CN102724563A - Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods - Google Patents
Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods Download PDFInfo
- Publication number
- CN102724563A CN102724563A CN2012101978332A CN201210197833A CN102724563A CN 102724563 A CN102724563 A CN 102724563A CN 2012101978332 A CN2012101978332 A CN 2012101978332A CN 201210197833 A CN201210197833 A CN 201210197833A CN 102724563 A CN102724563 A CN 102724563A
- Authority
- CN
- China
- Prior art keywords
- audio
- pki
- code stream
- video
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 86
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000005540 biological transmission Effects 0.000 claims abstract description 57
- 238000012545 processing Methods 0.000 claims abstract description 31
- 238000013519 translation Methods 0.000 claims description 24
- 230000015572 biosynthetic process Effects 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 description 7
- 238000006243 chemical reaction Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000007123 defense Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention provides a monitoring front end and a terminal, a monitoring system as well as audio/video signal encryption and decryption methods. The audio/video signal encryption method comprises the following steps of: S11, collecting a video signal, and carrying out digital processing on the collected audio/video signal so as to form audio/video data; S12, generating a random private and confidential key, and utilizing the private and confidential key to carry out encryption treatment on the audio/video data formed by digitalization so as to form audio/video code stream; S13,converting the audio/video code current formed by the encryption treatment into transmission code current; and S14, obtaining a public key sent by a monitoring terminal, and utilizing the public key to carry out encryption treatment on the private and confidential key on the randomly generated private and confidential key. The audio/video signal encryption method provided by the invention can improve the safety feature of the whole monitoring system, and the privacy of users can obtain farthest protection.
Description
Technical field
The present invention relates to protection and monitor field, relate in particular to a kind of method of audio-video signal encrypt and decrypt, use front monitoring front-end, the monitor terminal of application audio-video signal deciphering and the supervisory control system of application front monitoring front-end and monitor terminal that audio-video signal is encrypted.
Background technology
Improving constantly of Along with people's living standard, safety defense monitoring system have been climbed up contemporary stage gradually.Safety defense monitoring system of the prior art is generally uses optical fiber, coaxial cable or microwave transmission video signal in its closed loop, and shows and write down the system of formation independent completion from the image of making a video recording.It can be in real time, image, reflect monitored object truly; Not only greatly prolonged the viewing distance of human eye; And enlarged the function of human eye; It can replace manual work to keep watch on for a long time under rugged environment, the people can be seen by all situation of the actual generation of on-site supervision, and get off through video record.Warning system equipment is reported to the police to illegal invasion simultaneously; The warning model input alarm host machine that produces, alarm host machine triggers supervisory control system video recording and record, and it is used relatively extensively as is applied in the household; Be convenient to house-owner and check the real time status in the family, be fit to the crowd who often goes on business; Be applied in the supermarket, be convenient to the storekeeper and check ultra incity real-time condition, make things convenient for the management of storekeeper the employee; Be applied to financial place, the real time environment around being convenient to monitor keeps the record of discrepancy etc.
Present network video monitor and control system generally still adopts fairly simple calling control flow, as adopts the order of self-defining call setup, gets abundant inadequately for the security consideration of video monitoring system.The system that has has increased authentification of user, at the remote monitoring end server is set, and deposits registered user's user name, password and other information, has only the user of appointment just can call out the local monitor end.But the fail safe when this mode can only guarantee that the calling terminal user logins, and user management traffic device left username and password concentratedly, is easy to become the assault object.And audio/video multimedia information through the coding after, a lot of existing network monitorings are not carried out encryption or have only been carried out simple encryption the audio/video multimedia data, individual privacy be difficult to be protected.
The audio/video multimedia data security problem of uploading for these reasons, is necessary audio/video multimedia is carried out processing further, so that can access effective assurance.
Summary of the invention
To be that video monitoring system is general in the prior art adopt fairly simple calling control flow to the technical problem that the present invention mainly solves, as adopt self-defining call setup order, gets abundant inadequately for the security consideration of video monitoring system; Or the increase authentification of user, at the remote monitoring end server is set, deposit registered user's user name, password and other information, have only the user of appointment just can call out the local monitor end; Or audio/video multimedia information is behind the process coding; A lot of network monitorings are not carried out encryption or have only been carried out simple encryption the audio/video multimedia data; The problem that individual's privacy is difficult to be protected has proposed a kind of front monitoring front-end and terminal, supervisory control system and audio-video signal encrypt and decrypt method.
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is: a kind of audio-video signal method of encrypting is provided, may further comprise the steps:
S11, gather audio-video signal, and the audio-video signal of gathering is carried out digitized processing form audio, video data;
S12, generation one be secret keys at random, and the audio, video data that uses secret keys that digitlization is formed carries out encryption formation audio-video code stream;
S13, will convert transmission code stream to through the audio-video code stream that encryption forms;
S14, obtain the PKI that monitor terminal sends, and use public-key the secret keys that generates is at random carried out encryption.
Wherein, said step S14 is specially: after obtaining PKI, also comprise the authentication to PKI, if PKI is identified, then uses public-key the secret keys that generates is at random carried out encryption; If PKI is not identified, then the signal of PKI is sent in the request of sending once more.
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is: a kind of method of audio-video signal deciphering is provided, may further comprise the steps:
Transmission code stream that S21, reception front monitoring front-end send and the secret keys of handling through public key encryption;
S22, the utilization private key corresponding with PKI carry out decryption processing to the PKI that receives and obtain secret keys;
S23, convert the transmission code stream that receives to audio-video code stream;
S24, utilize secret keys that audio-video code stream is carried out decryption processing.
