DAC 7
Progress report: B2B
applications
April 19, 2005
Geneva
www.information.aero
Mission of .aero
“To create a structured, open and constantly evolving
Internet naming architecture which helps the aviation
community to integrate systems and services, and
streamline communications within the community and with
its partners“
DAC 7 Progress report: B2B applications| Slide 2
www.information.aero
A short note before we start …
• Parts of this presentation were developed in close co-operation with
airlines, many examples refer to airlines or airline systems
• The concepts discussed here are relevant to other sectors of the air
transport community, particularly areas where industry codes or
community standards exist like
–
–
–
–
Airport operators
FBOs
Aerospace manufacturers
Etc.
DAC 7 Progress report: B2B applications| Slide 3
www.information.aero
What’s happening in the industry?
•
Paradigm shift from ticketing to e-ticketing
–
–
E-ticked stored in the database of the validating carrier
Intensive system to system communications needed
•
Possible paradigm shift in baggage processing
•
Alliances, changes in alliances, many business partners
–
•
Time to market depends on the speed in setting up connections with business partners
Convergence, shift to Internet, increasing importance of DNS
–
Some airlines already require business partners to publish service locations in DNS
DAC 7 Progress report: B2B applications| Slide 4
www.information.aero
Why change ?
•
•
•
•
•
Air transport companies traditionally had rigid standards for inter-system
communications pinned to the underlying centralized network
The network has become a commoditised service with elements of the
service being provided by disparate third parties
IP comms over the Internet are becoming the de facto standard for business
to business transactions
In the absence of well defined standards, the airlines are establishing bilateral
or multilateral mechanisms to connect their systems over IP networks and
increasingly rely on a small number of hubs to gateway between their
systems.
This complexity restricts the flexibility and scalability and will affect
time to market for new relationships and functionality
DAC 7 Progress report: B2B applications| Slide 5
www.information.aero
What will happen anyway ?
•
•
•
•
•
Moving forward there will be a number of different solutions to each
communications requirement
Many air transport companies will end up solving the same problems in
similar ways independently
Issues for scalability will be service / application location and communications
protocol standards
Move to internet communications is inevitable in the longer term
There is an opportunity to leverage existing open standards as part of a
next generation solution for airline inter-connectivity
DAC 7 Progress report: B2B applications| Slide 6
www.information.aero
How .aero fits in ?
•
The use of DNS is growing
exponentially
RFID
tags
– Globally accessible distributed database,
distributed management
– Allows to map names to “anything on the
Net”
– New security protocol addresses many
security concerns
•
.aero can be the uniting factor for
the community
– Names can be allocated in a structured
manner, matching codes
– Standards can be agreed and deployed
DAC 7 Progress report: B2B applications| Slide 7
IETF
Anti-SPAM
SPAM,
viruses
Windows 2000
services
Intranet names
Internet
Hostnames
1983
1988
1993
1998
2003
2008
Table: The growth of domain names in use
Source: Presentation by Dr. Mockapetris to CENT, Fenruary, 2005
www.information.aero
Distributed database, distributed
management
“”
•
•
Hierarchical, globally distributed
database
Management distributed
UK
IL
AERO
EDU
ARPA
–Once node is delegated, the “owner” can
manage all below independently
•
•
•
Robust, fast
“Everyone” has it already
Most Internet applications use it
–Each email needs 3+ lookups
–Each web page viewed needs it
–Directory applications rely on it
AIRLINES SITA
KLM
ISI
BAW Venera Aloha
IN-ADDR
A
GVA
DAC 7 Progress report: B2B applications| Slide 8
www.information.aero
Global system to give names to “things”
•
Same domain name can be used as pointer to many different “things” at once
–
–
–
–
–
–
–
Host name for a web site
Mail server
Individual email address
Instant messaging address
VoIP service location (SIP, H323 record)
Web service location
Public cryptography key
•
Domain owner has full control over the configuration of all pointers
•
User can obtain automatically pointers to locations of different services,
depending on the protocol used, without having to maintain all this
information for each protocol himself
DAC 7 Progress report: B2B applications| Slide 9
www.information.aero
Example
weather.AAAA.airport.aero
The user asks the airport how to …
The airport prepares a reply in DNS…
•
•
•
•
•
•
•
•
make a voice over IP call to hear recorded
weather forecast;
find a normal phone number to call via PSTN
to listen to airport weather forecast;
send an email to inquire about the weather at
airport AAAA;
send a message to get instant weather
update;
encrypt his communications sent us the
airport (for example flight plan);
access a weather service using protocol X;
download notams using protocol Y.
•
•
•
•
•
•
If you are calling via VoIP, here is our VoIP
service address…
If you need to call via PSTN, use this phone
number…
If you are sending an email, send it here…
For instant messages, use this address..
To encrypt communications for sent us, here
is our public key…
To access our superb weather service via
protocol X use this URI…
To read notams via protocol Y use this URI…
The airport does not provide all these services, “just” configures an authoritative
pointer in AAAA.airport.aero zone to the appointed service provider.
DAC 7 Progress report: B2B applications| Slide 10
www.information.aero
New security protocol (DNSSec)
• Security is and will remain a challenge for any solution
– Current authentication mechanisms at “higher levels” and protocol-specific
– DNS Sec adds authentication on lower layer and is independent on other methods
• Allows to authenticate response received from DNS
– In our example above, the user can verify that the airport response is authentic
and no-one poses as an airport authority to provide this pointer
• Governments recently stepped up effort to implement globally
– US Dpt of Homeland security funding global implementation project lead by ICANN
– Sweden requires the registry operator to implement this year; banks, media and
government institutions committed to deploy
DAC 7 Progress report: B2B applications| Slide 11
www.information.aero
What others are doing with all this?
