[go: up one dir, main page]

CN112383531A - Monitoring system and monitoring system configuration method - Google Patents

Monitoring system and monitoring system configuration method Download PDF

Info

Publication number
CN112383531A
CN112383531A CN202011243034.5A CN202011243034A CN112383531A CN 112383531 A CN112383531 A CN 112383531A CN 202011243034 A CN202011243034 A CN 202011243034A CN 112383531 A CN112383531 A CN 112383531A
Authority
CN
China
Prior art keywords
monitoring
module
unit
information
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011243034.5A
Other languages
Chinese (zh)
Other versions
CN112383531B (en
Inventor
张笑钦
胡杰
吴益剑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Big Data And Information Technology Research Institute Of Wenzhou University
Original Assignee
Big Data And Information Technology Research Institute Of Wenzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Big Data And Information Technology Research Institute Of Wenzhou University filed Critical Big Data And Information Technology Research Institute Of Wenzhou University
Priority to CN202011243034.5A priority Critical patent/CN112383531B/en
Publication of CN112383531A publication Critical patent/CN112383531A/en
Application granted granted Critical
Publication of CN112383531B publication Critical patent/CN112383531B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0823Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/165Combined use of TCP and UDP protocols; selection criteria therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a monitoring system, comprising: the system comprises a central monitoring module, an authority determining and verifying module, a monitoring parameter obtaining module, a data encryption module and an operation and maintenance monitoring module; the central monitoring module comprises an intelligent alarm unit, an instruction distribution unit, an equipment validity verification unit, a data storage unit and a monitoring equipment management unit, and the authority determination and verification module is used for setting management level authority, information communication authority, incidence relation and the like; the monitoring parameter acquisition module is used for acquiring and analyzing monitoring data and each monitoring parameter of the sub-monitoring equipment and establishing a communication link; the data encryption module is used for encrypting and decrypting data transmitted on the communication link; the operation and maintenance monitoring module is used for maintaining the configured legal monitoring equipment, and correspondingly, the invention provides a monitoring system configuration method.

