Seven lessons of conference system security: Part 210 July 2014
The numerous options available make conference system security is a complex business. Following on from the previous instalment, David Davies continues to expound seven lessons designed to simplify choosing the right system.
3. Make sure you know about encryption.
Whatever your view, the number of IP and wireless-based solutions will surely continue to rise, heightening the need to grapple with security issues. “Moving to IP-based conference systems [means that] the general requirements for security grow and proven encryption technology is required. This also applies to wireless-based conference systems,” says Lars Van Den Heuvel, director global product management conference systems, Bosch Security Systems. So far, so clear… However, opinions on the effectiveness of encryption techniques for wireless systems are subject to considerable variation. Brähler is the manufacturer of the Digimic wireless system which employs a proprietary narrowband WiFi protocol, known as APRON, to minimise the risk of interference, as well as a host of innovative encryption methods.
“There are a lot of systems out there using variations on standard AES encryption, which is the same as what you use for going onto a wireless network with your iPad,” says Simon Sainsbury, who is managing director of Brähler ICS UK. “Making that work properly in a conference environment would require a technician to go out into the room and enter a separate key sequence for every station. In reality, that isn’t going to happen very often, so a one-time key tends to be used.”
Uniquely in the market, Brähler believes, its Digimic wireless system benefits from constantly changing encryption with a different key used every 10 seconds. “If our encryption were subject to a brute force attack it would need to be broken within 10 seconds before the key changed again. If it were broken on one attack in less than 10 seconds, in say seven seconds, the eavesdropper would only be able to pick up on three seconds of audio before the key changed yet again. Consequently, any interruption would be very brief.”
4. The IR vs RF debate remains unresolved.
Audio-Technica’s ATCS-60 conference system is just one of the infrared-based systems to have come to market in recent years, combining as it does IR communication with wireless transceiver units to provide the user with (according to the company) “greater flexibility while configuring the system and freedom of choice when placing microphones”.
AKG utilises IR-based language distribution in both its wired CS3 and CS5 conference systems, with Giczy observing that security issues mean that IR is “the preferred medium to distribute translated languages. RF, encrypted or not, is just too dangerous in terms of security.”
But system purchasers may wish to go deep into the details before making a selection because there are differences of opinion across the market. For example, Den Heuvel remarks: “RF-based systems with proper encryption have a much higher level of security as they have better management on the connection of devices and avoid audio touting to unlisted devices which can be used to eavesdrop a meeting.”
5. Integration with networked systems will deepen.
The drift in favour of a unified AV/IT philosophy also has implications for security. In particular, conference venue operators will want to think carefully about the architecture of the systems they specify.
“This brings us right to the question – an open or a closed conference network architecture?” says Kristoff Henry, product marketing manager at Televic Conference. With its uniCOS multimedia product, Televic has opted to keep the delegate side of the conference network closed and to only allow interfacing with the outside world through the central unit (“third-party network hardware or software is not allowed, nor supported on the conference bus”).
This design “warrants its failsafe operation and avoids situations where it is difficult to attribute responsibility in cases of issues”, he explains. “The second benefit of a closed network is its performance. With an open architecture, it would have been impossible to achieve the extremely low latency for the video and scale-independent responsiveness since it would have prevented using the technologies that make this all possible. And the third is security: the conference network is a self-contained eco-system that is guarded from outside intrusion by the central unit. The latter acts as a guard, but also as a bridge to the outside world through its LAN connection and Dante interface.”
Most conference system manufacturers seem to be innovating in this area: for example Xavtel, with its “so-called net deployment, [with which] there is no way to just add a piece of hardware to the system without knowing it”; or Bosch, whose OMNEO platform provides “proven encryption technology and smart key management” in its IP-enabled systems.
To read the full feature, go to Installation’s July 2014 digital edition.