[project overview]

With the continuous development of the “Internet plus” program, the networking process is rapidly covering all walks of life. In the field of video monitoring, IP based network video monitoring and solutions are also changing the original closed mode of analog monitoring, which enables users to remotely access and obtain the required video data anytime and anywhere.

However, with the convenience of network, the security of video data also comes one after another.

On February 27, 2015, Jiangsu Public Security Bureau issued an urgent notice saying that the network video products of a well-known security monitoring manufacturer have serious security risks, some devices have been controlled by overseas IP addresses, and there is a risk of a large number of video information leakage; the “an Kan Lo” website live broadcast video monitoring event in public places exposed in September 2015 is illegal theft of hundreds of network information in many places Surveillance video information is directly used for commercial purposes, which greatly infringes the privacy of ordinary citizens.

In today’s network monitoring equipment almost covers daily life, how to use the monitoring equipment to ensure the safety of property, at the same time, to ensure the safety of network HD video data in the process of video acquisition, transmission, decoding and playback, video recording and so on, has become an urgent problem for the industry. To this end, the company from the perspective of prevention and control of video monitoring system access security, proposed a pioneering network HD monitoring security encryption solution.

[solution]

In view of the security of network video monitoring itself, we should fully consider its basic conditions (Network Security) and necessary conditions (Information Security), and make full protection in these two aspects. Network security is the basis of information transmission. If it is intruded by external lawbreakers at will, all important information transmitted on the network, including video information, personal information, enterprise business information, will have great security risks.

1. Network security: including the physical security of the network equipment setting area and the security of the network equipment’s own software and hardware, as well as firewall, anti-virus attack, intrusion detection technology, network monitoring technology, etc., are all essential to ensure the health of the network environment from the basic level, and are the important content of any network. From the perspective of video monitoring system, the network security system has been relatively perfect before the construction of video monitoring. What we need to do is to improve the access control security of video monitoring system.

2. Video information encryption: this part is the core content of network video encryption. Through the encryption algorithm, the information plaintext can be converted into ciphertext and then transmitted. The back-end platform can recover the ciphertext into plaintext through the encryption algorithm, so as to realize the function of high security protection of information. Due to the wide distribution of network monitoring system, from the perspective of information encryption, we should start from the source (camera) encryption to avoid video information being stolen at any transmission node.

In addition, in view of the large amount of data in network video signal, video encryption must consider the processing speed of encryption chip (from the perspective of national security, encryption must be hardware encryption, and encryption chip is the standard solution), at least meet the requirement of 10Mbps, and reserve dual SPI or USB interface. As the core equipment of decryption, the back-end encryptor is responsible for the management of dozens or even hundreds of channels of video to meet the requirements of network HD monitoring. Therefore, it has higher requirements for the technical performance, decryption speed and bandwidth margin of the encryptor.

Scheme and product analysis of HD video surveillance information security system

Network HD video security information solution topology

3. Guomi encryption technology: guomi is a national cipher algorithm recognized by the state cipher Bureau, also known as commercial cipher. It refers to the technology that can realize the encryption, decryption and authentication of commercial cryptographic algorithm, including cryptographic algorithm programming technology, cryptographic algorithm chip, encryption card and other implementation technologies. SM1, SM2, SM3, SM4 and other high security encryption algorithms approved by the State Encryption bureau can realize the functions of encryption, decryption, identity identification, access control and so on through special hardware encryption equipment. Enterprises related to national security encryption technology shall have the license for production and sales of commercial password products issued by the State Encryption Bureau.

4. Hardware identification: different from the software identification technology used by traditional monitoring manufacturers, the company adopts hardware identification technology in its independently developed network HD video encryption products based on national security requirements, which can effectively reduce access security vulnerabilities. The security of front-end camera can be improved by encryption chip, and ukey can effectively reduce the external intruder’s vulnerability to access control.

[core products]

1. Network video encryption server

Scheme and product analysis of HD video surveillance information security system

Built in national encryption algorithm (SM1, SM2, SM3, SM4)

Support video and audio data encryption

The products have been certified by the State Security Bureau

The data encryption speed is more than 10Mbps

Can cooperate with network video monitoring manufacturers to do product docking service

2. Encryption chip

Built in national encryption algorithm (SM1, SM2, SM3, SM4)

Support dual SPI / USB high speed encryption interface

The data encryption speed is more than 10Mbps

Cooperate with network video monitoring manufacturers to provide OEM service and certification support

3. USB decryption key

Homemade safety SOC chip

USB2.0 Interface

The hardware security chip decrypts the encrypted video information

The decryption speed is higher than 20MBps

Responsibility ZJ: GT

Leave a Reply

Your email address will not be published. Required fields are marked *