WO2016166511A1 - Improvements in or relating to perimeter monitoring and perimeter monitoring systems - Google Patents

Improvements in or relating to perimeter monitoring and perimeter monitoring systems Download PDF

Info

Publication number
WO2016166511A1
WO2016166511A1 PCT/GB2016/050924 GB2016050924W WO2016166511A1 WO 2016166511 A1 WO2016166511 A1 WO 2016166511A1 GB 2016050924 W GB2016050924 W GB 2016050924W WO 2016166511 A1 WO2016166511 A1 WO 2016166511A1
Authority
WO
WIPO (PCT)
Prior art keywords
monitoring
module
command module
communication network
monitoring information
Prior art date
Application number
PCT/GB2016/050924
Other languages
French (fr)
Inventor
Richard BENFIELD
Original Assignee
Crh Fencing & Security Group (Uk) Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Crh Fencing & Security Group (Uk) Ltd filed Critical Crh Fencing & Security Group (Uk) Ltd
Publication of WO2016166511A1 publication Critical patent/WO2016166511A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23895Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
    • H04N7/181Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast for receiving images from a plurality of remote sources

Definitions

  • Examples of the present disclosure relate to perimeter monitoring and to perimeter monitoring systems.
  • Perimeter monitoring systems are used in a wide variety of situations, for example to monitor perimeter fences in order to detect an actual or attempted unauthorised breach of the perimeter. This may be from outside the perimeter fence into the fenced area (in the case of a secured location), or from inside the perimeter fence to the outside (in the case of a prison or other detention facility). Monitoring devices may be used to detect mechanical interference, vibration, movement, heat, sound or other characteristic of an actual or attempted breach. When something is detected, the monitoring devices may be used to report to a command location in order to allow appropriate action to be taken.
  • perimeter monitoring systems are themselves likely to be the target of actual or attempted interference, intended to disable or disrupt their proper functioning.
  • Certain examples of the present disclosure provide a perimeter monitoring system comprising:
  • At least one monitoring device operable to collect monitoring information, during use,
  • the system is configured to provide the command module with encrypted communication of monitoring information, by means of the communication network.
  • the system may comprise at least one secondary module operable to collect monitoring information from monitoring devices associated with the secondary module, and to deliver monitoring information to the command module in encrypted form, by means of the communication network.
  • the or each secondary module may be operable to encrypt monitoring information prior to delivering the encrypted information to the command module by means of the communication network.
  • the secondary module may be operable to process monitoring information collected from monitoring devices, and to encrypt the processed monitoring information before forwarding to the command module by means of the communication network.
  • the secondary module may be operable to encrypt audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
  • the command module may be operable to encrypt commands for the or each secondary module and to deliver encrypted commands to the or each secondary module by means of the communication network.
  • the modules may be operable to provide encrypted communication based on encryption keys and/or digital certificates.
  • the modules may be operable to encrypt by an AES encryption algorithm and/or a TLS encryption protocol.
  • Certain examples of the present disclosure provide a command module for a monitoring system as defined above, the command module being operable to receive encrypted monitoring information over the communication network and configured to decrypt the monitoring information for processing.
  • the command module may be configured to encrypt commands and to deliver encrypted commands by means of the communication network.
  • the command module may be configured to send and/or receive encrypted communications based on encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
  • Certain examples of the present disclosure provide a secondary module for a monitoring system as defined above. Certain examples of the present disclosure provide a method of perimeter monitoring, in which:
  • At least one monitoring device is provided, operable in use to collect monitoring information
  • At least one secondary module may be used to collect monitoring information from monitoring devices associated with the secondary module and to deliver monitoring information to the command module in encrypted form, by means of the communication network.
  • the or each secondary module may be operable to encrypt monitoring information prior to delivering the encrypted information to the command module by means of the communication network.
  • the secondary module may be operable to process monitoring information collected from monitoring devices, and to encrypt the processed monitoring information before forwarding to the command module by means of the communication network.
  • the secondary module may be operable to encrypt audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
  • the command module may be operable to encrypt commands for the or each secondary module and to deliver encrypted commands to the or each secondary module by means of the communication network.
  • the modules may be operable to provide encrypted communication based on encryption keys and/or digital certificates.
  • the modules may be operable to encrypt by an AES encryption algorithm and/or a TLS encryption protocol.
  • Certain examples of the present disclosure provide a method of perimeter monitoring in a monitoring system as defined above, in which a command module is used to receive encrypted monitoring information and to decrypt the monitoring information for processing.
  • the command module may be used to encrypt commands and to deliver encrypted commands by means of the communication network.
  • the command module may be used to send and/or receive encrypted communications based on encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
  • Certain examples of the present disclosure provide a method of perimeter monitoring in a monitoring system as defined above, in which a secondary module is used:
  • Fig 1 is a schematic diagram of a perimeter monitoring system in accordance with one example of the present disclosure.
  • Fig 2 is a simplified flow diagram indicating steps which are effected within the system of Fig 1 .
  • Fig 1 illustrates a perimeter monitoring system 10.
  • the monitoring system 10 includes a command module 12. There is at least one monitoring device 14 operable to collect monitoring information, during use.
  • a communication network 16 connects the command module 12 for receipt of monitoring information from the monitoring device or devices 14.
  • the system 10 is configured, as will be described, to provide the command module 12 with encrypted communication of monitoring information, by means of the communication network 16.
  • Fig. 1 also illustrates two secondary modules 18 within the system 10. Secondary modules
