BOSCH says its cameras are being fully integrated with Genetec systems, resulting in an end-to-end data security solution incorporating all Bosch network video surveillance cameras, plus Genetec Archiver and Security Center.
Bosch is taking a proactive stance on cybersecurity due to the the rise of IoT devices and cybercrime. The result is this end-to-end data security solution. All network-wide communications between Bosch cameras and Genetec Archiver and Security Center are assigned an authentication key. This electronic signature enables the system to verify the legitimacy of network components like cameras or storage units, and viewing clients, ensuring that an infrastructure of trust is built before network-wide communications start.
All Bosch IP-cameras have a built-in Trusted Platform Module (TPM) to safely store cryptographic keys used for authentication ensuring trustworthy communications between all network components and encryption of all video data, according to the company. All cryptographic operations, for authentication and encryption, are only executed inside the unique built-in Trusted Platform Module (TPM). Encrypted video data is then sent from the camera to the Genetec Archiver using SRTP (Secure Real-Time Transport Protocol). Additional security is established via a ‘permissioning’ scheme based on privileges accumulated by specific users.
Because Genetec Security Center integrates with Active Directory, user management can be monitored and centralized at Windows level. As well as individual users, user groups from Active Directory can be synchronized with Security Center, whilst new users will automatically inherit existing Security Center privileges defined for that group.
Passwords are still an essential layer of security, but the Genetec Archiver also uses a client certificate (which can be signed by a trusted third party and is factory-installed) to authenticate themselves to the Bosch IP camera. In addition, only Bosch-approved firmware updates will be accepted, and any cryptographic operations are only executed inside the unique built-in Trusted Platform Module (TPM).