Intelligent security data system
The invention relates to divisional application of an intelligent security data system based on the Internet of things, wherein the original application number is 201811034297.8, the original application date is 09 and 05 in 2018, and the original invention name is.
Technical Field
The invention relates to the field of security data sharing and the Internet of things, in particular to an intelligent security data system.
Background
The intelligent security, namely the security Internet of things technology, is a security network system facility for realizing intelligent security communities, building groups and urban areas, and achieves the purpose of regional security Internet of things by establishing a comprehensive system with complete functions and applying wired and wireless transmission means, personnel supervision and machine intelligent analysis and processing methods. The intelligent security adopts technologies such as the Internet of things and big data, integrates intelligent information acquisition, big data processing and intelligent security application, and can improve the overall perception, analysis and emergency event processing capacity of communities and communities.
In the existing intelligent security technical scheme, a community or a community is often used as a unit, data collected by all internet of things equipment is transmitted to a security control center, and security management is performed by personnel of the security control center based on the collected data and a preset policy of security software. The prior art scheme has the following defects: 1. the security control centers are often built and work in units of communities or communities, under the common conditions, data collected by the internet of things equipment are limited in the coverage range of each security control center, the data are not fully applied, and the purpose of scientific regional security joint defense joint control is not facilitated. 2. Data collected by the internet of things equipment in each security subsystem (such as an access control system, a fire protection system, a monitoring system and a parking system) in the security system needs to be transmitted to the security control center, and then each security subsystem requests data collected by other subsystems from a database of the security control center so as to support specific security application of the security subsystem. Thus, the security subsystem needs to recombine and then screen the data stream, but only part of the data in the data stream is actually used. Therefore, the waste of bandwidth resources is caused, and the response speed of security application is reduced.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides an intelligent security data system based on the Internet of things, which comprises a data service platform and an intelligent security subsystem, wherein the intelligent security subsystem comprises an intelligent fire fighting system, an intelligent access control system and an intelligent monitoring system, the intelligent security subsystem comprises Internet of things equipment and an Internet of things data platform, and the Internet of things data platform comprises a data processing module and a data agent module;
a data intermediary server in the data service platform divides the related intelligent security subsystem into a data producer and a data application according to the received data service request and by combining the identification information of the intelligent security subsystem;
the data mediation server receives metadata of available data streams sent by a data producer and data demand information sent by a data applicator, and then pairs the data applicator with the data producer who meets its demand, the data demand information including a selection of individual data fields associated with a plurality of data streams;
the data intermediary server generates a producer configuration and an application configuration and transmits the producer configuration and the application configuration to the corresponding Internet of things data platform; based on the pairing of discernment, data producer establishes peer-to-peer connection with the data application side to realize the real-time data sharing between the intelligent security subsystem, it includes:
the data intermediate server responds to a data request of the data application party and enables a corresponding data production party to selectively send data fields to the data application party according to data demand information of the data application party, and the data application party assembles the data fields of the multiple data streams received from the data production party into a single target data stream for the intelligent security application.
According to a preferred embodiment, the application of the intelligent fire fighting system comprises fire fighting early warning and fire fighting information release, the application of the intelligent access control system comprises vehicle identification, personnel identification and access control early warning, and the application of the intelligent monitoring system comprises intelligent tracking and behavior early warning.
According to a preferred embodiment, the metadata of the available data streams comprises: the data type, the data rate and the information of the collected data of the Internet of things equipment, wherein the information of the Internet of things equipment comprises the geographic position, the manufacturer, the model, the serial number and the measurement precision;
the data requirement information further comprises: data type, data rate, and geographic location information and time information when the data was collected.
According to a preferred embodiment, the producer configuration is generated by the data mediation server and sent to a data producer associated with the single data service, the producer configuration identifying the data application and specifying selected data fields of a data stream provided by the data producer;
the application-side configuration is generated by the data mediation server and sent to a data application side associated with the single data service, the application-side configuration identifying a data producer that streams data to the data application side and specifying a mapping policy when mapping the streamed data to a single target data stream.
According to a preferred embodiment, the data intermediary server generates a security token and sends the security token and the network address of the data application party to the data production party, and a data proxy module in the data production party establishes peer-to-peer connection with the data application party according to the security token and the network address.
According to a preferred embodiment, after establishing peer-to-peer connection, the data producer filters the original data stream according to the producer configuration and sends the data field selected in the data demand information to the data application party;
the data application side receives data streams from the data production side, and then combines the received data streams into a single target data stream through the data agent module.
