EP1010153B1 - Method for security control of computer equipment and implementing system - Google Patents

Method for security control of computer equipment and implementing system Download PDF

Info

Publication number
EP1010153B1
EP1010153B1 EP98949072A EP98949072A EP1010153B1 EP 1010153 B1 EP1010153 B1 EP 1010153B1 EP 98949072 A EP98949072 A EP 98949072A EP 98949072 A EP98949072 A EP 98949072A EP 1010153 B1 EP1010153 B1 EP 1010153B1
Authority
EP
European Patent Office
Prior art keywords
equipment
monitoring
value
reference value
disconnection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP98949072A
Other languages
German (de)
French (fr)
Other versions
EP1010153A1 (en
Inventor
Pierre Mousel
Jean-Jacques Meddas
Jean-Paul Crouzillat
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Simatel
Original Assignee
Simatel
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Simatel filed Critical Simatel
Publication of EP1010153A1 publication Critical patent/EP1010153A1/en
Application granted granted Critical
Publication of EP1010153B1 publication Critical patent/EP1010153B1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/02Mechanical actuation
    • G08B13/14Mechanical actuation by lifting or attempted removal of hand-portable articles
    • G08B13/1409Mechanical actuation by lifting or attempted removal of hand-portable articles for removal detection of electrical appliances by detecting their physical disconnection from an electrical system, e.g. using a switch incorporated in the plug connector

