CN102378982B - Monitoring system and communication management device - Google Patents

Monitoring system and communication management device Download PDF

Info

Publication number
CN102378982B
CN102378982B CN201080014851.1A CN201080014851A CN102378982B CN 102378982 B CN102378982 B CN 102378982B CN 201080014851 A CN201080014851 A CN 201080014851A CN 102378982 B CN102378982 B CN 102378982B
Authority
CN
China
Prior art keywords
mentioned
terminal
user
sip
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201080014851.1A
Other languages
Chinese (zh)
Other versions
CN102378982A (en
Inventor
藤沢正幸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CIKOM Co Ltd
Secom Co Ltd
Original Assignee
CIKOM Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CIKOM Co Ltd filed Critical CIKOM Co Ltd
Publication of CN102378982A publication Critical patent/CN102378982A/en
Application granted granted Critical
Publication of CN102378982B publication Critical patent/CN102378982B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Closed-Circuit Television Systems (AREA)
  • Alarm Systems (AREA)

Abstract

A communication management device (11) is connected to a plurality of terminals. The plurality of terminals are a monitoring device (15) and a user device (17). When communication between terminals is performed, a connection source terminal transmits an invitation message of SIP to the communication management device (11). The communication management device (11) is provided with a permission information storage unit (101) which stores connection permission information storing a combination of terminals which should be permitted for connection, in addition to the SIP server (37); and a permission processing unit (103) which permits a connection between terminals with reference to the connection permission information. When the SIP server (37) acquires the invitation message from the connection source terminal, if the permission processing unit (103) permits the connection between the connection source and connection destination terminals, the SIP server (37) supplies the invitation message from the connection source terminal to the connection destination terminal. Thereby, a monitoring system capable of improving the security when applying the SIP to the monitoring system is provided.

