[go: up one dir, main page]

CN106791627A - Network video surveillance and security alarm integrated system and its security access authentication method - Google Patents

Network video surveillance and security alarm integrated system and its security access authentication method Download PDF

Info

Publication number
CN106791627A
CN106791627A CN201611139762.5A CN201611139762A CN106791627A CN 106791627 A CN106791627 A CN 106791627A CN 201611139762 A CN201611139762 A CN 201611139762A CN 106791627 A CN106791627 A CN 106791627A
Authority
CN
China
Prior art keywords
user terminal
security alarm
camera
network
network video
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611139762.5A
Other languages
Chinese (zh)
Inventor
李洪坤
于汇源
李金良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Hezheng Network Technology Co ltd
Original Assignee
Guangdong Hezheng Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Hezheng Network Technology Co ltd filed Critical Guangdong Hezheng Network Technology Co ltd
Priority to CN201611139762.5A priority Critical patent/CN106791627A/en
Publication of CN106791627A publication Critical patent/CN106791627A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
    • H04N7/181Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast for receiving images from a plurality of remote sources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Tourism & Hospitality (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Multimedia (AREA)
  • Telephonic Communication Services (AREA)
  • Alarm Systems (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The invention relates to a network video monitoring and security alarm integrated system and an authentication method for security access thereof, which comprises a user terminal, a network video monitoring security alarm host, a network camera and a video management cloud platform, wherein the user terminal is connected with the network video monitoring security alarm host through the video management cloud platform, the network video monitoring security alarm host is connected with the network camera, the authentication method is characterized in that an alarm receiving white list number and a network camera password are preset, the video management cloud platform identifies the legality of the user terminal through the alarm receiving white list number, the network video monitoring security alarm host and the network camera identify the legality of the user terminal through the alarm receiving white list number and the password, and the authentication intensity is enhanced through cooperation of the three. By adopting the network video monitoring and security alarm integrated system with the structure and the authentication method for security access thereof, the authentication mechanism of video transmission on the public network is optimized, and the network security is greatly improved.

Description

网络视频监控和安防报警集成系统及其安全访问鉴权方法Network video surveillance and security alarm integrated system and its security access authentication method

技术领域technical field

本发明涉及网络安全领域,尤其涉及网络摄像头安全领域,具体是指一种网络视频监控和安防报警集成系统及其安全访问鉴权方法。The invention relates to the field of network security, in particular to the field of network camera security, in particular to a network video monitoring and security alarm integration system and a security access authentication method thereof.

背景技术Background technique

远程的网络设备(如智能手机、PAD、电脑)要访问摄像头,首先要获得摄像头的公网IP地址和端口号;如果需要穿越多层网络,则需要云平台与摄像头之间通过软件算法实现NAT穿透,实现定址服务。这是实现远程访问摄像头的基本条件,可以与鉴权没有直接关系。To access the camera from a remote network device (such as a smartphone, PAD, or computer), it must first obtain the camera’s public network IP address and port number; if it needs to traverse multiple layers of networks, it is necessary to implement NAT between the cloud platform and the camera through software algorithms Penetration, to achieve addressing services. This is the basic condition for realizing remote access to the camera, and may not be directly related to authentication.

每个摄像头一般都配置有唯一的ID号,远程的网络设备(如智能手机、PAD、电脑)等访问网络摄像头获取视频时,需要知道这个摄像头的ID号。这也是所有网络摄像头实现远程访问通常情况下要求的第二个条件;这个条件也可以不考虑用户身份鉴权的问题。Each camera is generally equipped with a unique ID number. When remote network devices (such as smart phones, PADs, computers) etc. access the network camera to obtain video, they need to know the ID number of the camera. This is also the second condition usually required by all network cameras for remote access; this condition may also not consider the issue of user identity authentication.

具备了上面两个条件,理论上就具备了远程观看摄像头视频的条件。但这必然涉及到一个安全性问题,尤其是在公网上面传输视频图像,这也是大家最关注的一个重点问题。传统的对访问摄像头的用户身份的常规鉴权方法一般是在每个摄像头内部设置一个密码。这个密码通常是可以由用户进行修改的,用户远程访问到摄像头并请求观看摄像头视频时,该请求提交时需要同时提交该摄像头的密码,由摄像头进行比对验证。密码正确则鉴权通过,视频流会发给用户观看;若密码错误,则鉴权失败,拒绝向用户端发送视频。With the above two conditions, theoretically, the conditions for watching camera video remotely are met. But this will inevitably involve a security issue, especially the transmission of video images on the public network, which is also a key issue that everyone is most concerned about. The conventional conventional authentication method for the identity of the user accessing the camera is generally to set a password inside each camera. This password can usually be modified by the user. When the user remotely accesses the camera and requests to watch the camera video, the password of the camera needs to be submitted at the same time when the request is submitted, and the camera will compare and verify it. If the password is correct, the authentication will pass, and the video stream will be sent to the user to watch; if the password is wrong, the authentication will fail, and the video will be refused to be sent to the user.

