karl_lembke (karl_lembke) wrote,
karl_lembke
karl_lembke

Airline security problem

According to NewsMax.com, Israel is planning to implement a security system designed to prevent 9/11-style hijacked airplane attacks.
A simple but technologically sophisticated ID system will guarantee that the man at the controls of aircraft is the pilot and not a suicide hijacker.

The "Code Positive" system uses a credit-card-sized device personally and exclusively issued to pilots that will enable them to identify themselves and assure security officials that they are in full control of their aircraft, according to Danny Shenar, who heads security at Israel's Transportation Ministry.

"Using this card, it will be possible to verify that the person flying the aircraft is indeed the person qualified to fly it," Shenar told Israel's Army Radio, according to Reuters.

And...
Shenar added that it would be impossible for a hijacker to force a pilot to hand over identifying details, or otherwise pose as a legitimate member of the flight crew. "You can't bluff this system," he said.

Hmmm. Well, you can get good security by relying on three items: something a person has (e.g., an ID card), something he knows (e.g., a PIN or other number), and something he is (some sort of biometric parameter).
Right now, the device mentioned sounds like a SecureID card, which is an electronic card displaying a number that changes every few seconds. It changes in a fashion that is predictable, if you have the underlying equations, but not otherwise. (Probably something like a random number generator with a predetermined seed number.) If your system is secured using SecureID, you can't tell anyone else the access number and have it valid for more than a few seconds. Someone else has to steal the physical card in order to use it for any length of time without the authorized user's cooperation. Alternatively, the card might simply transmit a code over the radio, without the user knowing what it is.
In order to make such a device unusable by a thief, the authorized user has to be required to supply other information such as a password. A voice-print match might also be required, though I'm not sure how well identifiable characteristics are preserved during radio transmissions.
Assuming this system really is designed in such a way that only the authorized pilot can access it, I can see other problems.
What if the pilot has a heart attack, or is otherwise incapacitated without a hijacker on the plane? Will anyone else be able to assume authorized control of the aircraft? Or does loss of consciousness on the part of the pilot mean the plane gets shot down, no matter who else was available to take the controls?
Pilot illness or incapacity is a rare event, but I'm sure it happens on occasion. I'm also sure it's a lot more common than 9/11-style attacks. That means a plan that assumes a non-authorized pilot is an Enemy will be wrong most of the time. Some number of planeloads of innocent people will be shot down in exchange for every 9/11-style attack foiled.
Is Israel willing to pay that price?
Are pilots flying into Israel willing to pay it?
Tags: politics, security
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 0 comments