Description

Surveillance and Communications Management Units
Technical field
The present invention relates to a kind of surveillance, wherein the terminal of monitored object is connected to each other with the terminal of user side and can communicates, and the terminal of above-mentioned monitored object obtains monitor message, and the terminal of above-mentioned user side obtains monitor message and uses.
Background technology
In prior art, monitor camera is arranged to the monitored object such as shop, factory thus the surveillance of telemonitoring image is practical.Monitor that image is sent to long-range central monitoring position, and be sent to the office of the owner (owner) of monitored object.Monitor that the transmission of image uses the common public circuits (such as patent documentation 1) such as ISDN.
In recent years, universal because of the such broadband line of ADSL, FTTH, the demand realizing the supervision image in transmitting-receiving surveillance etc. on the internet increases.Cost-saving, raising system flexibility is contributed to by utilizing the Internet.
As the technology transmitting sound, image on the internet, be called that the agreement of SIP (Session InitiationProtocol: Session initiation Protocol) is known.SIP is applicable to IP phone, video conference etc.In order to be connected two places by SIP, in sip server, register the address in each place.So, the communication of SIP can be carried out between the place that have registered address.
If but SIP is applicable to surveillance, the problem of security be considered.That is, in the surveillance monitored from the image etc. of outside to monitored object, higher security is required.In contrast, in SIP, arbitrary place can be connected by registered address.Therefore, do not wish directly SIP to be applicable to surveillance from the angle of security.
Such as, suppose that monitored object is shop, the terminal in multiple shop is connected to central monitoring position.Central monitoring position is also connected to the terminal of the storekeeper in each shop.Now, the terminal that should be only limitted to corresponding storekeeper of the terminal in each shop can be connected to.
But in existing SIP, can connect between the arbitrary terminal that have registered address in sip server.As basic authentication function, sip server can carry out the certification of password and ID.But this is only limitted to the certification between terminal and sip server.If have granted the connection of terminal and sip server, then the combination between cannot limiting via the terminal of sip server.So the terminal in shop and the connection of storekeeper's terminal room also cannot be limited.Therefore, storekeeper likely obtains the monitor message in the shop outside oneself.
Patent documentation 1: Japanese Unexamined Patent Publication 2001-54102 publication
Summary of the invention
The present invention produces under above background.The object of the present invention is to provide a kind of surveillance improving security when SIP being applicable to surveillance.
A mode of the present invention is a kind of surveillance, and this surveillance has: the multiple terminals communicated to monitor message; Manage the Communications Management Units of the communication of multiple terminal, multiple terminal is separately positioned on monitored object side, or utilize the user side of the monitor message received from monitored object, its formation is, when a terminal of multiple terminal connects to other-end request, the invitation message of the SIP comprising the identifying information connecting grounding terminals is sent to Communications Management Units by this connection source terminal, and Communications Management Units has: sip server; License Info storage part, stores and connects License Info, and this connection License Info represents the combination of the terminal connected should be licensed; Permit process portion, the connection of permitting terminal room is judged whether with reference to connection License Info, when sip server obtains invitation message from connection source terminal, the identifying information of the company's grounding terminals comprised in invitation message is provided to permit process portion, when permit process portion have granted the connection of terminal room, sip server connects grounding terminals by being provided to from the invitation message connecting source terminal.
Another way of the present invention is a kind of Communications Management Units, the communication of this Communications Management Units management to multiple terminals that monitor message communicates, and Communications Management Units has: sip server; License Info storage part, stores and connects License Info, and this connection License Info represents the combination of the terminal connected should be licensed; With permit process portion, the connection of permitting terminal room is judged whether with reference to connection License Info, when sip server obtains the invitation message of the SIP of the identifying information comprised other-end from multiple terminal, permit process portion judges whether the connection of permitting terminal room according to the identifying information of the company's grounding terminals contained in invitation message, when permit process portion have granted connection, sip server connects grounding terminals by being provided to from the invitation message connecting source terminal.
As described below, there is other modes in the present invention.Therefore, of the present invention being openly intended to provides part way of the present invention, is not limited in the invention scope that this describes request.
Accompanying drawing explanation
Fig. 1 is the figure representing that the entirety of surveillance of the present invention is formed.
Fig. 2 is the block diagram of the formation of more concrete expression surveillance.
Fig. 3 is the block diagram of the main composition represented in surveillance of the present invention.
Fig. 4 is the figure of the table example representing the connection License Info stored in License Info storage part.
Fig. 5 is the figure of action when representing the communication carrying out terminal room in surveillance.
Fig. 6 represents monitoring arrangement as connection source to carry out the figure of the action of the communication of terminal room.
Fig. 7 represents user's device as connection source to carry out the figure of the action of the communication of terminal room.
Label declaration
1 surveillance
3 central monitoring positions
5 monitored objects
7 user places
11 Communications Management Units
13 center fixtures
15 monitoring arrangements
17 user's devices
VPN between 21 center terminal
23 SIP communications
25 terminal room VPN
33 http servers
35 vpn servers
37 sip servers
41 account management server
43 databases
61 controllers
63 IP line units
65,83 routers
69 multi-line adapters
73 monitor cameras
81 VPN end devices (VTE)
85 user PC
101 License Info storage parts
103 permit process portions
Embodiment
Below describe the present invention in detail.But following detailed description and accompanying drawing are not used in restriction the present invention.
The present invention is a kind of surveillance, has: the multiple terminals communicated to monitor message; Manage the Communications Management Units of the communication of multiple terminal, multiple terminal is separately positioned on monitored object side or utilizes the user side of the monitor message received from monitored object, its formation is, when a terminal of multiple terminal connects to other-end request, the invitation message of the SIP comprising the identifying information connecting grounding terminals is sent to Communications Management Units by this connection source terminal, and Communications Management Units has: sip server; License Info storage part, stores and connects License Info, and this connection License Info represents the combination of the terminal connected should be licensed; With permit process portion, with reference to connecting License Info, judge whether the connection of permitting terminal room, when sip server obtains invitation message from connection source terminal, the identifying information of the company's grounding terminals contained in invitation message is provided to permit process portion, when permit process portion have granted the connection of terminal room, sip server connects grounding terminals by being provided to from the invitation message connecting source terminal.
As mentioned above, according to the present invention, multiple terminals of surveillance are connected to the Communications Management Units with sip server.Communications Management Units also has except sip server: License Info storage part, stores and connects License Info, and this connection License Info represents the combination of the terminal connected should be licensed; With permit process portion, judge whether the connection of permitting terminal room with reference to connection License Info.In the signaling of SIP, invitation message is sent to sip server from connection source terminal.Now, in the present invention, permit process portion judges whether that license connects.When permit process portion have granted connection, sip server connects grounding terminals by being sent to from the invitation message connecting source terminal, the signaling success of SIP.
Therefore, in the present invention, prestore the information of the combination of the terminal connected should be licensed, carry out the license of the connection of terminal room when SIP signaling.So, and the simple authentication between nonterminal and sip server, but can carry out having got involved the terminal room of sip server and the license of P2P, appropriately can limit the user of monitor message.So, security when being suitable for surveillance SIP can be improved.
