Recently, some airlines have been offering to their passengers in-flight telecommunication services, in particular the possibility to access the internet and send/receive e-mail via a satellite link. For this purpose, the airplane cabin is equipped with a wired network of the Ethernet type or a WLAN network (IEEE 802.11b/g) into which passengers can log conventionally. The description of such a communication system can be found for instance in the international application WO00/14987.
Pilots, maintenance personnel, and flight personnel also have control terminals linked to the on-board network. It has been found necessary, for obvious security reasons, to partition the network into a non secure area and a secure area, with passengers being able to access the former but not the latter. The secure area comprises in particular the information and control systems of the airplane, located in the cockpit and the avionics bay. It is protected by conventional physical access control means.
One easy and known way of prohibiting access to a secure area of an on-board network is to provide for the links between the secure area and the non secure area to be one-way links.
FIG. 1 schematically illustrates an on-board network 100 partitioned into a secure area A and a non secure area B. Links 110 are one-way links from A to B, e.g. Ethernet links using single twisted pair wiring corresponding to the direction of communication from A to B. Although such a system efficiently warrants security of area A, it does however have two major drawbacks. First of all, it definitely prohibits any communication from area B to area A. Also, for data transfer from area A to area B, the destination equipment cannot return an acknowledgement to the equipment having sent the data. This is incompatible with most current communication protocols and moreover deprives the source equipment of any kind of guarantee regarding the correct transfer procedure.
It is the object of the present invention to propose an on-board telecommunication system, partitioned into a secure area and a non secure area, which offers possibilities of two-way communication between the two areas without substantially reducing protection of the secure area.