  • FIG. 1 In the example of Fig 1 , two secondary modules 18 are shown, each having a pair (as illustrated) of monitoring devices 14 associated with them. Illustration of a pair of monitoring devices 14 for each secondary module 18 is purely for simplicity in Fig 1 .
  • monitoring devices 14 could be associated with a single secondary module 18.
  • the monitoring devices 14 could be of many different forms.
  • Each of the secondary modules 18 is operable to collect monitoring information from the associated monitoring devices 14. This monitoring information may be raw data or raw signals from sensors, or may have been processed within the monitoring devices 14, such as to produce a digital signal to the secondary module 18. Monitoring information is received from the monitoring devices 14 over connections 22.
  • the secondary modules 18 act as local collection points for monitoring information.
  • each secondary module 18 may act as a local collection point for a corresponding protection zone around a perimeter indicated in Fig 1 by a dotted line 24.
  • the secondary modules 18 may conduct some processing on the collected monitoring information. For example, they may respond to the collected monitoring information to initiate movement of a device such as a movable barrier.
  • the secondary modules 18 are able to communicate monitoring information to the command module 12, over the communication network 16. This may be the raw monitoring information which has been collected from the monitoring devices 14, or the monitoring information may have been processed within the secondary module 18, for example to combine various information into a standard message packet.
  • the raw or processed monitoring information is sent over the connection 26, through the communication network 16, being delivered to the command module 12 at the connection 28.
  • Each secondary module 18 includes an encryption component 30, which may be software-controlled, or provided in an alternative manner.
  • the purpose of the encryption component 30 is to encrypt the output of the secondary module 18 which is sent to the command module 12. That is, the collected monitoring information, whether raw or processed, is encrypted by the encryption component 30 of the secondary module 18, before being sent to the command module 12 by means of the communication network 16. Therefore, the encrypted information sent to the command module 12 from the secondary module 18 may be raw or processed monitoring information, such as sensor outputs or audio signals received from monitoring devices 14.
  • the command module 12 is connected to the communication network 16 by the connection 28, as noted above.
  • the command module 12 includes a decryption component 32 which is able to receive encrypted information from the secondary modules 18, and to decrypt the received information to allow for further processing within the command module 12. Processing by the command module 12 allows alarms to be generated, or remedial action to be initiated, such as barriers being closed.
  • the component 32 may be an encryption/decryption component, thus allowing the command module 12 to send to the secondary module 18 in encrypted form.
  • the command module 12 may be configured to create commands for the secondary modules 18, encrypt the commands, and deliver the encrypted commands to the secondary modules 18, by means of the communication network 16.
  • the communication network 16 can be implemented in many different technologies to provide for communication between the command module 12 and the secondary modules 18.
  • One example technology is an Ethernet network connecting the command module 12 and the secondary modules 18.
  • I P Internet Protocol
  • a E S Advanced Encryption Standard
  • T L S Transport Layer Security
  • AES encryption algorithms follow an encryption specification first defined by the US National Institute of Standards and Technology in 2001 .
  • T L S encryption protocols are also well-known in themselves for secure data transmission based on encryption keys and digital certificates. Other forms of data encryption could be envisaged and used within the communication network 16.
  • the purpose of using encryption within the communication network 16 is to ensure that the integrity of the system 10 cannot be compromised by a third party making an unauthorised connection with the communication network 16, or with the command module 12 or one of the secondary modules 18, through the communication network 16. Consequently, the system being described is expected to provide adequate security to prevent any data or other information which is moving on the communication network 16 from being seen, manipulated and/or blocked.
  • Fig. 2 is a high level flow diagram of steps which are executed in the system 10.
  • the monitoring devices 14 are used to generate monitoring information (step 34). This monitoring information may report incidents and/or confirm an absence of incidents.
  • Monitoring information generated by the monitoring devices 14 is collected (step 36) by the corresponding secondary modules 18 and then encrypted (step 38) by the encryption component 30 of the secondary module 18.
  • the encrypted monitoring information is sent from the secondary module 18 to the command module 12 (step 40). This transmission takes place over the communication network 16 and the encrypted monitoring information is received at the command module 12 (step 42).
  • the decryption component 32 of the command module 12 decrypts the monitoring information (step 44), allowing the command module 12 to process the decrypted monitoring information (step 46).
  • the command module 12 may create commands in response to the decrypted monitoring information (step 48), and if so, these commands are encrypted (step 50) by the component 32, before being dispatched (step 52) to the secondary modules 18, by means of the communication network 16.
  • these commands are sent from the command module 12, they are received at the secondary modules 18 and decrypted by the component 30, serving in this example as an encryption/decryption component.
  • the decrypted command can then be used by the secondary module 18, for example to modify the operation of the secondary module 18 or one of the monitoring devices 14 associated with the module 18.
  • monitoring devices 14 could be used, depending on the nature of the parameters which are to be detected, and the manner in which they are to be detected.
  • the command and secondary modules can be implemented in many different technologies, one example of which is based on appropriate software control of a general-purpose computing device.
  • the communication network 16 has been described as an Ethernet network, and other alternatives exist.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Examples of the present disclosure relate to perimeter monitoring and to perimeter monitoring systems. Certain examples provide a perimeter monitoring system comprising: a command module; at least one monitoring device configured to collect monitoring information; a communication network connecting the command module for receipt of monitoring information from the at least one monitoring device; and wherein the system is configured to provide the command module with encrypted communication of monitoring information, by means of the communication network.