When even grounding terminals receives invitation message from Communications Management Units, the OK message of SIP can be sent to Communications Management Units, can to invitation message and OK message additional connection establishment information, it is for after SIP session is established, and establishes the terminal room staying out of Communications Management Units connect in connection source and connection ground terminal room.
So, after SIP session is established, the communication of monitor message can not be carried out at terminal room by Communications Management Units.In the present invention, the communication in two stages is carried out.The communication in the 1st stage is SIP, is undertaken by Communications Management Units.The communication in the 2nd stage does not connect by the terminal room of Communications Management Units.Carry out signaling when SIP connects, exchange invitation message and OK message in the signaling.The present invention utilizes the message of the signaling of SIP, exchanges the connection being used for the establishment that terminal room connects and establishes information.So, SIP can be utilized well to carry out terminal room connection.Further, the traffic of Communications Management Units and terminal can be reduced, reduce the load of Communications Management Units.
It can be construct at terminal room the terminal room VPN that VPN carries out connecting that the terminal room staying out of Communications Management Units connects.So, by being suitable for VPN (VPN (virtual private network)) to terminal room communication (communication in the 2nd stage after above-mentioned SIP connection), security can be improved.Two-way news in the signal communication of SIP exchanges the message exchange be applicable to needed for VPN connection establishment.
Invitation message can containing connecting the IP address of source terminal with digital certificates as being connected establishment information, OK message can IP address containing company's grounding terminals with digital certificates as being connected establishment information.So, the information used in can suitably utilizing SIP switched vpc N to connect, carries out safe communication at terminal room.
Communications Management Units can be arranged on central monitoring position, and this central monitoring position utilizes and monitors monitored object with the communication of multiple terminal.So, Communications Management Units can be utilized to carry out the communication of communicating of central monitoring position and terminal and terminal room well.
The connection of Communications Management Units and multiple terminal can be connected by VPN between the center terminal of constructing VPN at Communications Management Units and multiple terminal room, and sip server can make multiple terminal communicate with sip message by VPN between center terminal.So, SIP communication between center terminal, VPN is carried out.More than discuss after SIP session is established and carry out VPN connection at terminal room.Here center terminal JianVPNShi center and the VPN of each terminal room.By using VPN between center terminal, the security communicated of central monitoring position and each terminal can be guaranteed, and also can guarantee the security that SIP communicates.
Monitor message can comprise at least one in the image taken by monitored object, the supervisory signal detected by monitored object and the control information that generated by user side.So, can communicate to monitor message at terminal room.
Another way of the present invention is a kind of Communications Management Units, and manage the communication to multiple terminals that monitor message communicates, wherein, Communications Management Units has: sip server; License Info storage part, stores and connects License Info, and this connection License Info represents the combination of the terminal connected should be licensed; With permit process portion, with reference to connecting License Info, judge whether the connection of permitting terminal room, when sip server obtains the invitation message of the SIP of the identifying information comprised other-end from multiple terminal, permit process portion judges whether the connection of permitting terminal room according to the identifying information of the company's grounding terminals contained in invitation message, when permit process portion have granted connection, sip server connects grounding terminals by being provided to from the invitation message connecting source terminal.Also applicable above-mentioned various formation in which.
The invention is not restricted to the mode of above-mentioned surveillance and Communications Management Units.Other modes of the present invention are such as end devices.Further, the present invention realizes by the form of recording medium of method, program or the embodied on computer readable that have recorded this program.
As mentioned above, the present invention can improve security when SIP being applicable to surveillance.
The surveillance of embodiments of the present invention is described referring to accompanying drawing.
Fig. 1 represents that the entirety of surveillance of the present invention is formed.As shown in the figure, in surveillance 1, communicate between central monitoring position 3, monitored object 5 and user place 7.Wherein, user refers to the user of the supervision service of the monitored object 5 in surveillance 1.In the example of present embodiment, monitored object 5 is shops, and user place 7 is offices of shop owner.
Have Communications Management Units 11 and multiple center fixture 13 in central monitoring position 3, they connect for communicating.Communications Management Units 11 and multiple center fixture 13 be configurable on geographically away from place.Multiple center fixture 13 can be configured in respectively multiplely takes on region.Further, multiple center fixture 13 can share function.Such as, Control Centre's device that certain center fixture 13 can be used as the signal that process guard is correlated with plays a role, and other center fixtures 13 can be used as main process and monitor that the picture centre device of image plays a role.In addition, within the scope of the invention, center fixture 13 also can be one.
In monitored object 5 and user place 7, monitoring arrangement 15 and user's device 17 are set respectively.Monitoring arrangement 15 and user's device 17 are equivalent to terminal of the present invention.Monitor message is sent to center fixture 13 and user's device 17 by monitoring arrangement 15.Monitor message is such as the image of monitor camera, and is the supervisory signal detected by monitored object 5.Supervisory signal is such as represent abnormal guard signal occurs, and generates guard signal, or generate when operational alarm button (switch) according to the detection signal from the sensor be arranged on monitored object 5.Further, user's device 17 transmits control signal or voice signal to monitoring arrangement 15.Thisly to be also contained in monitor message from user's device 17 to the signal of monitoring arrangement 15.
A monitored object 5 and a user place 7 have been shown in Fig. 1.But in fact, central monitoring position 3 communicates with multiple monitored object 5 and multiple user place 7.Therefore, Communications Management Units 11 also communicates with multiple monitoring arrangement 15 and multiple user's device 17.Each monitoring arrangement 15 communicates with the user's device 17 (terminal of shop owner) be associated.
According to the surveillance 1 of Fig. 1, such as monitoring arrangement 15 detects abnormal by sensor signal etc.Now, the guard signal as monitor message is sent to central monitoring position 3 together with the image of monitored object 5.At central monitoring position 3, operator confirms guard signal and image by the monitor of center fixture 13, sends necessary instruction to guard personnel.The guard personnel receiving instruction arrive to monitored object 5 fast, and process is abnormal.
Further, such as the image etc. of monitored object 5 is sent to user's device 17 by monitoring arrangement 15 termly or according to other settings.Such as, when detecting guest by sensor, image etc. are sent to user's device 17.Further, also there is the situation that user's device 17 requires to send image etc.Owner can grasp the situation in shop according to image etc.Further, owner can send sound etc. from user's device 17 to monitoring arrangement 15, and necessary item is indicated to salesman.
The communication mode of surveillance 1 is then described.Communications Management Units 11, monitoring arrangement 15 and user's device 17 are connected to the Internet.
Further, Communications Management Units 11 is connected with monitoring arrangement 15 and user's device 17 by VPN (VPN (virtual private network)) 21 between center terminal on the internet.In order to construct VPN21 between center terminal, making Communications Management Units 11 have vpn server function, making monitoring arrangement 15 and user's device 17 have VPN client function.In VPN, construct vpn tunneling, carry out cryptographic communication, realize higher security.
Further, monitoring arrangement 15 carries out SIP with user's device 17 by Communications Management Units 11 and communicates 23.SIP communication 23 is undertaken by VPN21 between above-mentioned center terminal.Communications Management Units 11 has sip server function.
Further, monitoring arrangement 15 and user's device 17 to be directly connected by terminal room VPN25 not by Communications Management Units 11.For constructing this terminal room VPN25, user's device 17 has vpn server function, makes monitoring arrangement 15 have VPN client function.
Wherein, between center terminal, VPN21 always connects and constructs vpn tunneling, for the communication between center fixture 13 and monitoring arrangement 15 and user's device 17.And terminal room VPN25 only constructs where necessary.
