Encryption vs. Encoding

Encryption is a very important concept in cyber security. Enabling encryption by default for all services will help improving the confidentiality of those services and sensitive data. There are few different considerations when it comes to a good encryption.

Encryption and encoding are the two distinct processes used for data or information transformation, and they serve different purposes. This article will explain these processes in detail and highlight their differences.

What is Encryption?

Encryption is the process of transforming data or information into a secret code that is unintelligible and unreadable to unauthorized individuals and can only be unlocked with a key. It involves using mathematical algorithms and a secret key to transform plaintext (the original, readable data) into ciphertext (the encrypted, unreadable data). It ensures the confidentiality and privacy of sensitive information, making it difficult for unauthorized parties to understand or access the data.

The purpose of encryption is to secure data during data at rest, data in transit, or communication.

·        Data at Rest: Encryption protects data that is stored on a computer or other devices, such as a USB drive, hard drive, or cloud storage.

·        Data in Transit: Encryption is used to secure data that is transmitted between two devices, such as a laptop and a printer.

·        Secure Communication: Encryption is used to protect data that is shared over a network, like email, web browsing, and file transfers.

·        Disk level encryption: Where the information stored on a digital disk like a network storage or a computer hard drive is encrypted. SAN Storage encryption or Windows Bitlocker are examples in this category.

·        Database encryption: The information stored in a database (e.g. SQL or Oracle) is encrypted using a certificate, or a static key. This will minimize the risks of copying database files and opening them by unauthorized people.

·        File-based encryption: This is about encrypting files and their contents. Normally, it can be done using right management solutions. Encrypting Microsoft Office documents or Adobe PDF are examples in this category.

·        Backup encryption: When taking a backup, the backup files must be encrypted to prevent unauthorized access to the content that has been backed up.

·        Public cloud resources encryption: Public cloud services, like AWS, Azure, GCP services, need to be encrypted appropriately and normally that capability is provided by the service provider. Examples are AWS S3, RDS or Azure Blob.

·        Encryption in motion: Sensitive information must be encrypted when they are being transferred from on location to another. Some examples are, use traffic to an application, or data is transferred from a database server to an application server, or data that is transferred between two applications for integration purposes. There are a few different areas to consider when it comes to encryption in motion

·        Encrypted web traffic: Web is pretty much everything these days, and it is critical to ensure all web traffics, whether standard web application interface, APIs or any other type of web traffic is encrypted properly using HTTPS protocol.

·        Email Encryption: Email is the main type of communication for companies these days and unfortunately it is not encrypted by default. We need to make sure email traffic is encrypted in motion and at rest when dealing with sensitive information.

·        Encrypted services: Pretty much all standard network services provide encryption capabilities these days and it is important to switch to the encrypted version and avoid using clear-text protocols as much as possible. Examples of encrypted services are SFTP, SSH, SMTPS, POP3S, IMAPS, LDAPS, etc.

·        Key based Encryption:  Public/Private key encryption is used in a lot of services and integrations, e.g. PGP, to ensure network connectivity and data transfer is done in a secure and encrypted way.

·        Remote access: Remote access services like VPN must provide a secure and encrypted channel between end users and devices to the targets.

There are different types of encryption algorithms, such as symmetric and asymmetric encryption. Where a single key is used to encrypt and decrypt the data. AES 256 or AES 512 are the most common in this category.

Symmetric Encryption Algorithm

·        Advanced Encryption Standard (AES): Widely adopted for security and efficiency.

·        Triple DES: Applies DES three times for enhanced security.

·        Blowfish: Known for its flexibility and speed.

Asymmetric Encryption Algorithm

·        Elliptic Curve Cryptography (ECC): Based on elliptic curves, offering strong security with shorter key lengths.

·        RSA (Rivest-Shamir-Adleman): Used for key exchange and digital signatures.

·        Diffie-Hellman Key Exchange: Secure key exchange protocol without prior communication.

Where two separate keys (public/private) are used to encrypt and decrypt the data. RSA 2048 or RSA 4096 are examples in this category.

What is Encoding?

Encoding is the process of converting data or information into a specific format or code that can be easily stored, transmitted, or processed by a computer or another entity. It involves the use of specific rules, algorithms, or standards to transform data into a format better suited for a particular purpose or medium.

There are many different types of encoding, each with its purpose. Some common types of encoding include:

·        Character Encoding: Converts characters and symbols from the character set to unique code. ASCII, UTF-8, and UTF-16 are popular character encodings.

·        Image Encoding: Transforms images into a digital format. JPEG, GIF, and PNG are popular image encodings.

·        Video Encoding: Converts video signals into a digital format. MPEG-4, H.264, and HEVC are popular video encodings.

