Video: AMWA BCP 003 NMOS API Security

Building security into your infrastructure is more and more important for broadcasters with many now taking very seriously a topic which, only 6 years ago, was only just being discussed. Attacks on broadcasters like TV5 Monde have brought into focus that it’s not just copmanies who have high value rights who are ripe for breach – attacking a broadcaster is a high impact way of getting your message accross.

We have seen how the internet, which was built on very open and trusting protocols, has struggled in recent times to keep abuse to a minimum and to implement security to keep data safe and to keep out unauthorised persons.

And so AMWA is looking at its recent specifcations to ensure there is a clear and interoperable way of implementing security. The benefit of IP should be that that as an industry we can benefit from the work of other industries before us and here, having based these specifications on HTTP interfaces, we can do exactly that. Just like sites on the internet can implemnt HTTPS, we, too use the same mechanism of security certificates and TLS (colloquially known as SSL) encryption to ensure that not only is our data encrypted but also that no one can impersonate anyone else on the network.

Simon Rankine from BBC R&D explains the work he has been part of in defining this secure interface which not only protects from mal-intentioned actors, but also offers some protection from accidental mistakes by staff.

Simon gives a good intorduction to not only how this is a benefit but also how the underlying mechanisms work which are just as applicable to the NMOS APIs as they are to general websites.

Speaker

Simon Rankine
Simon Rankine
Project Research Engineer,
BBC R&D

Video: Securing NMOS Apps

The still-growing NMOS suite of specifications from AMWA defines ways in which your IP network can find and register new devices plugged in to it (e.g. camera, microphone etc.), manage their connections and control them. They fit neatly along side the SMPTE ST 2110 suite of standards which define the way that the essences (video, audio, metadata) are sent over networks intended for professional media.

As such, they are core to a network and as the market for uncompressed media products matures, the attention is on the details such as whether they scale and security.

In this talk, Simon Rankine from BBC R&D starts by explaining the objectives which means looking at the different aspects of security which is split into three; securing data transfer, ensuring data goes to the right place, ensuring only authorised people can act.

TLS, standing for Transport Layer Security, is the same protocol used for secure websites; those which start with https://. It is also referred to by the name of the protocol it replaced, SSL. Given the NMOS APIs are sent over HTTP, TLS is a perfect match for the use case. TLS provides not only the ability to encrypt the connection but also provides the basis for certificate exchange which allows us trust that the data is being sent to the right place. Simon then covers ciphers and TLS versions before talking about certificate management.

This talk was given at the IP Showcase at NAB 2019.

Watch now!

Speaker

Simon Rankine Simon Rankine
Research Engineer,
BBC R&D