The reason using terminal room VPN25 is described.The communication of the jumbo data such as image is carried out in surveillance 1.If VPN21 is used for all communication between center terminal, then the load of Communications Management Units 11 becomes excessive.Therefore, carry out communicating of monitoring arrangement 15 and user's device 17 by terminal room VPN25, thus alleviate the load of Communications Management Units 11 while can security being guaranteed.
Further, the effect of the SIP communication 23 in present embodiment is special effects different with common IP phone etc.That is, in present embodiment, the process of the signaling of SIP as the preparation before VPN connection is located.Specifically, when establishing the session of SIP23, message notice is carried out.In this message notice, carry out two-way communication, exchange invitation message and OK message.On the other hand, connecting to establish VPN, needing exchange information.In the present embodiment, IP address and digital certificates are exchanged.Digital certificates, for verifying the legitimacy of electronic signature etc., use the certificate issued by the reliable third-party institution.Therefore, the signaling of SIP communication 23 uses as the information exchange unit connected for establishing VPN.
The entirety being explained above surveillance 1 is formed.As mentioned above, in the present embodiment, two kinds of VPN are used.A kind of connection Communications Management Units 11 and terminal (monitoring arrangement 15 or user's device 17), between another kind of connection terminal (monitoring arrangement 15 and user's device 17).Therefore, in FIG, in order to distinguish this two VPN, these two terms of VPN21 and terminal room VPN25 between center terminal are used.But also can simplify and use these two terms of VPN21, VPN25.
Then the formation of surveillance 1 is illustrated with reference to Fig. 2.Communications Management Units 11 has: fire wall 31, http server 33, vpn server 35, sip server 37, STUN server 39, account management server 41, database 43 and log server 45.
Fire wall 31 for shield between Communications Management Units 11 and monitoring arrangement 15 and user's device 17 use communication data beyond data.Http server 33 is for Internet connection.Vpn server 35 carries out constructing the certification of vpn tunneling and the server of encryption.
Vpn server 35, for realizing VPN21 between center terminal, constructs VPN between Communications Management Units 11 and monitoring arrangement 15, and constructs VPN between Communications Management Units 11 and user's device 17.Signal from monitoring arrangement 15 is deciphered by vpn server 35, is sent to center fixture 13.Further, the signal from center fixture 13 is encrypted by vpn server 35, is sent to monitoring arrangement 15.Further, when Communications Management Units 11 sends signal to monitoring arrangement 15, be also encrypted by vpn server 35.In the communicating of Communications Management Units 11 and user's device 17, vpn server 35 is encrypted too and deciphers.
Sip server 37 carries out the process of signaling according to Session Initiation Protocol, connection monitoring device 15 and user's device 17.When user's device 17 requires to be connected to monitoring arrangement 15, or when monitoring arrangement 15 requires to be connected to user's device 17, sip server 37 plays the effect of the connection control of SIP.
In the signaling of SIP, exchange messages.Specifically, INVITE (invitation) message and OK message is exchanged.Utilizing this message, as mentioned above, exchanging IP address and digital certificates for establishing VPN connection.
The nat feature of the router that STUN server 39 is corresponding monitoring arrangement 15 and user's device 17 and STUN function is provided.
Account management server 41 is servers of the various information such as administrative authentication.The information be managed is stored in database 43.The information be managed comprise IP circuit account, for VPN connect the digital certificates of (tunnel construction), the information of double secret key.And in the present embodiment, in the signaling procedure of SIP, certification and license are carried out to the connection of terminal room.Information for this process is also preserved by database 43, for account management server 41.In addition, can be undertaken by sip server self certification of the connection of terminal room and license, in this case, permit process portion of the present invention and License Info storage part are arranged on sip server.
Log server 45 is the servers preserving the daily record generated by monitoring arrangement 15.
Center fixture 13 has monitor station 51 and connecting device for line 53.Monitor station 51 is connected to Communications Management Units 11 by connecting device for line 53.Such as, when center fixture 13 is picture centres, monitors that image is provided to monitor station 51, managed by monitor station 51.Further, when center fixture 13 is Control Centre, the information that guard is relevant is provided to monitor station 51.Monitor that image is also good to be shown on the monitor of Control Centre.Monitor that image etc. also can communicate between center fixture.
Then monitoring arrangement 15 is described.Monitoring arrangement 15 comprises: controller 61, IP line unit 63, router 65, peripherals 67, multi-line adapter 69 and monitored object PC (personal computer) 71.
Controller 61 is made up of computing machine, cooperates and realize function for monitoring with peripherals 67.Controller 61 is connected with central monitoring position 3 by IP line unit 63.Further, controller 61 is also connected with user's device 17 by IP line unit 63.
In fig. 2, monitor camera 73, sensor 75 and alarm button 77 is illustrated as peripherals 67.Controller 61 is implemented image recognition processing to supervision image and is detected exception.Further, controller 61 detects exception by the detection signal inputted from sensor 75.Also exception is detected when alarm button 77 is pressed.Other peripherals also can be used for detecting extremely.When an exception occurs, controller 61 communicates with center fixture 13, sends guard signal and picture signal.Also there is microphone while there is monitor camera 73, also send voice signal.So, controller 61 realizes the policing function of monitored object 5.
Further, supervision image and sound can also be sent when center fixture 13 requires.Further, monitor that image and sound are also sent to user's device 17.Such as regularly carry out or also can set according to other transmission carried out to user's device 17.Such as, when guest being detected by sensor 75, image etc. are sent to user's device 17.Further, when user's device 17 requires, monitoring arrangement 15 also sends image etc.
IP line unit 63 constructs the vpn tunneling communicated with Communications Management Units 11 for controller 61.Further, the vpn tunneling communicated with user's device 17 for controller 61 is constructed.The former corresponds to VPN21 between center terminal, and the latter corresponds to terminal room VPN25.In these connect, IP line unit 63 realizes the function of VPN client.
In fig. 2, IP line unit 63 is illustrated as the Inner Constitution of controller 61.This has showed physical configuration.Form as communication, IP line unit 63 is configured between controller 61 and router 65.Further, IP line unit 63 is connected by Ethernet (registered trademark) LAN with controller 61.Router 65 is routers of broadband line.
Multi-line adapter 69 is connected with center fixture 13 by mobile telephone network.Multi-line adapter 69 is for sending guard signal when broadband line is obstructed.Guard signal is sent to multi-line adapter 69 from controller 61 by IP line unit 63, is sent to center fixture 13 from multi-line adapter 69.
Monitored object PC71 is arranged on the PC on monitored object 5.In the example of present embodiment, monitored object 5 is shops.Therefore, monitored object PC71 can be the PC in shop.
Then user's device 17 is described.User's device 17 is made up of VPN end device (hereinafter referred to as VTE) 81, router 81 and user PC (personal computer) 85.
VTE81 is the line termination device for broadband connection.Further, VTE81 constructs vpn server 35 and the vpn tunneling of Communications Management Units 11, and constructs IP line unit 63 and the vpn tunneling of monitoring arrangement 15.In the former, VTE81 is as VPN client effect, and in the latter, VTE81 is as vpn server effect.Router 83 is routers of broadband line.
VTE81 is connected with user PC85.Image, sound and the control signal that controller 61 from monitoring arrangement 15 receives is forwarded to user PC85 by VTE81.Further, the sound received from user PC85 and control signal are forwarded to controller 61 by VTE81.
In the present embodiment, user place 7 is offices etc. of shop owner.Therefore, user PC85 can be the PC of the owner in shop.User PC85 is used for the supervision image that owner watches monitored object 5.For providing this function, set up applications in user PC85, can show and switch the supervision image of monitored object 5 by carrying out communicating with controller 61.
In the present embodiment, user's device 17 is fixing.But the function of user's device 17 also can be assembled in mobile terminal etc., thus can move.
The entirety being explained above surveillance 1 is formed.Then illustrate that characteristic of the present invention is formed.
Fig. 3 represents a part for the surveillance 1 shown in Fig. 1 and Fig. 2, is major part of the present invention.In figure 3, same label is marked with at Fig. 1 and key element illustrated in fig. 2.
As shown in Figure 3, in Communications Management Units 11 except vpn server 35 and sip server 37, there is License Info storage part 101 and permit process portion 103.License Info storage part 101 stores and connects License Info, and this connection License Info represents the combination connecting and treat licensed terminal (monitoring arrangement 15 and user's device 17).Further, permit process portion 103, with reference to connection License Info, judges whether the connection of permitting terminal room.License Info storage part 101 and permit process portion 103 realize respectively by the database 43 of Fig. 2 and account management server 41.