这种鉴权方法比较简单,也是目前几乎所有的网络摄像头都在采用的一个常规鉴权方法。远程访问视频往往都是在公网上进行的,密码信息可能被拦截、仿冒等,或者由于密码相对简单,也比较容易被破解。这样本来属于私密性很强的视频信息就很容易在公网上被非法盗取,这样的案例在国内外也是屡见不鲜。因此我们在我们开发的“网络视频监控、安防报警集成系统”中对视频在公网上传输的鉴权机制进行了优化,使其安全性大幅度提高。This authentication method is relatively simple, and it is also a conventional authentication method currently used by almost all network cameras. Remote access to videos is often carried out on the public network, and the password information may be intercepted, counterfeited, etc., or because the password is relatively simple, it is relatively easy to be cracked. In this way, video information that is originally highly private can be easily stolen illegally on the public network. Such cases are not uncommon at home and abroad. Therefore, we have optimized the authentication mechanism of video transmission on the public network in the "Network Video Surveillance and Security Alarm Integrated System" developed by us, so that its security has been greatly improved.

发明内容Contents of the invention

本发明为了克服上述问题,提出了一种优化了视频在公网上传输的鉴权机制的、安全性得以大大提高的网络视频监控和安防报警集成系统及其安全访问鉴权方法。In order to overcome the above-mentioned problems, the present invention proposes a network video monitoring and security alarm integration system and a security access authentication method thereof, which optimize the authentication mechanism of video transmission on the public network and greatly improve the security.

为了实现上述功能,本发明的网络视频监控和安防报警集成系统及其安全访问鉴权方法具体如下:In order to realize the above-mentioned functions, the network video monitoring and security alarm integrated system and its security access authentication method of the present invention are specifically as follows:

该网络视频监控和安防报警集成系统,包括用户终端、网络视频监控安防报警主机和网络摄像头,其主要特点是,所述的网络视频监控和安防报警集成系统中还包括一视频管理云平台,所述的用户终端通过所述的视频管理云平台与所述的网络视频监控安防报警主机连接,该网络视频监控安防报警主机连接所述的网络摄像头。The network video surveillance and security alarm integration system includes user terminals, network video surveillance security alarm hosts and network cameras. Its main feature is that the network video surveillance and security alarm integration system also includes a video management cloud platform. The user terminal is connected to the network video surveillance security alarm host through the video management cloud platform, and the network video surveillance security alarm host is connected to the network camera.

较佳地,所述的用户终端包括带有写入手机号码的SIM卡的用户终端和不带有写入手机号码的SIM卡的用户终端。Preferably, the user terminal includes a user terminal with a SIM card written in a mobile phone number and a user terminal without a SIM card written in a mobile phone number.

较佳地,所述的网络视频监控安防报警主机与所述的网络摄像头之间互相自动发现、自动连接,且所述的网络视频监控安防报警主机对所述的网络摄像头自动命名,并可通过所述的网络视频监控安防报警主机对所述的网络摄像头进行重命名和密码设置,且所述的网络摄像头同步保存该网络视频监控安防报警主机设置的密码。Preferably, the network video surveillance security alarm host and the network camera automatically discover and connect to each other, and the network video surveillance security alarm host automatically names the network camera, and can pass The network video surveillance security alarm host renames the network camera and sets a password, and the network camera simultaneously saves the password set by the network video surveillance security alarm host.

较佳地,所述的网络视频监控和安防报警集成系统中还包括无线报警探测器,所述的网络视频监控安防报警主机对码接入所述的无线报警探测器,所述的无线报警探测器接收到报警信号后通过433MHz无线射频发送给所述的网络视频监控安防报警主机,所述的网络视频监控安防报警主机通过短信、语音和APP推送向所述的用户终端发送警报。Preferably, the integrated network video surveillance and security alarm system further includes a wireless alarm detector, the network video surveillance security alarm host is code-connected to the wireless alarm detector, and the wireless alarm detector After receiving the alarm signal, the device sends it to the network video surveillance security alarm host through 433MHz radio frequency, and the network video surveillance security alarm host sends an alarm to the user terminal through SMS, voice and APP push.

较佳地,所述的网络视频监控和安防报警集成系统中通过所述的网络视频监控安防报警主机设置接警白名单号码,且所述的视频管理云平台和所述的网络摄像头中同步保存该接警白名单号码。Preferably, in the integrated network video monitoring and security alarm system, the alarm whitelist number is set through the network video monitoring security alarm host, and the video management cloud platform and the network camera are synchronously saved. Whitelist number for receiving alarms.

该针对上述的网络视频监控和安防报警集成系统实现安全访问的鉴权方法,其主要特点是,所述的鉴权方法包括以下步骤:The authentication method for implementing secure access to the above-mentioned network video monitoring and security alarm integrated system has a main feature that the authentication method includes the following steps:

(1)所述的用户终端向所述的视频管理云平台发出视频请求;(1) The user terminal sends a video request to the video management cloud platform;

(2)所述的视频管理云平台验证该用户终端是否为合法用户,若该用户终端为合法用户,则所述的视频管理云平台向该用户终端发送所述的网络摄像头的访问路径;若该用户终端非合法用户,则所述的视频管理云平台拒绝该用户终端的视频请求;(2) Whether the described video management cloud platform verifies that the user terminal is a legal user, if the user terminal is a legal user, then the described video management cloud platform sends the access path of the network camera to the user terminal; if If the user terminal is not a legal user, then the video management cloud platform rejects the video request of the user terminal;