·        Audio Encoding: Converts sound waves into a digital format. MP3, WAV, WMA, and AAC are popular audio encodings.

Encoding Algorithms

·        Base64: Converts binary data into a string of ASCII characters.

·        URL Encoding (Percent-encoding): Encodes special characters in a URL.

·        Binary: Represents data using a binary representation.

·        HTML: Represent special characters and reserved symbols in HTML documents.

·        UTF-8: Encodes characters from the Unicode character set.

·        UTL: Encodes special characters for safe URL transmission.

Difference Between Encryption and Encoding

Encryption and encoding are both ways of transforming data into a different format. However, they have different purposes and use different methods.

Basis	Encryption	Encoding
Objective	It transforms data or information in such a way that it remains confidential and secure.	It represents or converts data into a specific format or representation to another.
Used For	It is used to maintain data confidentiality by converting it into an unreadable form using cryptographic algorithms.	It is used for character representation, multimedia compression, or data format conversions to maintain compatibility, efficiency, or data integrity.
Security	Very secure; it can only be decoded with the correct key.	Not secure; it can be easily decoded.
Reversibility	It is reversible, but only with the correct decryption key.	It is reversible.
Method	It uses an encryption algorithm and a key.	It uses a conversion algorithm.
Key Usage	It requires the use of secret keys.	It does not involve the use of secret keys.

Thanks to Mr. Rassoul Ghaznavi Zadeh for main inputs and learn to me.

 

System Integrators Start with IIoT

System Integrators Start with IIoT Now 

“Companies whose investment processes demand quantification of market sizes and financial returns before they can enter a market get paralyzed or make serious mistakes when faced with disruptive technologies” Clayton M Christensen – The Innovator’s Dilemma. The excerpt above sums up what I believe may be happening in the system integration space with regards Industrial IoT (IIoT) implementation and will be the subject that I seek to address in this post.

An IoT system integrator is a qualified business that offers companies consulting services, training and solutions to setup and maintain all aspects of IoT (Internet of Things), from hardware to software. There are a lot of system integrators who are IIoT savvy, but most are filled with skepticism and they still see it as a hype. So they eagerly wait on the side-lines for the wave to pass or to adopt the technology next year or the year after when the hype has died down. Another reason could be that they do not yet fully comprehend the opportunities afforded by IIoT. Whatever reason they may have for dragging their feet, the reality is that those who fail to act quickly will be forced to share the plant floor with new competition.

But here is the kicker, there is a new breed of integrators crossing over from the commercial sector. The ones that specialise in smart devices. They are willing and ready to move into manufacturing and industry in general. However, automation systems integrators are well positioned to fill the gap now more than ever, because in most businesses the acquisitions of IoT solutions has shifted from being handled by the IT department to operations. And due to an existing relationship between operations and system integrators they happen to speak the same language and it will therefore be easy for systems integrators to liaise with IIoT vendors and quickly step in to fill the void. Consequently, with investment in the knowledge of embedded systems, wireless applications, front-end and back-end solutions they can provide an entire chain on IIoT and in turn offer efficient systems to the user. Creating a win win situation.

Nowadays, almost all automation devices are being shipped IP and cloud ready. The challenge though, as i have personally experienced, is that IIoT vendors are still emphasising on locking in market share. Making it difficult to aggregate all the information from different sensors and devices onto a single platform as opposed to using separate cloud components for each device or sensor. But then again this also presents itself as an opportunity for the IIoT savvy system integrator to act as a differentiator by providing solutions that make it easy to move data between systems, unlocking all the value for their customers.

The idea is simple. The data that is already being used within automation systems for operation happens to contain a wealth of useful information for running the business more effectively in areas such as energy consumption, asset utilisation, supply chain management and predictive maintenance to name a few. Its not just connecting to the PLC and exchanging data, its something more. Its about the system integrators getting involved as the needed experts on big data, connectivity and cloud computing etc. Because no one, not even the vendors have as much knowledge as system integrators on the businesses these IIoT systems are being sold to.

A master systems integrator provides a single (core) user interface to monitor and manage every aspect of a facility. This gives owners a competitive edge in today's sophisticated market. Master systems integrators also install and manage the systems that make your building run.

In conclusion, Its only a matter of time before non-automation companies come down into the manufacturing space and I envisage it getting a little bit crowded. What action can be taken? System integrators need to start building their skills in applying these technologies and incorporating fresh ideas.

ASi-5 – high data bandwidth for demanding applications

Machine data, process data and diagnostic data - today, machines and systems generate huge amounts of data. But only a fraction of this data necessarily belongs in the higher-level PLC. In order to successfully implement Industry 4.0 projects, the majority of the data needs to be processed and analyzed in IT. Coordinated interaction is only possible when all devices in the cyber-physical system communicate with each other.