Fig. 4 represents the example of the connection License Info that should store in License Info storage part 101.In this embodiment, the table that License Info is the combination representing Termination ID is connected.It is corresponding that this table makes each user (owner in shop), monitoring arrangement ID (ID of monitoring arrangement 15) and user's device ID (ID of user's device 17) set up.Monitoring arrangement ID and user's device ID is the arbitrary information can determining monitoring arrangement 15 and user's device 17.In aftermentioned example, monitoring arrangement ID is the ID of IP line unit 63, and user's device ID is the ID of VTE81.
There is the situation that an owner has multiple shop.Now, a monitoring arrangement 15 combines with multiple user's device 17.In the example in fig. 4, user C has two shops, and two monitoring arrangements 15 (C01, C02) are set up corresponding with user's device 17 (C11).In addition, when an owner uses multiple user's device 17, a monitoring arrangement 15 is corresponding with multiple user's device 17.
Turn back to Fig. 3, in monitoring arrangement 15, IP line unit 63 has SIP handling part 111, VPN handling part 113 and storage part 115.SIP handling part 111 and VPN handling part 113 carry out the process relevant with SIP and VPN respectively.Storage part 115 stores the various information processed by IP line unit 63.Particularly in the present invention, the IP address of storage part 115 storing IP line unit 63 and digital certificates.These information are equivalent to connection establishment information of the present invention, are provided to connecting object in order to VPN connects.Further, storage part 115 storing IP line unit ID (ID of IP line unit 63), this IP line unit ID uses as the ID of monitored object 5.
As shown in Figure 3, the VTE81 of user's device 17 also has SIP handling part 121, VPN handling part 123 and storage part 125.Storage part 125 stores IP address and the digital certificates of VTE81.Further, storage part 125 stores VTE-ID (ID of VTE81).
The action of present embodiment is then described.Action when action when terminal room VPN25 is constructed in this explanation, the VPN carried out between monitoring arrangement 15 and user's device 17 connect.
First action summary is described.As mentioned above, between Communications Management Units 11 and monitoring arrangement 15, VPN21 between center terminal is always constructed.Also VPN21 between center terminal is always constructed between Communications Management Units 11 and user's device 17.Different from VPN21 between these center terminal, between monitoring arrangement 15 and user's device 17, directly construct terminal room VPN25 by following action.
The exchange of information is carried out when connecting terminal room VPN25.In the present embodiment, between monitoring arrangement 15 and user's device 17, IP address and digital certificates are exchanged.As the unit of this message exchange, present embodiment is conceived to SIP.In the message notice of SIP, exchange messages at terminal room.Above-mentioned IP address and digital certificates are added in this sip message.So, the message exchange for preparing to construct terminal room VPN25 can be carried out by the message notice of SIP.
In the basic function of SIP, between the arbitrary address of registering in sip server 37, establish the connection of SIP.In this case, the possibility that the user's device 17 that there is monitoring arrangement 15 nothing to do with connects, not good in security.Consider this point, in the present embodiment, as described belowly carry out signaling.Below using the connection source terminal of in monitoring arrangement 15 and user's device 17 as SIP, using another company's grounding terminals as SIP.Further, the message of SIP between center terminal, VPN21 sends.
With reference to Fig. 5, first, connect source terminal and INVITE (specifically SIPINVITE message, identical below) is sent to sip server 37 (S1).The ID connecting source terminal and the ID connecting grounding terminals, the IP address connecting source terminal and digital certificates are attached with in INVITE.
After sip server 37 receives INVITE, the ID connecting source terminal is provided to permit process portion 103 with the ID connecting grounding terminals, whether inquiry permit process portion 103 can connect this connection source terminal and connect grounding terminals (S3).Permit process portion 103, with reference to the connection License Info of License Info storage part 101, judges whether perhaps attachable (S5).If connecting source terminal is registered in License Info storage part 101 with the combination connecting grounding terminals, then permit to connect.
Sip server 37 receives allowed results (S7) from permit process portion 103.If have granted connection by permit process portion 103, then INVITE is sent to and connects grounding terminals (S9) by sip server 37.This INVITE comprises the IP address and digital certificates that connect source terminal.
After even grounding terminals receives INVITE, send OK message (specifically SIP 2000K message, identical below) (S11) to sip server 37.OK message is attached with the IP address and digital certificates that connect grounding terminals.This OK message is sent to via sip server 37 and connects source terminal (S13).Thus, have exchanged IP address and digital certificates by the message notice of SIP.Further, when terminal room constructs VPN, carry out certification by the digital certificates contained in connection request and the digital certificates exchanged before, construct terminal room VPN25 (S15).
As mentioned above, in the present embodiment, the process of the combination of permitting terminal is carried out after receiving INVITE by sip server 37.If connect not licensed, then INVITE can not the company's of being sent to grounding terminals, the SIP process after also can not carrying out and VPN process.Only when the combination of monitoring arrangement 15 and user's device 17 is suitable, connect licensed, INVITE is sent to and connects grounding terminals, and the SIP process after carrying out, finally can carry out VPN connection.
Then the action of surveillance 1 is described in detail with reference to Fig. 6 and Fig. 7.Wherein, first illustrate that monitoring arrangement 15 is the situations connecting source terminal, then illustrate that user's device 17 is the situations in connection source.
In the time diagram of Fig. 6, controller 61 and IP line unit 63 are formations of monitoring arrangement 15, sip server 37 and License Info storage part 101 (account management server 41) are the formations of Communications Management Units 11, and VTE81 and user PC85 is the formation of user's device 17.
Connection instruction (P2P connects instruction) comprising VTE-ID (ID of VTE81) is sent to IP line unit 63 (S101) by controller 61.Here, VTE-ID is with connecting ground Termination ID.
IP line unit 63 reads IP line unit IP address (the IP address of IP line unit 63) and the indivedual certificate of IP line unit from storage part 115.The indivedual certificate of IP line unit is the digital certificates distributing to each IP circuit.Further, IP line unit 63 reads IP line unit ID (ID of IP line unit 63) as connection source terminal ID from storage part 115.Further, this information is attached to INVITE by IP line unit 63, then INVITE is sent to sip server 37 (S103).Specifically, INVITE comprises IP line unit IP address, the indivedual certificate of IP line unit ID, VTE-ID and IP line unit.
Sip server 37 receives INVITE, and IP line unit ID and VTE-ID is sent to permit process portion 103, and whether inquiry permits to connect (S105).With reference to the connection License Info of License Info storage part 101, permit process portion 103 judges whether that license connects (S107).Here, the table of Fig. 4 is read.Then permit process portion 103 judges whether the combination of the Termination ID of inquiring has been registered in table.If the combination of correspondence is registered, then permit process portion 103 permits to connect.Allowed results is sent to sip server 37 (S109) from permit process portion 103.When permit process portion 103 have granted connection, INVITE is sent to VTE81 (S111) by sip server 37.This INVITE is attached with IP line unit IP address and the indivedual certificate of IP line unit.
In the process above, if unlicensed connection in step s 107, then INVITE can not be sent to VTE81 by sip server 37.Therefore, the SIP process after can not carrying out, the VPN after also not carrying out connects.
After VTE81 receives INVITE, preserve IP line unit IP address and the indivedual certificate of IP line unit by storage part 125, carry out the inquiry (S113) of connection request (P2P connection request) to user PC85.This connection request is attached with IP line unit IP address.User PC85 sends connection response (S115) to VTE81 afterwards.
VTE81 reads VTE-IP address (the IP address of VTE81) and VTE other certificate (distributing to the digital certificates of VTE81) from storage part 125.Then, OK message is sent to sip server 37 (S117) by VTE81.This OK message is attached with VTE-IP address and VTE other certificate.
OK message is sent to IP line unit 63 (S 119) by sip server 37 together with VTE-IP address and VTE other certificate.After IP line unit 63 receives OK message, VTE-IP address and VTE other certificate is preserved by storage part 115, ACK message is sent to sip server 37 (S121), further, ACK message is sent to VTE81 (S123) by sip server 37.
In above process, IP line unit 63 obtains IP address and the digital certificates of VTE81.Further, VTE81 obtains IP address and the digital certificates of IP line unit 63.Connect therefore, it is possible to use these information identification the other side thus establish VPN between IP line unit 63 and VTE81.This is terminal room VPN25.