(3)所述的用户终端根据所述的网络摄像头的访问路径向所述的网络摄像头发送视频请求;(3) the user terminal sends a video request to the network camera according to the access path of the network camera;

(4)所述的网络视频监控安防报警主机对发送视频请求的用户终端进行合法用户验证,若,若该用户终端非合法用户,则所述的网络视频监控安防报警主机拒绝该用户终端的视频请求,若该用户终端为合法用户,则进入步骤(5);(4) The described network video surveillance security alarm host performs legal user verification to the user terminal sending the video request, if, if the user terminal is not a legal user, then the network video surveillance security alarm host rejects the video of the user terminal request, if the user terminal is a legal user, then enter step (5);

(5)所述的用户终端向所述的网络视频监控安防报警主机发送网关通过请求,访问所述的网络摄像头。(5) The user terminal sends a gateway pass request to the network video surveillance security alarm host to access the network camera.

较佳地,所述的用户终端为带有写入手机号码的SIM卡,所述的步骤(1)中的视频请求信息包括由该用户终端写入手机号码的SIM卡提供的手机号码。Preferably, the user terminal is a SIM card with a mobile phone number written in it, and the video request information in the step (1) includes the mobile phone number provided by the SIM card in which the mobile phone number is written in the user terminal.

较佳地,所述的用户终端为不带有写入手机号码的SIM卡,所述的步骤(1)中的视频请求信息包括由用户提供的手机号码。Preferably, the user terminal is a SIM card without a mobile phone number, and the video request information in step (1) includes the mobile phone number provided by the user.

更佳地,所述的用户终端向用户提供手机号码填写窗口,且所述的用户终端将获取的手机号码随视频请求信息发送给所述的视频管理云平台。More preferably, the user terminal provides the user with a mobile phone number filling window, and the user terminal sends the obtained mobile phone number along with the video request information to the video management cloud platform.

较佳地,所述的步骤(2)中的视频管理云平台通过接警白名单号码识别所述的用户终端是否为合法用户。Preferably, the video management cloud platform in the step (2) identifies whether the user terminal is a legitimate user through the alarm whitelist number.

较佳地,所述的步骤(4)中的网络视频监控安防报警主机通过所述的接警白名单号码和所述的网络摄像头的ID和密码以识别所述的用户终端是否为合法用户。Preferably, the network video surveillance security alarm host in the step (4) identifies whether the user terminal is a legitimate user through the white list number for receiving alarms and the ID and password of the network camera.

较佳地,所述的步骤(5)中对所述的网络摄像头进行访问,具体内容如下:Preferably, the network camera is accessed in the step (5), the specific content is as follows:

所述的网络摄像头通过所述的接警白名单号码和该网络摄像头的密码验证该用户终端的合法性,若该用户终端合法,则所述的用户终端访问所述的网络摄像头,若该用户终端不合法,则该视频请求被摄像头拒绝。The network camera verifies the legitimacy of the user terminal through the whitelist number for receiving alarms and the password of the network camera. If the user terminal is legal, the user terminal accesses the network camera. If the user terminal If it is illegal, the video request is rejected by the camera.

采用了该种结构和方法的网络视频监控和安防报警集成系统及其安全访问鉴权方法,由于其中具有三层鉴权流程,针对视频管理云平台、网络视频监控安防报警主机和网络摄像头分别对用户终端进行验证,对视频在公网上传输的鉴权机制进行了优化,并严格控制所述的接警白名单号码和网络摄像机密码的更改和设置,安全性大幅度提高,用户的隐私得到保护。The network video monitoring and security alarm integrated system and its security access authentication method using this structure and method, because it has a three-layer authentication process, for the video management cloud platform, network video monitoring security alarm host and network camera respectively The user terminal is authenticated, the authentication mechanism for video transmission on the public network is optimized, and the change and setting of the whitelist number for alarm reception and the password of the network camera are strictly controlled, so that the security is greatly improved and the privacy of the user is protected.

附图说明Description of drawings

图1为本发明的网络视频监控和安防报警集成系统的整体架构结构示意图。FIG. 1 is a schematic diagram of the overall architecture of the network video surveillance and security alarm integration system of the present invention.

具体实施方式detailed description

该网络视频监控和安防报警集成系统,包括用户终端、网络视频监控安防报警主机和网络摄像头,其中,所述的网络视频监控和安防报警集成系统中还包括一视频管理云平台,所述的用户终端通过所述的视频管理云平台与所述的网络视频监控安防报警主机连接,该网络视频监控安防报警主机连接所述的网络摄像头,所述的用户终端包括带有写入手机号码的SIM卡用户终端和不带有写入手机号码的SIM卡用户终端,所述的网络视频监控安防报警主机与所述的网络摄像头之间互相自动发现、自动连接,且所述的网络视频监控安防报警主机对所述的网络摄像头自动命名,并可通过所述的网络视频监控安防报警主机对所述的网络摄像头进行重命名和密码设置,且所述的网络摄像头同步保存该网络视频监控安防报警主机设置的密码。The network video surveillance and security alarm integration system includes user terminals, network video surveillance security alarm hosts and network cameras, wherein the network video surveillance and security alarm integration system also includes a video management cloud platform, and the user The terminal is connected with the network video surveillance security alarm host through the video management cloud platform, the network video surveillance security alarm host is connected to the network camera, and the user terminal includes a SIM card with a mobile phone number The user terminal and the SIM card user terminal without a mobile phone number, the network video surveillance security alarm host and the network camera are automatically discovered and connected to each other, and the network video surveillance security alarm host The network camera is automatically named, and the network camera can be renamed and password-set through the network video surveillance security alarm host, and the network video camera is synchronously saved. password.

