Download presentation
Presentation is loading. Please wait.
Published byMeredith Fitzgerald Modified over 8 years ago
1
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 1 THE EUMETSAT POLAR SYSTEM (EPS) Data Encryption Presented by: Ken ASHWORTH EUMETSAT Representative to NOAA EUMETSAT
2
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 2 Data set limited to the observation of the instantaneous sub satellite observation. Data source is the satellite for the user point of view. Possible means of controlling access: Encryption. Direct read-out services; HRPT and LRPT: EPS Direct Readout Services
3
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 3 EPS Data Encryption Encryption allows the implementation of EUMETSAT's Polar System Data Policy and U.S. Requirements for Data Denial. The encryption system is based on the Data Encryption Standard -3 (DES-3) encryption algorithm. Data encryption and decryption are performed within the virtual channel access sub-layer of the Consultative Committee on Space Data Systems (CCSDS) standard. U.S. data from instruments on Metop will be broadcast unencrypted via HRPT and LRPT, except during crisis or war, as requested by the United States. The Metop satellite design does not allow the on-board stored global data to be encrypted.
4
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 4 EPS Data Encryption – Direct Broadcast EUMETSAT has acquired a sound experience in the operational usage of encryption through the METEOSAT Programmes – we follow a standard already used for METEOSAT Operational Programme (MOP) data The encryption scheme is selective on virtual channels and user stations for both HRPT and LRPT. HRPT and LRPT links are independently encrypted. Encryption of the data, generation of Message Keys from the uplink of encrypted satellite Public Keys The Message Key controls the encryption process. One Message Key is used for one encrypted Virtual Channel at a time. On board the satellite, the Message Key is generated, using a Satellite Public Key (uplinked by TeleCommand (TC)). On the ground, the Message Key is reconstructed from a secret Master Station Key and a Station Public Key is distributed via ground media.
5
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 5 EPS Data Encryption – Direct Broadcast The EPS Encryption System provides control of the access to the LRPT/HRPT services by registered users; it comprises three components: the Key Management Centre (C-KMC) which is in charge of the management of the EPS Encryption System, including the handling of keys. the Satellite encryption equipment (part of the Metop satellite Data Handling System) the local users decryption units located in the HRPT/LRPT stations.
6
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 6 EPS Data Encryption – Direct Broadcast The encryption of HRPT/LRPT data is under the control of the C-KMC, functions of which will be shared with the METEOSAT Second Generation (MSG) Programme. The tasks of the C-KMC include: User registration Encryption scheduling Generation of public satellite and user station keys, Station Key Unit (SKU) distribution to the registered users Distribution of satellite keys via TC and Public Station Keys via ground networks. Implementation of Data Denial for U.S. instruments data as requested by the U.S. Government.
7
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 7 EPS Data Encryption – Direct Broadcast The C-KMC coordinates its short, medium and long-term activities with the EPS/Metop Control Centre. These activities include, for example, the update of keys for certain group of users or the change of key parameters on board the Metop satellite. "refresh" rate for the keys for the HRPT/LRPT encryption approximately every month (specified rate is TBD, yet easily modified).
8
Satellite Direct Readout Conference for the Americas, Miami, December 9-13, 2002 Page 8 Reference Station Design L-BAND HRPT SIGNALS: - VHF-BAND OUTPUT TO HRPT RECEIVER - VHF-BAND TEST FROM TEST UNIT - 10 MHz FROM GPS L-BAND HRPT ANTENNA SIGNALS: - POWER (PWR) FROM TRACKING UNIT - DRIVE SIGNALS (SIG) FROM TRACKING UNIT GPS SIGNAL TO GPS UNIT VHF LRPT SIGNALS: - VHF-BAND OUTPUT TO LRPT RECEIVER - VHF-BAND TEST FROM TEST UNIT OUTDOOR SIGNALS INDOOR SIGNALS GPS Antenna GPS signal GPS ANTENNA L-band feed, including LNA, D/C, U/C Azimuth motor Elevation motor Elevation Encoder Azimuth encoder Az limits El limits L-band output cable L-band test input cable 10 MHz Ref. cable Distribution Box Connectors: AZ-S, azimuth power AZ-P, azimuth signal EL-P, elevation power EL-S, elevation signal SIG, signal PWR, power RC, antenna local control EL-P EL-S AZ-P AZ-S PWR SIG L-BAND HRPT ANTENNA Personal Computer Tracking Unit HRPT Receiver LRPT Receiver GPS Receiver Test Unit PC Screen and Key Board INDOOR UNIT NTS VHF LRPT ANTENNA Note: This is an engineering implementation to monitor dissemination
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.