Description

Monitoring system and monitoring system configuration method
Technical Field
The present invention relates to the field of monitoring technologies, and in particular, to a monitoring system and a monitoring system configuration method.
Background
With the development of science and technology and the growth of social monitoring demand, the construction scale of monitoring networks is larger and larger, and the required equipment is more and more complex, so that higher requirements are provided for the construction and maintenance of such a complex network. The control and maintenance of the monitoring equipment comprises a process of parameter configuration of the monitoring equipment, and operation and maintenance developers need to modify rear-end monitoring codes and update monitoring services according to continuously-overlapped service monitoring objects and adjustment of monitoring parameters to keep normal acquisition, tracking and analysis of existing monitoring data, so that the monitoring services can still normally operate after the monitoring objects are overlapped, the maintenance cost and the labor cost are greatly increased, and the risk of tampering the data security in continuous updating is possible.
In summary, it is an urgent need to solve the problem of the technical staff in the art to provide a monitoring system and a monitoring system configuration method that can realize automatic, fast and accurate automatic configuration of the monitoring system, save maintenance cost and time, and increase data security.
Disclosure of Invention
In view of the above-mentioned problems and needs, the present disclosure provides a monitoring system and a monitoring system configuration method, which can solve the above technical problems by adopting the following technical solutions.
In order to achieve the purpose, the invention provides the following technical scheme: a monitoring system, comprising: the system comprises a central monitoring module, an authority determining and verifying module, a monitoring parameter obtaining module, a data encryption module and an operation and maintenance monitoring module;
the central monitoring module comprises an intelligent alarm unit, an instruction distribution unit, an equipment validity verification unit, a data storage unit and a monitoring equipment management unit, the intelligent alarm unit is used for alarming and recording abnormal service operation conditions, and comprises a custom alarm rule configuration module, an automatic alarm module and an alarm information recording module, the instruction distribution unit is used for receiving feedback information and distribution information, and comprises an information monitoring module, a data processing module, a parameter configuration module and an instruction distribution module, the equipment validity verifying unit is used for verifying whether each monitoring equipment is legal or not, and the monitoring equipment management unit is connected with the instruction distributing unit and used for sending a polling command configuration file and a parameter configuration instruction to each sub-monitoring equipment and receiving parameter updating information and address information fed back by each sub-monitoring equipment;
the authority determining and verifying module comprises an authority setting unit and a verifying unit, wherein the authority setting unit is used for setting management level authority, information communication authority and association mapping relations between each functional sub-module and a user, outputting configuration result information and storing the configuration result information to a database server in the data storage unit;
the monitoring parameter acquisition module comprises a decoding unit and a communication unit, wherein the decoding unit is used for acquiring and analyzing monitoring data and each monitoring parameter of the sub-monitoring equipment and sending the acquired data to the instruction distribution unit according to a parameter standard set by a configuration service, the instruction distribution unit receives feedback information and distribution information to the intelligent alarm unit and the monitoring equipment management unit, and the communication unit is used for establishing a communication link according to a network communication protocol;
the data encryption module is used for encrypting and decrypting data transmitted on the communication link, and the data encryption module adopts a quantum encryption and decryption based method to ensure data transmission safety;
the operation and maintenance monitoring module is used for maintaining configured legal monitoring equipment, the operation and maintenance monitoring module comprises an alarm record receiving unit and an operation and maintenance unit, and the operation and maintenance unit is used for calling a corresponding alarm information maintenance template stored in an expert maintenance template database in the data storage unit.
Furthermore, the central monitoring module further comprises a plurality of front-end monitoring subunits, each front-end monitoring subunit comprises an equipment control gateway and at least one monitoring device connected with the equipment control gateway, and the plurality of front-end monitoring subunits are connected with the monitoring device management unit.
Furthermore, the monitoring device management unit broadcasts and sends a configuration instruction to each device control gateway through the established wireless link, and stores the basic information of each device control gateway and the parameter update record of the legal monitoring device connected with the basic information to the data storage unit, the legal monitoring device is controlled through each device control gateway, each device control gateway feeds back the execution of the configuration instruction, the device legality verification unit judges whether each monitoring device is legal according to the legality judgment rule, if yes, the device control gateway connected with the monitoring device only feeds back the parameter update information and the unique identifier of the device control gateway, and if not, the unique identifier and the illegal information of the device control gateway are fed back to the monitoring device management unit in the form of frame format information.
Further, the parameter configuration module includes a parameter determination unit, an automatic optimal parameter output unit, and an instruction receiving unit, the parameter configuration module is configured to determine whether configuration operation is correct, the automatic optimal parameter output unit is configured to learn an optimal parameter according to an expert knowledge base, and output the optimal parameter by default when a certain parameter set by a user exceeds a threshold range, the instruction receiving unit is connected to the automatic optimal parameter output unit and the instruction distributing unit, and outputs configuration instruction information to the monitoring device management unit, and determining whether configuration operation is correct includes: and judging whether the parameters which are not allowed to be repeated in the modified parameters are repeated with the configuration parameters of another monitoring device and whether the optimal configuration of the parameters and the configuration among the associated parameters are correct.
Furthermore, the verification unit comprises an authentication verification module and an authentication feedback module, the authentication verification module is used for user authentication and user data stored in the database server, the authentication feedback module is used for feeding back the level authority and the incidence relation information of the user, the authentication verification module comprises an authentication server, and the authentication feedback module is connected with the authentication server.
Furthermore, the intelligent alarm unit realizes differentiated processing of the monitoring results of the monitoring contents of different monitoring devices according to the configured custom alarm rules.
A monitoring system configuration method specifically comprises the following steps:
s1, after the system is started, the information monitoring module in the instruction distribution unit monitors the service process and the line operation condition, processes the monitoring information according to the custom alarm rule configured by the custom alarm rule configuration module, and then sends the processing result to the automatic alarm module to realize the differentiated processing of the monitoring results of the monitoring contents of different monitoring equipment and monitoring objects;