在一种较佳的实施方式中,所述的网络视频监控和安防报警集成系统中还包括无线报警探测器,所述的网络视频监控安防报警主机对码接入所述的无线报警探测器,所述的无线报警探测器感应到报警信号后通过433MHz无线射频发送给所述的网络视频监控安防报警主机,所述的网络视频监控安防报警主机通过短信、语音和APP推送向所述的用户终端发送警报。In a preferred embodiment, the integrated network video surveillance and security alarm system further includes a wireless alarm detector, and the network video surveillance security alarm host is code-connected to the wireless alarm detector, The wireless alarm detector senses the alarm signal and sends it to the network video surveillance security alarm host through 433MHz radio frequency, and the network video surveillance security alarm host pushes it to the user terminal through SMS, voice and APP Send an alert.

在一种较佳的实施方式中,所述的网络视频监控和安防报警集成系统中通过所述的网络视频监控安防报警主机设置接警白名单号码,且所述的视频管理云平台和所述的网络摄像头中同步保存该接警白名单号码。In a preferred embodiment, in the integrated network video monitoring and security alarm system, the alarm whitelist number is set through the network video monitoring security alarm host, and the video management cloud platform and the The alarm whitelist number is saved synchronously in the network camera.

该基于以上所述的网络视频监控和安防报警集成系统中的安全访问的鉴权方法,其主要特点是,所述的鉴权方法包括以下步骤:The authentication method based on the security access in the above-mentioned network video monitoring and security alarm integrated system, its main feature is that the authentication method includes the following steps:

(1)所述的用户终端向所述的视频管理云平台发出视频请求;(1) The user terminal sends a video request to the video management cloud platform;

(2)所述的视频管理云平台通过接警白名单号码识别所述的用户终端是否为合法用户,若该用户终端为合法用户,则所述的视频管理云平台向该用户终端发送所述的网络摄像头的访问路径;若该用户终端非合法用户,则所述的视频管理云平台拒绝该用户终端的视频请求;(2) The video management cloud platform identifies whether the user terminal is a legal user through the alarm whitelist number, and if the user terminal is a legal user, the video management cloud platform sends the user terminal the The access path of the network camera; if the user terminal is not a legal user, then the video management cloud platform rejects the video request of the user terminal;

(3)所述的用户终端根据所述的网络摄像头的访问路径向所述的网络摄像头发送视频请求;(3) the user terminal sends a video request to the network camera according to the access path of the network camera;

(4)所述的网络视频监控安防报警主机通过所述的接警白名单号码和所述的网络摄像头的ID和密码以识别所述的用户终端是否为合法用户,对发送视频请求的用户终端进行合法用户验证。若该用户终端非合法用户,则所述的网络视频监控安防报警主机拒绝该用户终端的视频请求,若该用户终端为合法用户,则进入步骤(5);(4) The described network video surveillance security alarm host is used to identify whether the user terminal is a legitimate user by the ID and password of the white list number of the alarm receiving and the described network camera, and conduct a video request to the user terminal sending the video request Valid user verification. If the user terminal is not a legal user, then the network video monitoring security alarm host rejects the video request of the user terminal, if the user terminal is a legal user, then enter step (5);

(5)所述的用户终端向所述的网络视频监控安防报警主机发送网关通过请求,访问所述的网络摄像头,其中,所述的网络摄像头通过所述的接警白名单号码和该网络摄像头的密码验证该用户终端的合法性,若该用户终端合法,则所述的用户终端访问所述的网络摄像头,若该用户终端不合法,则该视频请求被摄像头拒绝。(5) The user terminal sends a gateway pass request to the network video surveillance security alarm host to access the network camera, wherein the network camera passes the whitelist number of the alarm and the network camera The password verifies the legitimacy of the user terminal. If the user terminal is legal, the user terminal accesses the network camera. If the user terminal is illegal, the video request is rejected by the camera.

在一种较佳的实施方式中,所述的用户终端为带有写入手机号码的SIM卡,所述的步骤(1)中的视频请求信息包括由该用户终端写入手机号码的SIM卡提供的手机号码。In a preferred embodiment, the user terminal is a SIM card with a mobile phone number written into it, and the video request information in the step (1) includes the SIM card written into the mobile phone number by the user terminal The mobile phone number provided.

在一种较佳的实施方式中,所述的用户终端为不带有写入手机号码的SIM卡,所述的步骤(1)中的视频请求信息包括由用户提供的手机号码,此时,所述的用户终端向用户提供手机号码填写窗口,且所述的用户终端将获取的手机号码随视频请求信息发送给所述的视频管理云平台。In a preferred embodiment, the user terminal is a SIM card without a mobile phone number, and the video request information in the step (1) includes a mobile phone number provided by the user. At this time, The user terminal provides the user with a mobile phone number filling window, and the user terminal sends the acquired mobile phone number along with the video request information to the video management cloud platform.

