Trust-Provisioning Infrastructure for a Global and Secured UAV Authentication System

UAVs are gaining momentum in various areas, whether it is in the commercial or private sector. Novel scenarios are extending the seemingly endless list of use cases for this emerging technology. To avoid ungoverned proliferation and abandoned aerial objects, not only regulations but also technical solutions are indispensable. Authentication of a UAV is required to link to the operator and respective competences. Besides appropriate competences, regulations are depending on regional authorities, which demands a studious concept to avoid insular solutions. This paper proposes a thought-through infrastructure for a secured and global operative authentication system. First, upcoming regulations are considered for the concept to make the system regulatory compliant. Then, to avoid a patchwork of proclaimed solutions, the system design is based on the principle of delegated authority, which allows the respective authorities to keep control over their domains. Further, to associate UAVs with their operators, a cryptographic link is created during a provisioning process. This link is represented by a certificate, comparable with a conventional driver’s license. The system design allows divestment of respective flight permissions, enabled by certificate revocation. Lastly, we constructed a proof-of-concept for the proposed infrastructure solution and compared it to a decentralized approach.