s2, the communication unit of the monitoring parameter acquisition module establishes a communication link according to a network communication protocol, the data encryption module encrypts and decrypts data transmitted on the communication link by adopting a quantum encryption and decryption method, then establishes connection with the front-end monitoring sub-units through the communication link, the decoding unit acquires and analyzes the monitoring data and each monitoring parameter of the sub-monitoring equipment, and sends the acquired data to the data processing module of the instruction distribution unit according to a parameter standard set by a configuration service, the data processing module receives feedback information of the automatic alarm module and distributes configuration information through the instruction distribution module, and parameter judgment and output are carried out through the parameter distribution module;
s3, when the user modifies the parameter data, according to the management level authority and the information communication authority set by the authority setting unit and the associated mapping relation between each function sub-module and the user, the user authentication and authority confirmation are carried out by the verification unit;
s4: after receiving the output parameters and the configuration information, the monitoring equipment management unit broadcasts and sends configuration instructions to each equipment control gateway through the established wireless link, and storing the basic information of each equipment control gateway and the parameter updating record of the legal monitoring equipment connected with the equipment control gateway into the data storage unit, controlling the legal monitoring equipment through each equipment control gateway, feeding back the execution of the configuration instruction by each equipment control gateway, judging whether each monitoring equipment is legal or not by the equipment legality verification unit according to a legality judgment rule, if so, feeding back only parameter updating information and the unique identifier of the equipment control gateway by the equipment control gateway connected with the monitoring equipment, and if not, feeding back the unique identifier and the illegal information of the equipment control gateway to the monitoring equipment management unit in the form of frame format information;
and S5, the monitoring equipment management unit sends the received monitoring information to the data processing module, and the data processing module adds, deletes, changes and checks the information corresponding to the front-end monitoring sub-unit corresponding to the monitoring information.
Still further, the quantum encryption and decryption based method comprises: a. acquiring a data part of a TCP data packet or a UDP data packet sent by a data sender; b. generating an encryption key by using a stream encryption algorithm according to the quantum key distributed by the quantum key distribution system to encrypt the transmitted data; c. calculating the checksum of the TCP data packet or the UDP data packet after quantum encryption to obtain the data part of the IP datagram; then adjusting the head of the IP datagram, encapsulating the head information and the data part of the IP datagram into the IP datagram to finish encryption; d. the receiver decrypts the data part of the TCP data packet or the UDP data packet in the IP datagram according to the source address of the IP datagram and the decryption key of the quantum key; e. and calculating the checksum of the decrypted TCP data packet or UDP data packet to obtain the data part of the decrypted IP datagram, so as to obtain the decrypted data information.
According to the technical scheme, the invention has the beneficial effects that: the invention can realize automatic, rapid and accurate automatic configuration of the monitoring system, saves maintenance cost and time, and increases data security due to the establishment of the data encryption module and the multi-authority verification process.
In addition to the above objects, features and advantages, preferred embodiments of the present invention will be described in more detail below with reference to the accompanying drawings so that the features and advantages of the present invention can be easily understood.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments of the present invention or the prior art will be briefly described, wherein the drawings are only used for illustrating some embodiments of the present invention and do not limit all embodiments of the present invention thereto.
FIG. 1 is a schematic diagram of the monitoring system according to the present invention.
Fig. 2 is a schematic diagram of the central monitoring module according to the present invention.
Fig. 3 is a schematic diagram illustrating specific steps of a monitoring system configuration method according to the present invention.
Fig. 4 is a schematic diagram illustrating specific steps of the quantum-based encryption and decryption method in this embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings of specific embodiments of the present invention. Like reference symbols in the various drawings indicate like elements. It should be noted that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the invention without any inventive step, are within the scope of protection of the invention.
The invention provides the monitoring system and the monitoring system configuration method which can realize automatic, quick and accurate automatic configuration of the monitoring system, save maintenance cost and time and have higher data transmission safety. As shown in fig. 1 to 4, the system includes: the system comprises a central monitoring module, an authority determining and verifying module, a monitoring parameter acquiring module, a data encrypting module and an operation and maintenance monitoring module, wherein the central monitoring module processes and calculates parameter data acquired by the monitoring parameter acquiring module and performs abnormal alarm through monitoring information, the authority determining and verifying module is connected with the central monitoring module and is used for verifying the operation authority, the data transmission authority range and the like of a user, the operation and maintenance monitoring module is used for maintaining configured legal monitoring equipment, the operation and maintenance monitoring module comprises an alarm record receiving unit and an operation and maintenance unit, and the operation and maintenance unit is used for calling a corresponding alarm information maintenance template stored in an expert maintenance template database in a data storage unit.
In the system, the central monitoring module comprises an intelligent alarm unit, an instruction distribution unit, an equipment validity verification unit, a data storage unit, a monitoring equipment management unit and a plurality of front-end monitoring subunits, each front-end monitoring subunit comprises an equipment control gateway and at least one monitoring equipment connected with the equipment control gateway, the intelligent alarm unit is used for alarming and recording abnormal service operation conditions, the intelligent alarm unit comprises a custom alarm rule configuration module, an automatic alarm module and an alarm information recording module, the instruction distribution unit is used for receiving feedback information and distributing information, the instruction distribution unit comprises an information monitoring module, a data processing module, a parameter configuration module and an instruction distribution module, the equipment validity verification unit is used for verifying whether each monitoring equipment is legal or not, the monitoring equipment management unit is connected with the instruction distribution unit and is used for sending polling command configuration files and parameter configuration instructions to each monitoring sub-equipment and receiving parameter updating information and address information fed back by each monitoring sub-equipment. And the intelligent alarm unit realizes the differentiated processing of the monitoring results of the monitoring contents of different monitoring devices according to the configured custom alarm rules. The parameter configuration module comprises a parameter judging unit, an automatic optimal parameter output unit and an instruction receiving unit, the parameter configuration module is used for judging whether the configuration operation is correct, the automatic optimal parameter output unit is used for learning optimal parameters according to an expert knowledge base and outputting the optimal parameters in a default mode when a certain parameter set by a user exceeds a threshold range, the instruction receiving unit is connected with the automatic optimal parameter output unit and the instruction distributing unit and outputs configuration instruction information to the monitoring equipment management unit, and the judgment whether the configuration operation is correct comprises the following steps: and judging whether the parameters which are not allowed to be repeated in the modified parameters are repeated with the configuration parameters of another monitoring device and whether the optimal configuration of the parameters and the configuration among the associated parameters are correct.
