Emeritus Prof. Ed Dawson (Chief Investigator)
Farzad Salim (Research Fellow)
Nimal Skandhakumar (PhD Student)
Khalid Alissa (PhD Student)
Reliable and effective identity management and access control systems are an essential prerequisite for the safe execution of routine business activities and for minimising operational risk within the aviation industry. In a modern airport environment, a large number of personnel from different stakeholder groups require physical access to various restricted areas and facilities. In addition, airport personnel need to use a range of sensitive and critical information systems, including flight information display, travel information management, immigration and baggage handling systems to name but a few. The notion of identity also unpins the interaction of passengers with the airport. Access to airport systems and facilities needs to be controlled and accountable for both passengers and airport personnel. This is the task of identity and access management systems.
Airport facilities and information systems are operated and administered by different organisational entities so a great deal of coordination and cooperation is required to ensure the right people have the access they require when they need it and no more. The fragmentation of administrative authority makes user and access management in the airport environment expensive and fraught with duplication and potential for error. Keeping access rights up-to-date as personnel are hired, cease employment, or as they change roles and task assignments is a major challenge. There is a clear need for a federated airport identity management system that maintains the administrative autonomy of individual sub-system operators but allows greater real time cross-recognition of user identities and their associated attributes and capabilities.
There have been rapid advances in federated identity and access management in recent years. The development of open standards by consortia such as OASIS and Liberty Alliance has been a major catalyst for this progression. However, a range of architectural approaches, technology choices and configuration options remain open to organisations pursuing a standards-based solution. Thus, organisations participating in the airport ecosystem require a shared vision and consensus target for pursuing an identity and access management strategy.
Against this backdrop, the identity management research will assist airport operations by minimising operational risk, allowing the safe execution of routine business activities by staff, and assisting in streamlining passenger flow through fewer interventions and more effective ID verification stages.
Informed by an understanding of current systems and anticipated future needs, the goal of the research is to develop identity and access management approaches suitable for a mode of operation based on the “Airport Information Model” (AIM). The AIM lies at the heart of the conceptual vision for the airports of the future project. As a unifying metaphor, the AIM acts as a gateway to applications and services that drive airport business, from passenger facilitation to physical security, screening and surveillance. The AIM will store a vast range of sensitive information that will require protection against unauthorised access and misuse. An identity management and authorisation system that reflects the needs of a complex organisational and administrative environment will be investigated.
Advanced reconciliation processes will be designed (in conjunction with Complex Systems, Intelligent Surveillance and AIM research programs) in order to link passengers to their current position, baggage and other supporting meta-data in real-time. This will – in accordance with findings of the Human Systems and Business Process Management streams – enable streamlined passenger flow.
The two approaches taken in this research will look at (1) overall airport identity management and access control systems, and (2) advanced reconciliation processes for robust and dynamic passenger identification.
- Airport identity management and access control requirements, classes of information systems, and system users will be identified. Federated identity and access management solutions and an airport reference architecture suitable for a mode of operation based on the Airport Information Model will be developed.
- Advanced reconciliation processes will be researched to robustly maintain the identity of passengers as they proceed through facilitation stages, and to also link passengers to their position, their baggage, and supporting meta-data (i.e. travel history, risk profiles). This research will be conducted in close collaboration with Complex Systems research, Intelligent Surveillance as well as the Airport Information Model. Strategies will also be researched to integrate this technology with airport-wide systems to streamline passenger flow (see Process Modelling) and minimise interventions.