Bosch Security Systems reports that its network video surveillance cameras are fully integrated with Genetec Archiver and Security Center software. All network-wide communications between the cameras and Genetec’s systems are assigned an authentication key. This electronic signature enables the system to verify the legitimacy of network components like cameras or storage units, and viewing clients.
Bosch IP-cameras have a built-in Trusted Platform Module (TPM) to safely store cryptographic keys used for authentication for trustworthy communications between all network components and encryption of all video data. All cryptographic operations, for authentication and encryption, are only executed inside the built-in Trusted Platform Module (TPM). Encrypted video data is then sent from the camera to the Genetec Archiver using SRTP (Secure Real-Time Transport Protocol). Security is also established via a ‘permissioning’ scheme based on privileges accumulated by specific users.
Because Genetec Security Center integrates with Active Directory, user management can be monitored and centralised at Windows level. Besides individual users, user groups from Active Directory can be synchronized with Security Center, whilst new users will automatically inherit existing Security Center privileges defined for that group.
Passwords are still an essential layer of security, the firms add, but the Genetec Archiver also uses a client certificate (which can be signed by a trusted third party and is factory-installed) to authenticate themselves to the Bosch IP camera. Only Bosch-approved firmware updates will be accepted, and any cryptographic operations are only executed inside the unique built-in Trusted Platform Module (TPM).
Certificates are less at risk from hacking, which is why Genetec uses certificate authentication for its Security Center management software and clients. The video management systems interact with the Bosch cameras using certificates for authentication, and because stored data stays encrypted and data is transmitted via SRTP (Secure Real-time Transport Protocol) confidentiality and data protection are guaranteed. Using SRTP throughout the whole video security infrastructure enables customers to set up a secured multi-cast network, and get security and good network scalability at the same time.