The front-end monitoring subunits are connected with the monitoring equipment management unit. The monitoring equipment management unit broadcasts and sends a configuration instruction to each equipment control gateway through an established wireless link, and stores basic information of each equipment control gateway and parameter updating records of legal monitoring equipment connected with the basic information to the data storage unit, the legal monitoring equipment is controlled through each equipment control gateway, each equipment control gateway feeds back the execution of the configuration instruction, the equipment legality verification unit judges whether each monitoring equipment is legal according to a legality judgment rule, if yes, the equipment control gateway connected with the monitoring equipment only feeds back parameter updating information and a unique identifier of the equipment control gateway, and if not, the unique identifier and illegal information of the equipment control gateway are fed back to the monitoring equipment management unit in frame format information.
The authority determining and verifying module comprises an authority setting unit and a verifying unit, the authority setting unit is used for setting management level authority, information communication authority and association mapping relations between the functional sub-modules and users, and outputting configuration result information and storing the configuration result information to the database server in the data storage unit, the verifying unit comprises an authentication verifying module and an authentication feedback module, the authentication verifying module is used for user authentication and user data stored in the database server, the authentication feedback module is used for feeding back the level authority and the association relation information of the users, the authentication verifying module comprises an authentication server, and the authentication feedback module is connected with the authentication server.
The monitoring parameter acquiring module includes a decoding unit and a communication unit, where the decoding unit is configured to acquire and analyze monitoring data and each monitoring parameter of the sub-monitoring device, and in this embodiment, each monitoring parameter includes a device type, a communication parameter, address information, and the like. And sending the acquired data to the instruction distribution unit according to a parameter standard set by the configuration service, wherein the instruction distribution unit receives feedback information and distributes the information to the intelligent alarm unit and the monitoring equipment management unit, and the communication unit is used for establishing a communication link according to a network communication protocol. The data encryption module in the system is used for encrypting and decrypting data transmitted on the communication link, and the data encryption module adopts a quantum encryption and decryption based method to ensure data transmission safety.
As shown in fig. 3, a monitoring system configuration method specifically includes:
s1, after the system is started, the information monitoring module in the instruction distribution unit monitors the service process and the line operation condition, processes the monitoring information according to the custom alarm rule configured by the custom alarm rule configuration module, and then sends the processing result to the automatic alarm module to realize the differentiated processing of the monitoring results of the monitoring contents of different monitoring equipment and monitoring objects;
s2, the communication unit of the monitoring parameter acquisition module establishes a communication link according to a network communication protocol, the data encryption module encrypts and decrypts data transmitted on the communication link by adopting a quantum encryption and decryption method, then establishes connection with the front-end monitoring sub-units through the communication link, the decoding unit acquires and analyzes the monitoring data and each monitoring parameter of the sub-monitoring equipment, and sends the acquired data to the data processing module of the instruction distribution unit according to a parameter standard set by a configuration service, the data processing module receives feedback information of the automatic alarm module and distributes configuration information through the instruction distribution module, and parameter judgment and output are carried out through the parameter distribution module;
s3, when the user modifies the parameter data, according to the management level authority and the information communication authority set by the authority setting unit and the associated mapping relation between each function sub-module and the user, the user authentication and authority confirmation are carried out by the verification unit;
s4: after receiving the output parameters and the configuration information, the monitoring equipment management unit broadcasts and sends configuration instructions to each equipment control gateway through the established wireless link, and storing the basic information of each equipment control gateway and the parameter updating record of the legal monitoring equipment connected with the equipment control gateway into the data storage unit, controlling the legal monitoring equipment through each equipment control gateway, feeding back the execution of the configuration instruction by each equipment control gateway, judging whether each monitoring equipment is legal or not by the equipment legality verification unit according to a legality judgment rule, if so, feeding back only parameter updating information and the unique identifier of the equipment control gateway by the equipment control gateway connected with the monitoring equipment, and if not, feeding back the unique identifier and the illegal information of the equipment control gateway to the monitoring equipment management unit in the form of frame format information;
and S5, the monitoring equipment management unit sends the received monitoring information to the data processing module, and the data processing module adds, deletes, changes and checks the information corresponding to the front-end monitoring sub-unit corresponding to the monitoring information.
As shown in fig. 4, the method based on quantum encryption and decryption includes: acquiring a data part of a TCP data packet or a UDP data packet sent by a data sender; generating an encryption key by using a stream encryption algorithm according to the quantum key distributed by the quantum key distribution system to encrypt the transmitted data; calculating the checksum of the TCP data packet or the UDP data packet after quantum encryption to obtain the data part of the IP datagram; then adjusting the head of the IP datagram, encapsulating the head information and the data part of the IP datagram into the IP datagram to finish encryption; the receiver decrypts the data part of the TCP data packet or the UDP data packet in the IP datagram according to the source address of the IP datagram and the decryption key of the quantum key; and calculating the checksum of the decrypted TCP data packet or UDP data packet to obtain the data part of the decrypted IP datagram, so as to obtain the decrypted data information.
It should be noted that the described embodiments of the invention are only preferred ways of implementing the invention, and that all obvious modifications, which are within the scope of the invention, are all included in the present general inventive concept.

