Chapter Scenario: Blue Yonder Airlines | MCSE Training Kit (Exam 70-220): Designing Microsoft Windows 2000 Network Security: Designing Microsoft(r) Windows(r) 2000 Network Security (IT-Training Kits)

Blue Yonder Airlines is a discount airline that serves the West Coast of the United States. Blue Yonder Airlines wants to use the Internet to give customers the ability to purchase airline tickets securely from the Blue Yonder Airlines Web site (ww.blueyonder.tld).

Blue Yonder Airlines Destinations

Blue Yonder Airlines uses a fleet of Boeing 737s to carry passengers between several West Coast airports, as shown in Figure 10.1.

click to view at full size.

Figure 10.1 Blue Yonder Airlines destinations

The hub for Blue Yonder Airlines is Salt Lake City, and all airplane maintenance is performed at the Salt Lake City hangar. The central Information Technology (IT) department is also at the Salt Lake City office, and the Blue Yonder Airlines Web site and supporting infrastructure will be there as well.

The Ordering Web Site

Blue Yonder Airlines wants its customers to be able to order airline tickets directly over the Internet. The plan is to have potential customers provide customer information in a form on the Blue Yonder Airlines Web site and then to issue each customer a customer card and a smart card reader.

The customer card is a Schlumberger smart card imprinted with the Blue Yonder Airlines logo. For future transactions, customers will insert their smart card and enter their personal identification number (PIN) to confirm online ticket purchases.

Creating Customer Accounts

When the Blue Yonder Airlines customer service department receives a new request, a customer service representative verifies all information entered in the Web form. The representative's job includes verifying all address information and running a credit check.

If the customer information is accurate and the results of the credit check are satisfactory, a user account is created in the Active Directory directory service for the customer. Blue Yonder Airlines uses a single-domain model for its Active Directory, where the Active Directory forest root domain is ad.blueyonder.tld. Within the domain a dedicated OU for airline customers is maintained so that customer user accounts are maintained separately from employee user accounts, as shown in Figure 10.2.

Figure 10.2 Blue Yonder Airlines Active Directory OU structure

Within the customer OU, accounts are organized according to the mileage the passenger flies each year with Blue Yonder Airlines. All customers are set initially as Bronze partners. If the customer flies 30,000 miles, her status is elevated to Silver. If the customer reaches 60,000 miles, she is elevated to Gold. The customer's user account is placed in the OU that matches her partner status.

The Active Directory schema for Blue Yonder Airlines is extended to include additional customer attributes, which ensures that credit card information can be included in the user object for each user account.

Certificate Management

Once the user account is created, a request form is sent to the smart card administrator, Jenny Sax, so that she can issue a personalized smart card to the new customer.

Jenny creates the smart card so that the private/public key pair is associated with the new customer. After creating and verifying the card, she ships it, along with a smart card reader, to the customer by overnight express.

A letter specifying the PIN for the smart card is sent to the customer separately. Blue Yonder Airlines decided to deliver the PIN and smart card in separate packages after an incident the previous year in which an unauthorized user ordered airline tickets.

Jenny also serves as the certificate administrator and is responsible for revoking certificates if a customer breaks the rules outlined in the Blue Yonder Airlines Certificate Practice Statement (CPS), which is available at www.blueyonder.tld/Public/etiquette.html. The CPS explains acceptable use of the smart card and the circumstances under which the certificate associated with the smart card will be revoked. The Blue Yonder Airlines CPS requires the certificate revocation to be effective within four hours of the revocation request.

Using the Smart Card

Customers use their new smart cards and smart card readers to access the Members section of the Blue Yonder Airlines Web site (ww.blueyonder.tld/members/login.asp). The login page is configured to accept only certificate-based authentication. When customers attempt to access the www.blueyonder.tld/members/login.asp Web site, they will be prompted to insert their smart card into the reader and enter their PIN.

Because the smart card is associated with an Active Directory account, no additional information is required to purchase a ticket. Customers are able to request the ticket and have the ticket charged to their credit card.

All transactions are recorded in a structured query language (SQL) database on the Blue Yonder Airlines internal network. The SQL database is queried frequently to determine customer preferences for seating, to ascertain commonly traveled routes, and to track pricing information.

Other Uses for PKI at Blue Yonder Airlines

The employees of Blue Yonder Airlines also use smart cards. Both local users on the corporate network and users dialing into the network from remote locations use the cards to authenticate with the network. User authentication for remote access is configured to require the use of Extensible Authentication Protocol (EAP), and all client computers connect by using Layer 2 Tunneling Protocol over Internet Protocol Security (L2TP/IPSec) tunnels.