Wherein, said step S22 is specially: at PKI and the PKI of transmission accomplished after also comprising relatively deciphering after the encrypted confidential key that receives deciphered, and as if identical, execution in step S23 then; If inequality, then resend PKI.
For solving the problems of the technologies described above; The technical scheme that the present invention adopts is: a kind of front monitoring front-end is provided; Comprise and be used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit that digitized processing forms audio, video data; Be used for first ciphering unit that digitized audio, video data is encrypted; Be used for to convert to through the audio-video code stream that the secret keys encryption forms the top end stops stream translation unit of transmission code stream, be used to receive the PKI receiving element of the PKI that monitor terminal sends, second ciphering unit that is used to utilize the PKI of reception that secret keys is encrypted.
Wherein, comprise also being used to discern the PKI recognition unit that the PKI receiving element receives PKI that one end of said PKI recognition unit connects the PKI receiving element, the other end of said PKI recognition unit connects second ciphering unit.
For solving the problems of the technologies described above; The technical scheme that the present invention adopts is: a kind of monitor terminal is provided; Comprise the code stream receiving element that is used to receive transmission code stream and encrypted confidential key; Be used to utilize the private key corresponding the PKI that receives to be carried out first decryption unit of decryption processing with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit of audio-video code stream, be used to utilize secret keys that audio-video code stream is carried out second decryption unit of decryption processing, be used for sending to monitor terminal the PKI transmitting element of PKI through said cloud service controller.
Wherein, The PKI comparing unit that also comprises the PKI of the PKI that is used for after comparison first deciphering and PKI transmitting element; The input of said PKI comparing unit connects first decryption unit; First output of said PKI comparing unit connects said PKI transmitting element, and second output of said PKI comparing unit connects said terminal code stream translation unit.
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is: a kind of supervisory control system of using said front monitoring front-end and monitor terminal is provided, comprises front monitoring front-end, cloud service platform and monitor terminal; Said front monitoring front-end comprises and is used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit that digitized processing forms audio, video data; Be used for audio, video data is encrypted first ciphering unit that forms audio-video code stream; Be used for audio-video code stream is converted to the top end stops stream translation unit of transmission code stream; Be used to receive the PKI receiving element of the PKI that monitor terminal sends, second ciphering unit that is used to utilize the PKI of reception that secret keys is encrypted; Said cloud service platform be specially one be used for the response monitoring terminal request set up the cloud service controller that monitor terminal is connected with the network of front monitoring front-end, said Cloud Server network respectively connects front monitoring front-end and monitor terminal; Said monitor terminal comprises the code stream receiving element that is used to receive transmission code stream and encrypted confidential key; Be used to utilize the private key corresponding the PKI that receives to be carried out first decryption unit of decryption processing with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit of audio-video code stream; Be used to utilize secret keys that audio-video code stream is carried out second decryption unit of decryption processing, be used for sending to monitor terminal the PKI transmitting element of PKI through said cloud service controller.
Wherein, Said cloud service controller comprises the number of the account comparing unit that is used to differentiate keeper's number of the account and domestic consumer's number of the account, be used to manage and the rights management unit of control and management person's number of the account and domestic consumer's number of the account operating right, and said identity comparing unit is connected with said rights management unit.
The invention has the beneficial effects as follows to be different from that video monitoring system in the prior art is general to adopt fairly simple calling control flow, as adopt self-defining call setup order, get abundant inadequately for the security consideration of video monitoring system; Or the increase authentification of user, at the remote monitoring end server is set, deposit registered user's user name, password and other information, have only the user of appointment just can call out the local monitor end; Or audio/video multimedia information is behind the process coding; A lot of network monitorings are not carried out encryption or have only been carried out simple encryption the audio/video multimedia data; The problem that individual's privacy is difficult to be protected; A kind of audio-video signal method of encrypting of the present invention is employed in front monitoring front-end the audio-video signal of gathering is once encrypted, and can effectively ensure the individual privacy that the audio-video signal of front monitoring front-end collection relates to; Be employed in receive the PKI that monitor terminal sends after, use public-key and the transmission code stream that changes into after encrypting is for the first time carried out second time encrypt, make front monitoring front-end participation PKI discern authentication, thereby improve the audio, video data transmission safety greatly.The method of a kind of audio-video signal deciphering of the present invention; Method corresponding to above-mentioned audio-video encryption is handled audio-video code stream; As carrying out the audio frequency and video transmission code stream that twice deciphering receives at monitor terminal, and finally obtain audio-video signal, through the method for above-mentioned audio-video encryption and deciphering; Strengthen the security performance of audio-video signal, more helped protecting user's individual privacy.A kind of supervisory control system of the present invention; Corresponding to above-mentioned encryption and decryption method; Increased by first ciphering unit at front monitoring front-end and can guarantee the safety of audio, video data and the safety that second ciphering unit can guarantee the audio frequency and video transmission code stream; Increased by first decryption unit and second decryption unit at monitor terminal, can improve the security performance of whole monitoring system, user's privacy is farthest protected.
Description of drawings
Fig. 1 is the flow chart of audio-video signal encryption method of the present invention;
Fig. 2 is the flow chart of audio-video signal decryption method of the present invention;
Fig. 3 is the block diagram of front monitoring front-end of the present invention;
Fig. 4 is the block diagram of monitor terminal of the present invention;
Fig. 5 is the block diagram of supervisory control system of the present invention.