Claims (8)

1.一种监控系统,其特征在于,包括:中央监控模块、权限确定及验证模块、监控参数获取模块、数据加密模块和运维监控模块;1. a monitoring system is characterized in that, comprising: central monitoring module, authority determination and verification module, monitoring parameter acquisition module, data encryption module and operation and maintenance monitoring module; 所述中央监控模块包括智能报警单元、指令分配单元、设备合法性验证单元、数据存储单元和监控设备管理单元,所述智能报警单元用于对异常服务运行情况进行报警和报警记录,所述智能报警单元包括自定义报警规则配置模块、自动报警模块和报警信息记录模块,所述指令分配单元用于接收反馈信息和分发信息,所述指令分配单元包括信息监听模块、数据处理模块、参数配置模块和指令分配模块,所述设备合法性验证单元用于验证各监控设备是否合法,所述监控设备管理单元与所述指令分配单元相连接用于向每个子监控设备发送轮询命令配置文件和参数配置指令并接收所述每个子监控设备反馈的参数更新信息和地址信息;The central monitoring module includes an intelligent alarm unit, an instruction distribution unit, an equipment legality verification unit, a data storage unit, and a monitoring equipment management unit. The intelligent alarm unit is used to alarm and record the abnormal service operation. The alarm unit includes a self-defined alarm rule configuration module, an automatic alarm module and an alarm information recording module, the instruction distribution unit is used for receiving feedback information and distributing information, and the instruction distribution unit includes an information monitoring module, a data processing module, and a parameter configuration module. and an instruction distribution module, the device legitimacy verification unit is used to verify whether each monitoring device is legal, and the monitoring device management unit is connected to the instruction distribution unit for sending polling command configuration files and parameters to each sub-monitoring device configure instructions and receive parameter update information and address information fed back by each sub-monitoring device; 所述权限确定及验证模块包括权限设定单元和验证单元,所述权限设定单元用于设定管理等级权限、信息通讯权限和各功能子模块与用户之间的关联映射关系,并输出配置结果信息并存储至所述数据存储单元中的数据库服务器;The authority determination and verification module includes a authority setting unit and a verification unit. The authority setting unit is used to set the management level authority, the information communication authority and the associated mapping relationship between each functional sub-module and the user, and output the configuration and store the result information to the database server in the data storage unit; 所述监控参数获取模块包括解码单元和通信单元,所述解码单元用于采集并解析监控数据和子监控设备的各个监控参数,并将采集数据根据配置服务所设置的参数标准发送给所述指令分配单元,所述指令分配单元接收反馈信息和分发信息给所述智能报警单元和所述监控设备管理单元,所述通信单元用于根据网络通讯协议建立通讯链路;The monitoring parameter acquisition module includes a decoding unit and a communication unit, and the decoding unit is used to collect and analyze monitoring data and various monitoring parameters of the sub-monitoring equipment, and send the collected data to the instruction distribution according to the parameter standard set by the configuration service. unit, the instruction distribution unit receives feedback information and distributes the information to the intelligent alarm unit and the monitoring equipment management unit, and the communication unit is used for establishing a communication link according to a network communication protocol; 所述数据加密模块用于为在所述通讯链路上传输的数据进行加解密,所述数据加密模块采用基于量子加解密的方法保证数据传输安全;The data encryption module is used to encrypt and decrypt the data transmitted on the communication link, and the data encryption module adopts a method based on quantum encryption and decryption to ensure data transmission security; 所述运维监控模块用于对配置的合法监控设备进行维护,所述运维监控模块包括报警记录接收单元和运维单元,所述运维单元用于调用所述数据存储单元中专家维护模板数据库存储的对应报警信息维护模板。The operation and maintenance monitoring module is used to maintain the configured legal monitoring equipment, the operation and maintenance monitoring module includes an alarm record receiving unit and an operation and maintenance unit, and the operation and maintenance unit is used to call the expert maintenance template in the data storage unit. The corresponding alarm information maintenance template stored in the database. 2.如权利要求1所述的监控系统,其特征在于,所述中央监控模块还包括若干个前端监控子单元,每个前端监控子单元包括设备控制网关和与所述设备控制网关相连接的至少一个监控设备,所述若干个前端监控子单元与所述监控设备管理单元相连接。2. The monitoring system according to claim 1, wherein the central monitoring module further comprises several front-end monitoring sub-units, and each front-end monitoring sub-unit comprises a device control gateway and a device control gateway connected with the device control gateway. At least one monitoring device, the several front-end monitoring sub-units are connected with the monitoring device management unit. 3.如权利要求2所述的监控系统,其特征在于,所述监控设备管理单元通过建立的无线链路向各设备控制网关广播发送配置指令,并将所述各设备控制网关的基本信息和与之相连接的合法监控设备的参数更新记录存储至所述数据存储单元,通过各设备控制网关对所述合法监控设备进行控制,所述各设备控制网关对所述配置指令执行进行反馈,由所述设备合法性验证单元根据合法性判别规则判断各监控设备是否合法,若合法则与监控设备相连的所述设备控制网关仅反馈参数更新信息和所述设备控制网关的唯一标识,否则将所述设备控制网关的唯一标识和非法信息以帧格式信息反馈至所述监控设备管理单元。3. The monitoring system according to claim 2, wherein the monitoring device management unit broadcasts and sends a configuration instruction to each device control gateway through the established wireless link, and sends the basic information and the basic information of each device control gateway to each device control gateway. The parameter update record of the legal monitoring device connected to it is stored in the data storage unit, and the legal monitoring device is controlled by each device control gateway, and the each device control gateway provides feedback on the execution of the configuration instruction, and is controlled by the device control gateway. The device legality verification unit judges whether each monitoring device is legal according to the legality discrimination rule. If it is legal, the device control gateway connected to the monitoring device only feeds back the parameter update information and the unique identifier of the device control gateway. The unique identification and illegal information of the device control gateway are fed back to the monitoring device management unit in frame format information. 4.如权利要求3所述的监控系统,其特征在于,所述参数配置模块包括参数判别单元、自动最优参数输出单元和指令接收单元,所述参数配置模块用于判断配置操作是否正确,所述自动最优参数输出单元用于根据专家知识库学习最优参数,并在用户设定的某一参数超过阈值范围时默认输出所述最优参数,所述指令接收单元与所述所述自动最优参数输出单元和所述指令分配单元相连接输出配置指令信息至所述监控设备管理单元,判断配置操作是否正确包括:判断修改后的参数中不允许重复的参数是否与另一监控设备的配置参数重复以及参数是否最优配置和各关联参数之间的配置是否正确。4. The monitoring system according to claim 3, wherein the parameter configuration module comprises a parameter discrimination unit, an automatic optimal parameter output unit and an instruction receiving unit, and the parameter configuration module is used to judge whether the configuration operation is correct, The automatic optimal parameter output unit is used to learn the optimal parameter according to the expert knowledge base, and output the optimal parameter by default when a certain parameter set by the user exceeds the threshold range. The automatic optimal parameter output unit is connected with the instruction distribution unit to output configuration instruction information to the monitoring equipment management unit, and judging whether the configuration operation is correct includes: judging whether the parameters that are not allowed to be repeated in the modified parameters are related to another monitoring equipment. The configuration parameters are repeated, and whether the parameters are optimally configured and whether the configuration between the associated parameters is correct. 