International Air Transport Association: new distribution capability

The International Air Transport Association (IATA) is the trade association for the world’s airlines, representing some 260 airlines, or 83% of total air traffic. IATA supports many areas of aviation activity and helps formulate industry policy on critical aviation issues.

The goal of this project was to implement a secure standard named New Distribution Capabilities (NDC). Structured around seven distribution-related functions, the NDC standard addresses the end-to-end airline distribution process, such as shopping for tickets and booking them, and delivers improved customer experiences. The stakeholders of NDC are airlines, travel management companies, online travel agencies, corporate buyers, global distribution systems and other technology players.


Authenticate parties in the end-to-end airline distribution processes.
Secure sensitive data flowing in the distribution processes.
Ensure data integrity.
Ensure non-repudiation of transactions.

Our solution
Application Security

We first provided a study to define the best solutions to address the main challenges: authenticating parties; securing sensitive data; and ensuring data integrity and non-repudiation for each of the business processes. We designed secure flows, including authentication tokens, partial message encryption and signature. Specifically, we encrypted sensitives attributes, such as payment information, to secure any financial information that might be contained in messages. To ensure data integrity and non-repudiation, we established a signing mechanism, and a digital signature is used to identify the transaction issuer. Any changes to the messages invalidate the signature and, as a result, the transaction itself.
From there, we moved to implementation. Our main contribution was on authentication with the development of a Security Token Service using ForgeRock’s OpenAM product. This component generates and validates identity tokens that have been propagated by the distribution flows to identify users, such as travel agencies, corporate buyers and airlines.



Thanks to the support of identity federation standards (SAML2, OAuth2 and OpenID Connect), ForgeRock OpenAM permits a quick and easy deployment of services that meet customer demands.


ForgeRock OpenAM provides flexibility through open source code and a modular architecture. Moreover, almost every feature of ForgeRock OpenAM is exposed as REST services. Thanks to these capabilities, we were able to customise the product so as to enrich identity tokens with critical information and define REST endpoints to expose this new token conversion module.


ForgeRock OpenAM provides both system failover and session failover. Clustering technology handles system failover. More precisely, it is implemented through a load balancer, providing a single point of entry for users to query any number of OpenAM servers. Session failover relies on a shared Core Token Service (CTS) to store user session data. The service is shared with other OpenAM servers in the same perimeter. When an OpenAM server goes down, other servers can read user session information from the CTS, so that a user with a valid session does not have to log in again. These two key features ensure that no single point of failure exists and that the STS is always available to end-users.