AWS FTP Server Setup for Cameras

Specification Document: Setup of a Robust FTP Server on AWS for Reolink TrackMix Cameras 1. Project Overview Project Title: Setup of a Robust FTP Server on AWS for Reolink TrackMix WiFi and PoE Cameras Project Duration: 2 Days Budget: 700 Euros Objective: To establish a secure, scalable, and efficient FTP server on AWS to record and store video data from over 20 Reolink TrackMix WiFi and PoE cameras. This setup will serve as a test to evaluate collaboration potential and lay the groundwork for future projects. 2. Project Objectives Robust Data Storage: Ensure secure storage of video footage for a minimum of one month. Real-Time Access: Enable users to access video segments where motion has been detected in real-time. User-Friendly Features: Allow users to mark specific areas of interest within recordings and download only these marked sections. Security & Compliance: Implement encryption and role-based access controls to protect data. Monitoring & Management: Track and log user access to camera feeds, accessible only by the Super Master. 3. Scope of Work 3.1. FTP Server Setup and Basic Functionality Deployment: AWS EC2 Instance: Instance Type: [login to view URL] or [login to view URL] Operating System: Ubuntu 20.04 LTS or latest stable version FTP Server Software: Install and configure ProFTPD or vsftpd Ensure support for simultaneous uploads from 20+ cameras Integration with Amazon S3: Secure Storage: Connect FTP server to Amazon S3 for storing video footage Configure S3 bucket policies for secure access Lifecycle Policies: Set up S3 lifecycle rules to automatically archive or delete data after one month IAM Roles and Access Control: AWS IAM Configuration: Create IAM roles with least privilege principles Assign appropriate permissions for FTP server and S3 access Multi-Tenant Data Isolation: Ensure each camera's data is isolated and securely stored 3.2. Functional Requirements Video Data Storage: Store video data from two distinct locations within the same network. Ensure data retention for at least one month with scalability for future needs. Playback & Download: Remote Playback: Implement a web-based interface for users to remotely play back stored footage. Download Capability: Enable users to download video data at any time through a secure portal. Real-Time Motion Detection Access: Motion Detection Integration: Utilize Reolink's built-in motion detection or integrate with an external motion detection system. Immediate Access: Provide instant access to video segments where motion is detected, flagged for user review. Marking Specific Areas of Interest: User Interface Feature: Develop functionality within the playback interface to allow users to mark specific areas within recordings. Selective Download: Enable users to download only the marked sections for focused reviews. Role Management System: Admin Role: Read-only access for clients and designated users. Ability to grant and revoke access as needed. Super Master Access: Full administrative access for the provider. Capability to monitor and log user activities, including camera access history. Monitoring User Access: Activity Logging: Implement logging mechanisms to track who accesses which cameras and when. Exclusive Access: Ensure that only the Super Master can view these logs for accountability and security purposes. 3.3. Security Measures Data Encryption: In Transit: Use SSL/TLS to secure data transmission between cameras and the FTP server. At Rest: Utilize AWS KMS (Key Management Service) to encrypt data stored in S3. AWS Security Groups: Access Restrictions: Configure security groups to allow access only from authorized IP addresses. Restrict access to necessary ports (e.g., FTP ports 20/21, SFTP port 22). Compliance: Ensure adherence to GDPR and HIPAA standards through proper data handling and encryption practices. 3.4. Modularity and Management Widget-Based Tools: Configure each component (FTP server, S3 storage, IAM roles) as individual, manageable widgets. Promote modularity for ease of updates and maintenance. 4. Non-Functional Requirements Reliability: Ensure a stable and fault-tolerant server environment with minimal downtime. Scalability: Design the system to accommodate additional cameras or increased data loads seamlessly. Performance: Guarantee fast and efficient data transfer and processing to handle real-time uploads and access. User-Friendliness: Develop an intuitive user interface for easy management and operation by end-users. 