According to a preferred embodiment, the data mediation server includes a communication module, a user interface module, a configuration creator, a supply and demand information base, and an identification information base, wherein,
the supply and demand information base is used for storing metadata of available data streams and metadata of data streams required by the intelligent security subsystems,
the identification information base is used for storing identification information of each intelligent security subsystem,
the configuration creator is used for generating a producer side configuration and an application side configuration.
The invention has the following beneficial effects:
and the data intermediary server in the data service platform divides the related intelligent security subsystem into a data producer and a data application according to the received data service request. The data intermediate server generates a producer configuration and an application configuration according to the received metadata of the available data stream sent by the data producer and the data demand information sent by the data application side, and transmits the producer configuration and the application configuration to the corresponding data platform of the Internet of things; based on the identified pairing, the data production party and the data application party establish peer-to-peer connection, and therefore real-time data sharing among the intelligent security subsystem is achieved. Therefore, the data sharing method and the system can share the data of the Internet of things generated in the intelligent security subsystems of different cells in real time according to the requirements of intelligent security application. Because the data real-time sharing is that the peer-to-peer connection is directly established among different intelligent security subsystems to selectively transmit data streams, compared with a data transmission scheme of a traditional intelligent security system, the data real-time sharing method can greatly expand the application boundary of security data, can effectively save bandwidth and has higher response speed.
In addition, the data application party can assemble the data fields of the multiple data streams received from the multiple data production parties into a single target data stream for appointed intelligent security application, and a large amount of manpower is not needed for cross-data-stream filtering and data aggregation, so that the labor cost is obviously reduced, and the popularization and the application are facilitated.
Drawings
FIG. 1 illustrates a system block diagram of the security and intelligence data system of the present invention;
fig. 2 shows a system connection diagram of an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention. It should be noted that, in the present invention, the "data producer" and the "data applicator" are respectively used to refer to data platforms of the internet of things that generate data and application data, and they may be mutually converted in different practical application situations.
As shown in fig. 1, the invention provides an intelligent security data system based on the internet of things, which includes a data service platform and an intelligent security subsystem. The intelligent security subsystem comprises an intelligent fire fighting system, an intelligent access control system and an intelligent monitoring system. The intelligent security subsystem comprises an Internet of things device and an Internet of things data platform, and the Internet of things data platform comprises a data processing module and a data agent module.
And the data intermediary server in the data service platform divides the related intelligent security subsystem into a data producer and a data application according to the received data service request and by combining the identification information of the intelligent security subsystem.
The data mediation server receives the metadata of the available data streams sent by the data producer and the data demand information sent by the data application side, and then pairs the data application side with the data producer who satisfies its demand. The data requirement information includes a selection of individual data fields associated with the plurality of data streams.
The data intermediary server generates a producer configuration and an application configuration and transmits the producer configuration and the application configuration to the corresponding Internet of things data platform; based on the pairing of the identification, the data production party and the data application party establish peer-to-peer connection, so that real-time data sharing between the intelligent security subsystem is realized, and the method specifically comprises the following steps: the data intermediate server responds to a data request of the data application party and enables a corresponding data production party to selectively send data fields to the data application party according to data demand information of the data application party, and the data application party assembles the data fields of the multiple data streams received from the data production party into a single target data stream for the intelligent security application.
Illustratively, the applications of the intelligent fire fighting system comprise fire early warning and fire information release, the applications of the intelligent access control system comprise vehicle identification, personnel identification and access early warning, and the applications of the intelligent monitoring system comprise intelligent tracking and behavior early warning.
The invention avoids the problems of limited application range of the data of the internet of things of security systems of all communities and large bandwidth demand and resource waste caused by centralized storage in the existing intelligent security technical scheme, can realize data sharing of the data of the internet of things across communities and security systems, and has good expandability. In addition, the invention does not need a great deal of manpower to filter and aggregate data across data streams, thereby being beneficial to saving manpower expenditure and popularization and application.
Example 1
Fig. 2 is a schematic connection diagram of the intelligent security data system of the embodiment, and it should be noted that, in order to express features of the technical solution of the embodiment concisely and clearly, the data service platform and the intelligent security subsystem are omitted in the diagram, and the specific structural structures thereof are respectively adopted to explain the technical solution of the present invention. In addition, a plurality of internet of things devices connected with the internet of things data platform are omitted in the drawing.
