Safeguarding Government Facilities
While U.S. government facilities – such as legislative buildings, office buildings, courtrooms, judicial offices and more – perform a wide range of functions and have varying levels of public access, all must ensure the security and safety of employees, visitors and information housed there. In support of this, the government issued Homeland Security Presidential Directive 12 (HSPD-12), which sets a policy for common identification standards for federal employees and contractors. Smart cards with multifactor authentication are now standard issue for these personnel, and these cards are used to gain secure access to the facilities and computer systems.
Video surveillance is a key component of a physical security strategy for any government facility. And, while the benefits of video surveillance are clear, the potential data security risks of these solutions have only recently come under scrutiny. Video surveillance data is increasingly connected across local and global networks, and an ever increasing number of network cameras send their data to servers over the Internet, which can open the door to cybercrime.
To safeguard against this, Bosch, Genetec and SecureXperts have collaborated in the design and development of an IP video solution that is resilient against unauthorized access, malware, brute force cracking and other exploit techniques. It uses Credentialed High Assurance Video Encryption (CHAVE™) technology to provide highly secure identification and authentication through trusted certificates and multi-factor smart card credentials. This makes it ideal for mission critical government applications and infrastructure protection.
Bosch IP cameras with a unique built-in Trusted Platform Module (TPM) enable the use of CHAVE™ technology. All cryptographic operations and certificates used for encryption and authentication are handled and stored inside the TPM to ensure the highest data security.
CHAVE™ adds an extra layer of security by leveraging the use of smart cards. CHAVE™ cameras meet Federal Information Processing Standard (FIPS) Publication 140-2 Level 3 certified encryption standards. Based on standards known as Public Key Infrastructure (PKI) and Transport Layer Security (TLS), the cameras allow secure communications over the Internet and other untrusted network connections.
CHAVE™ systems leverage the use of trusted smart cards for access to devices and to ensure live and recorded video is only accessible by a defined set of viewers. With support from SecureXperts, a security consulting and engineering firm that serves as the local registration agent for CHAVE™ devices, cameras are pre-loaded with signed X.509 certificates. These unique certificates are used to authenticate communication between trusted components and to encrypt data for secure transmission. All cryptographic operations needed for encryption and authentication occur within the camera’s Trusted Platform Module, preventing unauthorized access to the certificate stored within the module.
Providing a complete IP video solution, the latest version of Genetec’s open-architecture, unified security platform, Security Center is CHAVE™ enabled, supporting the use of smart cards and digital certificates. Users must authenticate with a unique smart card credential in order to gain access to Security Center and video from Bosch CHAVE™ cameras.
These cameras combined with CHAVE™-enabled Security Center from Genetec provide an IP video solution that maximizes data security for critical applications. It’s a unique, powerful solution for government facilities concerned with the security of their video data and networks. To learn more about the CHAVE™ IP video solution, click here.
For more info about the importance of securing your IP physical security system, we invite you to read our Security-of-Security Blog Series.
About the Author
Director, Vertical Market Applications, Bosch Security Systems, Inc.More Content by Dan Reese