Abstract: Embodiments are directed towards, gateway computers and management platform server computers for managing secure communication over a network. Gateway computer may intercept communications from unauthenticated source node computers directed to target node computers. If the unauthenticated node computer provides its credentials in response to a request for credentials from the gateway computer, the credentials and the intercepted communications may be provided to a management platform server for further processing. The management platform server may authenticate the unauthenticated source node computer based on its credentials and the intercepted communication and the management platform server may determine a target gateway computer that corresponds to the target node computer based on content of the intercepted communication. The management platform server may provide configuration information for generating a secure private network connection between the gateway computer and the target gateway computer.

Abstract: A private overlay network is introduced into an existing core network infrastructure to control information flow between private secure environments. Such a scheme can be used to connect a factory automation network linking operations devices to a corporate network linking various business units, with enhanced network security. Such a connection can be facilitated by introducing into the existing infrastructure a set of industrial security appliances (ISAs) that work together to create an encrypted tunnel between the two networks. The set of ISAs can be scalable to overlay differently sized core networks, to create the private overlay network. Connections to the private overlay network can be managed by the ISAs in a distributed fashion, implementing a peer-to-peer dynamic mesh policy. The industrial security system disclosed may be particularly advantageous in environments such as public utility systems, medical facilities, and energy delivery systems.

Abstract: A private overlay network is introduced into an existing core network infrastructure to control information flow between private secure environments. Such a scheme can be used to connect a factory automation network linking operations devices to a corporate network linking various business units, with enhanced network security. Such a connection can be facilitated by introducing into the existing infrastructure a set of industrial security appliances (ISAs) that work together to create an encrypted tunnel between the two networks. The set of ISAs can be scalable to overlay differently sized core networks, to create the private overlay network. Connections to the private overlay network can be managed by the ISAs in a distributed fashion, implementing a peer-to-peer dynamic mesh policy. The industrial security system disclosed may be particularly advantageous in environments such as public utility systems, medical facilities, and energy delivery systems.

Abstract: A computer implemented method, apparatus, and computer program product for transferring information with an aircraft. A connection is established between an onboard electronic distribution system executing in an aircraft data processing system in the aircraft and an on ground component. Responsive to a request for a command from the on ground component, the command for execution is identified. The identified command is sent to the onboard electronic distribution system from an on ground component. A transaction identifier is assigned to the command. A transaction associated with the command is maintained on the onboard electronic distribution system and the on ground component using the transaction identifier. An uplink is initiated by the on ground component. An aircraft software part is sent to the onboard electronic distribution system from the on ground component to perform the uplink. A status of a transfer of the aircraft software part on ground component is stored.

Abstract: Embodiments are directed towards, gateway computers and management platform server computers for managing secure communication over a network. Gateway computer may intercept communications from unauthenticated source node computers directed to target node computers. If the unauthenticated node computer provides its credentials in response to a request for credentials from the gateway computer, the credentials and the intercepted communications may be provided to a management platform server for further processing. The management platform server may authenticate the unauthenticated source node computer based on its credentials and the intercepted communication and the management platform server may determine a target gateway computer that corresponds to the target node computer based on content of the intercepted communication. The management platform server may provide configuration information for generating a secure private network connection between the gateway computer and the target gateway computer.

Abstract: A computer implemented method, apparatus, and computer program product for transferring information with an aircraft. A connection is established between an onboard electronic distribution system executing in an aircraft data processing system in the aircraft and an on ground component. Responsive to a request for a command from the on ground component, the command for execution is identified. The identified command is sent to the onboard electronic distribution system from an on ground component. A transaction identifier is assigned to the command. A transaction associated with the command is maintained on the onboard electronic distribution system and the on ground component using the transaction identifier. An uplink is initiated by the on ground component. An aircraft software part is sent to the onboard electronic distribution system from the on ground component to perform the uplink. A status of a transfer of the aircraft software part on ground component is stored.

Abstract: A computer implemented method, apparatus, and computer program product for managing aircraft software parts. In one embodiment, a computer implemented method creates an alternate parts signature list part having a set of signatures for a set of stored aircraft software parts. The alternate parts signature list part is distributed to the aircraft data processing system. Each signature for a set of stored aircraft software parts on the aircraft data processing system is replaced with a corresponding signature in the alternate parts signature list part to form a set of current signatures on the aircraft data processing system.

