INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

International Airport Cyber Security Challenges Steven M. Swafford University of Maryland University College Cyberspace and Cybersecurity Dr. Amjad Ali June 26, 2011

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES Abstract

Air travel and the security measures surrounding this industry face countless challenges today than ever before. On September 11, 2001, the world changed forever due to the terrorist attack on the United States and airport security would never be the same again. The need to protect nations and their citizens drove changes both in the airline industry and government responsibilities. The solutions engaged today does a great job of addressing security threats however; the thin line of personal freedom and the regulations enacted by governments is questionable by many citizens and activist groups. In late 2001, the Transportation Security Administration (TSA) was established and charged with the safety of travel within the United States. The TSA employees a number of technologies to conduct security operations and because technology in itself face threats, it is imperative that cyber threats are mitigated. There are so many points of failure that the job of security quickly becomes hard-hitting. The apparent points of interest are aircraft security, passenger screening, baggage screening, credentials, and human behavior, with the human behavior the distinct largest threat. Turning the focus to international airports often increases security threats largely due to the logistics involved and the dependency upon other countrys security measures. If international air travel is to be safe then every country must work together in order to achieve the common goal, which is the protection of human life and their citizens.

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES International Airport Cyber Security Challenges

To put into perspective it is crucial to address the scope of security. Inside the United States alone, there are dozens of international airports where millions of people move from country to country. As millions of people move through the airports, all it takes is a single breach in security to put others at risk. The sheer number of travelers often may be unbelievable as hundreds of millions (see Figure 1) travelers make their way across the globe. At this point, the task of security operations and the challenges associated with air travel begin to take shape. The point of failure is not the technology itself rather it falls often to the human dynamic. Threats can be either intentional or unintentional but either way airport security
Figure 1. Year to date passenger travel, February 2011

must be vigorous and ready on short notice to react to any occurrence. There are both advantages and disadvantages to security protocols and understanding both aspects is vital to the overall success of securing airport infrastructure. Operational Breakout International airport operations and the people involved have an enormous responsibility to both the physical aspect of operations and those who travel through this nations airports. Understanding three areas of operations are the first step in this journey. 1. Daily operations are the aspect in which people conduct daily activities with their job. 2. Technical operations are actions based within the Information Technology (IT) systems.

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

3. Management operations are risk analysis, supervision, and oversight of both personnel and IT systems. Daily Operations The Atlanta, GA International Airport has processed over twelve million passengers (see Figure 1) without a major incident. Security originates as travelers enter the airport perimeter by vehicles or arriving by aircraft. TSA conducts surveillance of personnel across the airport using telecommunications equipment in the form of cameras. Audio and video surveillance are a strong deterrence to those who wish to cause harm. This type of surveillance also can be used in legal matters as well as improving upon training. Processing passengers and their baggage is no small task. To accomplish this task a variety of systems are utilized to ensure the passenger possesses a valid ticket, valid credentials, and is cleared to fly. These high priority systems are protected with intrusion systems to include firewalls and physical security to the server vaults. Maybe even more important is to implement redundancy for key systems. Load balancing the computer equipment allows for distribution of the workload and helps to ensure operations are maintained in the event a single server goes offline. One could argue that airport employees present the single greatest risk to security. This in itself opens room for discussion where secondary measures must be strengthened. For anyone who has flown before it is commonplace to see airport employees swiping an access card to access areas the public is restricted from. In 2010 an airline pilot posted an amateur recording of San Franciscos flaws in security from the point of view of employee access. In the pilots own words, the public is at risk due to poor access control once employees enter the internal working areas of an airport (Amy Hollyfield, 2010).

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

Well, folks, I just wanted to give you an idea of what type of security for the ground personnel there is. This is their screening. As you can see, there's only a card slide and one door. So when you see a cart, those carts aren't screened at all. Card readers do provide a level of acceptable access control however to take security to the next level may include a combination of card readers and iris scanners to further control access. The obstacle with iris scanners may come down to cost. Verified Identity Pass provides kiosks that allow passengers to move through the conventional security protocols much more quickly (Bryant Urstadt, 2007). These kiosks perform both fingerprint scanning and iris scanning to confirm the identity of the individual. The cost of this technology comes in at a $150,000.00 price tag. This same technology could be adapted and employed at various internal operational checkpoints to ensure personnel are only gaining access to areas that the job requires. The scope of technology, effectiveness, and financial investment surrounding security quickly become both expensive and time consuming (see Figure 2) but it is extremely important.