 

A powerful data shuttle such as ASi-5 is needed. The new ASi generation offers a high data bandwidth and short cycle times. This makes it easy to integrate the smart sensors like IO-Link that are so important for Industry 4.0.

 

Our modern ASi-5/ASi-3 gateways also play an important role. They have two independent interfaces - for OPC UA and a fieldbus - which allow the respective data to be transferred directly to IT or the control. The gateways also act as a link between field devices and higher-level IT systems, collecting valuable diagnostic data that usefully supplements the device data from the field.

 

Since more connectivity increases cyber risks, we rely on encrypted communication and authentication. Thanks to field update capability, the ASi-5/ASi-3 gateways also meet future security requirements.

Monitor Resolution of your Security Camera Recorder

Set the Monitor Resolution of your Security Camera Recorder

It’s very crucial to review the entire CCTV footage via monitor. If you are having issues with using a monitor or TV to view your security camera system it usually relates to the resolution that the system is trying to display. It's important to take the necessary troubleshooting steps to gather information on why the display is not working. Often times it's easy to assume that the port is no longer working though it can be remedied by double checking settings. If you know the recorder is receiving power and you can see lights in front of it, but you don't see the menu screen or camera grid on your monitor connected to it, then you most likely have an incorrect display resolution set that is not compatible with your monitor or TV. Remember, you need to “see” what camera “saw”. 

If you have an older or inexpensive computer monitor or TV, chances are that it may not support all the different resolution outputs available on our security DVRs and NVR. Selecting a resolution unsupported by your monitor may leave you locked out of your video recorder unless you either connect it to a 21.5" or larger computer monitor from a reputable manufacturer like Acer or Asus. Depending on the model of your NVR, you can also adjust the resolution of the Display using your web browser. The latter allows setting the Display output resolution over your local network or over the internet. This requires that you have connected our DVR to your router and properly configured it to work with your network by setting its IP address, if necessary. In a world where technology is advancing at breakneck speed, terms like AI, ML, and automation dominate the conversation, especially in video surveillance. But amidst this tech frenzy, one fundamental process remains underappreciated: ‘PLAYBACK’!

Types of monitor outputs on DVRs

To ensure you understand the correct monitor connector terminology please take a look at the image below. Surveillance camera recorders by CCTV Camera World have HDMI and VGA video outputs. VGA supports a maximum output of 1080P resolution, while HDMI can support up to 4K depending on the model of the recorder that you purchased.

How to troubleshoot

Here is a list of troubleshooting steps on how to resolve monitor issues you may be having with your DVR.

1.   Find the make and model of your monitor(s)

2.   Google the make and model and determine what is the max resolution support by each monitor

3.   You cannot set your DVR or NVR display resolution to be higher than the highest resolution your monitor will support. We recommend selecting 1920x1080 as the display resolution to be sure. The following section explains in detail the different way to set the monitor resolution on a security camera recorder.

 

How to set the monitor resolution on a security camera recorder

Method 1

How you change the resolution on your recorder will depend on whether you can still see a display output and menu screens on any of your current displays. If you have no video then you will need to connect your recorder to your local network and access the recorder using a web browser on a Windows PC to set the correct display output. Note that older recorders require Internet Explorer for web access, while newer recorders are compatible with Chrome, Safari, and Firefox.

First place the recorder on the network if you already have not. If you are unfamiliar with how to connect the recorder to the network, below are quick and easy to follow videos on how wire the recorder to your network, and enable DHCP to get a dynamic IP address from your router.

The first step is to connect the NVR to the main router in your network. This would be the router your PC is connected to so you can access the recorder over the LAN (Local Area Network). It is imperative that you are on the local network to follow this method.

Next enable DHCP inside the recorder's menu interface using the menu interface shown on your monitor. We usually enable DHCP already on recorders we ship. You may find it already enabled. Note the IP address of the recorder as shown in the last step in the video below. You will need that IP address to access the recorder over the network.

Once you have the recorder on the network, use the IP address assigned to the recorder over the local network by your router to access the recorder using a web browser such as Firefox, Chrome, or Edge.

If you purchased from CCTV Camera World, the video below provides comprehensive instructions on how to change your DVR recorder's resolution using Firefox. You can Chrome or Edge as well. If you have any questions, please email our support team on ssaintegrate@gmail.com

Method 2

If you still have video output being displayed by one of the monitors on the digital video recorder or network video recorder, then it's simple to change the display resolution using the menu interface on the recorder. Depending on whether you have a DVR or NVR, the steps to change the display resolution are slightly different.

