operating system. 10. The security appliance of claim 1, wherein the selected information system is installed aboard a passenger vehicle. 11. The security appliance of claim 1, further comprising a biometric authentication device for preventing unauthorized access to the selected information system, said biometric authentication device communicating with the distribution system of the selected information system. 12. The security appliance of claim 11, wherein said biometric authentication device is selected from a group consisting of a face scanner, a hand scanner, a fingerprint scanner, a retina scanner, and an iris scanner. 13. The security appliance of claim 11, wherein said biometric authentication device is associated with a crew panel system of the selected information system. 14. A vehicle information system suitable for installation aboard a passenger vehicle, comprising: a content source; anda distribution system for communicating with said content source and including the security appliance of claim 1. 15. An aircraft, comprising: a fuselage and a plurality of passenger seats arranged within the fuselage; anda vehicle information system, said vehicle information system coupled with said fuselage and comprising: a headend system that provides overall system control functions for said vehicle information system and that includes a content source;a user interface system that includes a user input system for selecting viewing content available from said content source and a content presentation system for presenting the selected viewing content; anda distribution system that distributes the selected viewing content throughout said vehicle information system and that includes the security appliance characterized by claim 1. 16. A method for providing network security for an information system, comprising: disposing a general purpose computer within a single line replaceable unit;installing the line replaceable unit within a distribution system of the information system; andenabling the general purpose computer to execute a plurality of software modules that are configured to interface with a plurality of access points within a distribution system of the information system, wherein the plurality of software modules provide a plurality of security functions including at least two of an antivirus module, a security log module, a payment processing module, a firewall module, a hardware security module, an intrusion detection/prevention module, and a network interface module. 17. The method of claim 16, wherein said enabling the general purpose computer includes enabling the network interface module to facilitate bi-directional communications between the information system and an external communication connection for transmitting secure data to a processing system that is remote from the information system. 18. The method of claim 16, wherein said enabling the general purpose computer includes enabling the intrusion detection/prevention module to configure a wireless distribution system of the information system to identify unauthorized access to the information system. 19. The method of claim 16, further comprising installing the information aboard a passenger vehicle. 20. The method of claim 16, further comprising installing a biometric authentication device for preventing unauthorized access to the information system, wherein said biometric authentication device communicates with the distribution system of the information system. 21. The security appliance of claim 20, wherein said installing a biometric authentication device comprises installing said biometric authentication device at a crew panel system of the information system. 22. A computer program product for providing network security for a selected information system, the computer program product being encoded on one or more non-transitory machine-readable storage media and being suitable for execution on a general purpose computer disposed within a single line replaceable unit for installation within a distribution system of the selected information system, comprising: instruction for activating at least one access point within the distribution system; andinstruction for executing a plurality of software modules that provides a plurality of security functions including at least two of an antivirus module, a security log module, a payment processing module, a firewall module, a hardware security module, an intrusion detection/prevention module, and a network interface module; andinstruction for monitoring signal activity between the selected information system and at least one portable media device via the at least one access point. 23. The computer program product of claim 22, wherein said instruction for executing includes instruction for enabling the network interface module to facilitate bi-directional communications between the selected information system and an external communication connection for transmitting secure data to a processing system that is remote from the selected information system. 24. The computer program product of claim 22, wherein said instruction for executing includes instruction for enabling the intrusion detection/prevention module to configure a wireless distribution system of the selected information system to identify unauthorized access to the selected information system. 25. The computer program product of claim 22, further comprising instruction for preventing unauthorized access to the selected information system via a biometric authentication device, wherein said biometric authentication device communicates with the distribution system of the selected information system.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (301)
Niesen,Joseph W., Adaptable forward link data rates in communications systems for mobile platforms.
Ziarno,James J.; Gallagher,Shawn, Aircraft communications system and related method for communicating between portable wireless communications device and ground.
Galipeau Steven R. ; Wade John G. ; Briski Rory G. ; Peabody Mark A. ; Mowry Michael M. ; Armstrong Gregg D. ; Burgess Craig L. ; Gray Kenneth L. ; Spears Garrett R., Aircraft data management system.
Sklar Richard E. ; Girard Lawrence E. ; Phillipp Ralph P. ; Frankenbach David C. ; Berry Dickey J. ; Williams Jim C., Aircraft satellite television system for distributing television programming derived from direct broadcast satellites.
Kondo Yoshiyuki (Tokyo JPX) Sahara Hiroshi (Kanagawa JPX) Hidejima Yasuhiro (Tokyo JPX), Aircraft service system with a central control system for attendant call lights and passenger reading lights.
Crowley Robert J. (37 Castle Gate Rd. Wayland MA 01778) Halgren Donald N. (35 Central St. Manchester MA 01944), Antenna transmission coupling arrangement.
