Dirk Stegemann

Product Security Officer, Bosch Security Systems

Author Bio ▼

Dirk Stegemann is Product Security Officer for Bosch Security Systems. He is also a key contributor to the ONVIF Profile Q Working Group and ONVIF Security Working Group.
September 18, 2015

Sign up to free email newsletters

Download

Mobile access case study: University of Hull students impressed with HID Global upgrade

ONVIF Introduces Profile Q to Tackle Cyber Security Challenges

onvif on displayIn a world in which cyber theft, hacking and corporate security breaches seem to be proliferating, securing the systems we trust to guard sensitive data, communications and servers has become more important than ever.

ONVIF’s Profile Q offers the advanced security required in today’s technologcal world, giving integrators and end users the necessary protections from today’s cyber security threats, in addition to providing out-of-the-box interoperability.

Before IP technology was widely-adopted, networks for surveillance and access control systems often provided assurance that the communications transmitted between devices was secure and could not be intercepted or hacked, as well as plug and play interoperability.

Today, the IP equivalent, a dedicated and separate IT network for security devices operating independently from a general operations network, is expensive to maintain and has become a luxury few organisations can afford. As a result, CCTV and access control systems often share a network with other business systems and operation devices, clients and software.

When sharing a communication infrastructure with these other business networks, CCTV and access systems require enhanced information security capabilities in order to provide the same level of security as a system operating within a dedicated network.

ONVIF’s newest specification, Profile Q, provides the enhanced information security capability required by today’s shared network infrastructure. Profile Q specifies the use of Transport Layer Security (TLS) as conditional, meaning that if the product has the feature, it must be available on the ONVIF interface to meet profile conformance.

Profile Q also mandates HTTP Digest Authentication and a ‘default access policy’, which is an improvement of security in the communication with conformant devices.

In addition to advanced security features, Profile Q also answers the call for easy installation and out-of-the-box functionality. Manufacturers will have ONVIF automatically enabled for every product that is Profile Q conformant.

This means that an integrator or user doesn’t have to find a switch to activate ONVIF or search for instructions. Profile Q conformant devices are easily discoverable and feature easy camera replacement and configuration, a factory reset functionality and event management.

The two main features of Profile Q – easy set up and advanced security features – have a shared purpose. If a product is too onerous to set up and configure, then it often goes unused.

If security features, too, are difficult to install, configure and maintain, busy operators may turn them off. Though understandable, this leaves devices and networks vulnerable to attack.

Profile Q makes the implementation of advanced security and configuration easy for integrators and users, saving them time and ensuring their networks are safe for multiple uses.

Free Download: The State of Surveillance Storage

From the growing quantity of data to new innovations like Artificial Intelligence (AI) and machine learning, the surveillance and security landscape is changing. The Seagate Surveillance Storage Survey 2018 is a look at what the industry challenges really are—and what businesses, security industry professionals, installers and integrators need from their storage moving forwards. Discover the challenges now by clicking here.

Related Topics

Leave a Reply

Be the First to Comment!

avatar
  Subscribe  
Notify of