As shown in the figure, IP line unit 63 carries out VPN connection request (S125) to VTE81.Here, VPN not by sip server 37 but is directly asked to connect.Indivedual certificates of the IP line unit preserved in the indivedual certificate of IP line unit that VTE81 is comprised by VPN connection request and storage part 125 carry out certification, and the arrival information of the IP line unit IP address comprising object is sent to user PC85 (S127).IP line unit IP address is used when VPN traffic by user PC85.Further, VTE81, as vpn server, will carry out situation notice IP line unit 63 (S129) of VPN connection handling.Connection result is the situation notification controller 61 of OK by IP line unit 63, and by the VTE-IP address notification controller 61 (S131) of object.VTE-IP address is used when VPN traffic by controller 61.Thus, establish VPN and connect, communicated by terminal room VPN25.Monitor that image and sound etc. are provided to user's device 17 from monitoring arrangement 15.
Then illustrate that user's device 17 is the situations in connection source with reference to Fig. 7.User (owner) such as by the indicative input of show image to user PC85.Connection instruction (P2P connects instruction) comprising IP line unit ID is sent to VTE81 (S201) by user PC85.Here, the IP line unit ID ID connecting ground terminal.
VTE81 reads VTE-IP address and VTE other certificate from storage part 125.Further, VTE81 reads VTE-ID as connection source terminal ID from storage part 125.Further, these information are additional to INVITE by VTE81, INVITE are sent to sip server 37 (S203).Specifically, INVITE comprises VTE-IP address, VTE-ID, IP line unit ID and VTE other certificate.
Sip server 37 receives INVITE, VTE-ID and IP line unit ID is sent to permit process portion 103, and whether inquiry permits to connect (S205).Permit process portion 103 and the above-mentioned same connection License Info with reference to License Info storage part 101, judge whether that license connects (S207), allowed results be sent to sip server 37 (S209).That is, if the combination of VTE-ID and IP line unit ID is registered, then permit to connect.After permit process portion 103 have granted connection, INVITE is sent to IP line unit 63 (S211) by sip server 37.This INVITE is attached with VTE-IP address and VTE other certificate.
In the process above, if unlicensed connection in step S207, then INVITE can not be sent to IP line unit 63 by sip server 37.Therefore, the process of the SIP after not carrying out, the VPN after also not carrying out connects.
After IP line unit 63 receives INVITE, in storage part 115, preserve VTE-IP address and VTE other certificate.Further, IP line unit 63 pairs of controllers 61 carry out the inquiry (S213) of connection request (P2P connection request).This connection request is attached with VTE-IP address.Then controller 61 sends connection response (S215) to IP line unit 63.
IP line unit 63 reads IP line unit IP address and the indivedual certificate of IP line unit from storage part 115.Further, OK message is sent to sip server 37 (S217) by IP line unit 63.This OK message is attached with IP line unit IP address and the indivedual certificate of IP line unit.
OK message is sent to VTE81 (S219) by sip server 37 together with IP line unit IP address and the indivedual certificate of IP line unit.After VTE81 receives OK message, IP line unit IP address and the indivedual certificate of IP line unit are saved in storage part 125, ACK message (S221) is returned to sip server 37, and, notify that SIP connects to user PC85 and establish (S223).ACK message is sent to IP line unit 63 (S225) by sip server 37.
In above process, between IP line unit 63 and VTE81, IP address and digital certificates are exchanged.After IP line unit 63 receives ACK message, VPN connection request (S227) is carried out to VTE81.VPN connection is not undertaken by sip server 37.The arrival information of the VTE-IP address comprising object is sent to user PC85 (S229) by VTE81.Further, VTE81 will carry out situation notice IP line unit 63 (S231) of the process that VPN connects as vpn server.The arrival information of the VTE-IP address comprising object is sent to controller 61 (S233) by IP line unit 63.Thus, VPN connects establishment, is communicated by terminal room VPN25.
As shown in Figure 6, Figure 7, in the process of two figure, send VPN connection request from IP line unit 63 to VTE81.Its reason is as follows.In VPN, need to send connection request from user end to server.In the present embodiment, the function of vpn server is only arranged in VTE81.Therefore, in Fig. 6 and Fig. 7 both sides, VPN connection request is all be sent to VTE81 from IP line unit 63.
Be explained above the preferred embodiment of the present invention.According to the present embodiment, multiple terminal (monitoring arrangement 15, user's device 17) is connected to the Communications Management Units 11 with sip server 37.As shown in Figure 3, Communications Management Units 11 also has License Info storage part 101 and permit process portion 103 except sip server 37.In the message notice of SIP, send INVITE (invitation) message from connection source terminal to sip server.Now, permit process portion 103 judges whether that license connects.When only permitting in permit process portion 103 to connect, sip server 37 connects grounding terminals by being sent to from the INVITE connecting source terminal, the message notice success of SIP.
Therefore, in the present invention, prestore the information of the combination of the terminal connected should be licensed, carry out the license of the connection of terminal room when SIP message notice.Thus, and the simple authentication between nonterminal and sip server 37, but can carry out having got involved the terminal room of sip server 37 and the license of P2P, appropriately can limit the user of monitor message.Security when being suitable for SIP can be improved in surveillance 1 thus.
Further, in the present invention, the INVITE in the message notice of SIP is connected establishment information with adding in the exchange of OK message, and it is the information that the establishment do not connected by the terminal room of Communications Management Units 11 uses that information is established in this connection.Connect establishment information thereby, it is possible to exchange at terminal room, thus connect between assert terminal.Therefore, SIP can be utilized well to carry out terminal room connection.Further, the traffic of Communications Management Units 11 and terminal can be reduced, reduce the load of Communications Management Units 11.
Further, in the present embodiment, being illustrated as being connected establishment information with digital certificates for IP address, also can replacing digital certificates and use other information to carry out the certification of object.Such as, also can by common name of containing in digital certificates etc. with connecting establishment information.
Further, according to the present invention, the terminal room staying out of Communications Management Units 11 connects, and can be to construct VPN and the terminal room VPN25 connected at terminal room.Two-way message exchange in the message notice of SIP can be applicable to the exchange that VPN connects the information needed for establishing, and, can security be improved by using VPN.
Further, according to the present invention, invitation message comprises and connects the IP address of source terminal with digital certificates as being connected establishment information, the IP address that OK message comprises company's grounding terminals with digital certificates as being connected establishment information.Thus, the information used during SIP switched vpc N can be utilized well to connect, can carry out safe communication at terminal room.
Further, according to the present invention, Communications Management Units 11 can be arranged at central monitoring position 3.Thus, Communications Management Units 11 is utilized can to carry out the communication of communicating of central monitoring position 3 and terminal and terminal room well.
And, according to the present invention, the connection of Communications Management Units 11 and multiple terminal by between Communications Management Units 11 and multiple terminal, constructed VPN center terminal between VPN21 connect, sip server 37 can carry out sip message by VPN21 between center terminal with multiple terminal and communicate.Thus, SIP communication between center terminal, VPN21 is carried out.The terminal room VPN25 established after SIP call is the VPN of terminal room, and between center terminal, VPN21 is the VPN of Communications Management Units 11 and terminal room.By using VPN21 between center terminal, the security communicated of central monitoring position 3 and each terminal can be guaranteed, and the security that SIP communicates can be guaranteed.
Further, according to the present invention, monitor message can comprise at least one in the image taken by monitored object 5, the supervisory signal detected by monitored object 5, the control information that generated by user side.Thus, can communicate to monitor message at terminal room.
Be explained above the preferred embodiment of the present invention.But the invention is not restricted to above-mentioned embodiment, those skilled in the art can be out of shape above-mentioned embodiment within the scope of the invention certainly.
Be explained above the preferred embodiment of the present invention considered at present, but can various deformation be made to present embodiment, and all distortion be in true spirit of the present invention and scope all comprise within the scope of the claims.
The possibility that industry utilizes
As mentioned above, the surveillance that the present invention relates to is applicable to come telemonitoring shop etc. by communication.