Stephenson, Gary V.; Parkman, David S.; de La Chapelle, Michael; Martens, Paulus J., Batch round robin polling method for return link communications between a mobile platform and a base station.
Klotzbach David (Carpentersville IL) Pecen Mark (Naperville IL) Favreau Keith (Wheeling IL) Knueven Michael (Glen Ellyn IL), Bi-directional wire-line to local area network interface and method.
Wakai Bruce Minoru ; Troxel Robert ; Booth Marc ; Takata Kaz ; Evensen Karen ; Ninh Loi, Combined digital audio/video on demand and broadcast distribution system.
Charles Otis Adler ; Jeffrey Kim Cunningham ; Matthew Edward Lavelle, Control system for electronically scanned phased array antennas with a mechanically steered axis.
Miller Phillip (Cedar Rapids) Traeger Robert J. (Cedar Rapids IA) Kubler Joseph J. (Nederland CO) Cargin ; Jr. Keith K. (Cedar Rapids IA) Hanson George E. (Cedar Rapids IA) Davis Patrick H. (Cedar Ra, Data communication system with communicating and recharging docking apparatus for hand-held data terminal.
Sugla, Binay, Determining a location or position using information from multiple location and positioning technologies and applications using such a determined location or position.
Scott Ed (Anaheim Hills CA) Sagey Richard (Laguna Niguel CA) Booth Marc (La Habra CA) Schuberth Pierre (Corona Del Mar CA), Device for interfacing a CD-ROM player to an entertainment or information network and a network including such device.
Scott Ed ; Sagey Richard ; Booth Marc ; Schuberth Pierre, Device for interfacing a CD-ROM player to an entertainment or information network and a network including such device.
Sklar Richard E. ; Girard Lawrence E. ; Phillipp Ralph P., Distribution of a large number of live television programs to individual passengers in an aircraft.
Sklar Richard E. ; Girard Lawrence E., Distribution of satellite television programs to passengers in an aircraft when it is out of range of the satellites.
Takanabe Kazunori (Kasugai JPX) Yamamoto Masaki (Nagoya JPX) Ito Kenzo (Okazaki JPX) Fujinami Hiroshi (Anjo JPX), Electronic map display system for use on vehicle.
Berry Dickey J. (La Verne CA) Bertagna Richard A. (San Dimas CA), Entertainment and data management system for passenger vehicle including individual seat interactive video terminals.
Wils, Joris Johannes Maria; Hiscock, James Scott; Heiner, Jr., Edward A., High-speed trunk cluster reliable load sharing system using temporary port down.
Booth Marc ; Kobayashi Hironori ; Wicks James E. ; Williams ; Jr. Howard Allen, Integrated electronic system utilizing a universal interface to support telephony and other communication services.
Mitchell Terry (St. Louis Park MN) Wood William P. (Edina MN) Michalek Paul (Bloomington MN), Integrated thin film magnetic head with planar structure.
Wakai Bruce M. (Cypress CA) Lemmer John E. (Laguna Hills CA) Frost ; Jr. William A. (San Juan Capistrano CA), Integrated video and audio signal distribution system and method for use on commercial aircraft and other vehicles.
Wakai Bruce M. (Cypress CA) Lemmer John E. (Laguna Hills CA) Frost ; Jr. William A. (San Juan Capistrano CA), Integrated video and audio signal distribution system and method for use on commercial aircraft and other vehicles.
Wakai Bruce M. ; Lemmer John E. ; Frost ; Jr. William Arlington, Integrated video and audio signal distribution system and method for use on commercial aircraft and other vehicles.
Russell Henry Linstrom ; Gordon David Niva ; Sam H. Wong ; Douglas K. Waineo, Low cost polarization twist space-fed E-scan planar phased array antenna.
Factor Richard C. (Kinnelon NJ) Pearsall Terry L. (Wayne NJ) Strowe John A. (Irvington NJ) Nass Laura A. (Piscataway NJ), Map and text display system for vehicle navigation.
Hildebrandt Fred (Buchholz DEX) Reitmann Joerg (Harsefeld DEX) Sprenger Wilfried (Issendorf DEX) Roessner Bernd (Rosengarten DEX), Method and apparatus for carrying out passenger-related and flight attendant-related functions in an airplane.
Sklar Richard E. ; Phillipp Ralph ; Walzer Robert U. ; Zimmerman Mark R. ; Decuir Tracy L., Method and apparatus for receiving broadcast entertainment transmissions at a moving receiver station.
Frey Richard L. (Duanesburg NY) Gaus ; Jr. Richard C. (Burnt Hills NY) George ; II Robert L. (Plano TX) Hladik Stephen M. (Albany NY) Lester Howard L. (Auplaus NY) Puckette Charles M. (Scotia NY) Ray, Method and apparatus for reducing interference among cellular telephone signals.