Description

Improvements in or relating to perimeter monitoring and
perimeter monitoring systems
Examples of the present disclosure relate to perimeter monitoring and to perimeter monitoring systems.
Perimeter monitoring systems are used in a wide variety of situations, for example to monitor perimeter fences in order to detect an actual or attempted unauthorised breach of the perimeter. This may be from outside the perimeter fence into the fenced area (in the case of a secured location), or from inside the perimeter fence to the outside (in the case of a prison or other detention facility). Monitoring devices may be used to detect mechanical interference, vibration, movement, heat, sound or other characteristic of an actual or attempted breach. When something is detected, the monitoring devices may be used to report to a command location in order to allow appropriate action to be taken.
In view of their purpose, perimeter monitoring systems are themselves likely to be the target of actual or attempted interference, intended to disable or disrupt their proper functioning.
The present invention is as set out in the independent claims.
Certain examples of the present disclosure provide a perimeter monitoring system comprising:
a command module;
at least one monitoring device operable to collect monitoring information, during use,
and a communication network connecting the command module for receipt of monitoring information from the monitoring device or devices;
wherein the system is configured to provide the command module with encrypted communication of monitoring information, by means of the communication network. The system may comprise at least one secondary module operable to collect monitoring information from monitoring devices associated with the secondary module, and to deliver monitoring information to the command module in encrypted form, by means of the communication network. The or each secondary module may be operable to encrypt monitoring information prior to delivering the encrypted information to the command module by means of the communication network. The secondary module may be operable to process monitoring information collected from monitoring devices, and to encrypt the processed monitoring information before forwarding to the command module by means of the communication network. The secondary module may be operable to encrypt audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
The command module may be operable to encrypt commands for the or each secondary module and to deliver encrypted commands to the or each secondary module by means of the communication network.
The modules may be operable to provide encrypted communication based on encryption keys and/or digital certificates. The modules may be operable to encrypt by an AES encryption algorithm and/or a TLS encryption protocol.
Certain examples of the present disclosure provide a command module for a monitoring system as defined above, the command module being operable to receive encrypted monitoring information over the communication network and configured to decrypt the monitoring information for processing.
The command module may be configured to encrypt commands and to deliver encrypted commands by means of the communication network. The command module may be configured to send and/or receive encrypted communications based on encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
Certain examples of the present disclosure provide a secondary module for a monitoring system as defined above. Certain examples of the present disclosure provide a method of perimeter monitoring, in which:
a command module is provided,
at least one monitoring device is provided, operable in use to collect monitoring information;
and monitoring information is provided to the command module by encrypted communication over a communication network. At least one secondary module may be used to collect monitoring information from monitoring devices associated with the secondary module and to deliver monitoring information to the command module in encrypted form, by means of the communication network. The or each secondary module may be operable to encrypt monitoring information prior to delivering the encrypted information to the command module by means of the communication network. The secondary module may be operable to process monitoring information collected from monitoring devices, and to encrypt the processed monitoring information before forwarding to the command module by means of the communication network. The secondary module may be operable to encrypt audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
The command module may be operable to encrypt commands for the or each secondary module and to deliver encrypted commands to the or each secondary module by means of the communication network.
The modules may be operable to provide encrypted communication based on encryption keys and/or digital certificates. The modules may be operable to encrypt by an AES encryption algorithm and/or a TLS encryption protocol. Certain examples of the present disclosure provide a method of perimeter monitoring in a monitoring system as defined above, in which a command module is used to receive encrypted monitoring information and to decrypt the monitoring information for processing. The command module may be used to encrypt commands and to deliver encrypted commands by means of the communication network. The command module may be used to send and/or receive encrypted communications based on encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