Definitions

  • the present invention relates to the field of monitoring of IT equipment, such as only terminals, in particular installed in a network computer science.
  • monitoring methods which consist in periodically listing the entire fleet constituting the same network. These methods require implementation of autonomous monitoring systems and parallel. Such systems are complex and expensive because they require specific wiring, a integration of identifier in equipment (transponders) and management means additional. In addition, management systems do not allow presence control IT equipment connected but not connected to the network.
  • the invention proposes to exploit the presence, at the level of IT distribution, connectors oversized compared to the needs of the application network.
  • Each piece of equipment indeed has plots of connection remained free, not connected to the card local area network adapter to which belongs possibly the equipment.
  • impedant loop on a connection remained free it is then possible to control in a simple and little way expensive the presence of said equipment.
  • the subject of the invention is a computer equipment monitoring process mounted on a cabling system.
  • This process consists of detect and compare impedance values of a end-of-line interface, installed outside jointly with the equipment to be monitored or inside this equipment on the map of communication, to a value located in an interval standard then at a high reference value, greater than the standard interval, to centralize and save the data corresponding to the comparisons performed, to view the states corresponding to the data and identifying events relating to a connection, disconnection and intervention on each piece of equipment to monitor, and trigger the appropriate alarm in the event of unauthorized handling.
  • the alarm is accompanied by instructions customized, for example relating to the type equipment disconnected or to local configuration.
  • User monitoring inhibition or maintenance for a predetermined period of time may be provided for mobile (portable) equipment or for all equipment. This inhibition corresponds to a planned disconnection or intervention event on place, due to special circumstances (repair, maintenance, moving, etc.). If the logout is performed within the time range information is then recorded as a event without triggering the alarm.
  • the variation impedance of the end of line interface of each monitored equipment is detected by reference to a high impedance value, for example equal to two times the interface impedance value, taking account of his tolerance.
  • Impedance value detected strictly higher, respectively lower or equal to this high reference value means a disconnection, respectively an intervention of or on monitored equipment.
  • the method of the invention detects also a state of unauthorized intervention on line by detection of low impedances corresponding to a short circuit of the line. This detection is done by studying variations impedance by reference to an impedance value low, for example at the impedance value of the interface taking into account its tolerance. The detection of this state corresponds to an intervention on line not authorized and triggers an alarm with a intervention instruction.
  • _ traceability_ that is to say the constitution of a history of connections, disconnections and interventions carried out on laptops and other monitored equipment.
  • the invention also relates to a delivery system. implementing this process.
  • a delivery system includes, as end of line interface, an impeding loop on a pair of studs available from an interface box at the computer equipment network adapter card, conventionally connected to the network by a brewing.
  • the presence of the loop is verified by an interface monitoring detector analog / digital coupled to the loop using a specific patch cord, which delivers a digital presence message compared to au minus an impedance value, from components known logics.
  • These messages are processed for trigger information or alarm messages by depending on the messages received.
  • the surveillance detectors are grouped in units communication interface acquisition units on the network, the monitoring computer processing the information thus communicated.
  • the messages of presence are accompanied by setpoint messages personalized in the event of unauthorized disconnection, and the monitoring computer processor is informed of authorized disconnections for equipment concerned for a predetermined period.
  • the computer's processor monitoring can record a sequence of data containing the identification information of user, equipment identification concerned and the duration of disconnection.
  • the message digital presence of this equipment, which contains also the equipment identification sequence, is then inhibited by an adapted subroutine of the processor for the predetermined time.
  • connection states disconnection and intervention
  • detection of variation the impedance by response to a high value, equal for example to twice the original impedance of the loop, can be obtained with the detectors of monitoring of the system according to the invention.
  • a loop impedance lower than the value original impedance can also be detected by surveillance detectors and recorded by the monitoring computer processor. This recording corresponds to an intervention state not authorized on line.
  • the processor translates these detections by displaying information concerning login, logout or intervention, by triggering alarms and / or instructions adapted to the site thus detected in the event authorized interventions (disconnection of equipment or intervention on the equipment or on line).
  • This PA security interface box includes a connector K, K 'of the RJ45 type, of which four terminals K are connected to the network and of which two other terminals K' P 1 , P 2 make the loop B.
  • the interface box can be made at inside or outside of the equipment to be monitored.
  • the monitoring computer 4 view terminal states on an E monitor under surveillance.
  • the computer processor manages a monitoring algorithm whose execution under computer form is within the reach of ordinary skill in the art to translate the information provided by the units central clearing house with a clear message which appears on monitor E, and which concerns the states of connection, disconnection or relative intervention at each terminal under surveillance.
  • the algorithm contains an inhibition soubroutine in order to discriminate disconnections and interventions authorized unauthorized actions.
  • Each detection interface 11 provides a double function: a state change input function, - presence, opening or short-circuit of the loop -, and a communication function to its unit central acquisition unit 12 with acknowledgment of this communication.
  • the monitoring processor acknowledges each central unit 12 of the messages received, the units acknowledging the monitoring interfaces concerned with the receipt of these messages.
  • states I to VI of each monitored equipment are shown in figure 2.
  • the states I, II and V refer to events corresponding, respectively, to information from connection, disconnection and intervention authorized.
  • States III, IV and VI refer to alarms corresponding, respectively, to disconnections, interventions on line or on equipment, no authorized. Additional information provided (outlet, office, geographic location, technical room and user) are the same for events or alarms. Alarms trigger setpoints specific to the nature of the identified offense (intervention on line or on equipment, logout) and the location of the equipment concerned.
  • the detector detects this event and the interface translates it by a digital message alarm sent to the computer's processor surveillance 4 by the acquisition unit concerned.
  • This event thus raises an alarm corresponding to states III, IV or VI indicating the configuration adopted by the client user of the network or equipment in question.
  • the digital message of the presence of this equipment transmitted by the central processing unit concerned, which contains also the equipment identification sequence, is then inhibited by the monitoring algorithm during the predetermined period.
  • FIG 3 the main steps of a first embodiment of the monitoring method according to the invention are illustrated in the form of a logical flow diagram for data processing the monitoring architecture by the algorithm of surveillance managed by the surveillance computer.
  • These end interface impedance variation data lines are provided by the monitoring interface of each monitored equipment, a surveillance being for example based on detection of the surveillance detector described above.
  • Those data are processed with reference to impedance values critical, in order to classify variations of impedances detected, according to predetermined states of the equipment concerned: connection, disconnection and intervention, and according to pre-entered authorization data.
  • the data of the monitoring interface is first compared to a standard value in the first state logic 21.
  • the presence of equipment connection monitored results in an impedance value of the end of line interface I B included in the interval R +/- T (%), R being the standard value and T (%) being equal to its relative tolerance (with respect to the value of R). For example, for an impedant loop such that loop 9, R is equal to 1 kW and T (%) is 10%.
  • Display 22 of the surveillance monitor then corresponds to the connection state I (FIG. 2).
  • a logic comparison terminal 24 controls the classification of authorized disconnection states II and unauthorized disconnection III ( Figure 2).
  • the variation is composed with values greater than 2R + T (%) (states II and III) at the terminal 24, at the values of the interval 2R + T (%).
  • the condition of the monitored equipment is a state of intervention on site.
  • the recorded intervention is respectively of authorized or unauthorized type, corresponding to states V and VI (figure 2) displayed respectively in 33 and 34 by the monitor the monitoring computer.
  • the planned instructions are displayed and local alarms and general triggered in 35. If the impedance measured is greater than 2R + T (%), the condition of the equipment monitored is a disconnection state. In terms of existence or absence of a muting command 25 from the LAN and supplied by the user of monitored equipment or maintenance computer, the disconnection is respectively of the type authorized or not authorized, corresponding to states II and III ( Figure 2) shown in 26 and 27. In the case unauthorized disconnection, the instructions are displayed and local and general alarms are displayed trigger at 28, as predefined by the manager.
  • a additional comparison logic terminal 29 allows to define a state of unauthorized intervention on line (state IV of figure 2).
  • state IV of figure 2 the impedance IB is less than 2R + T%
  • the data is compared to R - T (%) at terminal 29. If then the impedance IB is greater than R - T (%), intervention states V and VI are detected according to figure 3.
  • An impedance IB is less than R - T (%) is indicative of a short circuit operated on the equipment.
  • the corresponding state is the IV state of unauthorized intervention on line (figure 2).
  • Such a state is displayed at 30 on the flowchart in Figure 4, and triggers the instructions and local and general alarms adapted in 31.
  • the invention is not limited to the examples described and represented. It is for example possible to distribute data from central processing units acquisition or surveillance detectors on different processors and / or on different monitors of visualization according to the location of monitored equipment, for example on equipment arranged near disconnected equipment, so to obtain local information and thus allow a more effective intervention.
  • high or lower impedance reference values may vary depending on the architecture concerned.
  • the invention has been described using an impedance loop B which has two impedances I 1 and I 2 ; however, the invention can be implemented with a loop in which the impedance I 1 is replaced by an active electronic circuit which produces, for example, an electronic identification label comprising a code.
  • the electronic circuit When the contact M is closed (interface box removed), the electronic circuit is short-circuited, which is detected by the central acquisition unit 12 via the surveillance detector 11.
  • the contact M is open (interface box not removed), the electronic circuit transmits on the pads P 1 and P 2 , the serial code to the central acquisition unit 12 in the form of variations in impedance, which makes it possible to identify the case.
  • the central acquisition unit 12 detects an impedance of infinite value, which is interpreted as a disconnection of the equipment with respect to the network.
  • This electronic tag can be inhibited by the central acquisition unit 12 during a disconnection allowed so as not to be detected by monitoring equipment capable of reading these tags.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Alarm Systems (AREA)
  • Small-Scale Networks (AREA)
  • Selective Calling Equipment (AREA)
  • Hardware Redundancy (AREA)