Label declaration:
The 1-front monitoring front-end, 11-audio, video data collecting unit, 12-first ciphering unit, 13-top end stops stream translation unit, 14-second ciphering unit, 15-PKI receiving element, 16-PKI recognition unit;
The 2-monitor terminal, 21-code stream receiving element, 22-first decryption unit, 23-terminal code stream translation unit, 24-second decryption unit, 25-PKI transmitting element, 26-PKI comparing unit;
3-cloud service controller.
Embodiment
The present invention is that audio-video signal is encrypted and decryption method is on the basis of multimedia communication protocol flow process H.323; Increased the process of encryption, transmission, deciphering and the checking of remote monitoring password; And after the remote monitoring password is through checking, the process of encryption, transmission and the deciphering of the audio-video frequency media data of local monitor end.Adopting H.323, agreement realizes that audio-video signal is encrypted and the method for deciphering mainly comprises following 3 parts:
1, utilizes the process of H.323 message flow transmission and authenticating remote monitoring password;
2, the encryption and decryption process of remote monitoring password;
3, the encryption and decryption process of audio-video frequency media data.
By specifying technology contents of the present invention, structural feature, realized purpose and effect, give explanation below in conjunction with execution mode and conjunction with figs. are detailed.
See also Fig. 1, a kind of front monitoring front-end audio-video signal of the present invention method of encrypting may further comprise the steps:
S11, gather audio-video signal, and the audio-video signal of gathering is carried out digitized processing form audio, video data; The audio-video signal of gathering is an analog signal, obtains digitized audio, video data through after the analog-to-digital conversion.
S12, generate a secret keys at random, and the audio, video data that uses secret keys that digitlization is formed carries out encryption and forms audio-video code stream; The secret keys immediately that generates is encrypted the individual privacy that the audio-video signal that can effectively ensure the front monitoring front-end collection after the audio-video code stream relates to.
S13, will convert transmission code stream to through the audio-video code stream that encryption forms; Audio-video code stream after the encryption increases flag information encapsulation back and transmits, so that the identification that monitor terminal receives.
S14, obtain the PKI that monitor terminal sends, and use public-key the secret keys that generates is at random carried out encryption, can improve the audio, video data transmission safety greatly.
In a preferred embodiment, said step S14 is specially: after obtaining PKI, also comprise the authentication to PKI, if PKI is identified, then uses public-key the secret keys that generates is at random carried out encryption; If PKI is not identified; Then the signal of PKI is sent in the request of sending once more, and the PKI has here served as the media of linking up front monitoring front-end and monitor terminal on the one hand, has set up communication and has connected; Can make front monitoring front-end participate in safety certification on the other hand, improve its security performance.
In one embodiment, use symmetric encipherment algorithm in the said encryption first time, use rivest, shamir, adelman in the said encryption second time.Symmetric encipherment algorithm commonly used is: symmetric encipherment algorithm DES, and it is 64 data block that its concrete step is divided into length with data, wherein 8 as parity check, remaining 56 length as password.The first step is replaced original text, obtains 64 rambling data set; Second step was divided into impartial two sections; The 3rd step was carried out conversion with encryption function, and under given key parameter condition, carried out repeatedly iteration and obtained encrypting ciphertext.Rivest, shamir, adelman commonly used is: rivest, shamir, adelman RSA:1, two big prime numbers of selection, p and q.2, calculate: n=p*q (p, q are respectively the big prime number of two inequalities, p, and q must maintain secrecy, and generally requires p, and q is a safe prime, the length of n is greater than 512bit).Euler's function (n)=(p-1) (q-1) is arranged.3, select encryption key e then at random, require e with (p-1) * (q-1) is relatively prime.4, last; Utilize Euclid algorithm computation decruption key d, wherein n and d are also relatively prime to satisfy
.Number e and n are PKIs, and d is a private key.Two prime number p and q no longer need, and should abandon, and do not let anyone know.
Consult Fig. 2, the method for a kind of monitor terminal audio-video signal deciphering of the present invention may further comprise the steps:
S21, the secret keys that receives the extraneous transmission code stream that sends and handle through public key encryption, monitor terminal receives transmission code stream and the secret keys that front monitoring front-end sends.
The corresponding private key of S22, utilization and PKI carries out decryption processing to the PKI that receives and obtains secret keys, and monitor terminal utilizes the private key of its internal reservoir that PKI is deciphered, and obtains by the secret keys of public key encryption.
S23, convert the transmission code stream that receives to audio-video code stream, separating is honored as a queen removes identification signal, parses audio-video code stream;
S24, utilize secret keys that audio-video code stream is carried out decryption processing, obtain the audio, video data that can display the play through the secret keys decryption processing.
In a preferred embodiment, said step S22 is specially: at PKI and the PKI of transmission accomplished after also comprising relatively deciphering after the public-key cryptographic keys that receives deciphered, and as if identical, execution in step S23 then; If inequality, then resend PKI.The PKI has here served as the media of linking up front monitoring front-end and monitor terminal on the one hand, has set up communication and has connected, and can make front monitoring front-end participate in safety certification on the other hand, has improved its security performance.
In one embodiment, use asymmetric decipherment algorithm in the decryption processing the said first time, and use symmetrical decipherment algorithm in the decryption processing the said second time.Deciphering for the first time is corresponding with the algorithm of encrypting for the second time, uses asymmetric decipherment algorithm RSA,, deciphering for the second time is corresponding with the algorithm of encrypting for the first time, all uses symmetrical confidentiality algorithm DES.