5.如权利要求4所述的监控系统,其特征在于,所述验证单元包括鉴权验证模块和鉴权反馈模块,所述鉴权验证模块用于用户认证和查询所述数据库服务器中存储的用户数据,所述鉴权反馈模块用于反馈用户所属的等级权限及关联关系信息,所述鉴权验证模块包括鉴权服务器,所述鉴权反馈模块与所述鉴权服务器相连。5. The monitoring system according to claim 4, wherein the verification unit comprises an authentication verification module and an authentication feedback module, and the authentication verification module is used for user authentication and inquiries stored in the database server. User data, the authentication feedback module is used to feed back the level authority and association relationship information to which the user belongs, the authentication verification module includes an authentication server, and the authentication feedback module is connected to the authentication server. 6.如权利要求5所述的监控系统,其特征在于,所述智能报警单元根据配置的自定义报警规则,实现针对不同监控设备的监控内容的监控结果进行差异化处理。6 . The monitoring system according to claim 5 , wherein the intelligent alarm unit implements differential processing for monitoring results of monitoring contents of different monitoring devices according to the configured self-defined alarm rules. 7 . 7.一种监控系统配置方法,其特征在于,具体包括:7. A monitoring system configuration method, characterized in that, specifically comprising: S1:系统启动后,所述指令分配单元中的信息监听模块对服务进程和线路运行情况进行监听,并根据所述自定义报警规则配置模块配置的自定义报警规则对监听信息进行处理后将处理结果发送至所述自动报警模块实现不同监控设备和监控对象的监控内容的监控结果进行差异化处理;S1: after the system is started, the information monitoring module in the instruction distribution unit monitors the service process and the line operation, and processes the monitoring information according to the self-defined alarm rules configured by the self-defined alarm rule configuration module. The results are sent to the automatic alarm module to implement differential processing of the monitoring results of the monitoring contents of different monitoring devices and monitoring objects; S2:所述监控参数获取模块的通信单元根据网络通讯协议建立通讯链路,所述数据加密模块采用基于量子加解密的方法为在所述通讯链路上传输的数据进行加解密,然后通过所述通讯链路建立与所述若干个前端监控子单元之间的连接,由所述解码单元采集并解析监控数据和子监控设备的各个监控参数,并将采集数据根据配置服务所设置的参数标准发送给所述指令分配单元的数据处理模块,所述数据处理模块接收所述自动报警模块的反馈信息并通过所述指令分配模块分配配置信息,同时通过所述参数配置模块进行参数判别和输出;S2: the communication unit of the monitoring parameter acquisition module establishes a communication link according to the network communication protocol, and the data encryption module adopts a method based on quantum encryption and decryption to encrypt and decrypt the data transmitted on the communication link, and then through the The communication link establishes a connection with the several front-end monitoring sub-units, and the decoding unit collects and parses the monitoring data and each monitoring parameter of the sub-monitoring equipment, and sends the collected data according to the parameter standard set by the configuration service. To the data processing module of the instruction distribution unit, the data processing module receives the feedback information of the automatic alarm module and distributes configuration information through the instruction distribution module, and simultaneously performs parameter discrimination and output through the parameter configuration module; S3:当用户对参数数据进行修改时,根据所述权限设定单元设定的管理等级权限、信息通讯权限和各功能子模块与用户之间的关联映射关系,通过所述验证单元进行用户认证和权限确认;S3: when the user modifies the parameter data, according to the management level authority set by the authority setting unit, the information communication authority and the associated mapping relationship between each functional sub-module and the user, user authentication is performed by the verification unit and permission confirmation; S4:所述监控设备管理单元接收到输出参数和配置信息后,通过建立的无线链路向各设备控制网关广播发送配置指令,并将所述各设备控制网关的基本信息和与之相连接的合法监控设备的参数更新记录存储至所述数据存储单元,通过各设备控制网关对所述合法监控设备进行控制,所述各设备控制网关对所述配置指令执行进行反馈,由所述设备合法性验证单元根据合法性判别规则判断各监控设备是否合法,若合法则与监控设备相连的所述设备控制网关仅反馈参数更新信息和所述设备控制网关的唯一标识,否则将所述设备控制网关的唯一标识和非法信息以帧格式信息反馈至所述监控设备管理单元;S4: After the monitoring device management unit receives the output parameters and configuration information, it broadcasts and sends configuration instructions to each device control gateway through the established wireless link, and sends the basic information of each device control gateway and the connected devices to it. The parameter update record of the legal monitoring device is stored in the data storage unit, and the legal monitoring device is controlled by each device control gateway, and each device control gateway provides feedback on the execution of the configuration instruction, and the legal The verification unit judges whether each monitoring device is legal according to the legality judging rule. If it is legal, the device control gateway connected to the monitoring device only feeds back the parameter update information and the unique identifier of the device control gateway. The unique identification and illegal information are fed back to the monitoring equipment management unit in frame format; S5:所述监控设备管理单元将接收到的监控信息发送至所述数据处理模块,所述数据处理模块对所述监控信息对应的前端监控子单元对应信息进行增、删、改、查操作。S5: The monitoring equipment management unit sends the received monitoring information to the data processing module, and the data processing module performs addition, deletion, modification, and query operations on the corresponding information of the front-end monitoring subunit corresponding to the monitoring information. 8.如权利要求7所述的监控系统配置方法,其特征在于,所述基于量子加解密的方法包括:获取数据发送方发送的TCP数据包或UDP数据包的数据部分;根据量子密钥分配系统分发的量子密钥利用流加密算法生成加密密钥对发送数据进行加密;并计算经过量子加密后TCP数据包或UDP数据包的校验和获得IP数据报的数据部分;然后对IP数据报的首部进行调整,将首部信息和所述IP数据报的数据部分封装成IP数据报完成加密;接收方根据IP数据报的源地址和量子密钥的解密密钥对IP数据报中TCP数据包或UDP数据包的数据部分进行解密;计算解密后TCP数据包或UDP数据包的校验和获得解密后的IP数据报的数据部分,得到解密后的数据信息。8. The monitoring system configuration method according to claim 7, wherein the method based on quantum encryption and decryption comprises: obtaining the data part of the TCP data packet or the UDP data packet sent by the data sender; according to the quantum key distribution The quantum key distributed by the system uses the stream encryption algorithm to generate the encryption key to encrypt the sent data; and calculate the checksum of the TCP data packet or UDP data packet after quantum encryption to obtain the data part of the IP datagram; The header is adjusted, and the header information and the data part of the IP datagram are encapsulated into an IP datagram to complete encryption; the receiver encrypts the TCP data packets in the IP datagram according to the source address of the IP datagram and the decryption key of the quantum key. Or decrypt the data part of the UDP data packet; calculate the checksum of the decrypted TCP data packet or the UDP data packet to obtain the data part of the decrypted IP datagram, and obtain the decrypted data information.
CN202011243034.5A 2020-11-09 2020-11-09 Monitoring system and monitoring system configuration method Active CN112383531B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011243034.5A CN112383531B (en) 2020-11-09 2020-11-09 Monitoring system and monitoring system configuration method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011243034.5A CN112383531B (en) 2020-11-09 2020-11-09 Monitoring system and monitoring system configuration method