Changing the monitor resolution on a DVR or XVR

Keep in mind that 4K DVR recorders are capable of 4K display output over HDMI, but the VGA port cannot display 4K video. VGA technology maxes out at 1080P. Once you set the main HDMI output to 4K, the VGA port will automatically become disabled. The process to have either or both the HDMI or VGA port working is explained in the video below.

Changing the monitor resolution on a NVR

Similar to the DVR and XVR recorders we carry, the NVR recorders offer both HDMI and VGA output. Some NVR models even have second HDMI port that is a spot monitor, and that is limited to 1080P just like the VGA port.

Video Analytics Help Your Business

How Video Analytics in CCTV Help Your Business

CCTV cameras are used for security monitoring and surveillance in any facility. CCTV stands for Closed-Circuit Television because security camera systems transmit video footage over a single channel, creating a closed circuit. This means CCTV footage is displayed on limited personal monitors and screens, not publicly broadcasted.

CCTV cameras are a staple in crime prevention because they help ward off criminals, monitor building premises, and record valuable footage of events.

Whether you’re looking to reduce theft and loitering in your business or provide a haven for your residents, you must know the basics of video surveillance CCTV systems.

Security cameras have come a long way from the large, square bricks feeding you a grainy black-and-white image. Today’s cameras are smaller, sleeker, and far more advanced internally, too. The cutting-edge surveillance network of the day has motion-activated Infra-Red night-vision cameras, 4k quality, Pan-Tilt-Zoom functions, and remote viewing capabilities. The most advanced surveillance systems are also equipped with video analytics in CCTV software, turning your security cameras into a powerful business tool.

Auto-Tracking Security Cameras

The fundamental principle behind video analytics is people counting. This can be done a variety of ways, most commonly from an overhead camera. Some use thermal imaging to identify individual heat signatures – people – and track them as they cross a virtual line. Others distinguish people visually by using advanced recognition algorithms or by tracking motion.

However they do it, the accuracy of people counting cameras is dependent on their placement, field of view, and quality. Ceiling-mounted cameras with multiple sensors are generally most accurate for positional data because they compare two images to triangulate position. A single-lens camera has no true depth perception, but can still detect objects crossing a line or entering an area. For wider fields of view – and therefore more data to analyze – multiple cameras facing many directions might be used.

Line-crossing and object detection are common on-board software for cameras today. Full analysis was initially only available on a centralized server, requiring all footage to be transmitted before analysis. While still a viable solution, this limits bandwidth availability and storage space. Running the analysis on the camera side – “on the edge” – lessens the load on the server, freeing up processing power and storage by only sending the analysis and a small clip of an incident. The full recording is stored temporarily on the camera, ready to be transmitted and stored at request.

Video Analysis Applications

Video Analytics in CCTV is a valuable asset for your security staff, highlighting important events and flagging potential problems while ignoring irrelevant data. Your security cameras become a preventative measure in addition to an investigative one. Getting a series of alerts on suspicious behaviour lets you intervene before an issue arises. Remember that while video analytics is a helpful security tool, it doesn’t replace your security guards or monitoring centre – you still need people to respond to and analyse gathered data.

Security for Retail

In retail applications, video analytics can tell you a lot about your business. Store-wide people counting can give you a heat map of your building, showing you high- and low-traffic areas. You’ll also be able to see how long people stay in one area – useful for determining problems with checkout lines or finding out which products aren’t grabbing your shoppers’ attention.

It won’t just show you where people went and stayed, though – the report can give you the directional paths as well, so you’ll know what areas your customers visit in which order. Lastly, facial and shape recognition gives you demographic data like gender and age group with ever-increasing accuracy. With this data, you’ll be able to tell what marketing, advertising, or layout strategies are working and which ones you need to rethink.

Industrial Security Solutions

Video analytics in industrial, manufacturing, and warehouse applications tend to work more in real-time to secure your business operations. Object detection allows a camera to alert you when problem occurs, like equipment failure or merchandise winding up somewhere it shouldn’t. Cameras can detect when a person or vehicle crosses a virtual line and sound an alarm. They can also let you know when you have a shipment coming in or out by watching for trucks on the loading dock.

Installation & Integration

As with all security systems, professional installation is the best choice for a CCTV system with video analytics. A professional consultation lets you customize a unique, flexible security solution for your business, and hiring a company to install and set up your cameras gives you a guaranteed warranty and maintenance. Whether you want to explore video analytics in CCTV for your business or are curious about commercial security in general, contact SPRINKLER FIRE SAFTEY AWARENESS AND WELFARE FOUNDATION for more information.

Ref:
James Eldred - VMS for CCTV