Consult Fig. 3; A kind of front monitoring front-end 1 of the present invention; Comprise and be used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit 11 that digitized processing forms audio, video data; Be used for first ciphering unit 12 that digitized audio, video data is encrypted; Be used for to convert to through the audio-video code stream that the secret keys encryption forms the top end stops stream translation unit 13 of transmission code stream; Be used to receive the PKI receiving element 15 of the PKI that monitor terminal 2 sends, second ciphering unit 14 that is used to utilize the PKI of reception that secret keys is encrypted, said front monitoring front-end 1 comprise that also said front monitoring front-end 1 also comprises the PKI recognition unit 16 that is used for discerning the PKI that monitor terminal 2 PKI transmitting elements 25 send.
During front monitoring front-end 1 work; Inner audio, video data collecting unit 11 continuous uninterrupted acquisition monitoring scope audio-video signals; And with behind the audio frequency and video process analog-to-digital conversion formation audio, video data it being uploaded to first ciphering unit 12; First ciphering unit 12 generates a secret keys at random to carry out audio, video data after the encryption formation first time audio, video data code stream it to be sent into top end stops stream translation unit 13, in the audio frequency and video sign indicating number, adds flag information and is packaged into the audio frequency and video transmission code stream that can transfer to network.When front monitoring front-end 1 receives the PKI of monitor terminal 2, utilize the public key encryption secret keys, then the secret keys of transmission code stream and secret is uploaded.
In one embodiment; Also comprise PKI recognition unit 16, an end of said PKI recognition unit 16 connects PKI receiving element 15, and the other end of said PKI recognition unit 16 connects second ciphering unit 14; The PKI that monitor terminal 2 sends when discerning is successfully set up front monitoring front-end 1 and is connected with the communication of monitor terminal 2; Can send the signal that PKI is sent in request once more during recognition failures, remind the user to send once more, design hommization more.
Consult Fig. 4; A kind of monitor terminal 2 of the present invention; The code stream receiving element 21 that comprises the secret keys that is used to receive transmission code stream and handles through public key encryption; Be used to utilize the private key corresponding the PKI that receives to be carried out first decryption unit 22 of decryption processing with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit 23 of the audio-video code stream after the encryption, be used to utilize secret keys that audio-video code stream is carried out second decryption unit 24 of decryption processing, be used for sending the PKI transmitting element 25 of PKI to front monitoring front-end 1.
During monitor terminal 2 work; Send PKI through PKI transmitting element 25 earlier; Accomplish function corresponding by inside unit after receiving information; Wherein code stream receiving element 21 is responsible for receiving transmission code streams and the secret keys handled through public key encryption and the secret keys of transmission code stream that receives and encryption passed to first decryption unit 22; First decryption unit 22 utilizes the private key of its storage inside to carry out the deciphering first time: the deciphering PKI; Obtain after the secret keys secret keys and transmission code stream being sent to terminal code stream translation unit 23, terminal code stream translation unit 23 converts transmission code stream after the encrypted audio-video code stream to and secret keys and audio-video code stream are reached second decryption unit, 24, the second decryption unit 24 utilizes secret keys audio-video code stream to be reduced into the audio, video data that can play.
Said monitor terminal 2 also comprises the PKI comparing unit 26 of the PKI of the PKI that is used for after comparison first deciphering and PKI transmitting element 25; The input of said PKI comparing unit 26 connects first decryption unit 22; First output of said PKI comparing unit 26 connects said PKI transmitting element 25; Second output of said PKI comparing unit 26 connects said terminal code stream translation unit 23, is used to check the accuracy of PKI, and helping increases.
Consult Fig. 5, a kind of supervisory control system of using said audio-video signal encrypt and decrypt method of the present invention comprises front monitoring front-end 1, cloud service platform and monitor terminal 2;
Said front monitoring front-end 1 comprises and is used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit 11 that digitized processing forms audio, video data; Be used for first ciphering unit 12 that digitized audio, video data is encrypted; Be used for to convert to through the audio-video code stream that the secret keys encryption forms the top end stops stream translation unit 13 of transmission code stream; Be used to receive the PKI receiving element 15 of the PKI that monitor terminal 2 sends, second ciphering unit 14 that is used to utilize the PKI of reception that secret keys is encrypted;
Said cloud service platform be specially one be used for response monitoring terminal 2 request set up the cloud service controller 3 that monitor terminal 2 is connected with the network of front monitoring front-end 1, said cloud service controller 3 networks respectively connects front monitoring front-end 1 and monitor terminals 2;
Said monitor terminal 2 comprises the code stream receiving element 21 of the secret keys that is used to receive transmission code stream and handles through public key encryption; First decryption unit 22 that is used to utilize the private key corresponding that the PKI that receives is encrypted with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit 23 of the audio-video code stream after the encryption; Be used to utilize secret keys that audio-video code stream is carried out second decryption unit 24 of decryption processing, be used for sending the PKI transmitting element 25 of PKI to front monitoring front-end 1.