Publications (2)

Publication Number Publication Date
CN112383531A true CN112383531A (en) 2021-02-19
CN112383531B CN112383531B (en) 2022-10-18

Family

ID=74579200

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011243034.5A Active CN112383531B (en) 2020-11-09 2020-11-09 Monitoring system and monitoring system configuration method

Country Status (1)

Country Link
CN (1) CN112383531B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113064797A (en) * 2021-04-22 2021-07-02 平安国际智慧城市科技股份有限公司 Front-end monitoring method and device, electronic equipment and storage medium
CN113434380A (en) * 2021-07-06 2021-09-24 湖南方心科技股份有限公司 Data center system and processing method of intelligent computing autonomous controllable ICT equipment
CN114708116A (en) * 2022-03-11 2022-07-05 哈尔滨圣昌科技开发有限公司 An intelligent processing system for pipe network monitoring
CN115934043A (en) * 2023-01-04 2023-04-07 广州佰瑞医药有限公司 PHP-based high-efficiency MVC framework
CN118644182A (en) * 2024-06-11 2024-09-13 北京亿家老小科技有限公司 Medical device inventory intelligent allocation and supervision system based on the Internet of Things
CN114708116B (en) * 2022-03-11 2025-04-04 哈尔滨圣昌科技开发有限公司 A pipe network monitoring intelligent processing system

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1798030A (en) * 2004-12-27 2006-07-05 上海自来水市北科技有限公司 Transmission terminal for dedicated data
CN1913461A (en) * 2006-08-30 2007-02-14 北京天地互连信息技术有限公司 Remote vedio monitoring system based on next generation interconnection network and its implementing method
CN102053610A (en) * 2010-12-24 2011-05-11 深圳市天维尔通讯技术有限公司 Intelligent operation and maintenance method and system aiming at automatic monitoring systems
CN103023993A (en) * 2012-11-28 2013-04-03 青岛双瑞海洋环境工程股份有限公司 Enterprise information system based on cloud computing
US20160050224A1 (en) * 2014-08-13 2016-02-18 Palantir Technologies Inc. Unwanted tunneling alert system
CN205949039U (en) * 2016-06-16 2017-02-15 北京考利特电器设备有限责任公司 Coal pulverizer remote monitoring system
US20180267702A1 (en) * 2004-03-16 2018-09-20 Icontrol Networks, Inc. Networked touchscreen with integrated interfaces
CN108600236A (en) * 2018-04-28 2018-09-28 张红彬 Video surveillance network intelligent information safety integrated management system
CN111768589A (en) * 2020-05-08 2020-10-13 西安电子科技大学 Water monitoring and alarm control method, system, storage medium, program, terminal
US10826945B1 (en) * 2019-06-26 2020-11-03 Syniverse Technologies, Llc Apparatuses, methods and systems of network connectivity management for secure access