在具体的实施案例中,用户端的网络视频监控、安防报警主机同时集网络视频监控管理功能、无线安防报警功能、智能宽带网关功能3大功能与一体。In a specific implementation case, the network video surveillance and security alarm host at the client end integrates three major functions: network video surveillance management function, wireless security alarm function, and intelligent broadband gateway function.

网络视频监控安防报警主机可以通过软件协议与网络摄像头之间相互自动发现,并且自动建立连接,不需要人为的干预,且网络视频监控安防报警主机会给与其进行过对码匹配的网络摄像头自动命名,用户也可以通过主机给每个摄像头改名。这是用户给摄像头改名的唯一方法,只有有权限操作主机的人才有权修改摄像头名字。以后用户通过手机、电脑等观看视频时摄像头的名字便以此为准,统一进行自动同步。The network video surveillance security alarm host can automatically discover each other through the software protocol and the network camera, and automatically establish a connection without human intervention, and the network video surveillance security alarm host will automatically name the network camera that has been matched with the code , the user can also rename each camera through the host. This is the only way for users to rename the camera, and only those who have the authority to operate the host have the right to modify the name of the camera. In the future, when users watch videos through mobile phones, computers, etc., the name of the camera will be based on this, and it will be automatically synchronized uniformly.

通过网络视频监控安防报警主机可以给每个网络摄像头设置一个密码,而且也只有通过网络视频监控安防报警主机才能修改摄像头密码,限制其他的摄像头密码修改方式。这样只有具有主机操作权限的人才能修改摄像头密码,摄像头不接受其他修改密码的方式和指令。这样可以有效防止密码被篡改,进一步提高了密码自身的安全性;Through the network video monitoring security alarm host can set a password for each network camera, and only through the network video monitoring security alarm host can modify the camera password, restricting other camera password modification methods. In this way, only the person with the host operation authority can modify the camera password, and the camera does not accept other methods and instructions for modifying the password. This can effectively prevent the password from being tampered with, and further improve the security of the password itself;

网络视频监控安防报警主机可以对码接入各种无线报警探测器,所述的无线报警探测器探测到报警信息后,通过433MHz的无线射频信号发送给所述的网络视频监控安防报警主机,所述的网络视频监控安防报警主机通过短信、语音、APP推送等方式直接将报警信息通知给用户。因此要使用户能够直接接收到报警信息就需要用户设置接警白名单号码,即在白名单中输入几个用户的手机号码。只要实现报警功能,输入接警白名单便是本系统中一个必须的设置操作。The network video surveillance security alarm host can be connected to various wireless alarm detectors. After the wireless alarm detector detects the alarm information, it sends it to the network video surveillance security alarm host through a 433MHz wireless radio frequency signal. The above-mentioned network video surveillance security alarm host directly notifies the user of the alarm information through SMS, voice, APP push and other methods. Therefore, in order to enable the user to directly receive the alarm information, the user needs to set the white list number for receiving the alarm, that is, enter the mobile phone numbers of several users in the white list. As long as the alarm function is realized, inputting the alarm white list is a necessary setting operation in this system.

白名单号码设置完成后同时在网络视频监控安防报警主机、视频管理云平台和网络摄像头中分别保存。用户的手机远程访问摄像头时首先向视频管理云平台发出请求,手机里面的APP自动读取手机的号码随视频请求一起发给视频管理云平台。经视频管理云平台验证该手机号码为合法用户后,才会把摄像头的访问路径发送给手机APP。否则该用户身份鉴权失败,手机的视频请求将直接被拒绝。鉴于国内SIM卡数据写入不够规范,有些卡没有写入电话号码,APP无法自动读取。因此在APP读不到电话号码的情况下,第一次使用时会在用户终端上弹出窗口要求用户输入有效的白名单号码,输入正确的接警白名单号码后以此号码为准,不需要每次使用时让用户再输入。但用户如果在主机上修改了接警白名单号码后,在手机APP上要对应修改鉴权号码(在APP不能自动读到手机号码的情况下)。After the white list number is set, it will be saved separately in the network video surveillance security alarm host, video management cloud platform and network camera at the same time. When the user's mobile phone remotely accesses the camera, it first sends a request to the video management cloud platform, and the APP in the mobile phone automatically reads the phone number and sends it to the video management cloud platform along with the video request. After the mobile phone number is verified as a legal user by the video management cloud platform, the access path of the camera will be sent to the mobile APP. Otherwise, the user's identity authentication fails, and the mobile phone's video request will be rejected directly. In view of the fact that the data writing of domestic SIM cards is not standardized enough, some cards do not have phone numbers written in them, and the APP cannot automatically read them. Therefore, when the APP cannot read the phone number, a pop-up window will pop up on the user terminal asking the user to enter a valid whitelist number when using it for the first time. After entering the correct whitelist number for alarm reception, this number shall prevail. Ask the user to re-enter it when using it for the first time. However, if the user modifies the white list number for receiving alarms on the host, he must modify the authentication number on the mobile APP (in the case that the mobile phone number cannot be automatically read by the APP).

