Detailed Description
The conception, specific structure and technical effects of the present invention will be described clearly and completely with reference to the accompanying drawings and embodiments, so as to fully understand the objects, aspects and effects of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The same reference numbers will be used throughout the drawings to refer to the same or like parts.
It should be noted that, unless otherwise specified, when a feature is referred to as being "fixed" or "connected" to another feature, it may be directly fixed or connected to the other feature or indirectly fixed or connected to the other feature. Furthermore, the descriptions of upper, lower, left, right, etc. used in this application are only relative to the positional relationship of the various elements of the application with respect to one another in the drawings. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
Furthermore, unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art. The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used herein, the term "and/or" includes any combination of one or more of the associated listed items.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element of the same type from another. For example, a first element could be termed a second element, and, similarly, a second element could be termed a first element, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "at … …" depending on the context.
Referring to fig. 1, a schematic diagram of a first embodiment of an all-in-one entrance guard machine with NVR provided by the present application;
the system comprises an access control mainboard with an identity recognition module, an NVR camera, a router and a management platform with a server, wherein the router is at least provided with two LAN interfaces and a WAN interface, a video streaming media server program is installed and operated in the server, the access control mainboard is connected with the LAN interface of the router and adopts Ethernet for power supply, the access control mainboard and the management platform form internet connection, and the management platform sends a control instruction to the access control mainboard through the internet; the NVR camera is connected with the LAN interface of the router and adopts Ethernet power supply to form internet connection with the management platform, and video data and image data generated by the NVR camera are sent to a server of the management platform through the internet.
Further, the identification module comprises at least one of the following devices: fingerprint identification ware, sound feature identification ware, interpupillary distance detector, facial feature detector, identification card recognizer, cell-phone identification number recognizer, NFC signal identification ware, Wi-Fi signal identification ware, bluetooth signal identification ware, RFID signal identification ware.
Further, fig. 1 also shows an external device connected to the WAN port of the router via the internet, where the connection may be a wired connection or a wireless connection, such as via a mobile communication network or Wi-Fi, and the external device is a terminal device with information sending and receiving capabilities, such as a mobile phone, a laptop, a tablet computer, a desktop computer, and the like.
Specifically, videos shot by the NVR camera are not uploaded in real time, and videos before and after an event are uploaded to the server only when events such as door opening and alarm are triggered. The gate inhibition all-in-one machine local storage is also 1 minute rolling coverage.
Further, after the applicant passes through the authentication process and allows access to the router, the applicant controls or accesses the access control motherboard, the NVR camera or even the server connected to the router, and in general terms, only needs to access the access control motherboard and the NVR camera, and the specific flow is shown in fig. 3, which is a flow chart of the access control motherboard or the NVR camera of the NVR-equipped access control all-in-one machine provided by the application, and the flow chart comprises the following steps:
s301) receiving an authenticated external network instruction;
s302) the router in the entrance guard receives the instruction;
s303) judging whether the instruction points to the access control mainboard or not according to the port;
if directional entrance guard's mainboard, then send this instruction to the entrance guard mainboard, if not directional entrance guard's mainboard, then send the instruction to the NVR camera.
If the system administrator is the system administrator, the server can be accessed for remote operation and control, but authentication is also needed firstly. The steps of authentication refer to fig. 3 and 4.
Referring to fig. 2, a schematic diagram of a second embodiment of an all-in-one entrance guard machine with NVR provided by the present application; the difference between the second embodiment and the first embodiment is that the server in the second embodiment is added with a storage module and an authentication module, wherein the storage module is used for storing video image data and identity authority information; the authentication module is used for comparing the identity recognition information acquired from the identity recognition module with the identity authority information pre-stored in the storage module.
