Credentialed High Assurance Video Encryption
Video surveillance data is increasingly connected across local and global networks, and a growing number of network cameras send their data to servers over the Internet. This can open the door to cybercrime. Mission critical and critical infrastructure environments must have an IP video solution that maximizes data security, and the National Institute of Standards and Technology and the U.S. Department of Homeland Security mandate the use of smart cards and multi-factor authentication for these facilities.
Together, Bosch, Genetec™, and SecureXperts offer an IP video solution that is resilient against unauthorized access, malware, brute force cracking and other exploit techniques. The solution uses Credentialed High Assurance Video Encryption (CHAVE™) technology to ensure highly-secure identification and authentication through multi-factor smart card credentials.
Authentication and encryption
All Bosch IP cameras use a unique embedded Trusted Platform Module to ensure the highest data security. CHAVE™-enabled cameras add an extra layer of protection that meets Federal Information Processing Standard (FIPS) Publication 140-2 Level 3 certified encryption standards. Using techniques known as Public Key Infrastructure (PKI) and Transport Layer Security (TLS), CHAVE™-enabled cameras allow secure communications over the Internet and other untrusted network connections.
The cameras are pre-loaded with signed X.509 certificates by SecureXperts, the local registration agent for CHAVE™-enabled devices. These unique certificates are used for authentication to ensure communication between trusted components and encryption to secure data. All cryptographic operations needed for encryption and authentication occur within the camera’s Trusted Platform Module, preventing unauthorized access to the certificate stored within the module.
Complete IP video solution
Providing a complete solution, the latest version of Genetec’s open-architecture, unified security platform Security Center 5.4 is CHAVE™ enabled, supporting the use of smart cards and digital certificates. Users must authenticate with a unique smart card credential in order to gain access to Security Center and video from CHAVE™-enabled Bosch cameras. Security Center also uses the latest encryption standards such as TLS, AES-128, and RSA, which results in more secure communications between all Security Center client and server applications.
CHAVE™-enabled IP cameras
A range of CHAVE-enabled cameras ensure you have the right choice for any area of your facility – indoor or outdoor.
FLEXIDOME IP 7000 VR
FLEXIDOME IP starlight 7000 VR
DINION IP starlight 8000 MP
FLEXIDOME IP panoramic 7000 MP
AUTODOME IP dynamic 7000 HD
MIC IP starlight 7000 HD
DINION IP imager 9000 HD
|Secure credential-based authentication
||Eliminates highly-vulnerable user name/password authorization for workstations and cameras
|Uses PKI and TLS security techniques
||Support for industry standard technology allows secure communication over the Internet
|Supports 2048bit RSA and 256bit elliptic curve cryptography
||Meets NSA Suite B Secret protection level
|Proprietary hardware key
||Camera protects data even in the case of a breach; meets FIPS 140-2 level 3 data protection
|Active Directory integration
||Enterprise wide access rights management for Security Center