Figure 2. Effectiveness and cost of security systems (Government Accountability Office, 2009)

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES Technical Operations

The single most noticeable component of airport security may be the use of full body scanners (see Figure 3). The Advanced Imaging Technology (AIT) is software based on technology similar to that of an x-ray machine found in any local hospital. This scanner takes an image of a person, which in turn allows TSA agents to determine if a threat exists. With all hardware and software based security systems come a number of threats. In this case, two threats include loss of electrical power or a defect within the software. According to the National Science and Technology Council (2006),
Figure 3. Advance Imaging

Technology (AIT) full body scanner.

Today, many vulnerabilities are easy to exploit, and individuals and organizations worldwide can access systems and networks connected to the Internet across geographic and national boundaries. Current technology also makes it easy to hide or disguise the origin and identity of the individuals or organizations that exploit these vulnerabilities. Since modern day security precautions implement a wide variety of technology through various checkpoints, it has become imperative an appropriate power supply is available should a power outage occur. It is equally important to address the physical aspects of this hardware in the sense of access control and environmental controls, which include air conditioning and humidity. Access control is probably the easiest area to address and two possible measures are card readers or biometric controls. Both are viable solutions in protecting critical areas and biometric controls are least likely to present a risk since the access cards can be lost. Access control points are critical to security and the operations surrounding airports (see Figure 4).

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

Figure 4. Airport security perimeter. (Khalafallah & El-Rayes, 2008) Management Operations The last stage of operations touches on those who are in positions of authority of others. This includes supervisors, managers, and others that hold positions of responsibility over others. These individuals have the duty to ensure proper procedures are observed during the daily activities. Often personnel in this role are the first line of defense and have the responsibility to train and educate both new and current employees on policy and procedures. Conclusion

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

Airport security is not an easy task to complete and it requires a great deal of investment in both people and infrastructure. Because IT plays such a large role in modern day security, the following actions are vital: 1. Physical facility security must strengthen. 2. Employees must perform above reproach. 3. IT infrastructure must implement restricted access, employ environmental controls, and account for redundancy and secondary power options. The federal government and TSA have tediously taken steps to ensure both policies and funding are in place. This puts the responsibility squarely on the shoulders of those employees in international airports across the United States. The job of securing this nations airports often may be overwhelming; however, it is possible to accomplish this duty with attention to detail.

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES References

Transportation Security Administration. Advanced Imaging Technology (AIT). Retrieved from http://www.tsa.gov/approach/tech/ait/index.shtm Gerald K., & Jones A. (2002) What InfoSec professionals should know about Information Warfare tactics by terrorists. Computers & Security, 21(2), 113-119. doi:10.1016/S01674048(02)00203-1 Swartz, N. (2004). U.S. airports debut document scanners. Information Management Journal, 38(6), 14. Retrieved from http://www.freepatentsonline.com/article/InformationManagement-Journal/125489576.html Khalafallah, A., & El-Rayes, K. (2008). Minimizing Construction-Related Security Risks during Airport Expansion Projects. Journal of Construction Engineering & Management, 134(1), 40-48. doi:10.1061/(ASCE)0733-9364(2008)134:1(40) Urstadt, B. (2007). Iris scanning, now at JFK. Technology Review, 110(4), 72-74. Retrieved from http://www.technologyreview.com/Infotech/18879/ National Science and Technology Council. (2006). Federal plan for cyber security and information assurance research and development. Retrieved from http://www.au.af.mil/au/awc/awcgate/nitrd/fed_plan_csia_rese.pdf Government Accountability Office. (2009). Aviation Security: A National Strategy and Other Actions Would Strengthen TSA's Efforts to Secure Commercial Airport Perimeters and Access Controls, Report to Congressional Requesters (Report No. GAO-09-399). Retrieved from http://www.gao.gov/new.items/d09399.pdf Hollyfield, A. (2010). SFO pilot exposes airport security flaws. Retrieved from http://abclocal.go.com/kgo/story?section=news/local/peninsula&id=7859952

INTERNATIONAL AIRPORT CYBER SECURITY CHALLENGES

10

Airports Council International. (2011). Year to date passenger travel traffic, February 2011. Retrieved from http://www.airports.org/cda/aci_common/display/main/aci_content07_c.jsp?zn=aci&cp= 1-5-212-218-222_666_2__