During supervisory control system work; Monitor terminal 2 is connected with the communication of front monitoring front-end 1 through sending PKI and set up its monitor terminal 2 through Cloud Server to Cloud Server through PKI transmitting element 25 earlier; The audio, video data collecting unit 11 continuous uninterrupted acquisition monitoring scope audio-video signals of front monitoring front-end 1 inside; And with behind the audio frequency and video process analog-to-digital conversion formation audio, video data it being uploaded to first ciphering unit 12; First ciphering unit 12 generates a secret keys at random to carry out audio, video data after the encryption formation first time audio, video data code stream it to be sent into top end stops stream translation unit 13, in the audio frequency and video sign indicating number, adds flag information and is packaged into the audio frequency and video transmission code stream that can transfer to network.When front monitoring front-end 1 receives the PKI of monitor terminal 2; Utilize the public key encryption secret keys; Secret keys with transmission code stream and secret is uploaded to the cloud service platform then; And pass to monitor terminal 2 through the cloud service platform; Monitor terminal 2 is accomplished function corresponding by inside unit after receiving information; Wherein code stream receiving element 21 is responsible for receiving transmission code streams and the secret keys handled through public key encryption and the secret keys of transmission code stream that receives and encryption is passed to first decryption unit, 22, the first decryption unit 22 utilize the private key of its storage inside to carry out deciphering first time: decipher PKI, obtain after the secret keys secret keys and transmission code stream being sent to terminal code stream translation unit 23; Terminal code stream translation unit 23 converts transmission code stream after the encrypted audio-video code stream to and secret keys and audio-video code stream are reached second decryption unit, 24, the second decryption unit 24 utilizes secret keys audio-video code stream to be reduced into the audio, video data that can play.
In a preferred embodiment; Said front monitoring front-end 1 also comprises the PKI recognition unit 16 that is used for discerning the PKI that monitor terminal 2 PKI transmitting elements 25 send; One end of said PKI recognition unit 16 connects PKI receiving element 15, and the other end of said PKI recognition unit 16 connects second ciphering unit 14.
In a preferred embodiment; Said monitor terminal 2 also comprises the PKI comparing unit 26 of the PKI of the PKI that is used for after comparison first deciphering and PKI transmitting element 25; The input of said PKI comparing unit 26 connects first decryption unit 22; First output of said PKI comparing unit 26 connects said PKI transmitting element 25, and second output of said PKI comparing unit 26 connects said terminal code stream translation unit 23.
In a concrete embodiment; Said cloud service controller comprises the number of the account comparing unit that is used to differentiate keeper's number of the account and domestic consumer's number of the account, be used to manage and the rights management unit of control and management person's number of the account and domestic consumer's number of the account operating right, and said identity comparing unit is connected with said rights management unit.Authorized user can be operated through cloud service platform login supervisory control system accordingly; Authorized user is divided into administrator and domestic consumer; The administrator can add domestic consumer to system; Revise the authorities such as equipment that user login code and control domestic consumer can watch, the authority of real-time video is only watched by domestic consumer.Keeper's account the equipment disposition interface occurs after the local area network (LAN) login; The keeper can also watch the time period parameter of real-time video through equipment disposition layout setting domestic consumer; The time period that restriction domestic consumer real-time video is watched; And can not the access arrangement configuration interface from keeper's number of the account of outer net login, thereby can't the time period parameter that real-time video is watched be changed, thereby make user's privacy obtain better protection.
The invention has the beneficial effects as follows to be different from that video monitoring system in the prior art is general to adopt fairly simple calling control flow, as adopt self-defining call setup order, get abundant inadequately for the security consideration of video monitoring system; Or the increase authentification of user, at the remote monitoring end server is set, deposit registered user's user name, password and other information, have only the user of appointment just can call out the local monitor end; Or audio/video multimedia information is behind the process coding; A lot of network monitorings are not carried out encryption or have only been carried out simple encryption the audio/video multimedia data; The problem that individual's privacy is difficult to be protected; A kind of audio-video signal method of encrypting of the present invention is employed in front monitoring front-end the audio-video signal of gathering is encrypted, and can effectively ensure the individual privacy that the audio-video signal of front monitoring front-end collection relates to; Be employed in receive the PKI that monitor terminal sends after, use public-key and the transmission code stream that changes into after encrypting is for the first time carried out second time encrypt, make front monitoring front-end participation PKI discern authentication, thereby improve the audio, video data transmission safety greatly.The method of a kind of audio-video signal deciphering of the present invention; Method corresponding to above-mentioned audio-video encryption is handled audio-video code stream; As carrying out the audio frequency and video transmission code stream that twice deciphering receives at monitor terminal, and finally obtain audio-video signal, through the method for above-mentioned audio-video encryption and deciphering; Strengthen the security performance of audio-video signal, more helped protecting user's individual privacy.A kind of supervisory control system of the present invention; Corresponding to above-mentioned encryption and decryption method; Increased by first ciphering unit at front monitoring front-end and can guarantee the safety of audio, video data and the safety that second ciphering unit can guarantee the audio frequency and video transmission code stream; Increased by first decryption unit and second decryption unit at monitor terminal, can improve the security performance of whole monitoring system, user's privacy is farthest protected.
The above is merely embodiments of the invention; Be not so limit claim of the present invention; Every equivalent structure or equivalent flow process conversion that utilizes specification of the present invention and accompanying drawing content to be done; Or directly or indirectly be used in other relevant technical fields, all in like manner be included in the scope of patent protection of the present invention.
