Introduction

Cybersecurity is a very important aspect of any product intended to be used in a networked environment, particularly when targeting security or surveillance applications. Our line of Secure Display Station video wall appliances has been designed to offer a complete package in terms of cybersecurity features, giving you peace of mind for deployments of all sizes. In this article we will go through the main features and highlight some key best practices for keeping your devices safe & secure.

SDS Cybersecurity Features

User Access Control

The SDS devices can accept HTTP(s) connections, allowing users to remotely access the device’s configuration web interface and/or send API commands.  These connections are only enabled for authenticated users via a valid username / password combination, and each user is given a specific role by system administrators, limiting access to certain features and functions of the device.  Digest authentication is the default and recommended authentication mode for HTTP(s) connections. Additionally, each user session is automatically invalidated immediately after a user logs out, thereby mitigating the risk of someone else impersonating that user session.

Secure HTTP Access

SDS HTTP connections to access the web interface or command API are configurable to force the use encrypted HTTPS connection.  The encryption ensures that both user authentication information as well as data exchanges are protected against man-in-the-middle attacks and attempts at eavesdropping.

Each SDS includes a self-signed certificate generated during manufacturing. For users requiring advanced security, the SDS has a mechanism to replace the self-signed certificate with one signed by a certificate authority.

Specific ports for incoming HTTP and HTTPS connections can also be modified by system administrators to use specific ports rather than the default 80 & 443 ports for these protocols.

Strong Password Policy

A strong password policy in the SDS devices ensures that all user account credentials have an adequate level of complexity.  User passwords must contain between 8 and 32 characters and be composed of at least 3 different types of characters from the following accepted types: numeric (0-9), lowercase (a-z), uppercase (A-Z) and special character (!@#$%*()+=). 

Furthermore, upon first login into an SDS device, the user is prompted to select a password for the default administrator account (admin).  Enforcing users to select strong passwords for the admin and other user accounts prevents the risk associated with default factory passwords and weak passwords in a networked device.

As a convenience, the SDS allows system administrators to define the minimum & maximum password lengths for user accounts created in an SDS device. 

Brute Force Attack Protection

Brute force attacks are sometimes used to guess user account passwords through repeated attempts of account login sessions using rotating passwords.  System administrators can activate the “Enable Protection for Multiple Login Failures” option in the SDS configuration to block brute-force attacks by locking out accounts after a defined number of incorrect password attempts.  The number of consecutive failed attempts needed to trigger the block as well as the duration of the block are both configurable.

Operating System Hardening

The operating system files deployed in SDS devices are write-protected, making it virtually impossible to maliciously modify or corrupt. This protection measure prevents infection from known variants of computer viruses and malware.   

In addition to write-protection measures, the operating system is customized for embedded appliances and disables access to all local system configuration tools and control panels.  By doing so, local keyboard and mouse access is exclusively limited to control of video tiles and other video wall functions.

Lastly, the operating system is configured in a way that only recognizes and allows for use of keyboard and pointing devices connected to the USB ports of the SDS devices. External drives and other devices will not be recognized and therefore will not be inaccessible.

Power Outage Recovery

The SDS hardware is set to boot upon connection of a power source or, when a power outage occurs, upon recovery of power. Because of write-protection on the operating system, file corruption due to power loss is virtually impossible, ensuring that the device will always boot in the intended secure state.

Signed Firmware

All SDS firmware releases are all digitally signed using a private encryption key, preventing any maliciously modified or unauthorized firmware files from being installed during the upgrade process in an SDS device.

Network Access Control

All SDS devices include support for the 802.1X (EAP-PEAP) authentication protocol which uses an authentication mechanism to authorize devices that attempt to connect to a LAN or WLAN.  802.1X can prevent over-the-air credential theft attacks like Man-in-the-Middle attacks and Evil Twin proxies. It is much more secure than Pre-Shared Key networks, which are typically used in personal networks.

CORS

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. It extends and adds flexibility to the same-origin policy (SOP). However, it also provides potential for cross-domain based attacks, if a website's CORS policy is poorly configured and implemented. In order to remove any security risk, SDS devices are configured to completely disable CORS support.

Clickjacking

Clickjacking, also known as a “UI redress attack”, is when an attacker uses multiple, transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. This can cause end-users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online. In order to avoid this type of cyberattack, preventive measures have been put in place on the web server side on our SDS appliances. It is highly recommended to use only modern browsers with the most recent updates installed, when opening our web management page.

Digest nonce management

Digest nonce management allows system administrators to define the period of time for which a nonce remains active. For example, on an active HTTP connection, it is possible to make multiple requests using the same nonce provided by the SDS’s HTTP server, not requiring user credentials for each command or action performed in the same user session. By default, in the SDS, a nonce remains active for a period of one hour.  System administrators can change this setting through a configuration parameter in the device’s web interface.

Conclusion

IONODES’ SDS family of video wall appliances allows you to have a ‘set it and forget it’ display infrastructure all the while giving you peace of mind knowing your new or existing installation will remain secure for years to follow.