Certain examples of the present disclosure provide a method of perimeter monitoring in a monitoring system as defined above, in which a secondary module is used:
to collect monitoring information from one or more monitoring devices associated with the secondary module,
and to encrypt the monitoring information,
and to forward the encrypted monitoring information for receipt by a command module. Examples of the present disclosure will now be described in more detail, by way of example only, and with reference to the accompanying drawings, in which:
Fig 1 is a schematic diagram of a perimeter monitoring system in accordance with one example of the present disclosure; and
Fig 2 is a simplified flow diagram indicating steps which are effected within the system of Fig 1 .
Overview
Fig 1 illustrates a perimeter monitoring system 10. The monitoring system 10 includes a command module 12. There is at least one monitoring device 14 operable to collect monitoring information, during use. A communication network 16 connects the command module 12 for receipt of monitoring information from the monitoring device or devices 14. The system 10 is configured, as will be described, to provide the command module 12 with encrypted communication of monitoring information, by means of the communication network 16.
Fig. 1 also illustrates two secondary modules 18 within the system 10. Secondary modules
The use of secondary modules 18 is illustrated in Fig 1 , and will now be described in more detail. However, it is to be understood that other arrangements may be made for allowing monitoring information to reach the command module 12, as will be indicated below.
In the example of Fig 1 , two secondary modules 18 are shown, each having a pair (as illustrated) of monitoring devices 14 associated with them. Illustration of a pair of monitoring devices 14 for each secondary module 18 is purely for simplicity in Fig 1 .
A different number of monitoring devices 14 could be associated with a single secondary module 18. The monitoring devices 14 could be of many different forms.
Here, one device 14 of each pair is schematically illustrated as a sensor wire; the other device 14 of each pair is schematically illustrated as a microphone. Many different forms of sensor transducer could alternatively be used alone or in various combinations, according to the nature of the perimeter being monitored, and the expected nature of any threats to the perimeter. Each of the secondary modules 18 is operable to collect monitoring information from the associated monitoring devices 14. This monitoring information may be raw data or raw signals from sensors, or may have been processed within the monitoring devices 14, such as to produce a digital signal to the secondary module 18. Monitoring information is received from the monitoring devices 14 over connections 22. The secondary modules 18 act as local collection points for monitoring information. For example, each secondary module 18 may act as a local collection point for a corresponding protection zone around a perimeter indicated in Fig 1 by a dotted line 24. The secondary modules 18 may conduct some processing on the collected monitoring information. For example, they may respond to the collected monitoring information to initiate movement of a device such as a movable barrier. The secondary modules 18 are able to communicate monitoring information to the command module 12, over the communication network 16. This may be the raw monitoring information which has been collected from the monitoring devices 14, or the monitoring information may have been processed within the secondary module 18, for example to combine various information into a standard message packet. The raw or processed monitoring information is sent over the connection 26, through the communication network 16, being delivered to the command module 12 at the connection 28. Each secondary module 18 includes an encryption component 30, which may be software-controlled, or provided in an alternative manner. The purpose of the encryption component 30 is to encrypt the output of the secondary module 18 which is sent to the command module 12. That is, the collected monitoring information, whether raw or processed, is encrypted by the encryption component 30 of the secondary module 18, before being sent to the command module 12 by means of the communication network 16. Therefore, the encrypted information sent to the command module 12 from the secondary module 18 may be raw or processed monitoring information, such as sensor outputs or audio signals received from monitoring devices 14.
Command module
The command module 12 is connected to the communication network 16 by the connection 28, as noted above. The command module 12 includes a decryption component 32 which is able to receive encrypted information from the secondary modules 18, and to decrypt the received information to allow for further processing within the command module 12. Processing by the command module 12 allows alarms to be generated, or remedial action to be initiated, such as barriers being closed.
