In this blog series, I will explore applications for Data Diodes. In the first of the series, we’ll look at providing secure access to remote CCTV cameras, in unsecured location.
Security cameras are in increasing part of today’s society, used by civil authorities to protect public spaces, police for law enforcement and the military for force protection. These cameras are typically located in in-secure public areas, but feed the vital imagery back to secure control rooms. In these control rooms operations staff and intelligence officers monitor the images for signs of wrong-doing. This often involves the desire to pan, tilt or zoom (PTZ) the camera to take a close look at a suspected security event.
A simple networking configuration is often used to provide network separation, which introduces vulnerabilities into the control system network: Can an adversary supply false imagery, use the network to mount a denial of service attack, launch malware or even access the intelligence information?
Using a carefully deployed configuration of a pair of data diodes and a data guard you can mitigate these risks.
- A diode / guard pair in one direction can be used to allow authenticated video streams in.
- A second diode / guard pair in the opposite direction can be used to ensure only PTZ data can flows out.
Interested in finding out more details about securing remote access to security cameras? Contact me, or leave a comment below.