Referring to fig. 2, a network structure diagram of an all-in-one gate inhibition machine with NVR provided by the present application is shown; as shown in the figure, a POE router is integrated in the gate inhibition all-in-one machine, and the router is provided with a WAN port and 2 LAN ports; the WAN port of the router is connected with an external network; one LAN port of the router is connected with the access control mainboard, and the other LAN port of the router is connected with the NVR camera; the external equipment and the platform are communicated with the gate inhibition all-in-one machine through a network;
further, as described above, when the system is deployed, network setting can be performed by remotely accessing the video access control device:
1) default IP address to set
IP address information of the access control machine:
IP address: 192.168.1.11
Subnet mask: 255.255.250
A default gateway: 192.168.1.1
IP address information of NVR camera:
IP address: 192.168.1.10
Subnet mask: 255.255.250
A default gateway: 192.168.1.1
2) Router configuration
The LAN port of the router is set to 1 segment IP. And the IP address of the router is 192.168.1.1;
the router performs port mapping;
mapping ports (TCP and UDP)8899, 8200, 8100, 554, 3702 to 192.168.1.10 (i.e., to NVR camera)
3) NVR camera configuration
Network configuration:
IP address: 192.168.1.10
Subnet mask: 255.255.255.0
Gateway address: 192.168.1.1
DNS address: 192.168.1.1
HTTP port: 80
A control port: 8100
Video port: 8200
Configuring an external network IP of the router:
DNS domain name: 190.112.27.205
4) Router function testing method
(1) The computer gateway is firstly configured with 192.168.1.1;
(2) one router is defaulted as a main test board IP: 192.168.8.79 (the single board is already running OK on the device)
(3) A main test board A and a tested board B;
(4) the 8pin weft at the left side of the LAN port of the main test A plate is connected with a computer;
(5) the tested B mainboard needs to modify 192.168.8.79 of the original default WAN into 8 sections of other IPs which are not 79 through the LAN port;
(6) the main test A single board is directly connected with the tested B main board through a WAN port;
(7) the equipment is powered on, a computer is used for ping the IP of the two main boards, the WAN port of the equipment can be judged to be normal by communication, and in addition, the LAN port is connected with the computer;
(8) and a left indicator light of the network cable on the WAN port link is on to indicate that the network port is normal.
Further, the server runs a Linux system, and the video streaming media server program is a Live555 server program.
Specifically, the Live555 server program provides the RTSP video protocol service with the format of.264.
Specifically, the RTSP video protocol has port numbers 554 and 8554, where the 554 port requires administrator privileges.
Further, the server also runs a gSOAP program and a video monitoring client conforming to ONVIF standard, wherein the gSOAP program reads a WSDL file in ONVIF protocol and calls and runs at least one of the following functions: and a device discovery service function and a device service entry function are adopted, so that the video monitoring client can receive the RTSP video stream sent by the NVR camera.
Specifically, the frame buffer size of the server is set to 150000K.
In particular, the ONVIF specification describes a model, interfaces, data types, and modes of data interaction for network video. And some existing standards, such as WS series standards, are reused. The ONVIF specification aims to implement a network video framework protocol, so that network video products (including video recording front ends, video recording equipment and the like) produced by different manufacturers are completely communicated.
The interfaces defined by the device management and control section of the ONVIF specification are all provided in the form of Web Services. The ONVIF specification covers the full XML and WSDL definitions. Each terminal device supporting the ONVIF specification must provide a Web Service corresponding to the function. And the data interaction between the server and the client adopts a SOAP protocol. Other parts of the ONVIF, such as audio video streaming, are done through RTP/RTSP.
SOAP is an abbreviation of Simple Object Access Protocol. SOAP provides a standard way for applications running on different operating systems and using different technologies and programming languages to communicate with each other. Is a protocol based on XML. A SOAP message is a generic XML document containing the following elements:
the required Envelope element can mark the XML document as a SOAP message;
an optional Header element containing Header information;
the necessary Body element, which contains all call and response information;
an optional Fault element that provides information about the sheath error that occurred during the processing of the message.
In the SOAP request sent to the Web Service, the fields in the Body element need to conform to the data types in WSDL. In the process of constructing the SOAP, the corresponding relation must be acquired from the WSDL file and mapped. However, such a corresponding process would be repetitive and mechanical, and a compilation tool named gSOAP should be developed to avoid unnecessary human errors and save development time.
The gSOAP compiling tool provides SOAP/XML implementation about C/C + + language, so that the work of developing web services or client programs by C/C + + language is much easier. The contents related to the implementation details of the development-independent SOAP protocol are hidden from the developer. Because SOAP provides a standardized approach, the compiler of gSOAP can automatically translate user-defined localized C or 0+ data types into XML-syntax-compliant data structures, thus freeing the user from SOAP detail implementation by using only a simple set of APIs, and can concentrate on the implementation of application logic. And the code framework for developing the SOAP communication protocol aspect of the Web Services can be generated by using gSOAP across a plurality of operating systems, language environments and different groups behind the firewall, and developers only need to realize the called function of the server and then can call the function at the far end like calling the local function at the client end. gSOAP contains two tools, wsdl2h and soapcpp2, to generate a code frame.