Henderson Gordon J. (Plymouth MI) Carew Evan L. (Dearborn MI) Theisen Todd A. (Grosse Lle MI) Ehn Michael W. (Dexter MI), Method and apparatus for the control of local area network multi-station access units.
McLain, Christopher John; Stephenson, Gary V.; de La Chapelle, Michael, Method and apparatus using event correlation for identifying an interfering mobile terminal.
McLain, Christopher John; de La Chapelle, Michael; Parkman, David S., Method and apparatus using transmit beam lobing for identifying an interfering mobile terminal.
McLain,Christopher John; de La Chapelle,Michael, Method and apparatus using variations in power modulation to determine an interfering mobile terminal.
Brady, Jr., Kenneth A.; Yi, Jason Kyong-min; Weimholt, Andrew W.; Tsaur, Jyh-Fong; Norton, Lyle K., Method and system for configuration and download in a restricted architecture network.
Wharton Cathleen S. ; Robertson Scott P. ; Ashworth Catherine A. ; Franzke Marita, Method and system for synchronizing data between at least one mobile interface device and an interactive terminal.
Botzenhardt Wolfgang (Gppingen) Dais Siegfried (Gerlingen) Kiencke Uwe (Ludwigsburg) Litschel Martin (Vaihingen/Enz) Krampe Wolfgang (Renningen DEX), Method for operating a data processing system.
Horrer Matthias, Method for setting up a telecommunication link to persons in closed facilities, such as passenger transport means, as well as a telecommunication system and network.
Kolls, H. Brock, Method of transacting an electronic mail, an electronic commerce, and an electronic business transaction by an electronic commerce terminal operated on a transportation vehicle.
Thomson, Deane A.; Lee, David R.; Brinkley, Roger R.; Price, Jerry L.; Mitchell, Timothy M., Methods and apparatus for transportation vehicle security monitoring.
Ray Jimmy C. (Denison TX) George ; II Robert L. (Plano TX) Levine Richard C. (Richardson TX), Mobile telecommunications for aircraft and land based vehicles.
Bowman Donald J. (135 Grayson Ct. Colorado Springs CO 80906) Crane Jerry D. (29335 Nole Hace Boerne TX 78006) Edwards Scott G. (17 Edith La. Wilton CT 06895) Edwards Kathryn M. (17 Edith La. Wilton C, Modular digital telephone system with fully distributed local switching and control.
Wallace Jack E. ; Redd Harold J. ; Furlow Robert J. ; Haworth John, Monolithic microwave integrated circuits for use in low-cost dual polarization phased-array antennas.
Ekrot Alexander C. ; Singer James H. ; Hemphill John M. ; Autor Jeffrey S. ; Galloway William C. ; Alexander Dennis J., Multi-server fault tolerance using in-band signalling.
Francis, Robert C.; McGee, James P.; Sainati, Robert A.; Sheehan, Jr., Richard L.; Tong, Sai-Kit K., Object tracking and management system and method using radio-frequency identification tags.
Fitzsimmons George W. (Kent WA) Lamberty Bernard J. (Kent WA) Vertatschitsch Edward J. (Bothell WA) Riemer Dietrich E. (Auburn WA) Harvey Donn T. (Issaquah WA), Packaging architecture for phased arrays.
Miller, Scott D.; Phillipp, Ralph; Larson, Curtis J.; Bartlett, James L., Passenger entertainment system having downconverter control signals and power supplied over output cables.
Miller, Scott D.; Phillipp, Ralph; Walzer, Robert; Fidel, Fredrick; Larson, Curtis J.; Bartlett, James L.; Landenberger, Jay E., Passenger entertainment system providing live video/audio programming derived from satellite broadcasts.
Weinberger, Alan J.; Infiesto, Douglas C.; Renton, Joseph J.; Neugaubauer, Rick, Passenger entertainment system, method and article of manufacture employing object oriented system software.
Tagawa Koichi (Tokyo JPX) Matsuzaki Atsushi (Kanagawa JPX) Toyoshima Masakatsu (Kanagawa JPX) Kondo Yoshiyuki (Tokyo JPX), Passenger service and entertainment system for supplying frequency-multiplexed video, audio, and television game softwar.
Matsuzaki Atsushi (Kanagawa JPX) Tagawa Koichi (Tokyo JPX) Yamashita Masami (Kanagawa JPX) Kondo Yoshiyuki (Tokyo JPX), Passenger vehicle polling system having a central unit for polling passenger seat terminal units.
Ruppert Jonathan Paul (17147 Heatherwood Way Morgan Hill CA 95037) Fish Ronald Craig (16590 Oak View Cir. Morgan Hill CA 95037) Yap Thomas Allan (1069 Summerwind Ct. San Jose CA 95132) Ames Ronald Me, Portable RF ID tag and barcode reader.