Claims (4)

1. a surveillance, has: the monitored object lateral terminal being arranged at monitored object; Be arranged at user's lateral terminal of user side, use the above-mentioned monitor message received from above-mentioned monitored object lateral terminal; With the Communications Management Units that communicate of the above-mentioned monitored object lateral terminal of management with above-mentioned user's lateral terminal, the feature of above-mentioned surveillance is,
Above-mentioned monitored object lateral terminal has the above-mentioned monitor message that obtains above-mentioned monitored object and is sent to the function of above-mentioned user's lateral terminal,
Above-mentioned user's lateral terminal has the function using the above-mentioned monitor message received from above-mentioned monitored object lateral terminal to carry out the supervision of above-mentioned monitored object,
Above-mentioned surveillance is configured to: when direction the opposing party for above-mentioned monitored object lateral terminal or above-mentioned user's lateral terminal asks to connect, the invitation message of SIP of the identifying information comprising self IP address and digital certificates and connect grounding terminals is sent to above-mentioned Communications Management Units by this connection source terminal, and above-mentioned monitored object lateral terminal and above-mentioned user's lateral terminal are as the group of terminal mutually with difference in functionality;
Above-mentioned Communications Management Units has: sip server;
License Info storage part, stores for representing that connect should the licensed monitored object lateral terminal of group of terminal and the connection License Info of the correspondence combination of user's lateral terminal as mutually having difference in functionality; With
Permit process portion, judges whether to permit the connection between monitored object lateral terminal and user's lateral terminal with reference to above-mentioned connection License Info,
Above-mentioned sip server, when obtaining above-mentioned invitation message from above-mentioned connection source terminal, the above-mentioned identifying information connecting grounding terminals comprised in above-mentioned invitation message is provided to above-mentioned permit process portion, when above-mentioned permit process portion have granted the connection between monitored object lateral terminal and user's lateral terminal, invitation message from above-mentioned connection source terminal is provided to above-mentioned even grounding terminals by above-mentioned sip server
When above-mentioned company grounding terminals receives above-mentioned invitation message from above-mentioned Communications Management Units, the OK message of the SIP of the IP address and digital certificates that comprise self is sent to above-mentioned Communications Management Units,
Above-mentioned connection source is used in IP address and the digital certificates of each terminal exchanged in above-mentioned invitation message and above-mentioned OK message with the terminal being connected ground, establishes the terminal room staying out of above-mentioned Communications Management Units connect after SIP session is established in above-mentioned connection source with the terminal room being connected ground.
2. surveillance according to claim 1, is characterized in that,
It is construct VPN at terminal room and carry out the terminal room VPN that connects that the terminal room staying out of above-mentioned Communications Management Units connects.
3. surveillance according to claim 1, is characterized in that,
Connection between above-mentioned Communications Management Units and above-mentioned monitored object lateral terminal or user's lateral terminal, is connected by VPN between above-mentioned Communications Management Units with the center terminal of having constructed VPN between above-mentioned monitored object lateral terminal or user's lateral terminal,
Above-mentioned sip server carries out the communication of sip message by VPN between above-mentioned center terminal and above-mentioned monitored object lateral terminal or user's lateral terminal.
4. the surveillance according to any one of claims 1 to 3, is characterized in that,
Above-mentioned monitor message comprises at least one in the image taken by above-mentioned monitored object, the supervisory signal detected by above-mentioned monitored object and the control information that generated by above-mentioned user side.
CN201080014851.1A 2009-03-30 2010-03-25 Monitoring system and communication management device Active CN102378982B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2009-081307 2009-03-30
JP2009081307A JP4781447B2 (en) 2009-03-30 2009-03-30 Monitoring system
PCT/JP2010/002119 WO2010116642A1 (en) 2009-03-30 2010-03-25 Monitoring system and communication management device