Specifically, refer to the data flow diagram of video transmission using ONVIF standard shown in fig. 4; the ONVIF standard includes three types of devices, which are a central management unit CMU, such as a management center in the drawing, a monitoring front-end unit PU, such as an NVR camera in the drawing, and a monitoring client-end unit CU of a monitoring system, such as a server in the drawing, and the communication flows are as follows:
1. and after the device is on line, sending a HELLO message to the CMU.
And 2, when the CMU needs to search the equipment, sending a PROBE message to the PU.
And 3, carrying out signaling interaction between the CMU and the PU, requesting a capability set, and acquiring configuration.
And 4, enabling the CU to be on line, registering with the CMU, and establishing connection.
And 5, signaling interaction is carried out between the CMU and the CU, and the device list is transmitted.
6. Under the coordination of the CMU, the CU and the PU establish connection to transmit code streams.
The ONVIF standard has the advantages that the interaction mode of the PU and the CMU is changed, and the CMU is not connected with the PU for a long time any more; following the ONVIF specification, there is a unified standard for signaling and message content.
The ONVIF specification introduces the concept of Web Service to video surveillance. The actual functions of the equipment are abstracted to the Service of Web Service, the control unit of the video monitoring system appears in the form of the identity of the client, and the control operation is completed in the form of Web request.
The ONVIF specification can bring the advantages to a video monitoring system
(1) The interface of the function is abstracted. The configuration of the devices and the manner of operation are unified.
(2) The control end is not concerned with the model of the equipment, but the Web Service provided by the equipment regulates the behavior out of the range of the Web Service in the video system.
(3) ONVIF provides WSDL of each module, and has a development mode with high efficiency.
Referring to fig. 5, a flowchart of a third embodiment of the all-in-one door access control machine with NVR provided by the present application includes the following steps:
s301) creating a development environment;
s302) reading the WSDL file of the ONVIF through gSOAP to generate a code frame;
s303) carrying out RTSP video docking;
s304) operating a live555MediaServer server;
s305) starting the Onvif Device Manager test.
Here, WSDL refers to Web service Description Language (Web Services Description Language). WSDL is a document written using XML. Such a document may describe a certain Web service. It may specify the location of the service, and the operation (or method) provided by the service.
Specifically, a WSDL file of ONVIF is read through gSOAP, and a generated code frame, as shown in fig. 7, is generated by an NVR all-in-one gate inhibition machine using a gSOAP tool, and the code frame is composed of some files required by automatic generation of remote calls.
In addition, some ONVIF interfaces need to carry authentication information when calling, and need to use the soap _ wsse _ add _ usernamentokendigest function for authorization, so that a # import "wsse.h" needs to be added at the beginning of an onvif.h header file, otherwise, compilation will be wrong.
The commands are as follows:
# Access onvif directory
cd gsoap-2.8/gsoap/samples/onvif
File # Modify onvif.h, add # import "wsse.h" at the beginning "
vi onvif.h。
Referring to the HTTP digest authentication flowchart shown in fig. 9 and the device authentication flowchart of the Onvif protocol shown in fig. 10, an authentication flow of digest includes the following processes:
1. the client wishes to fetch a resource on the server and sends a Get request to the server.
2. After receiving the request from the client, the server finds that the resource needs authentication information, determines whether the request message has an Authorization header, and returns a message 401(Unauthorized) to the client if the request message does not have the Authorization header. In this 401 reply, the server will add a WWW-Autothenate header at the same time
3. After receiving the server's 401(Unauthorized) reply, the client uses the nonce value in the server reply message, plus username, password, http method, http uri, and uses MD5 (or other algorithm specified by the server) to calculate the request-digest as the value of the repson header field. And resend the request;
4. after receiving the request sent by the client, the server finds out the password of the user according to the username, and calculates the request-digest (response) by the same method as the client. And then comparing with the received request-digest, if the request-digest is consistent with the received request-digest, successfully verifying, receiving the request of the client, and successfully returning a result. With an Authentication-Info header. The client side carries out server authentication according to the parameters in the message header.