In this example, the component 32 may be an encryption/decryption component, thus allowing the command module 12 to send to the secondary module 18 in encrypted form. For example, the command module 12 may be configured to create commands for the secondary modules 18, encrypt the commands, and deliver the encrypted commands to the secondary modules 18, by means of the communication network 16.
Communication network and encryption
The communication network 16 can be implemented in many different technologies to provide for communication between the command module 12 and the secondary modules 18. One example technology is an Ethernet network connecting the command module 12 and the secondary modules 18.
Many different encryption algorithms and/or protocols can be used for communication between the command module 12 and the secondary modules 18. One example is an encrypted Internet Protocol (I P) connection, which may be based on an Advanced Encryption Standard (A E S) encryption algorithm, or a Transport Layer Security (T L S) encryption protocol. AES encryption algorithms follow an encryption specification first defined by the US National Institute of Standards and Technology in 2001 . T L S encryption protocols are also well-known in themselves for secure data transmission based on encryption keys and digital certificates. Other forms of data encryption could be envisaged and used within the communication network 16.
The purpose of using encryption within the communication network 16 is to ensure that the integrity of the system 10 cannot be compromised by a third party making an unauthorised connection with the communication network 16, or with the command module 12 or one of the secondary modules 18, through the communication network 16. Consequently, the system being described is expected to provide adequate security to prevent any data or other information which is moving on the communication network 16 from being seen, manipulated and/or blocked. Method of operation of the system
Fig. 2 is a high level flow diagram of steps which are executed in the system 10. When the system 10 is in use, the monitoring devices 14 are used to generate monitoring information (step 34). This monitoring information may report incidents and/or confirm an absence of incidents. Monitoring information generated by the monitoring devices 14 is collected (step 36) by the corresponding secondary modules 18 and then encrypted (step 38) by the encryption component 30 of the secondary module 18. After encryption, the encrypted monitoring information is sent from the secondary module 18 to the command module 12 (step 40). This transmission takes place over the communication network 16 and the encrypted monitoring information is received at the command module 12 (step 42). The decryption component 32 of the command module 12 decrypts the monitoring information (step 44), allowing the command module 12 to process the decrypted monitoring information (step 46).
Optionally, the command module 12 may create commands in response to the decrypted monitoring information (step 48), and if so, these commands are encrypted (step 50) by the component 32, before being dispatched (step 52) to the secondary modules 18, by means of the communication network 16. When encrypted commands are sent from the command module 12, they are received at the secondary modules 18 and decrypted by the component 30, serving in this example as an encryption/decryption component. The decrypted command can then be used by the secondary module 18, for example to modify the operation of the secondary module 18 or one of the monitoring devices 14 associated with the module 18.
Concluding remarks Many variations and modifications can be made to the apparatus described above, without departing from the scope of the present invention.
For example, many different types of monitoring devices 14 could be used, depending on the nature of the parameters which are to be detected, and the manner in which they are to be detected. Many alternatives exist for making connections between the monitoring devices 14 and the secondary modules 18. The command and secondary modules can be implemented in many different technologies, one example of which is based on appropriate software control of a general-purpose computing device. Many different encryption protocols and algorithms exist, as noted above, and an appropriate choice can be made for use within the communication network 16, according to the level of security which is required by the intended application of the system 10. The communication network 16 has been described as an Ethernet network, and other alternatives exist.
Whilst endeavouring in the foregoing specification to draw attention to those features of the invention believed to be of particular importance it should be understood that the Applicant claims protection in respect of any patentable feature or combination of features hereinbefore referred to and/or shown in the drawings whether or not particular emphasis has been placed thereon.

