End-to-End Video Data Encryption for High Assurance Security Video Applications
Mission critical and critical infrastructure environments must have an IP video solution that maximizes data security, and the National Institute of Standards and Technology and the U.S. Department of Homeland Security mandate the use of smart cards and multi-factor authentication for these facilities.
Together, Bosch, Genetec™, Intercede, and SecureXperts offer an IP video solution that is resilient against unauthorized access, malware, brute force cracking and other exploit techniques. The solution uses Credentialed High Assurance Video Encryption (CHAVE™) technology to ensure highly-secure identification and authentication through multi-factor smart card credentials.
Authentication and encryption
All Bosch IP cameras use a unique embedded Trusted Platform Module to ensure the highest data security. Bosch CHAVE™-enabled cameras add an extra layer of protection that meets Federal Information Processing Standard (FIPS) Publication 140-2 Level 3 cryptographic validation requirements from NIST. Using techniques known as Public Key Infrastructure (PKI) and Transport Layer Security (TLS), Bosch CHAVE™-enabled cameras allow secure communications over the Internet and other untrusted network connections.
Using Intercede’s MyID credential management system (CMS), SecureXperts preloads Bosch CHAVE™-enabled cameras with signed X.509 certificates from federally or commercially trusted certificate authorities. These unique certificates are used for authentication to ensure communication between trusted components and encryption to secure data. All cryptographic operations needed for encryption and authentication occur within the camera’s Trusted Platform Module, preventing unauthorized access to the certificate stored within the module.
Complete IP video solution
Providing a complete solution, Genetec’s open-architecture, unified security platform Security Center 5.6 SR4 is CHAVE™ enabled, supporting the use of smart cards and digital certificates issued and managed by MyID CMS. Users must authenticate with a unique smart card credential in order to gain access to Security Center and video from CHAVE™-enabled Bosch cameras. Security Center also uses the latest encryption standards such as TLS, AES-128, and RSA, which results in more secure communications between all Security Center client and server applications.
CHAVE-enabled IP cameras:
- FLEXIDOME IP starlight 7000 VR
- DINION IP starlight 8000 MP
- FLEXIDOME IP panoramic 7000 MP
- AUTODOME IP starlight 7000 HD
- MIC IP starlight 7000 HD
- DINION IP imager 9000 HD
For more information on Bosch’s data management please visit our website.