Bosch Security Systems Inc., Genetec Inc., and SecureXperts have collaborated in the design and development of an IP video solution that is resilient against unauthorized access, malware, brute force cracking and other exploit techniques. It uses Credentialed High Assurance Video Encryption (CHAVE) technology to provide highly secure identification and authentication through multi-factor smart card credentials. This makes it ideal for mission critical applications and infrastructure protection.
While all Bosch IP cameras use an embedded Trusted Platform Module to ensure data security, CHAVE-enabled cameras add an extra layer of protection that meets Federal Information Processing Standard (FIPS) Publication 140-2 Level 3 certified encryption standards. Using techniques known as Public Key Infrastructure (PKI) and Transport Layer Security (TLS), CHAVE-enabled cameras allow secure communications over the Internet and other untrusted network connections.
CHAVE-enabled systems leverage the use of federally mandated trusted smart cards (HSPD-12), and commercially issued smart cards for access to devices and to ensure live and recorded video is only accessible by a defined set of viewers. With support from SecureXperts, a security consulting and engineering firm that serves as the local registration agent for CHAVE-enabled devices, cameras will ship to users pre-loaded with signed X.509 certificates. These certificates are used for authentication to ensure communication between trusted components and encryption to secure data. All cryptographic operations needed for encryption and authentication occur within the camera’s Trusted Platform Module, preventing unauthorized access to the certificate stored within the module.
“SecureXperts has the good fortune to introduce this technology along with Bosch and Genetec to meet current and future cybersecurity technology requirements used in key critical infrastructure protection and mission essential environments,” said Darnell Washington, president/CEO of SecureXperts Inc. “Our emphasis on maintaining highly secure environments for our partners, stakeholders, and clients has evolved into a leading edge technology solution that can provide secure surveillance using local, federated, or cloud hosted environments.”
Bosch will offer a range of CHAVE-enabled IP cameras to fit a wide variety of imaging requirements and environmental conditions, including ruggedized pan-tilt-zoom cameras for extreme conditions, panoramic cameras for 360-degree surveillance, starlight cameras for low light environments, and more. Cameras will also come equipped with Intelligent Video Analytics to alert operators when predefined alarms are triggered, helping to enhance the physical security of critical applications. To provide customers with a complete IP video solution, the latest version of Genetec’s open-architecture unified security platform, Security Center 5.4, is CHAVE-enabled, supporting the use of smart cards and digital certificates.
Users must authenticate with a unique smart card credential in order to gain access to Security Center and video from CHAVE-enabled Bosch cameras.
“With our embedded Trusted Platform Module and certificate-based authentication, we have extended smart card technology into our cameras,” said Dan Reese, Director, vertical market applications, Bosch Security Systems, Inc. “Through our partnership with SecureXperts, Bosch is offering IP security cameras pre-loaded with U.S. federally-trusted PKI certificates. These cameras combined with CHAVE-enabled Security Center from Genetec provide an IP video solution that maximizes data security for critical applications.”
Security Center version 5.4 also offers the latest encryption standards such as TLS, AES-128, and RSA, which results in more secure communications between all Security Center client and server applications. To streamline multi-organization collaboration, organizations can leverage third-party claims services, including Microsoft Active Directory Federation Services, to manage Security Center users across organizations and domains.
“Genetec is pleased to collaborate with Bosch in our mutual commitment to ‘Security-of-Security’, as we harden our systems to any potential vulnerabilities between edge devices (cameras) and the Genetec Security Center VMS archiver,” said Philippe Ouimette director of strategic alliances, Genetec. “The new CHAVE- enabled IP cameras from Bosch will help ensure that the front-end is as secure as the back-end, as video data is captured, managed, moved, and stored.”