Claims (10)
1. an audio-video signal method of encrypting is characterized in that, may further comprise the steps:
S11, gather audio-video signal, and the audio-video signal of gathering is carried out digitized processing form audio, video data;
S12, generation one be secret keys at random, and the audio, video data that uses secret keys that digitlization is formed carries out encryption formation audio-video code stream;
S13, will convert transmission code stream to through the audio-video code stream that encryption forms;
S14, obtain the PKI that monitor terminal sends, and use public-key the secret keys that generates is at random carried out encryption.
2. audio-video signal method of encrypting according to claim 1; It is characterized in that; Said step S14 is specially: after obtaining PKI, also comprise the authentication to PKI, if PKI is identified, then uses public-key the secret keys that generates is at random carried out encryption; If PKI is not identified, then the signal of PKI is sent in the request of sending once more.
3. the method for an audio-video signal deciphering is characterized in that, may further comprise the steps:
Transmission code stream that S21, reception front monitoring front-end send and the secret keys of handling through public key encryption;
S22, the utilization private key corresponding with PKI carry out decryption processing to the PKI that receives and obtain secret keys;
S23, convert the transmission code stream that receives to audio-video code stream;
S24, utilize secret keys that audio-video code stream is carried out decryption processing.
4. the method for audio-video signal deciphering according to claim 3; It is characterized in that; Said step S22 is specially: at PKI and the PKI of transmission accomplished after also comprising relatively deciphering after the encrypted confidential key that receives deciphered, and as if identical, execution in step S23 then; If inequality, then resend PKI.
5. front monitoring front-end of using the audio-video signal encryption method; It is characterized in that; Comprise and be used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit that digitized processing forms audio, video data; Be used for first ciphering unit that digitized audio, video data is encrypted; Be used for to convert to through the audio-video code stream that the secret keys encryption forms the top end stops stream translation unit of transmission code stream, be used to receive the PKI receiving element of the PKI that monitor terminal sends, second ciphering unit that is used to utilize the PKI of reception that secret keys is encrypted.
6. front monitoring front-end according to claim 5; It is characterized in that; Also comprise being used to discern the PKI recognition unit that the PKI receiving element receives PKI, an end of said PKI recognition unit connects the PKI receiving element, and the other end of said PKI recognition unit connects second ciphering unit.
7. monitor terminal of using the audio-video signal decryption method; It is characterized in that; Comprise the code stream receiving element that is used to receive transmission code stream and encrypted confidential key; Be used to utilize the private key corresponding the PKI that receives to be carried out first decryption unit of decryption processing with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit of audio-video code stream, be used to utilize secret keys that audio-video code stream is carried out second decryption unit of decryption processing, be used for sending to monitor terminal the PKI transmitting element of PKI through said cloud service controller.
8. monitor terminal according to claim 7; It is characterized in that; The PKI comparing unit that also comprises the PKI of the PKI that is used for after comparison first deciphering and PKI transmitting element; The input of said PKI comparing unit connects first decryption unit, and first output of said PKI comparing unit connects said PKI transmitting element, and second output of said PKI comparing unit connects said terminal code stream translation unit.
9. a supervisory control system of using said front monitoring front-end and monitor terminal is characterized in that, comprises front monitoring front-end, cloud service platform and monitor terminal;
Said front monitoring front-end comprises and is used to gather audio-video signal and the audio-video signal of gathering is carried out the audio, video data collecting unit that digitized processing forms audio, video data; Be used for audio, video data is encrypted first ciphering unit that forms audio-video code stream; Be used for audio-video code stream is converted to the top end stops stream translation unit of transmission code stream; Be used to receive the PKI receiving element of the PKI that monitor terminal sends, second ciphering unit that is used to utilize the PKI of reception that secret keys is encrypted;
Said cloud service platform be specially one be used for the response monitoring terminal request set up the cloud service controller that monitor terminal is connected with the network of front monitoring front-end, said Cloud Server network respectively connects front monitoring front-end and monitor terminal;
Said monitor terminal comprises the code stream receiving element that is used to receive transmission code stream and encrypted confidential key; Be used to utilize the private key corresponding the PKI that receives to be carried out first decryption unit of decryption processing with PKI; Be used for transmission code stream is converted to the terminal code stream translation unit of audio-video code stream; Be used to utilize secret keys that audio-video code stream is carried out second decryption unit of decryption processing, be used for sending to monitor terminal the PKI transmitting element of PKI through said cloud service controller.