The authentication process of the Onvif initialization equipment is as follows:
1. the client obtains the time through the GetSystemDateAndTime
2. The client and server perform a time comparison and, if necessary, a time synchronization. If the time difference between the client and server is too great, the server may reject WS _ UsenameToken, at which point the NTP or setSystemDateAndTime command may be used for time synchronization
3. The client checks to see whether the server has a registered user, and if no user exists, a user is newly built and authenticated.
User management:
creating a user:
the creating user needs to provide 3 parameters:
1.name:
2,password
userlevel for setting user rights
The client creates users and sets the parameters by using CreateUsers commands; after successful creation, the device can be authenticated using an authentication procedure like HTTP digest. The authentication process has two request-response interactions: the first time is abstract inquiry, the server returns an authentication message header to request the terminal to do message abstract. In the second interaction, the client has an authentication message header in the request, which contains abstract information and other parameters, the server authenticates the client after receiving the authentication message header, and sends back a response after the authentication is successful, and the server has the authentication message header. The client side carries out server authentication according to the parameters in the message header.
Specifically, referring to the flowchart of the fourth embodiment of the all-in-one entry control machine with NVR shown in fig. 6, the step S303RTSP video docking further includes the following sub-steps:
s3031) the management center CMU discovers the equipment;
s3032) after the device discovery is successful, the monitoring front end unit PU sends requests for acquiring a device end capability set and the like;
s3033) the monitoring front end unit PU sends and obtains audio and video source information and audio and video coding and decoding information;
s3034) the monitoring front end unit PU sends and acquires the stream media URL information.
Wherein, the server of live5555MediaServer is operated to complete the RTSP function.
Specifically, default ports for RTSP are also modified to 554 and 8554, and the default is to try to use the port 554 first and unsuccessfully reuse the port 8554. When the live555MediaServer program is run on the Linux server, the sudo or root authority user can open 554 the port. Otherwise, the 8554 port is opened.
Referring to fig. 8, a flowchart of a data transmission method of an all-in-one gate inhibition machine with NVR provided by the present application includes the following steps:
s100) connecting an access control mainboard with an identity recognition module, an NVR camera, a router and a management platform with a server in an internet mode;
s200) acquiring video and image information, and performing data transmission by using an RTSP (real time streaming protocol) transmission protocol through a router after encoding;
s300) discovering the camera device by using an ONVIF standard, transmitting video and image data through a router and storing the video and image data in a server;
s400) displaying the video and the image data on a display device.
Finally, the utility model provides a take NVR's data transmission device of entrance guard's all-in-one, including the entrance guard mainboard of taking identity identification module, NVR camera, router, the management platform of taking the server, the router has two LAN interfaces and a WAN interface at least, install and operate video streaming media service end program in the server, the entrance guard mainboard with the LAN interface connection of router adopts the ethernet to supply power, with the management platform forms internet connection, the management platform passes through the internet to entrance guard mainboard sends control command; the NVR camera is connected with the LAN interface of the router and adopts Ethernet power supply to form internet connection with the management platform, and video data and image data generated by the NVR camera are sent to a server of the management platform through the internet.
The data transmission device of the entrance guard's all-in-one machine of taking NVR and router still includes the controller, the controller is used for carrying out the utility model discloses the above-mentioned data transmission method who brings the entrance guard's all-in-one machine of NVR that proposes.
In summary, compared with the existing video access control, the newly added NVR function is mainly embodied in that a digital video code stream transmitted by a network camera device is received through a network, and is stored and managed, so that the distributed architecture advantage brought by networking is realized. In short, the new gate inhibition all-in-one machine can simultaneously watch, browse, play back, manage and store a plurality of network cameras by adding the NVR function. The method gets rid of the constraint of hardware and does not face the complexity of installation and deployment.
1. The router is integrated in the video access control all-in-one machine, and the external deployment is not needed, so that the cost is reduced;
2. the integrated router has simple networking mode and convenient deployment;
3. the camera can be shared by the video access control snapshot function and the real-time video monitoring required by the outside, and the camera of the access control all-in-one machine realizes the function of a network camera. A network camera does not need to be deployed independently;
4. the power supply of the all-in-one machine adopts POE (Power over Ethernet), the router, the entrance guard machine and the like do not need to be separately supplied with power, and meanwhile, the POE power supply mode is adopted, so that the power supply is more stable, and the safe operation of equipment is facilitated;
5. the router, the network camera and the like can be set through remote access to the access control machine, so that the construction difficulty is reduced;
6. a convenient scheme is provided for the connection of a third-party video monitoring platform.
