Diode Applications: Secure Remote Camera Control

June 2013

In this blog series, I will explore applications for Data Diodes. In the first of the series, we’ll look at providing secure access to  remote CCTV cameras, in unsecured location.

Security cameras are in increasing part of today’s society, used by civil authorities to protect public spaces, police for law enforcement and the military for force protection. These cameras are typically located in in-secure public areas, but feed the vital imagery back to secure control rooms. In these control rooms operations staff and intelligence officers monitor the images for signs of wrong-doing. This often involves the desire to pan, tilt or zoom (PTZ) the camera to take a close look at a suspected security event.

Police officers monitor CCTV screens in the control room at New Scotland Yard in London. Photograph: Kirsty Wigglesworth/AFP/Getty images Source: Guardian

A simple networking configuration is often used to provide network separation, which introduces vulnerabilities into the control system network: Can an adversary supply false imagery, use the network to mount a denial of service attack, launch malware or even access the intelligence information?

Using a carefully deployed configuration of a pair of data diodes and a data guard you can mitigate these risks.

  • A diode / guard pair in one direction can be used to allow authenticated video streams in.
  • A second diode / guard pair in the opposite direction can be used to ensure only PTZ data can flows out.

Interested in finding out more details about securing remote access to security cameras?  Contact me, or leave a comment below.

 

Author Bio – Colin Robbins

Colin Robbins is Nexor’s Managing Security Consultant. He is a Fellow of the IISP, and a NCSC certified Security and Information Risk Adviser (Lead CCP) and Security Auditor (Senior CCP). He has specific technical experience in Secure Information Exchange & Identity Systems and is credited as the co-inventor of LDAP. He also has a strong interest in security governance, being a qualified ISO 27001 auditor.

CATEGORIES

 Archives

Be the first to know about developments in secure information exchange

Stay Informed Footer
Sending

lockWe value your privacy Find out more >