NASA Foundation Merges Physical & Digital Security
With 1.6 million international visitors annually and a trove of precious NASA intellectual property, the Astronauts Memorial Foundation is highly sensitive to the need for top-level security. Located in NASA’s Kennedy Space Center, the foundation honors astronauts who lost their lives in service to the space program and provides innovative space technology education programs for educators and students alike. The soaring 42- by 50-foot granite-finished Space Mirror Memorial sits just outside the building with the engraved names of astronauts whom the foundation honors.
“We’re the fourth largest attraction in Florida and a very visible, target-rich environment,” said Thad Altman, foundation CEO and president, and Florida House member. “We need to have absolute control over who goes where and do all we can to prevent cyber attacks. We also have to monitor our facilities both here and remotely. The stronger systems we have in place for identity management and infrastructure protection, the more open we can be to our visitors and students.”
The foundation is housed in a building with several commercial high-tech tenants, including security consulting firm SecureXperts, which has many federal government agencies and federally regulated healthcare, financial, transportation and energy industry organizations as clients. Recently SecureXperts helped many of these organizations merge physical and cyber security and strengthen the defenses of IoT devices such as video surveillance cameras, whose weak password protection has made them targets for nation-state and other hackers.
“These devices were very vulnerable to intruders manipulating video images and gaining administrative privileges that grant them access to other parts of the network,” said Darnell Washington,
SecureXperts president and CEO.
When the Astronauts Memorial Foundation saw what SecureXperts was doing to protect its section of the foundation building, it realized it had to extend those strategies to the entire complex, which was currently protected by legacy surveillance cameras and traditional physical lock and key.
“Bringing the entire complex, including tenants, under the same combined high-level physical and cyber security implementation not only enhances
protection greatly from hackers but saves money in accordance with the goals of the federal government’s Shared Services Initiative,” Washington said. The federal initiative encourages government organizations to combine and share IT resources and systems where practical to both improve service quality and cut budgetary costs.
SecureXperts is in phase one of a long-term program to deploy its integrated security solution throughout the foundation building. “Working with Bosch and HID Global security solutions, we’re providing secure camera surveillance, strong identity and encryption, granular access control and intrusion detection and prevention that meet and exceed all regulatory requirements and industry best practices as part of our initial deployment,” Washington said. “We plan to apply the same technology to an upcoming adjacent commercial business park for high-tech development organizations called Exploration Park and perhaps eventually throughout the Kennedy Space Center.”
The solution consists of HID FARGO ID card printers and encoders, HID iCLASS SE readers, secure Bosch cameras, HID’s ActivID credential management system and its IdenTrust digital certificate authority.
Building tenants, visitors and management, including foundation employees, have begun using HID Seos smart cards and iCLASS SE readers to open more than 50 physical doors in the facility and gain logical access to their PCs and IT systems via HID OMNIKEY smart card readers. Granular roles and access privileges are assigned for every user, including visitors, restricting access only to the offices and systems they’re entitled to access.
SecureXperts also has been replacing legacy password-protected surveillance cameras with Bosch cameras secured by IdenTrust-issued digital certificates. “We’ve worked with Bosch Security
Services to leverage a technology developed and trademarked by SecureXperts called Credentialed High Assurance Video Encryption (CHAVE),” Washington said. “CHAVE embeds digital certificates into the Bosch camera platform to ensure the video is encrypted and the system is a fully trusted platform module.”
Washington added that this is the first IP-based video solution that meets all of the high-level federal government requirements such as the NIST and Department of Defense standards for security controls and is highly resistant even to the most sophisticated nation-state attackers.
SecureXperts acts as the local digital certificate registration agent using the HID Global IdenTrust system to issue digital certificates to identify cameras and other devices connected to the network and manage certificate enrollment and revocation in the event that a device or user identity is no longer trusted.
The dramatic improvement in security is already apparent. “With the HID Global solution, we can secure our building and sensitive digital information and manage ingress and egress much more efficiently,” Altman said. “We can monitor and track everything remotely as well.”
The phased deployment of the new solution is part of an eventual comprehensive shared services deployment in which SecureXperts will host a single facility-wide wireless LAN and system and data storage pool, replacing each organization’s separate wireless, server, storage and access control systems. “We’ll provide provable cyber security processes, methodologies and best practices audited at a very high level to protect every tenant more effectively than they could protect themselves,” said Washington, adding that tenants will reap an estimated 40 percent cost savings using the shared IT, OT and security infrastructure.
“The Kennedy Space Center is a model of innovation and technology leadership,” Washington said. “We’re obligated to make sure we have the best security strategies, technologies, people and processes in place to ensure that the center has successful physical and cyber security outcomes.”
Projects in the News
Located one hour outside of London, the borough of Runnymede is home to some of the U.K.’s most expensive real estate. In order to enhance public safety, the borough council contracted service provider Safer Runnymede. Working with Nottinghamshire-based systems integrator Central Security Systems, the experts installed a platform combining public safety technology with personal safety services such as care solutions for the elderly.
Looking for a future-proof and scalable system built on an integrated software platform, the officials in Runnymede tasked Bosch to design a fully IP-based security camera architecture. Since the Safer Runnymede system already included a Bosch monitor wall plus encoders, cameras, VRM and storage devices, systems integrators could leverage the initial investment into a full suite of Bosch solutions. Connecting these solutions via the Bosch Video Management System (BVMS) allowed Runnymede to become one of the first councils to invest in a fully IP-based infrastructure.
Five manufacturers teamed up to provide safety and security at the 72nd Annual Little League Baseball World Series (LLBWS). BriefCam and Ruckus Networks, an ARRIS Company, joined Axis Communications, Lenel and Milestone Systems to provide video surveillance systems, access control and network connectivity for the 10-day tournament.
The five technology providers came together to develop a comprehensive security strategy for the 16 Little League Baseball teams and worldwide fans participating in the World Series held August 16-26, 2018, in South Williamsport, Pa.
“Each year, hundreds of thousands of people come out to Williamsport to enjoy their time at the Little League Baseball World Series,” said Jim Ferguson, Little League assistant director of risk management and safety. “Along with the safety of all of 16 participating teams, our top priority during the Little League Baseball World Series is to provide a safe and secure facility for visitors from all over the world to enjoy.”
Vicon Industries Inc. announced that its SN673V-B Cruiser PTZ camera was deployed in Charleston Harbor, S.C., as part of the Coastal Conservation League’s project, “The Pelicam.” The Pelicam is a weather-resistant Vicon camera, mounted on a pole along with solar panels, battery back-up and a wireless transmission system, on an isolated strip of land within the harbor. Wray Lemke, founder and vice president of electronic and security services company Mount Pleasant Radio, volunteered his time to bring this project to fruition.The Pelicam’s location is a popular spot for pelicans and other shore birds. The Vicon camera’s 20X optical zoom provides close-up video of the birds, allowing biologists from the Department of Natural Resources (DNR) and the public to witness behaviors that would not normally be observable by humans. The Conservation League makes use of the camera’s presets to change scenes, live-streaming on YouTube. Video recorded to the camera’s local SD card is available for DNR biologists to review and study.