用户手机APP向视频管理云平台提交请求时所带的电话号码鉴权通过,则会获得视频管理云平台提供的摄像头点对点访问路径。手机APP通过该访问路径可以直接在公网上找到对应的主机和一组摄像头,再向摄像头提出视频请求,尝试进行连接。此请求首先要向网络视频监控安防报警主机(主机具备智能宽带网关功能,摄像头是与主机连接的)提供合法的白名单号码和主机所连接的几个摄像头各自的ID号及密码,所述的网络视频监控安防报警主机对白名单号码及各个摄像头的密码分别进行对比验证。如果验证通过,才会允许APP进一步连接摄像头,否则直接拦截并拒绝该请求,限制其连接摄像头。If the phone number submitted by the user's mobile phone APP to the video management cloud platform is authenticated, the point-to-point access path of the camera provided by the video management cloud platform will be obtained. Through this access path, the mobile APP can directly find the corresponding host and a group of cameras on the public network, and then send a video request to the camera to try to connect. This request first needs to provide a legal whitelist number and ID numbers and passwords of several cameras connected to the host to the network video surveillance security alarm host (the host has the function of an intelligent broadband gateway, and the camera is connected to the host). The network video surveillance security alarm host compares and verifies the whitelist numbers and the passwords of each camera respectively. If the verification is passed, the APP will be allowed to further connect to the camera; otherwise, it will directly intercept and reject the request, restricting its connection to the camera.

如果主机验证通过,则APP视频请求可以通过网络视频监控安防报警主机网关,再通过端口映射找到需要访问的摄像头。但访问具体的摄像头时,还需要再次提供白名单号码和该摄像头对应的密码。摄像头再次对白名单号码及密码进行对比验证,验证合法则鉴权通过,摄像头与APP建立直接连接并把视频流发送给手机APP。If the host verification is passed, the APP video request can pass through the network video surveillance security alarm host gateway, and then find the camera that needs to be accessed through port mapping. However, when accessing a specific camera, it is necessary to provide the whitelist number and the corresponding password of the camera again. The camera compares and verifies the whitelist number and password again. If the verification is legal, the authentication passes. The camera establishes a direct connection with the APP and sends the video stream to the mobile APP.

在该安全鉴权机制保护下,用户通过公网访问摄像头时可以更大限度地提高摄像头访问的安全性。如果用户使用平板电脑、笔记本、PC等不具备自动读取电话号码条件的设备上远程访问摄像头,其实现方法与手机APP读不到手机号码时的情况是一样的,用户第一次访问每个摄像头时需要手工输入合法的白名单号码。只有APP能够自动读到合法的手机号码或者使用者知道并输入合法的接警白名单号码的情况下,用户设备才可能访问到相应的摄像头,否则鉴权的第一步就无法通过。Under the protection of this security authentication mechanism, users can maximize the security of camera access when accessing the camera through the public network. If the user accesses the camera remotely on a device such as a tablet, notebook, or PC that does not have the conditions to automatically read the phone number, the implementation method is the same as when the mobile phone APP cannot read the phone number. When using a camera, you need to manually enter a legal whitelist number. Only when the APP can automatically read the legal mobile phone number or the user knows and enters the legal alarm white list number, can the user device access the corresponding camera, otherwise the first step of authentication will not pass.

采用了该种结构和方法的网络视频监控和安防报警集成系统及其安全访问鉴权方法,由于其中具有三层鉴权流程,针对视频管理云平台、网络视频监控安防报警主机和网络摄像头分别对用户终端进行验证,对视频在公网上传输的鉴权机制进行了优化,并严格控制所述的接警白名单号码和网络摄像机密码的更改和设置,安全性大幅度提高,用户的隐私得到保护。The network video monitoring and security alarm integrated system and its security access authentication method using this structure and method, because it has a three-layer authentication process, for the video management cloud platform, network video monitoring security alarm host and network camera respectively The user terminal is authenticated, the authentication mechanism for video transmission on the public network is optimized, and the change and setting of the whitelist number for alarm reception and the password of the network camera are strictly controlled, so that the security is greatly improved and the privacy of the user is protected.

在此说明书中,本发明已参照其特定的实施例作了描述。但是,很显然仍可以作出各种修改和变换而不背离本发明的精神和范围。因此,说明书和附图应被认为是说明性的而非限制性的。In this specification, the invention has been described with reference to specific embodiments thereof. However, it is obvious that various modifications and changes can be made without departing from the spirit and scope of the invention. Accordingly, the specification and drawings are to be regarded as illustrative rather than restrictive.

Claims (12)