Abstract: A private overlay network is introduced into an existing core network infrastructure to control information flow between private secure environments. Such a scheme can be used to connect a factory automation network linking operations devices to a corporate network linking various business units, with enhanced network security. Such a connection can be facilitated by introducing into the existing infrastructure a set of industrial security appliances (ISAs) that work together to create an encrypted tunnel between the two networks. The set of ISAs can be scalable to overlay differently sized core networks, to create the private overlay network. Connections to the private overlay network can be managed by the ISAs in a distributed fashion, implementing a peer-to-peer dynamic mesh policy. The industrial security system disclosed may be particularly advantageous in environments such as public utility systems, medical facilities, and energy delivery systems.

Abstract: A computer implemented method, apparatus, and computer program product for transferring information with an aircraft. A connection is established between an onboard electronic distribution system executing in an aircraft data processing system in the aircraft and an on ground component. Responsive to a request for a command from the on ground component, the command for execution is identified. The identified command is sent to the onboard electronic distribution system from an on ground component. A transaction identifier is assigned to the command. A transaction associated with the command is maintained on the onboard electronic distribution system and the on ground component using the transaction identifier. An uplink is initiated by the on ground component. An aircraft software part is sent to the onboard electronic distribution system from the on ground component to perform the uplink. A status of a transfer of the aircraft software part on ground component is stored.

Abstract: A computer implemented method, apparatus, and computer program product for transferring information with an aircraft. A connection is established between an onboard electronic distribution system executing in an aircraft data processing system in the aircraft and an on ground component. Responsive to a request for a command from the on ground component, the command for execution is identified. The identified command is sent to the onboard electronic distribution system from an on ground component. A transaction identifier is assigned to the command. A transaction associated with the command is maintained on the onboard electronic distribution system and the on ground component using the transaction identifier. An uplink is initiated by the on ground component. An aircraft software part is sent to the onboard electronic distribution system from the on ground component to perform the uplink. A status of a transfer of the aircraft software part on ground component is stored.

Abstract: A method, apparatus, and program code for processing commands in a network. A process creates a set of commands for an aircraft. The commands are in queues in a library in the network. Responsive to an event, the stored set of commands is sent to a proxy server application executing on the network data processing system. A connection is established between the proxy server application and an onboard electronic distribution system on an aircraft data processing system on the aircraft. The commands are requested by the onboard electronic distribution system. The distributed commands are received from the proxy server application by the onboard electronic distribution system. The received commands are processed by the onboard electronic distribution system and a set of aircraft software parts is forwarded to a set of target data processing systems on the aircraft using the processed set of commands if the commands are uplink commands.

Abstract: A method, apparatus, and program code for processing commands in a network. A process creates a set of commands for an aircraft. The commands are in queues in a library in the network. Responsive to an event, the stored set of commands is sent to a proxy server application executing on the network data processing system. A connection is established between the proxy server application and an onboard electronic distribution system on an aircraft data processing system on the aircraft. The commands are requested by the onboard electronic distribution system. The distributed commands are received from the proxy server application by the onboard electronic distribution system. The received commands are processed by the onboard electronic distribution system and a set of aircraft software parts is forwarded to a set of target data processing systems on the aircraft using the processed set of commands if the commands are uplink commands.

Abstract: A computer implemented method, apparatus, and computer program product for transferring information with an aircraft. A connection is established between an onboard electronic distribution system executing in an aircraft data processing system in the aircraft and an on ground component. Responsive to a request for a command from the on ground component, the command for execution is identified. The identified command is sent to the onboard electronic distribution system from an on ground component. A transaction identifier is assigned to the command. A transaction associated with the command is maintained on the onboard electronic distribution system and the on ground component using the transaction identifier. An uplink is initiated by the on ground component. An aircraft software part is sent to the onboard electronic distribution system from the on ground component to perform the uplink. A status of a transfer of the aircraft software part on ground component is stored.

Abstract: A computer implemented method, apparatus, and computer program product for managing aircraft software parts. In one embodiment, a computer implemented method creates an alternate parts signature list part having a set of signatures for a set of stored aircraft software parts. The alternate parts signature list part is distributed to the aircraft data processing system. Each signature for a set of stored aircraft software parts on the aircraft data processing system is replaced with a corresponding signature in the alternate parts signature list part to form a set of current signatures on the aircraft data processing system.