摘要
针对IHO 2012年4月颁布的S-63电子海图数据保护方案及其策略结构与工作流程,从3个方面分析该方案的潜在风险,即:设备制造商开发的软件可能跳过S-63标准规定的数字签名验证环节;数据服务商提供的海图许可文件的权威性无法保证;设备制造商可解密出符合S-57标准的电子海图数据,从而非授权传播。这些潜在风险直接威胁到海图数据的完整性和权威性,会给导航安全带来极大的隐患。对此,提出相应的风险控制方案改进建议并给出改进后的实现流程。试验结果证明,改进方案可行,为完善S-63数据保护方案提供了科学参考。
In April 2012 IHO published new version of S-63 data protection scheme. Potential risks are discovered through analyzing the strategy structure and the operating procedures of the scheme : No. 1, the equipment manufacturers may deve- lop systems which ignore the digital signature authentication specified in the S-63. No. 2, there is no mechanism to prevent unauthorized information from data suppliers. No. 3, S-63 data can be decoded and transformed into S-57 data, which e- quipment manufacturers may make unauthorized delivery of. These problems threaten the integrity and authority of ENC da- ta, hence, the navigation safety. An improved process flow is suggested. Tests show that the improved process flow is feasi- ble. This study can stimulate improvement of the S-63 Data Protection Scheme.
出处
《中国航海》
CSCD
北大核心
2015年第1期4-8,共5页
Navigation of China
基金
国家高技术研究发展计划("八六三"计划)子课题(2009AA045003)
国家自然科学基金(51309041)
中央高校基本科研业务费(3132013015)