10. supervisory control system according to claim 9; It is characterized in that; Said cloud service controller comprises the number of the account comparing unit that is used to differentiate keeper's number of the account and domestic consumer's number of the account, be used to manage and the rights management unit of control and management person's number of the account and domestic consumer's number of the account operating right, and said identity comparing unit is connected with said rights management unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101978332A CN102724563A (en) | 2012-06-15 | 2012-06-15 | Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012101978332A CN102724563A (en) | 2012-06-15 | 2012-06-15 | Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102724563A true CN102724563A (en) | 2012-10-10 |
Family
ID=46950204
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012101978332A Pending CN102724563A (en) | 2012-06-15 | 2012-06-15 | Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102724563A (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103139642A (en) * | 2013-02-20 | 2013-06-05 | 深圳创维数字技术有限公司 | Method, related device and system of signal encryption achieved in set top box |
| CN104301668A (en) * | 2014-09-03 | 2015-01-21 | 菲力克斯电子(宁波)有限公司 | Solar wireless intelligent monitoring system and implement method thereof |
| CN104486083A (en) * | 2014-12-19 | 2015-04-01 | 小米科技有限责任公司 | Supervisory video processing method and device |
| CN106161589A (en) * | 2016-06-15 | 2016-11-23 | 深圳市清时捷科技有限公司 | A kind of transmission method detecting data and transmitting device thereof |
| CN106303575A (en) * | 2016-11-08 | 2017-01-04 | 天津光电安辰信息技术股份有限公司 | A kind of video encryption system based on domestic commercial cipher module and implementation method |
| CN103391185B (en) * | 2013-08-12 | 2017-06-16 | 北京泰乐德信息技术有限公司 | A kind of cloud security storage of track traffic Monitoring Data and processing method and system |
| CN107277456A (en) * | 2017-07-26 | 2017-10-20 | 北京计算机技术及应用研究所 | A kind of video security monitoring system based on Android device |
| CN107294968A (en) * | 2017-06-21 | 2017-10-24 | 北京奇艺世纪科技有限公司 | The monitoring method and system of a kind of audio, video data |
| CN107948603A (en) * | 2017-12-07 | 2018-04-20 | 北海市天硌打印耗材有限公司 | A kind of production monitoring video sharing method |
| CN108259821A (en) * | 2017-12-21 | 2018-07-06 | 广州供电局有限公司 | Electric network operation monitoring system and method |
| CN108495087A (en) * | 2018-03-29 | 2018-09-04 | 北京安为科技有限公司 | The safe and intelligent processing unit and control method of video monitoring system front end |
| CN108881801A (en) * | 2018-06-29 | 2018-11-23 | 苏州科达科技股份有限公司 | Code stream transmission method, system, electronic equipment, the storage medium of video conference |
| CN110337010A (en) * | 2019-05-22 | 2019-10-15 | 深圳警圣技术股份有限公司 | Video/audio processing method, law-enforcing recorder, management server and enforcement system |
| CN110572604A (en) * | 2019-09-27 | 2019-12-13 | 上海依图网络科技有限公司 | Imaging system and video processing method |
| CN110620891A (en) * | 2019-09-27 | 2019-12-27 | 上海依图网络科技有限公司 | Imaging system and video processing method |
| CN110661803A (en) * | 2019-09-27 | 2020-01-07 | 湖北省水利水电规划勘测设计院 | A gate encryption control system and method |
| CN113132666A (en) * | 2019-12-30 | 2021-07-16 | Tcl新技术(惠州)有限公司 | Audio and video sending method, receiving method, terminal and audio and video transmission system |
| CN115243340A (en) * | 2021-04-06 | 2022-10-25 | 杭州海康威视数字技术股份有限公司 | Equipment linkage method, system and device and electronic equipment |
| CN115765155A (en) * | 2022-10-21 | 2023-03-07 | 国网山东省电力公司惠民县供电公司 | Transformer substation fault monitoring system and method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1697374A (en) * | 2004-05-13 | 2005-11-16 | 华为技术有限公司 | Method for sanding and receiving cipher data, device for distributing and receiving cipher data |
| CN1972278A (en) * | 2005-11-21 | 2007-05-30 | 西安大唐电信有限公司 | A method for implementing safe remote video monitoring |
| CN101552666A (en) * | 2009-05-07 | 2009-10-07 | 杭州威威网络科技有限公司 | Real time media stream encryption transmission method |
| CN101958907A (en) * | 2010-09-30 | 2011-01-26 | 中兴通讯股份有限公司 | Method, system and device for transmitting key |
| CN102404558A (en) * | 2011-12-08 | 2012-04-04 | 秦始皇帝陵博物院 | Remote wireless video monitoring system based on cloud service |
| CN102497581A (en) * | 2011-12-14 | 2012-06-13 | 广州杰赛科技股份有限公司 | Digital-certificate-based video monitoring data transmission method and system |
-
2012
- 2012-06-15 CN CN2012101978332A patent/CN102724563A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1697374A (en) * | 2004-05-13 | 2005-11-16 | 华为技术有限公司 | Method for sanding and receiving cipher data, device for distributing and receiving cipher data |
| CN1972278A (en) * | 2005-11-21 | 2007-05-30 | 西安大唐电信有限公司 | A method for implementing safe remote video monitoring |
| CN101552666A (en) * | 2009-05-07 | 2009-10-07 | 杭州威威网络科技有限公司 | Real time media stream encryption transmission method |
| CN101958907A (en) * | 2010-09-30 | 2011-01-26 | 中兴通讯股份有限公司 | Method, system and device for transmitting key |
| CN102404558A (en) * | 2011-12-08 | 2012-04-04 | 秦始皇帝陵博物院 | Remote wireless video monitoring system based on cloud service |
| CN102497581A (en) * | 2011-12-14 | 2012-06-13 | 广州杰赛科技股份有限公司 | Digital-certificate-based video monitoring data transmission method and system |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103139642A (en) * | 2013-02-20 | 2013-06-05 | 深圳创维数字技术有限公司 | Method, related device and system of signal encryption achieved in set top box |
| CN103391185B (en) * | 2013-08-12 | 2017-06-16 | 北京泰乐德信息技术有限公司 | A kind of cloud security storage of track traffic Monitoring Data and processing method and system |