1. a kind of Network Video Surveillance and security alarm integrated system, including user terminal, Network Video Surveillance security alarm master Machine and IP Camera, it is characterised in that also include a video in described Network Video Surveillance and security alarm integrated system Management cloud platform, described user terminal is by described video management cloud platform and described Network Video Surveillance security alarm Main frame is connected, the described IP Camera of Network Video Surveillance security alarm main frame connection.
2. Network Video Surveillance according to claim 1 and security alarm integrated system, it is characterised in that described user Terminal includes user's end of the user terminal of the SIM with write-in phone number and the SIM without write-in phone number End.
3. Network Video Surveillance according to claim 1 and security alarm integrated system, it is characterised in that described network It is automatic mutually between video monitoring security alarm main frame and described IP Camera to find, connect automatically, and described network Video monitoring security alarm main frame is named described IP Camera automatically, and can be by described Network Video Surveillance security protection Alarm host machine carries out renaming to described IP Camera and password is set, and described IP Camera synchronously preserves the net The password that network video monitoring security alarm main frame is set.
4. Network Video Surveillance according to claim 1 and security alarm integrated system, it is characterised in that described network Also include radio alarming detector, described Network Video Surveillance security alarm master in video monitoring and security alarm integrated system Machine accesses described radio alarming detector to code, and described radio alarming detector passes through 433MHz after receiving alarm signal Less radio-frequency is sent to described Network Video Surveillance security alarm main frame, and described Network Video Surveillance security alarm main frame leads to Short message, voice and APP is crossed to push to described user terminal transmission alarm.
5. Network Video Surveillance according to claim 1 and security alarm integrated system, it is characterised in that described network White list of receiving a crime report is set by described Network Video Surveillance security alarm main frame in video monitoring and security alarm integrated system The white list number of receiving a crime report synchronously is preserved in number, and described video management cloud platform and described IP Camera.
6. a kind of Network Video Surveillance and security alarm integrated system for described in claim 1 to 5 realizes secure access Method for authenticating, it is characterised in that described method for authenticating is comprised the following steps:
(1) user terminal described in sends video request to described video management cloud platform;
(2) the video management cloud platform described in verifies whether the user terminal is validated user, if the user terminal is legal use Family, then described video management cloud platform sends the access path of described IP Camera to the user terminal;If the user Terminal non-legally user, then described video management cloud platform refuses the video request of the user terminal;
(3) access path of the IP Camera of user terminal described according to sends video to described IP Camera Request;
(4) the Network Video Surveillance security alarm main frame described in carries out validated user and tests to the user terminal for sending video request Card, if if user terminal non-legally user, described Network Video Surveillance security alarm main frame refuses the user terminal Video request, if the user terminal is validated user, into step (5);
(5) user terminal described in sends gateway by request to described Network Video Surveillance security alarm main frame, accesses institute The IP Camera stated.
7. the authentication that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 6 Method, it is characterised in that described user terminal is the SIM with write-in phone number, the video in described step (1) Solicited message includes the phone number provided by the SIM of user terminal write-in phone number.
8. the authentication that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 6 Method, it is characterised in that described user terminal is the SIM without write-in phone number, regarding in described step (1) Frequency solicited message includes customer-furnished phone number.
9. the authentication that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 8 Method, it is characterised in that described user terminal provides a user with phone number and fills in window, and described user terminal will be obtained The phone number for taking is sent to described video management cloud platform with video request information.
10. the mirror that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 6 Power method, it is characterised in that be provided with white list of receiving a crime report in described Network Video Surveillance security alarm main frame, and described regard The white list number of receiving a crime report, regarding in described step (2) are synchronously preserved in frequency management cloud platform and described IP Camera Whether frequency management cloud platform is validated user by the user terminal received a crime report described in white list Number Reorganization.
11. mirror that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 10 Power method, it is characterised in that described Network Video Surveillance security alarm main frame is that described IP Camera sets password, and Described IP Camera synchronously preserves the password, and Network Video Surveillance security alarm main frame in described step (4) leads to Cross the ID and password of described receive a crime report white list number and described IP Camera with recognize described user terminal whether be Validated user.
12. mirror that secure access is realized for Network Video Surveillance and security alarm integrated system according to claim 6 Power method, it is characterised in that conducted interviews to described IP Camera in described step (5), particular content is as follows:
Described IP Camera is received a crime report white list number and the password authentification of IP Camera user's end by described The legitimacy at end, if the user terminal is legal, the IP Camera described in described user terminal access, if the user terminal Illegal, then the video request is refused by camera.
CN201611139762.5A 2016-12-12 2016-12-12 Network video surveillance and security alarm integrated system and its security access authentication method Pending CN106791627A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611139762.5A CN106791627A (en) 2016-12-12 2016-12-12 Network video surveillance and security alarm integrated system and its security access authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611139762.5A CN106791627A (en) 2016-12-12 2016-12-12 Network video surveillance and security alarm integrated system and its security access authentication method

Publications (1)

Publication Number Publication Date
CN106791627A true CN106791627A (en) 2017-05-31

Family

ID=58875579

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611139762.5A Pending CN106791627A (en) 2016-12-12 2016-12-12 Network video surveillance and security alarm integrated system and its security access authentication method

Country Status (1)

Country Link
CN (1) CN106791627A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107396064A (en) * 2017-08-27 2017-11-24 邱诗妍 A kind of municipal on-site supervision calling system
CN107733858A (en) * 2017-09-01 2018-02-23 北京知道未来信息技术有限公司 A kind of monitoring device and method of intelligent protection camera information
CN107959573A (en) * 2017-12-12 2018-04-24 华东交通大学 A kind of guard method of the IP Camera based on digital signature
CN109348173A (en) * 2018-10-16 2019-02-15 深圳市中电数通智慧安全科技股份有限公司 A kind of monitor video management method, device and terminal device
CN111147740A (en) * 2019-12-27 2020-05-12 青岛海信智慧家居系统股份有限公司 Method and device for controlling intelligent camera
WO2023040326A1 (en) * 2021-09-17 2023-03-23 中兴通讯股份有限公司 Network access method for camera, configuration server, camera, and security system
CN116258310A (en) * 2022-11-18 2023-06-13 广西交通投资集团南宁高速公路运营有限公司 Multi-party joint dispatching command system and method for improving highway emergency rescue efficiency