Claims

CLAIMS:
1 . A perimeter monitoring system comprising:
a command module;
at least one monitoring device configured to collect monitoring information; a communication network connecting the command module for receipt of monitoring information from the at least one monitoring device; and
wherein the system is configured to provide the command module with encrypted communication of monitoring information, by means of the communication network.
2. The perimeter monitoring system of claim 1 , comprising at least one secondary module configured to collect monitoring information from monitoring devices associated with the secondary module, and to deliver monitoring information to the command module in encrypted form, by means of the communication network.
3. The perimeter monitoring system of claim 2, wherein the at least one secondary module is configured to encrypt monitoring information prior to delivering the encrypted information to the command module by means of the communication network.
4. The perimeter monitoring system of claim 2 or 3, wherein the at least one secondary module is configured to process monitoring information collected from monitoring devices, and to encrypt the processed monitoring information before forwarding to the command module by means of the communication network.
5. The perimeter monitoring system of any one or more of claims 2 to 4, wherein the at least one secondary module is configured to encrypt audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
6. The perimeter monitoring system of any one or more of claims 2 to 5, wherein the command module is configured to encrypt commands for the at least one secondary module and to deliver encrypted commands to the at least one secondary module by means of the communication network.
7. The perimeter monitoring system of any one or more of the previous claims, wherein the modules are configured to provide encrypted communication based on encryption keys and/or digital certificates.
8. The perimeter monitoring system of any one or more of the previous claims, wherein the modules are configured to encrypt by an AES encryption algorithm and/or a TLS encryption protocol.
9. A command module for a perimeter monitoring system as claimed in any one or more of previous 1 to 8, wherein the command module is configured to receive encrypted monitoring information over the communication network and configured to decrypt the monitoring information for processing.
10. The command module of claim 9, wherein the command module is configured to encrypt commands and to deliver encrypted commands by means of the communication network.
1 1 . The command module of claim 9 or 10, wherein the command module is configured to send and/or receive encrypted communications based on: encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
12. A secondary module for a perimeter monitoring system as claimed in any one or more of previous 1 to 8.
13. A method of perimeter monitoring, comprising:
providing a command module,
providing at least one monitoring device configured to collect monitoring information; and providing monitoring information to the command module by encrypted communication over a communication network.
14. The method of claim 13, further comprising providing at least one secondary module configured to collect monitoring information from monitoring devices associated with the secondary module and to deliver monitoring information to the command module in encrypted form, by means of the communication network.
15. The method of claim 14, wherein the at least one secondary module encrypts monitoring information prior to delivering the encrypted information to the command module by means of the communication network.
16. The method of claim 14 or 15, wherein the at least one secondary module processes monitoring information collected from monitoring devices, and encrypts the processed monitoring information before forwarding to the command module by means of the communication network.
17. The method of any one or more of claims 14 to 16, wherein the at least one secondary module encrypts audio signals received from monitoring devices, before forwarding to the command module by means of the communication network.
18. The method of any one or more of claims 14 to 17, wherein the command module encrypts commands for the at least one secondary module and delivers encrypted commands to the at least one secondary module by means of the communication network.
19. The method of any one or more of claims 14 to 18, wherein the modules provide encrypted communication based on encryption keys and/or digital certificates.
20. The method of any one or more of claims 14 to 19, wherein the modules encrypt by an AES encryption algorithm and/or a TLS encryption protocol.
21 . A method of perimeter monitoring in a monitoring system as claim in any one or more of claims 1 to 8, the method comprising:
using a command module to receive encrypted monitoring information and decrypt the monitoring information for processing.
22. The method of claim 21 , further comprising: using the command module to encrypt commands and to deliver encrypted commands by means of the communication network.
23. The method of claim 22, further comprising using the command module to send and/or receive encrypted communications based on encryption keys and/or digital certificates and/or an AES encryption algorithm and/or a TLS encryption protocol.
24. A method of perimeter monitoring in a monitoring system as claimed in any of claims 1 to 8, in which a secondary module is used:
to collect monitoring information from one or more monitoring devices associated with the secondary module,
to encrypt the monitoring information, and
to forward the encrypted monitoring information for receipt by a command module.
PCT/GB2016/050924 2015-04-14 2016-04-01 Improvements in or relating to perimeter monitoring and perimeter monitoring systems WO2016166511A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB1506293.8A GB201506293D0 (en) 2015-04-14 2015-04-14 Improvements in or relating to perimeter monitoring and perimeter monitoring systems
GB1506293.8 2015-04-14