In this embodiment, the data platforms of the internet of things located on the left side and the right side are data producers, and the data platforms of the internet of things located in the middle for receiving data streams are data consumers. For convenience of understanding, the embodiment can be regarded as a schematic diagram when the fire information issuing application of the intelligent fire fighting system is executed, the middle internet of things data platform belongs to the intelligent fire fighting system, and the left and right internet of things data platforms respectively belong to the intelligent access control system and the intelligent monitoring system. The data flow 10 is access control information for a specific time period, and the data flow 20 is monitoring information for a specific time period and a specific area. In this way, the intelligent fire fighting system can receive the data fields specified in the data stream 10 and the data stream 20 and recombine the data fields to determine the person responsible for the fire incident and issue the fire information.
It should be appreciated that the smart security data system may generally include any number of internet of things data platforms, and each individual internet of things data platform may generally serve as a data producer or a data applicator. In addition, the number of the internet of things devices in the figure is usually a plurality, and only some internet of things devices are exemplarily shown for convenience of expression, so that the present invention should not be considered as being limited thereto.
In a smart security data system, a plurality of internet of things devices connected to an internet of things data platform include, but are not limited to, audio-video devices, environmental sensors and monitoring devices (e.g., temperature sensors, pressure sensors, infrared sensors, ID card devices and related alarm systems), and fixed or mobile computing devices. The data processing module in each internet of things data platform can process or analyze raw data received from the corresponding internet of things device. In addition, the data agent module in each data platform of the internet of things is used for communicating with the data intermediary server and exchanging data with other data platforms of the internet of things.
For the data platform of the internet of things serving as a data producer, the data agent module of the data platform sends metadata about available data streams to the data mediation server. The metadata may include data type, data rate, information about the internet of things devices that collected the data, including their location, manufacturer, model/serial number, and measurement accuracy. Similarly, for an internet of things data platform acting as a data application side, the data agent module transmits data requirement information to the data mediation server, wherein the data requirement information comprises selection of various data fields associated with a plurality of data streams, and further comprises data type, data rate, geographical location information and time information when data is collected.
After the data intermediate server receives the data service request and the data demand information sent by the data application party, the data application party and the data production party meeting the demand of the data application party are paired. Further, the data intermediary server generates a producer side configuration and an application side configuration, and transmits the producer side configuration and the application side configuration to the corresponding data platform of the internet of things.
A producer configuration is generated by the data broker server and sent to a data producer associated with the single data service, the producer configuration identifying the data application and specifying selected data fields of a data stream provided by the data producer.
An application-side configuration is generated by the data mediation server and sent to a data application side associated with the single data service, the application-side configuration identifying a data producer that streams data to the data application side and specifying a mapping policy when mapping the streamed data to a single target data stream.
In order to enable the designated data producer and the data application party to be connected and carry out data transmission, the data intermediary server generates a security token and sends the security token and the network address I of the data application party to the data producer, and a data agent module in the data producer establishes peer-to-peer connection with the data application party according to the security token and the network address I. Preferably, the security token is set to expire after a certain period of time and updated security tokens are periodically sent to the data application and data producer to re-establish the connection.
After establishing the peer-to-peer connection, the data producer filters the original data stream according to the producer configuration and sends the data fields selected in the data demand information to the data application party. A data application receives data streams from a plurality of data producers. Based on the application side configuration, the data agent module of the data application side combines the received data streams into a single target data stream for further use by the data platform of the internet of things.
The data intermediary server comprises a communication module, a user interface module, a configuration creator, a supply and demand information base and an identification information base.
The supply and demand information base is used for storing metadata of available data streams and metadata of data streams required by the intelligent security subsystems.
The identification information base is used for storing identification information of each intelligent security subsystem, such as information of a community/cell, a geographic area, a community scale, a type of equipment of the internet of things running in the intelligent security subsystem and/or an acquired data type. It should be noted that although the supply and demand information base and the identification information base are described separately, they may also be integrated into a single database, in which case they belong to different categories in the database.
The configuration creator is used to generate a producer side configuration and an application side configuration. The communication module is used for receiving a data service request, data demand information and metadata of an available data stream from the data platform of the Internet of things. In addition, the communication module may be further configured to send the security token, the producer configuration, the application configuration to the internet of things data platform, and provide a user interface for the internet of things data platform. The user interface module generates a user interface for presenting information to a platform user or requesting information.
The data platform of the internet of things comprises a data processing module and a data agent module, wherein the data agent module comprises a data filtering unit, a data field mapping unit, a data formatting unit and a communication unit.