5. Technology Stack Server and Infrastructure: AWS EC2: [login to view URL] or [login to view URL] Amazon S3: For scalable storage Amazon IAM: For access management Amazon KMS: For data encryption Amazon CloudWatch: For monitoring FTP Server: ProFTPD or vsftpd Security Protocols: SSL/TLS for secure data transmission ONVIF/RTSP for camera integration Frontend: Web Technologies: React.js or Angular for the playback and management interface Backend: Node.js or Python (Django/Flask) for server-side logic Databases: AWS RDS or DynamoDB for storing user and activity data 6. Deliverables Fully Functional FTP Server: Securely configured and ready to receive uploads from 20+ Reolink cameras. Integration with Amazon S3: Ensuring secure storage and management of video data with lifecycle policies. Playback & Download Functionalities: Web-based interface for remote playback and secure downloading of video footage. Real-Time Access and Marking Features: Real-time access to motion-detected events and the ability to mark and download specific video segments. Role Management and User Monitoring: Implementation of Admin and Super Master roles with comprehensive access controls and activity logging. Security Measures: Data encryption in transit and at rest, with strict access controls adhering to best practices. Modular Widget Configuration: All system components configured as individual, manageable widgets for easy maintenance and scalability. Comprehensive Documentation: Detailed guides for setup, configuration, and usage of the system, including any scripts or configurations used. Testing Reports: Verification of successful integration and functionality of all components, ensuring all requirements are met. 7. Timeline Total Duration: 2 Days Day 1: Morning: Set up AWS EC2 instance and install FTP server software. Configure FTP server (ProFTPD or vsftpd) to handle simultaneous uploads from 20+ cameras. Afternoon: Integrate FTP server with Amazon S3. Configure S3 lifecycle policies for one-month data retention. Implement AWS IAM roles for access control and data isolation. Set up SSL/TLS encryption for secure data transmission. Configure AWS Security Groups to restrict access. Day 2: Morning: Integrate Reolink TrackMix WiFi and PoE cameras with the FTP server using ONVIF/RTSP protocols. Configure cameras for automatic video uploads. Develop and implement real-time motion detection access features. Develop marking functionality for specific areas of interest within recordings. Afternoon: Implement role management system (Admin and Super Master roles). Set up user access monitoring and activity logging. Conduct comprehensive testing to ensure all functionalities work as intended. Compile and finalize documentation and testing reports. 8. Assumptions and Dependencies AWS Account Access: The client will provide necessary access credentials and permissions for AWS services. Camera Access: Access to Reolink TrackMix WiFi and PoE cameras, including necessary credentials and network configurations. Network Connectivity: Ensure stable network connections between cameras and the AWS FTP server for seamless data transmission. Prompt Communication: Timely responses and provision of required information from the client to adhere to the 2-day timeline. 9. Risks and Mitigation Strategies Technical Challenges: Risk: Potential unforeseen technical issues during setup. Mitigation: Allocate time for troubleshooting and prioritize core functionalities to ensure essential features are operational. Time Constraints: Risk: Tight 2-day deadline may lead to rushed work and potential oversights. Mitigation: Efficient task management and clear prioritization of tasks to meet critical requirements within the timeframe. Security Vulnerabilities: Risk: Possible security gaps during initial setup. Mitigation: Adhere strictly to security best practices, conduct thorough testing, and implement robust encryption and access controls. Resource Limitations: Risk: Limited budget may restrict the implementation of additional features or optimizations. Mitigation: Focus on essential functionalities that meet the primary objectives within the budget constraints. 10. Communication and Reporting Daily Updates: Provide regular updates on progress, challenges, and completed tasks to ensure transparency and alignment. Final Report: Deliver a comprehensive report summarizing the setup process, configurations made, testing results, and any recommendations for future improvements. 11. Acceptance Criteria Functional FTP Server: The FTP server is operational, securely configured, and capable of handling uploads from 20+ Reolink cameras without performance issues. Secure Data Storage: Video footage is correctly stored in Amazon S3 with appropriate lifecycle policies ensuring one-month retention. Playback & Download Features: Users can remotely access and download video footage through an intuitive web interface. Real-Time Access & Marking: Real-time access to motion-detected video segments is functional, and users can successfully mark and download specific video areas. Role Management & Monitoring: Admin and Super Master roles are correctly implemented with proper access controls and activity logging. Security Compliance: All data transmissions are encrypted, and access is restricted as per the defined security measures. Comprehensive Documentation: Detailed documentation is provided, enabling the client to understand and manage the system effectively.