Built-in cybersecurity features
Authenticated by Axis
How do you know your system is communicating with an authorized Axis device and that the video captured by the device hasn’t been tampered with? Following the latest international standard for secure device identity (IEEE 802.1AR), the Axis Edge Vault security component enable automatic and secure identification of new devices during installation. It also simplifies authorization of Axis products on your network. Axis Edge Vault protects the Axis device ID, a collection of certificates including a digitally signed version of the globally unique serial number of your Axis device.
Signed video in Axis cameras
For added trust and assurance, signed video adds a cryptographic checksum into each video frame, which is then signed by a unique key in Axis Edge Vault. This allows video to be traced back to the Axis camera from where it originated, so it’s possible to verify that the footage hasn’t been tampered with after it left the camera.
Signed video is available for compatible cameras with firmware 10.11, and video recordings can be verified using AXIS File Player.
Certified key storage
Used in selected Axis products, the Trusted Platform Module (TPM) is a standalone hardware component that ensures cryptographic keys and certificates are safe and secure, even in the event of a security breach. All private keys are stored within the TPM and all cryptographic operations requiring the private key are sent to the TPM for processing. It’s not possible to modify anything inside the TPM, so the secret part of the certificate is always safeguarded. The TPM in Axis products is certificated to meet the requirements of FIPS 140-2 level 2 and includes role-based operator authentication and tamper evidence.
Axis firmware – only from Axis
Attackers may try to deceive system owners into installing altered firmware which may include malicious code. Signed firmware prevents this. You can verify the integrity of the firmware before you install new devices or upgrade existing ones. Axis firmware is signed using a digital signature. This process is based on the RSA public-key encryption method, where the public key is embedded in the Axis device and the private key is stored in a safe and secure location at Axis. Devices with signed firmware can validate the firmware before allowing installation. This guarantees that the firmware is indeed from Axis and hasn’t been compromised.
Secure startup every time
Based on the use of signed firmware, secure boot acts as a gatekeeper for your surveillance system. This functionality ensures unauthenticated, tampered code is blocked and rejected during the boot process before it can attack or infect your system. Furthermore, Axis signed firmware ensures that any new firmware to be downloaded and installed on a device is signed by Axis. So you can be sure your device will boot only trusted, authentic firmware that originates from Axis.
Product of the Year
Signed video - Product of the year 2022
You may also be interested in