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180267702A1 (en) * 2004-03-16 2018-09-20 Icontrol Networks, Inc. Networked touchscreen with integrated interfaces
CN1798030A (en) * 2004-12-27 2006-07-05 上海自来水市北科技有限公司 Transmission terminal for dedicated data
CN1913461A (en) * 2006-08-30 2007-02-14 北京天地互连信息技术有限公司 Remote vedio monitoring system based on next generation interconnection network and its implementing method
CN102053610A (en) * 2010-12-24 2011-05-11 深圳市天维尔通讯技术有限公司 Intelligent operation and maintenance method and system aiming at automatic monitoring systems
CN103023993A (en) * 2012-11-28 2013-04-03 青岛双瑞海洋环境工程股份有限公司 Enterprise information system based on cloud computing
US20160050224A1 (en) * 2014-08-13 2016-02-18 Palantir Technologies Inc. Unwanted tunneling alert system
CN205949039U (en) * 2016-06-16 2017-02-15 北京考利特电器设备有限责任公司 Coal pulverizer remote monitoring system
CN108600236A (en) * 2018-04-28 2018-09-28 张红彬 Video surveillance network intelligent information safety integrated management system
US10826945B1 (en) * 2019-06-26 2020-11-03 Syniverse Technologies, Llc Apparatuses, methods and systems of network connectivity management for secure access
CN111768589A (en) * 2020-05-08 2020-10-13 西安电子科技大学 Water monitoring and alarm control method, system, storage medium, program, terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭瑞等: "《综合监控系统中配置自动更新软件的设计》", 《现代城市轨道交通》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113064797A (en) * 2021-04-22 2021-07-02 平安国际智慧城市科技股份有限公司 Front-end monitoring method and device, electronic equipment and storage medium
CN113434380A (en) * 2021-07-06 2021-09-24 湖南方心科技股份有限公司 Data center system and processing method of intelligent computing autonomous controllable ICT equipment
CN113434380B (en) * 2021-07-06 2022-04-08 方心科技股份有限公司 Data center system and processing method of intelligent computing autonomous controllable ICT equipment
CN114708116A (en) * 2022-03-11 2022-07-05 哈尔滨圣昌科技开发有限公司 An intelligent processing system for pipe network monitoring
CN114708116B (en) * 2022-03-11 2025-04-04 哈尔滨圣昌科技开发有限公司 A pipe network monitoring intelligent processing system
CN115934043A (en) * 2023-01-04 2023-04-07 广州佰瑞医药有限公司 PHP-based high-efficiency MVC framework
CN115934043B (en) * 2023-01-04 2024-03-15 广州佰瑞医药有限公司 PHP-based high-efficiency MVC framework
CN118644182A (en) * 2024-06-11 2024-09-13 北京亿家老小科技有限公司 Medical device inventory intelligent allocation and supervision system based on the Internet of Things

Also Published As

Publication number Publication date
CN112383531B (en) 2022-10-18

Similar Documents

Publication Publication Date Title
CN112383531B (en) Monitoring system and monitoring system configuration method
CN110996318A (en) Safety communication access system of intelligent inspection robot of transformer substation
TWI581599B (en) Key generation system, data signature and encryption system and method
CN112071320B (en) Intelligent equipment voice control system and method
SG178015A1 (en) Encryption key distribution system
CN112532580B (en) Data transmission method and system based on block chain and proxy re-encryption
CN109151508A (en) A kind of video encryption method
CN113595735A (en) Supervised privacy protection block chain crossing system based on CP-ABE
WO2018233035A1 (en) Encryption method and system for internet of things data transmission
CN110493222A (en) A kind of power automation terminal remote management method and system
CN113259347A (en) Equipment safety system and equipment behavior management method in industrial Internet
CN106789092A (en) Cipher key transmission methods, cipher key delivery device, server and communication equipment
CN105612723A (en) Method and device for distributing traffic by using plurality of network interfaces in wireless communication system
KR20190037088A (en) Security Device providing Security function for image, Camera Device having the same and System on Chip controlling Camera Device
CN112235308A (en) Data transmission method and system for industrial equipment with different communication protocols
CN114143050B (en) Video data encryption system
CN116866090B (en) Network security management system and network security management method of industrial control network
CN112398642B (en) Updating method of quantum key distribution network equipment and related server
JP3813147B2 (en) MMS-based system and method for monitoring traffic violations
US11979491B2 (en) Transmission of secure information in a content distribution network
CN101242453B (en) A transmission method and system for dual-audio multi-frequency signal
CN114679601B (en) Signal push method and device
JP2024058572A (en) Cross-domain secure connection transfer method
CN116319993A (en) Security business service request access system, method, device and equipment
CN111970301B (en) Container cloud platform safety communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20210219

Assignee: Wenzhou Tinglei Information Technology Co.,Ltd.

Assignor: Big data and Information Technology Research Institute of Wenzhou University

Contract record no.: X2024980000592

Denomination of invention: A monitoring system and its configuration method

Granted publication date: 20221018

License type: Common License

Record date: 20240112

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20210219

Assignee: ZHEJIANG RISESUN SCIENCE AND TECHNOLOGY Co.,Ltd.

Assignor: Big data and Information Technology Research Institute of Wenzhou University

Contract record no.: X2025330000036

Denomination of invention: A monitoring system and its configuration method

Granted publication date: 20221018

License type: Common License

Record date: 20250224

EE01 Entry into force of recordation of patent licensing contract