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724480A (en) * 2012-06-07 2012-10-10 深圳市鼎盛威电子有限公司 3G (the 3rd generation telecommunication) real-time video monitoring system
CN103269329A (en) * 2013-04-14 2013-08-28 江苏省广电有线信息网络股份有限公司 Household video monitoring system based on digital television set-top box and IMS (Information Management System)
CN105007470A (en) * 2015-08-14 2015-10-28 江苏轩博电子科技有限公司 System capable of realizing intelligent shop security alarm based on 4G network and wired broadband
CN105100725A (en) * 2015-08-14 2015-11-25 江苏轩博电子科技有限公司 System for implementing intelligent network video monitoring based on 4G and wired broadband
CN105141906A (en) * 2015-08-14 2015-12-09 江苏轩博电子科技有限公司 System for realizing intelligent network video monitoring based on CDMA and wired broadband
US20160149977A1 (en) * 2014-11-21 2016-05-26 Honeywell International Inc. System and Method of Video Streaming

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724480A (en) * 2012-06-07 2012-10-10 深圳市鼎盛威电子有限公司 3G (the 3rd generation telecommunication) real-time video monitoring system
CN103269329A (en) * 2013-04-14 2013-08-28 江苏省广电有线信息网络股份有限公司 Household video monitoring system based on digital television set-top box and IMS (Information Management System)
US20160149977A1 (en) * 2014-11-21 2016-05-26 Honeywell International Inc. System and Method of Video Streaming
CN105007470A (en) * 2015-08-14 2015-10-28 江苏轩博电子科技有限公司 System capable of realizing intelligent shop security alarm based on 4G network and wired broadband
CN105100725A (en) * 2015-08-14 2015-11-25 江苏轩博电子科技有限公司 System for implementing intelligent network video monitoring based on 4G and wired broadband
CN105141906A (en) * 2015-08-14 2015-12-09 江苏轩博电子科技有限公司 System for realizing intelligent network video monitoring based on CDMA and wired broadband

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107396064A (en) * 2017-08-27 2017-11-24 邱诗妍 A kind of municipal on-site supervision calling system
CN107733858A (en) * 2017-09-01 2018-02-23 北京知道未来信息技术有限公司 A kind of monitoring device and method of intelligent protection camera information
CN107959573A (en) * 2017-12-12 2018-04-24 华东交通大学 A kind of guard method of the IP Camera based on digital signature
CN109348173A (en) * 2018-10-16 2019-02-15 深圳市中电数通智慧安全科技股份有限公司 A kind of monitor video management method, device and terminal device
CN111147740A (en) * 2019-12-27 2020-05-12 青岛海信智慧家居系统股份有限公司 Method and device for controlling intelligent camera
WO2023040326A1 (en) * 2021-09-17 2023-03-23 中兴通讯股份有限公司 Network access method for camera, configuration server, camera, and security system
CN116258310A (en) * 2022-11-18 2023-06-13 广西交通投资集团南宁高速公路运营有限公司 Multi-party joint dispatching command system and method for improving highway emergency rescue efficiency

Similar Documents

Publication Publication Date Title
CN106791627A (en) Network video surveillance and security alarm integrated system and its security access authentication method
CN113272805B (en) Proximity-based unlocking of public computing devices
US9781105B2 (en) Fallback identity authentication techniques
US10219154B1 (en) Frictionless or near-frictionless 3 factor user authentication method and system by use of triad network
US20170155660A1 (en) Controlling Electronically Communicated Resources
US20050066179A1 (en) Method and apparatus for authenticating a user at an access terminal
CN109618344B (en) Safe connection method and device of wireless monitoring equipment
US20120254960A1 (en) Connecting mobile devices, internet-connected vehicles, and cloud services
KR20160114620A (en) Methods, devices and systems for dynamic network access administration
US20080250485A1 (en) Guest Dongle and Method of Connecting Guest Apparatuses to Wireless Home Networks
CN106960491A (en) Mobile fingerprint access control system and control method
CN105893802A (en) Method for locking/unlocking computer screen based on Bluetooth
US12081544B2 (en) Systems and methods for preventing unauthorized network access
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
US9853971B2 (en) Proximity based authentication using bluetooth
US20210243188A1 (en) Methods and apparatus for authenticating devices
CN109920100B (en) Unlocking method and system of intelligent lock
WO2014154073A1 (en) System for securely accessing network address, and device and method therein
TWI759908B (en) The method of generating the authorization allow list and the information security system using it
CN112840338B (en) Authenticating users of public computing devices using limited search scope
CN104836794A (en) Method and system for achieving private protection of electronic devices based on WIFI hotspot
CN105787319A (en) Iris recognition-based portable terminal and method for same
CN108989331B (en) Use authentication method of data storage device, device and storage medium thereof
KR101294805B1 (en) 2-channel authentication method and system based on authentication application
US10387634B1 (en) System and method for authenticating a person using biometric data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531