Avatar photo

Product Security Officer, Bosch Security Systems

Author Bio ▼

Dirk Stegemann is Product Security Officer for Bosch Security Systems. He is also a key contributor to the ONVIF Profile Q Working Group and ONVIF Security Working Group.
September 18, 2015

Sign up to free email newsletters


Whitepaper: Multi-residential access management – The move to digital

ONVIF Introduces Profile Q to Tackle Cyber Security Challenges

onvif on displayIn a world in which cyber theft, hacking and corporate security breaches seem to be proliferating, securing the systems we trust to guard sensitive data, communications and servers has become more important than ever.

ONVIF’s Profile Q offers the advanced security required in today’s technologcal world, giving integrators and end users the necessary protections from today’s cyber security threats, in addition to providing out-of-the-box interoperability.

Before IP technology was widely-adopted, networks for surveillance and access control systems often provided assurance that the communications transmitted between devices was secure and could not be intercepted or hacked, as well as plug and play interoperability.

Today, the IP equivalent, a dedicated and separate IT network for security devices operating independently from a general operations network, is expensive to maintain and has become a luxury few organisations can afford. As a result, CCTV and access control systems often share a network with other business systems and operation devices, clients and software.

When sharing a communication infrastructure with these other business networks, CCTV and access systems require enhanced information security capabilities in order to provide the same level of security as a system operating within a dedicated network.

ONVIF’s newest specification, Profile Q, provides the enhanced information security capability required by today’s shared network infrastructure. Profile Q specifies the use of Transport Layer Security (TLS) as conditional, meaning that if the product has the feature, it must be available on the ONVIF interface to meet profile conformance.

Profile Q also mandates HTTP Digest Authentication and a ‘default access policy’, which is an improvement of security in the communication with conformant devices.

In addition to advanced security features, Profile Q also answers the call for easy installation and out-of-the-box functionality. Manufacturers will have ONVIF automatically enabled for every product that is Profile Q conformant.

This means that an integrator or user doesn’t have to find a switch to activate ONVIF or search for instructions. Profile Q conformant devices are easily discoverable and feature easy camera replacement and configuration, a factory reset functionality and event management.

The two main features of Profile Q – easy set up and advanced security features – have a shared purpose. If a product is too onerous to set up and configure, then it often goes unused.

If security features, too, are difficult to install, configure and maintain, busy operators may turn them off. Though understandable, this leaves devices and networks vulnerable to attack.

Profile Q makes the implementation of advanced security and configuration easy for integrators and users, saving them time and ensuring their networks are safe for multiple uses.

Free Download: The Video Surveillance Report 2023

Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!

Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.


Related Topics

Notify of
Inline Feedbacks
View all comments