•
ENUM – mapping phone numbers to domain names
–
–
–
•
RFID value processing in the supply chain
–
–
–
•
Callers can dial over VoIP using traditional phone numbers
Users can receive calls, emails, IMs, faxes over IP under their phone number
Austria live, Germany close to launch, UK expects launch this year, major telcos and cable
operators in the US expected to roll out next year
DNS based solution deployed as a standard technology to locate systems in supply chain
Questions about “devolution” of the original standard
Experts expect “break” along the industry lines but using the same underlying technology
ICANN expects to implement DNSSec this year in the root of the Internet
–
–
–
New anti-spam standards will benefit from DNSSec
Liberty alliance (XML related security)
Trials took place to implement dynamic virtual private networks
DAC 7 Progress report: B2B applications| Slide 12
www.information.aero
Opportunities for air transport
•
Create a deterministic framework for locating services and applications within
the air transport community without needing to hard-code
•
If I know who I want to talk to and what I want to do, I need to be able to
determine:
–
–
–
•
What system to talk to and where that system is located in the IP world
What is its IP address
How that system is capable of being communicated with
How to obtain the correct certification in order to validate the authenticity of the information I
am being provided
Remote systems need to be able to obtain the same information about me, it
must be possible to dynamically update location information.
DAC 7 Progress report: B2B applications| Slide 13
www.information.aero
Applications to benefit
•
VoIP integration, convergence
–
–
•
Interline e-ticketing, integration of GSAs
–
–
–
–
•
RFID value processed directly via DNS to locate system with added value information
The standard already employs DNS technology, this would be an industry-specific implementation
Flight information
–
•
Domain name serves as an authoritative pointer to URI where the service is located (MATIP, MQ, web service)
Users do not have to make any changes when the service location moves
Shorter time to market, faster and less complex implementation of new business relationships
Easy to share a public key to encrypt communications
RFID for baggage management, spare parts,under/over age passengers
–
–
•
Domain name is a dial code to call airports, airlines, suppliers (weather.APcode.airport.aero)
Users don’t need to maintain and update list of key phone numbers, dial code stays the same, owners
configure how they wish to be reached (I.e. the real phone number, email, etc.)
each airline/airport manages and publishes its own data, all act together as “one database”
– Generic FLIFO public service
– Collaborative decision making
Publication of tariffs by routes if and when required by regulators
DAC 7 Progress report: B2B applications| Slide 14
www.information.aero
Summary
•
We have identified problems well worth solving
–
•
We have the right technical tools and community oversight to solve them
–
–
–
•
IT experts agree the technology is available to address the issue on hand
.aero naming structure and policies can serve as the uniting factor
Dot Aero Council has wide industry representation
Next steps in this direction are “bigger” than .aero and success not certain
–
–
•
Reducing the complexity of communications within the industry and facilitating convergence to
IP could be a major efficiency and flexibility boost
major industry standards impacted (MATIP, MQ)
significant engineering effort to design the framework
SITA currently reviewing its approach
–
Likely next step - workshop and/or survey within the industry to determine level of interest,
commitment, priorities
DAC 7 Progress report: B2B applications| Slide 15
www.information.aero
Impact on future .aero policy
• Most domain names on the second level (anyname.aero) will
continue to be used for branding, access to web sites, emails by
people
• Sub-domains to evolve into strict coding structures for individual
segments of air transport community and form the backbone of
industry applications
• To ensure interoperability, the .aero policies may need to include by
reference other industry standards and policies
DAC 7 Progress report: B2B applications| Slide 16
www.information.aero
Supporting slides
DAC 7 Progress report: B2B applications| Slide 17
www.information.aero
IP Comms technologies
TERMINAL ACCESS
TN3270
TELNET/SSH
X-Windows
Citrix
Web/HTTP
Other bespoke solutions
MESSAGING
Email
Web services/SOAP/XML
MATIP
EDIFACT
MQ
BATAP
IM
Other bespoke solutions
Internet / Private IP Networks
FILE TRANSFER
FTP
XCOM
XFB
Other bespoke solutions
VOICE/MULTIMEDIA
SIP
H.323
Name of presentation | Slide 18
www.information.aero
What needs to be in place
•
•
•
DNS (Domain Name System) is the
well-established mechanism for
resource location in IP networks
Airlines are already using DNS
internally and for business-to-business
communications, but there is a lack of
consistent standards across the air
transport industry
DNSSEC standard will increase
confidence in using DNS as a trusted
“telephone directory”
•
•
Lowest
common
denominato
r standards
Locator
service
•
Set of open, free, common standards
for file transfer, messaging and terminal
access which individual participants
agree to adopt as a lowest common
denominator
Agreed algorithm for determining what
mechanisms the remote end supports
(!!!key to migration)
Airlines may continue to use different
solutions by bilateral / multilateral
agreement
•
Transport•
security
•
DAC 7 Progress report: B2B applications| Slide 19
Over the internet, IPSEC for non-web and
SSL for web traffic are well-established
Still a role in the short-to-medium term for
private IP services (where guarantees of
service availability are a key concern)
Scalable encryption solutions need PKI
capability; DNSSEC may well become the
standard mechanism for public key distribution
[other solutions also possible]
www.information.aero
Key culture change
• Knowing my “phone number” isn’t the security risk.
– Appropriate network perimeter and application security mechanisms mean that
only those parties I want to permit can “dial” me.
• The internet is too unstable / insecure to use for critical applications
– Appropriate design addresses security concerns
– Redundancy of connectivity can be implemented
– Increase confidence by using Internet as avenue of first resort with private network
connectivity available as a fallback if carriers want it in the short term
• Common standards don’t mean that the product cannot be
differentiated
DAC 7 Progress report: B2B applications| Slide 20
www.information.aero