Specifically, the server also runs streaming media playing software for displaying the video data transmitted by the NVR camera on a display, preferably a VLC video player.
Specifically, the storage module in the server is a nonvolatile memory. Preferably an SSD solid state disk.
Specifically, the ONVIF signaling that the whole procedure needs to implement is as follows:
1、wsdd:Probe
2、tds:GetServices
3、tds:GetDeviceInformation
4、tds:SetSystemDateAndTime
5、tds:GetSystemDateAndTime
6、tds:GetUsers
7、tds:GetCapabilities
8、tds:GetNTP
9、tds:SetNTP
10、tds:GetNetworkInterfaces
11、tds:GetNetworkProtocols
12、tds:GetNetworkDefaultGateway
13、trt:GetVideoSources
14、trt:GetAudioSources
15、trt:GetAudioOutputs
16、trt:GetProfile
17、trt:GetProfiles
18、trt:GetVideoSourceConfigurations
19、trt:GetVideoEncoderConfigurations
20、trt:GetAudioEncoderConfigurations
21、trt:GetVideoAnalyticsConfigurations
22、trt:GetVideoSourceConfiguration
23、trt:GetVideoEncoderConfiguration
24、trt:GetAudioEncoderConfiguration
25、trt:GetCompatibleVideoAnalyticsConfigurations26、trt:GetVideoEncoderConfigurationOptions
27、trt:GetAudioEncoderConfigurationOptions
28、trt:GetStreamUri
29、trt:SetSynchronizationPoint
30、trt:GetOSDs
finally, the present invention also provides a computer readable storage medium having computer instructions stored thereon. The instructions when executed by the processor implement the steps of a method as in any one of the preceding.
It should be recognized that embodiments of the present invention can be realized and implemented by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer readable memory. The methods may be implemented in a computer program using standard programming techniques, including a non-transitory computer-readable storage medium configured with the computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner, according to the methods and figures described in the detailed description. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable interface, including but not limited to a personal computer, mini computer, mainframe, workstation, networked or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and the like. Aspects of the invention may be embodied in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optically read and/or write storage medium, RAM, ROM, or the like, such that it may be read by a programmable computer, which when read by the computer may be used to configure and operate the computer to perform the procedures described herein. Further, the machine-readable code, or portions thereof, may be transmitted over a wired or wireless network. The utility model described herein includes these and other different types of non-transitory computer-readable storage media when such media include instructions or programs that implement the steps described above in conjunction with a microprocessor or other data processor. When programmed according to the methods and techniques of the present invention, the present invention also includes the computer itself.
Embodiments of this disclosure are described herein, including the best mode known to the inventors for carrying out the invention. Variations of those described embodiments may become apparent to those of ordinary skill in the art upon reading the foregoing description. The skilled artisan will appreciate that such variations are optional, and the skilled artisan intends to practice embodiments of the disclosure in ways other than as specifically described herein. Accordingly, the scope of the present disclosure includes all modifications and equivalents of the subject matter recited in the claims appended hereto as permitted by applicable law. Moreover, the scope of the present disclosure encompasses any combination of the above-described elements in all possible variations thereof unless otherwise indicated herein or otherwise clearly contradicted by context.
While the present invention has been described in considerable detail and with particular reference to several illustrated embodiments thereof, it is not intended to be limited to any such details or embodiments or any particular embodiments, but rather it is to be construed as effectively covering the intended scope of the invention by providing a broad, potential interpretation of the claims in view of the prior art with reference to the appended claims. Furthermore, the invention has been described above in terms of embodiments foreseen by the inventors for the purpose of providing a useful description, and insubstantial changes to the invention, not presently foreseen, may nonetheless represent equivalent changes to the invention.
The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense. However, it will be apparent that: various modifications and changes may be made thereto without departing from the broader spirit and scope of the application as set forth in the claims.
Other variations are within the spirit of the present application. Accordingly, while the disclosed technology is susceptible to various modifications and alternative constructions, certain embodiments thereof have been shown in the drawings and have been described above in detail. It should be understood, however, that there is no intention to limit the application to the specific form or forms disclosed; on the contrary, the intention is to cover all modifications, alternative constructions, and equivalents falling within the spirit and scope of the application, as defined in the appended claims.