| CN104301668A (en) * | 2014-09-03 | 2015-01-21 | 菲力克斯电子(宁波)有限公司 | Solar wireless intelligent monitoring system and implement method thereof |
| US10193875B2 (en) | 2014-12-19 | 2019-01-29 | Xiaomi Inc. | Method and apparatus for controlling access to surveillance video |
| CN104486083A (en) * | 2014-12-19 | 2015-04-01 | 小米科技有限责任公司 | Supervisory video processing method and device |
| CN106161589A (en) * | 2016-06-15 | 2016-11-23 | 深圳市清时捷科技有限公司 | A kind of transmission method detecting data and transmitting device thereof |
| CN106161589B (en) * | 2016-06-15 | 2019-06-11 | 深圳市清时捷科技有限公司 | A kind of transmission method and its transmitting device of detection data |
| CN106303575A (en) * | 2016-11-08 | 2017-01-04 | 天津光电安辰信息技术股份有限公司 | A kind of video encryption system based on domestic commercial cipher module and implementation method |
| CN106303575B (en) * | 2016-11-08 | 2022-04-05 | 天津光电安辰信息技术股份有限公司 | Video encryption system based on domestic commercial cipher module and implementation method |
| CN107294968A (en) * | 2017-06-21 | 2017-10-24 | 北京奇艺世纪科技有限公司 | The monitoring method and system of a kind of audio, video data |
| CN107277456A (en) * | 2017-07-26 | 2017-10-20 | 北京计算机技术及应用研究所 | A kind of video security monitoring system based on Android device |
| CN107277456B (en) * | 2017-07-26 | 2020-04-17 | 北京计算机技术及应用研究所 | Safe video monitoring system based on Android equipment |
| CN107948603A (en) * | 2017-12-07 | 2018-04-20 | 北海市天硌打印耗材有限公司 | A kind of production monitoring video sharing method |
| CN108259821A (en) * | 2017-12-21 | 2018-07-06 | 广州供电局有限公司 | Electric network operation monitoring system and method |
| CN108495087A (en) * | 2018-03-29 | 2018-09-04 | 北京安为科技有限公司 | The safe and intelligent processing unit and control method of video monitoring system front end |
| CN108881801A (en) * | 2018-06-29 | 2018-11-23 | 苏州科达科技股份有限公司 | Code stream transmission method, system, electronic equipment, the storage medium of video conference |
| CN110337010A (en) * | 2019-05-22 | 2019-10-15 | 深圳警圣技术股份有限公司 | Video/audio processing method, law-enforcing recorder, management server and enforcement system |
| CN110661803A (en) * | 2019-09-27 | 2020-01-07 | 湖北省水利水电规划勘测设计院 | A gate encryption control system and method |
| CN110620891A (en) * | 2019-09-27 | 2019-12-27 | 上海依图网络科技有限公司 | Imaging system and video processing method |
| CN110572604A (en) * | 2019-09-27 | 2019-12-13 | 上海依图网络科技有限公司 | Imaging system and video processing method |
| CN110620891B (en) * | 2019-09-27 | 2023-04-07 | 上海依图网络科技有限公司 | Imaging system and video processing method |
| CN113132666A (en) * | 2019-12-30 | 2021-07-16 | Tcl新技术(惠州)有限公司 | Audio and video sending method, receiving method, terminal and audio and video transmission system |
| CN115243340A (en) * | 2021-04-06 | 2022-10-25 | 杭州海康威视数字技术股份有限公司 | Equipment linkage method, system and device and electronic equipment |
| CN115765155A (en) * | 2022-10-21 | 2023-03-07 | 国网山东省电力公司惠民县供电公司 | Transformer substation fault monitoring system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102724563A (en) | Monitoring front end and terminal, monitoring system as well as audio/video signal encryption and decryption methods | |
| CN107343179B (en) | A kind of encryption of video information and video terminal safety certifying method | |
| CN102036231B (en) | Network architecture security system for Internet of Things and security method thereof | |
| CN109218825B (en) | Video encryption system | |
| CN105844172B (en) | A kind of more community's multidimensional user's electricity paradigmatic systems and method of secret protection | |
| CN111385306B (en) | Anonymous authentication method and system based on anti-tampering device in smart power grid | |
| CN102497581B (en) | Digital-certificate-based video monitoring data transmission method and system | |
| CN109151508B (en) | Video encryption method | |
| CN102882847A (en) | Secure digital (SD)-password-card-based Internet of things healthcare service system and secure communication method thereof | |
| CN101964793A (en) | Method and system for transmitting data between terminal and server and sign-in and payment method | |
| CN105812128B (en) | A kind of anti-malicious data of intelligent grid excavates the data aggregation method of attack | |
| CN103051869A (en) | System and method for encrypting camera video in real time | |
| CN101420587A (en) | Network video collecting device, network video monitoring system and method | |
| CN103986583A (en) | Dynamic encryption method and encryption communication system thereof | |
| CN109495250A (en) | Anti- quantum calculation wired home communication means based on key card | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN107172043B (en) | A kind of smart power grid user sale of electricity method based on homomorphic cryptography | |
| CN110474908A (en) | Transaction monitoring and managing method and device, storage medium and computer equipment | |
| CN109951513A (en) | Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card | |
| CN103108245B (en) | A kind of intelligent television pays cipher key system and method for payment based on intelligent television | |
| CN113783683A (en) | Cloud platform privacy protection verifiable data aggregation method based on sensor network | |
| CN103973713A (en) | Transfer method, extraction method and processing system for electronic mail information | |
| CN108848503B (en) | A kind of smart home dynamic encryption means of communication and system transmitted using merogenesis | |
| CN118054903A (en) | Talkback command dispatching system and method based on quantum encryption | |
| CN112911588A (en) | Lightweight narrowband Internet of things secure transmission method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121010 |