Data authentication, integrity and confidentiality mechanisms for federated satellite systems

Abstract

This work addresses a critical topic in federated satellites development: the lack of trust between stakeholders that would prevent any stakeholder joining a satellite federation owned and operated by multiple parties. A characterisation of security needs for federated satellite systems is proposed, showing that in order for a federation to offer an environment for a beneficial cooperation, a notion of identity, both user identity and data authentication, has to be introduced, and stakeholders' security requirements have to be satisfied. This paper presents a public key infrastructure (PKI) based protocol for addressing stakeholders' security requirements and ensuring data authentication, integrity and confidentiality in data transfer operations within satellite federations. The performance and cost overheads of the proposed security protocol are first characterised with an experimental implementation on a Raspberry Pi 2 platform, used as a representative proxy testbed of commercial off-the-shelf avionics for small satellites, and then with a benchmark on a range of CPUs to analyse which platforms achieve set performance goals with radio-based and laser-based communications. Recommendations for implementing security mechanisms in federated satellite systems are thus derived.