Publications (2)

Publication Number Publication Date
CN102378982A CN102378982A (en) 2012-03-14
CN102378982B true CN102378982B (en) 2015-05-27

Family

ID=42935943

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201080014851.1A Active CN102378982B (en) 2009-03-30 2010-03-25 Monitoring system and communication management device

Country Status (4)

Country Link
JP (1) JP4781447B2 (en)
KR (1) KR101516708B1 (en)
CN (1) CN102378982B (en)
WO (1) WO2010116642A1 (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5779882B2 (en) * 2011-01-05 2015-09-16 株式会社リコー Device management system, device, device management method and program
JP2013038684A (en) * 2011-08-10 2013-02-21 Refiner Inc Vpn connection management system
US9467297B2 (en) 2013-08-06 2016-10-11 Bedrock Automation Platforms Inc. Industrial control system redundant communications/control modules authentication
US9191203B2 (en) 2013-08-06 2015-11-17 Bedrock Automation Platforms Inc. Secure industrial control system
US8862802B2 (en) 2011-12-30 2014-10-14 Bedrock Automation Platforms Inc. Switch fabric having a serial communications interface and a parallel communications interface
US11967839B2 (en) 2011-12-30 2024-04-23 Analog Devices, Inc. Electromagnetic connector for an industrial control system
US9437967B2 (en) 2011-12-30 2016-09-06 Bedrock Automation Platforms, Inc. Electromagnetic connector for an industrial control system
US9727511B2 (en) 2011-12-30 2017-08-08 Bedrock Automation Platforms Inc. Input/output module with multi-channel switching capability
US11314854B2 (en) 2011-12-30 2022-04-26 Bedrock Automation Platforms Inc. Image capture devices for a secure industrial control system
US10834094B2 (en) 2013-08-06 2020-11-10 Bedrock Automation Platforms Inc. Operator action authentication in an industrial control system
US10834820B2 (en) 2013-08-06 2020-11-10 Bedrock Automation Platforms Inc. Industrial control system cable
US8971072B2 (en) 2011-12-30 2015-03-03 Bedrock Automation Platforms Inc. Electromagnetic connector for an industrial control system
US10613567B2 (en) 2013-08-06 2020-04-07 Bedrock Automation Platforms Inc. Secure power supply for an industrial control system
CN105635078A (en) * 2014-11-07 2016-06-01 中兴通讯股份有限公司 Method and system of realizing session initiation protocol (SIP) session transmission
CN105933198B (en) * 2016-04-21 2020-01-14 浙江宇视科技有限公司 Device for establishing direct connection VPN tunnel
JP7085826B2 (en) * 2016-12-16 2022-06-17 ベドロック・オートメーション・プラットフォームズ・インコーポレーテッド Image capture device for secure industrial control systems
CN110087034B (en) * 2019-04-25 2020-11-10 山西潞安金源煤层气开发有限责任公司 Coal bed gas remote monitoring system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1717913A (en) * 2003-08-06 2006-01-04 松下电器产业株式会社 Relay server, relay server service management method, service providing system, and program

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3779101B2 (en) * 1999-08-13 2006-05-24 セコム株式会社 Image sending device
JP4415311B2 (en) * 2003-12-25 2010-02-17 日本ビクター株式会社 Monitoring system and output control device
JP4410070B2 (en) * 2004-09-17 2010-02-03 富士通株式会社 Wireless network system and communication method, communication apparatus, wireless terminal, communication control program, and terminal control program
JP4551866B2 (en) * 2005-12-07 2010-09-29 株式会社リコー COMMUNICATION SYSTEM, CALL CONTROL SERVER DEVICE, AND PROGRAM
JP2008219239A (en) * 2007-03-01 2008-09-18 Yamaha Corp Vpn dynamic setting system
JP4750761B2 (en) * 2007-07-23 2011-08-17 日本電信電話株式会社 Connection control system, connection control method, connection control program, and relay device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1717913A (en) * 2003-08-06 2006-01-04 松下电器产业株式会社 Relay server, relay server service management method, service providing system, and program

Also Published As

Publication number Publication date
WO2010116642A1 (en) 2010-10-14
KR101516708B1 (en) 2015-05-04
JP2010233167A (en) 2010-10-14
CN102378982A (en) 2012-03-14
KR20120028298A (en) 2012-03-22
JP4781447B2 (en) 2011-09-28

Similar Documents

Publication Publication Date Title
CN102378982B (en) Monitoring system and communication management device
US7177932B2 (en) Method, gateway and system for transmitting data between a device in a public network and a device in an internal network
US8364772B1 (en) System, device and method for dynamically securing instant messages
US9231919B2 (en) Method and device for anonymous encrypted mobile data and speech communication
EP1471708A2 (en) System and method for establishing secondary channels
CN103430506B (en) Network communicating system and method
KR101444089B1 (en) Communication control device and monitoring device
JP5148540B2 (en) Monitoring system
US20160197921A1 (en) Secure Data Transmission System
JP5357619B2 (en) Communication failure detection system
CA2327919C (en) Internal line control system
US20160057223A1 (en) Method for processing data of a social network user
JP2008160212A (en) Communication system, transmission side terminal equipment, and incoming side terminal equipment
JP4707325B2 (en) Information processing device
KR20210051208A (en) Apparatus and method for providing security to an end-to-end communication
JP7329437B2 (en) nurse call system
KR100911364B1 (en) Method, server and system for monitoring participants in multi-participants conference service based on session initiation protocol
KR20210051207A (en) Apparatus and method for providing security to an end-to-end communication
KR20180052414A (en) Linking apparatus based on the ceritification security device and method thereof
US7920542B1 (en) Method and apparatus for providing secure voice/multimedia communications over internet protocol
JP2019165291A (en) Terminal device, communication path establishment method, program for terminal device, and authentication system
KR20120008627A (en) Client management service system using wireless MAC address
JP2010252014A (en) Communication failure detecting system
KR20190098369A (en) Secure Communication System
JP2007501543A (en) Configuring network connections

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant