<img height="1" width="1" src="https://www.facebook.com/tr?id=414634002484912&amp;ev=PageView%20&amp;noscript=1">
Donate
Check out SMPTE at NABSHOW24
Donate

Workflows and Security

January 25, 2021

We are Now Cloud-First was the opening phrase from my last Journal piece. This is particularly important when considering workflows and security. The security industry has been changing its methodologies. Techniques such as firewalls, perimeter security, and malware signature detection are still vital and needed, but there is an increasing understanding that this is not enough. Newer methodologies such as Zero Trust seek to bring security to the front of the equipment, system, and
facility design cycle.

The concept of Zero Trust is quite simple—assume that bad actors are already inside the firewall; so, before any intersystem
communication takes place, you should authenticate your identity and authorize your access to resources. It goes without saying that this is easier to do when all the components of a system were designed with this in mind. Part of
the trick of designing such a system includes working with older devices and systems, ensuring that different communications layers are all secure, and creating chains of trust that balance the need for security with the flexibility and
speed of modern workflows.

I believe that core concepts  such as identity management and  authorization vocabularies should be standardized with a light touch for the media industry so that we use existing technologies with controlled metadata that allow devices
and systems to be introduced to secure workflows without compromising the security of the system.

An engineering colleague said that we do not need standards because we can use Amazon Web services. However, another colleague responded that they do not want all of their workflows to be tied to a single cloud vendor—these systems must
work regardless of the cloud provider. This is the crux of some work that will be starting in SMPTE in 2021. Regardless of the sophistication of any one cloud vendor, certain common requirements are needed in production, post-production, mastering, distribution, and other media segments that would benefit from standardization with a light touch. 

Anyone who care about these topics and would like to contribute to  the work should contact me via the SMPTE website and look for further announcements in the new year as the working groups begin to form. Remember that in addition to reading the new Precision Time Protocol (PTP) security report on the website, details of our upcoming standards meetings are also available. They will be held virtually this year, and you can take part as a guest for your first meeting.

2021 TECHNOLOGY COMMITTEE MEETINGS

8–11 March 2021 Virtual
7–10 June 2021 Virtual
17–20 August or 14–17 September 2021 Virtual (TBD)
6–9 December 2021 Virtual
Tag(s): Featured , Cloud , News

Bruce Devlin

Bruce Devlin has been working in the media industry for 30 years and is the chief media scientist at Dalet Digital Media Systems as well as the founder of Mr MXF Ltd. and co-founder of the Media Bay LLC. He is well known in the industry for his technology presentations, especially his educational YouTube series—Bruce’s Shorts. Devlin has designed everything from ASICs to algorithms. He tweets as @MrMXF chaired the SMPTE working groups and literally wrote the book on the MXF format. Devlin is an alumnus of Queens’ College Cambridge England. He is a member of the International Association of Broadcast Manufacturers (IABM) and Digital Production Partnership, a fellow and U.K. Governor of SMPTE, a recipient of SMPTE’s David Sarnoff Medal, a recipient of BKSTS’ Achievement award, keen to educate the world about media and a rider of bicycles (occasionally quickly). Devlin is also a recipient of the SMPTE Excellence in Standards award.

Related Posts