The data processing module may condition, filter, aggregate, average, and/or resample the incoming raw data stream. Further, the data processing module may analyze and process the data, and when acting as a data producer, the raw data and/or the processed data may be passed to the data proxy module for transmission to other internet of things data platforms. Correspondingly, when acting as a data application side, data streams received by the data agent module from other data platforms of the internet of things can be forwarded to the data processing module for processing and analysis, or stored in a permanent memory of the data platform of the internet of things for future use.
And the communication unit in the data agent module is used for communicating with the data intermediary server and establishing peer-to-peer connection with other Internet of things data platforms.
When acting as a data producer, the data filtering unit may filter the original data stream based on the producer configuration, resulting in only selected data fields included in the data demand information.
When acting as a data application side, the data stream received via the communication unit is transferred to a data field mapping unit, which may aggregate data fields on multiple data streams according to the application side configuration to generate a single target data stream. The data formatting unit is used for performing unit conversion and data type conversion so as to convert the received data format into a format required by the target data stream. The data formatting unit is further adapted to correct the time, which is used to ensure that the point in time to which each data sample belongs is consistent.
Example 2
As an improvement and supplement to embodiment 1, the gateway of the internet of things data platform and the internet of things device connected thereto have an out-of-band communication system. And the gateway of the data platform of the Internet of things broadcasts an out-of-band wireless beacon which is communicated with the corresponding equipment of the Internet of things through a network gateway, wherein the out-of-band wireless beacon comprises a token. In operation, the gateway receives an encrypted packet, decrypts the encrypted packet into an intermediate payload using the public key, and then decrypts the intermediate payload into a decrypted packet using the token.
In particular, the out-of-band communication system may be an RF transmitter, and the aforementioned public key corresponds to a certificate in a plurality of internet of things devices. By adopting the technical scheme, the following conditions are met when the Internet of things equipment and the gateway of the Internet of things data platform carry out normal communication: 1. the Internet of things equipment is provided with an out-of-band communication system 2 and is positioned in the effective broadcast communication distance range of the gateway; 3. the internet of things device has a corresponding certificate.
Therefore, only when the 3 conditions are met, the Internet of things equipment can effectively communicate with the Internet of things data platform, and therefore other network equipment is effectively prevented from attacking the Internet of things data platform or carrying out data interaction with the Internet of things data platform. Because the existing Internet of things equipment is often insufficient in safety verification measures, the technical scheme greatly improves the network communication safety of the Internet of things data platform, and therefore the data safety and effectiveness of the whole intelligent security data system are improved.
Example 3
As an improvement and a supplement of embodiments 1 and 2, a gateway of the data platform of the internet of things is an intelligent gateway of the internet of things, the intelligent gateway of the internet of things is provided with a computing unit and a memory, and the intelligent gateway of the internet of things adopts decision logic to prioritize data streams according to data types and data contents and then transmit data higher than a preset priority to the corresponding data platform of the internet of things. The intelligent internet of things gateway can automatically discover nearby internet of things devices and connect to the devices through a wired or wireless communication channel. The communication connection mode supported by the intelligent Internet of things gateway comprises a cellular network, Zigbee, Bluetooth, WiFi and NFC.
The intelligent internet of things gateway has sufficient computing power, memory and storage capacity, and artificial intelligence to analyze local data to enable local level decisions. The intelligent Internet of things gateway is provided with a computing unit and a memory, and the decision logic adopted by the intelligent Internet of things gateway comprises artificial intelligence, video analysis, a rule engine and a decision tree.
When the intelligent internet of things gateway works, all data are not reserved and sent to the internet of things data platform, but the decision logic is adopted to carry out priority sequencing on data streams according to data types and data contents, reduced data streams are created, and therefore the selected data or the data higher than the preset priority are transmitted to the internet of things data platform.
For example, the intelligent internet of things gateway may analyze video data captured from a camera in the internet of things device to determine whether image content has changed from time T1 to time T2. The intelligent internet of things gateway employs a rules engine containing rules that assign low importance to video data at time T1 if "the image content of video camera 1 at time T2 is identical to the image content of video camera 1 at time T1". Depending on the available bandwidth, data that has been identified as of low importance may be omitted from the transmission or transmitted with reduced resolution. Similarly, a similar analysis may be performed on the sensor data. For example, the low importance data may instead be stored locally. Thus, the amount of data reduced by the total data to be transmitted to the internet of things data platform may depend on the availability of bandwidth for uploading data. In this way, the local intelligent internet of things gateway is used to selectively optimize data, thereby reducing the bandwidth required to transmit data without losing important information.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.