1 / 6

DLR/GSOC – Security related missions Martin Pilgram, DLR-GSOC April, 21 at Colorado Springs, USA

DLR/GSOC – Security related missions Martin Pilgram, DLR-GSOC April, 21 at Colorado Springs, USA. Overview. DLR supports up to now three different kinds of security related missions:. Leop for military imaging and comms missions Emergency support for military imaging mission

talor
Download Presentation

DLR/GSOC – Security related missions Martin Pilgram, DLR-GSOC April, 21 at Colorado Springs, USA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DLR/GSOC – Security related missionsMartin Pilgram, DLR-GSOCApril, 21 at Colorado Springs, USA

  2. Overview DLR supports up to now three different kinds of security related missions: • Leop for military imaging and comms missions • Emergency support for military imaging mission • Routine operations for military comms mission • Leop and Routine Operations for scientific imaging missions underlying the SatDSiG (german law on securing high precision imaging missions)

  3. Experience (general) Setup for LEOPs: • No encryption and authentication • Only authentication Setup for routine operations • Different levels for TC authentication/encryption • TM encryption for all TM or only for imaging data • Clear mode possible/not possible Encryption algorithms: • Private • AES

  4. Experience (general-2) Ground Crypto Unit: • bypass possible/not possible • automatic redundancy switching • different handling of keys for the crypto units • lifetime for keys predefined/not predefined Key distribution: • SFTP is used for key distribution Key management plan • Not specific document for key management. This is part of the operational procedures and/or described in the Crypto Unit Users Guide.

  5. Experience(User Authentication) Requirements in projects like TerrarSAR-X (SATDSiG), Columbus (ESA) and some military projects lead to a strict user authentication for spacecraft operations. Solutions: Access control system to operational area via a HITAG I transponder Card and on top of that a finger-print terminal (where necessary). The cards for access control are also used for time recording of employees. System authentication on a personal basis with a centralized LDAP (Lightweight Directory Access Protocol) supports user groups to transfer sessions between shift personal.For satellite mission the system is based on username/password/group, for Columbus the system is based on smart-cards. The smartcard feature is integrated in the access control card. Added value: on leave the system will be locked.

  6. Experience(User Authentication-2) Products Sefirot Smart Card Solution Comtarsia SignOn for the LDAP connection The Smart Card Solution supports: • Different levels of security (only login, permanant use) • Different OS: Windows and SUSE Linux (SLES-8, SLES-10) • multi screen solutions • Shift handover • Multi-Workstation-Multi-Account Logon • UNIcert PKI Future features for smart-card solution: Lifecycle manager, Kerberos support, proxy support

More Related