Publications (1)

Publication Number Publication Date
WO2016166511A1 true WO2016166511A1 (en) 2016-10-20

Family

ID=53333738

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2016/050924 WO2016166511A1 (en) 2015-04-14 2016-04-01 Improvements in or relating to perimeter monitoring and perimeter monitoring systems

Country Status (2)

Country Link
GB (1) GB201506293D0 (en)
WO (1) WO2016166511A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060284977A1 (en) * 2005-06-21 2006-12-21 Nortel Networks Limited System and method for secure digital video
US20070091177A1 (en) * 2005-10-24 2007-04-26 The Regents Of The University Of California Remote unattended camera and computer integrated security system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060284977A1 (en) * 2005-06-21 2006-12-21 Nortel Networks Limited System and method for secure digital video
US20070091177A1 (en) * 2005-10-24 2007-04-26 The Regents Of The University Of California Remote unattended camera and computer integrated security system

Also Published As

Publication number Publication date
GB201506293D0 (en) 2015-05-27

Similar Documents

Publication Publication Date Title
JP6938702B2 (en) Hearing devices with communication protection and related methods
WO2018214719A1 (en) Dynamic safety method and system based on multi-fusion linked responses
US11209803B2 (en) Firewall system and method for establishing secured communications connections to an industrial automation system
WO2019209168A3 (en) Data processing method, related apparatus, and blockchain system
MX2014011953A (en) Detecting network intrusion using a decoy cryptographic key.
JP6807153B2 (en) Devices and related methods for secure hearing device communication
KR101519777B1 (en) Data trasmission method between controllers in a vehicle Network and data reception method between Controllers in the vehicle network
CN103475478A (en) Terminal safety protection method and equipment
CN109639438A (en) A kind of SCADA network industries information ciphering method based on digital signature
US9369447B2 (en) System and method to securely transfer data
EP3010199B1 (en) Secure remote desktop
US8793505B2 (en) Encryption processing apparatus
KR101705639B1 (en) Method for transmitting and receiving a message in a vehicle network system
WO2016166511A1 (en) Improvements in or relating to perimeter monitoring and perimeter monitoring systems
Cecchinato et al. A Secure Real-time Multimedia Streaming through Robust and Lightweight AES Encryption in UAV Networks for Operational Scenarios in Military Domain
EP3136681B1 (en) Wireless relay device, wireless communication system, and wireless communication method
CN105429755A (en) Reliable remote control system and method based on digital signature
JP2005217907A (en) Remote supervisory control system, remote supervisory control method and its program
CN111654731A (en) Key information transmission method and device, electronic equipment and computer storage medium
JP2000305621A (en) Monitoring control system using internet
CN104270752A (en) Key negotiation method and device for wireless network
JP6331638B2 (en) Communication system between control systems and communication control method
US20230336374A1 (en) Gateway and bridge devices for secure internet of things
US20240106638A1 (en) Method for securely generating and distributing symmetric keys for grouping secure communications
KR20190045761A (en) Apparatus for securing communication in autonomous vehicle and method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16715860

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16715860

Country of ref document: EP

Kind code of ref document: A1