Parkman, David S.; Stephenson, Gary V; Hellman, Richard A., Precoordination of return link for hand-off between coverage areas being traversed by a mobile transceiver platform.
Baker Ernest D. (Boca Raton FL) Dinwiddie ; Jr. John M. (West Palm Beach FL) Grice Lonnie E. (Boca Raton FL) Joyce James M. (Boca Raton FL) Loffredo John M. (Deerfield Beach FL) Sanderson Kenneth R. , Providing additional system characteristics to a data processing system through operations of an application program, tr.
Yee David Moon ; Bickley Robert Henry ; Zucarelli Philip John ; Keller Theodore W. ; Osman Jeff S. ; Derr Randall K., Satellite based high bandwidth data broadcast.
Jochim, Kenneth J.; Polson, Jerry H., Signal translating repeater for enabling a terrestrial mobile subscriber station to be operable in a non-terrestrial environment.
Jochim, Kenneth J.; Polson, Jerry H., Signal translating repeater for enabling a terrestrial mobile subscriber station to be operable in a non-terrestrial environment.
Conrad, Adam P.; Norin, John L.; Pontual, Rômulo; Smith, Peter W.; Wales, Jeffrey M., System and method for distribution and delivery of media context and other data to aircraft passengers.
Polivka Alan L. (Palm Bay FL) Zahm Charles (Indialantic FL), System for conducting video communications over satellite communication link with aircraft having physically compact, ef.
McKenna,Daniel Bernard; Cruz,Joseph; Jochim,Kenneth Joseph; Varadachari,Anand K.; Saroka,Harold Grant; Liu,Dandan, System for integrating an airborne wireless cellular network with terrestrial wireless cellular networks and the public switched telephone network.
Fitzsimmons George W. (Kent WA) Lamberty Bernard J. (Kent WA), System for maintaining polarization and signal-to-noise levels in received frequency reuse communications.
Weinberger, Alan J.; Infiesto, Douglas C.; Ackland, Mark, System software architecture for a passenger entertainment system, method and article of manufacture.
Klosterman Brian L. ; O'Brien Sean A. ; Milnes Kenneth A. ; Schein Steven M. ; Metzger Donald ; Blake Todd ; Chang Gordon ; Warden David, Television schedule system with enhanced features.
Kupnicki Richard A. (584 Farewell Street Oshawa ; Ontario CAX L1H 6M8) Moote Stanley R. (9 Gervais Drive Brampton ; Ontario CAX L6Y 2V3), Television transmission network with scrambling and descrambling.
Weinberger, Alan J.; Renton, Joseph J.; Neugaubauer, Rick, Transaction dispatcher for a passenger entertainment system, method and article of manufacture.
Gould, Eric J.; West, Nick; McCaskill, Donald; Cark, Alice; Trisnadi, Paulus, User interface for simultaneous management of owned and unowned inventory.
Douglas C. Infiesto ; David Frankenbach ; Joseph Winston, Vehicle entertainment system having seat controller cards programmed to operate as both browser and server.
Miller Phillip (Cedar Rapids IA) Koenck Steven E. (Cedar Rapids IA) Kubler Joseph J. (Nederland IA) Cargin ; Jr. Keith K. (Cedar Rapids IA) Hanson George E. (Cedar Rapids IA) Davis Patrick H. (Cedar , Vehicle lan with adapters for coupling portable data terminals.
Scribner Paul (Elkhart IN) Semple Dan (Glen Arbor MI), Vehicular audio/visual system having distribution box for connecting individual passenger monitors to multiple program s.
English Michael J. (Aurora CO) Farwell Charles Y. (Denver CO) Hearn Michael L. (Broomfield CO) Heidebrecht Richard M. (Boulder CO) Kissel David M. (Boulder CO) Miller Paul E. (Northglenn CO) Miller R, Wireless access telephone-to-telephone network interface architecture.
Wright Thomas H. ; Salati Bruce D., Wireless spread spectrum ground link-based aircraft data communication system with approach data messaging download.
Wright Thomas H. ; Ziarno James J., Wireless, frequency-agile spread spectrum ground like-based aircraft data communication system with remote flight operations control center.
Wright, Thomas H.; Ziarno, James J., Wireless, frequency-agile spread spectrum ground link-based aircraft data communication system with wireless unit in communication therewith.
Wright, Thomas H.; Ziarno, James J., Wireless, frequency-agile spread spectrum ground link-based aircraft data communication system with wireless unit in communication therewith.
Buehler, Eric Daniel; Duffner, Kevin Patrick, Avionics intrusion detection system and method of determining intrusion of an avionics component or system.
Boutnaru, Shiomi; Tancman, Liran; Markzon, Michael, Method and product for providing a predictive security product and evaluating existing security products.
Boutnaru, Shlomi; Tancman, Liran; Markzon, Michael, Method and product for providing a predictive security product and evaluating existing security products.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.