Abstract

The invention proposes to exploit the presence, in computerised distribution, of an oversized wiring termination relative to the network applicative requirements. By installing for each computer equipment to be controlled, an impedance loop on a connection left free, it is then possible to control simply and inexpensively the presence of said equipment. The method for security control of computerised equipment items (1) mounted on a pre-wiring connection system (2, 3) to computer networks consists in detecting and comparing impedance values of a line ending interface (9), installed on each element to be controlled (1), with a value located in a standard interval, then with a high reference value, higher than the standard interval, in centralising and recording data corresponding to the comparisons carried out in an adapted computerised structure (4), in displaying on ad hoc means (E) the states corresponding to the data and identifying events related to a connection, a disconnection and an intervention on each equipment to be controlled, and in triggering an adapted alarm in case of unauthorised manipulation.

Description

La présente invention concerne le domaine de la surveillance des équipements de type informatique, tels que des terminaux, notamment installés en réseau informatique.The present invention relates to the field of monitoring of IT equipment, such as only terminals, in particular installed in a network computer science.

Parallèlement à la multiplication et au développement des réseaux informatiques (intranet, ethernet, tocken-ring etc.) qui assurent la transmission de données entre des terminaux à travers des systèmes de câblage structurés et banalisés conformément aux normes, le besoin de contrôler la présence de cet ensemble croissant d'équipements s'est précisé.Along with multiplication and development of computer networks (intranet, ethernet, tocken-ring etc.) which ensure the data transmission between terminals through structured and unmarked cabling systems in accordance with standards, the need to control the presence of this growing set of equipment has precise.

Afin de lutter contre le vol de tels terminaux, il a déjà été décrit, par exemple dans les brevets US 4224483 ou FR 2649269, des méthodes de surveillance qui consistent à recenser périodiquement l'ensemble du parc constituant un même réseau. Ces méthodes nécessitent la mise en place de systèmes de surveillance autonomes et parallèles. De tels systèmes sont complexes et coûteux car ils nécessitent des câblages spécifiques, une intégration d'identifiant dans les équipements (transpondeurs) et des moyens de gestion supplémentaires. Par ailleurs, les systèmes de gestion de réseau ne permettent pas de contrôler la présence d'équipements informatiques branchés mais non connectés au réseau.In order to combat the theft of such terminals, it has already been described, for example in the US patents 4224483 or FR 2649269, monitoring methods which consist in periodically listing the entire fleet constituting the same network. These methods require implementation of autonomous monitoring systems and parallel. Such systems are complex and expensive because they require specific wiring, a integration of identifier in equipment (transponders) and management means additional. In addition, management systems do not allow presence control IT equipment connected but not connected to the network.

Afin de remédier à ces inconvénients, l'invention propose d'exploiter la présence, au niveau de la distribution informatique, d'une connectique surdimensionnée par rapport aux besoins de l'applicatif réseau. Chaque équipement dispose en effet de plots de connexion restés libres, non reliés à la carte adaptateur de réseau local auquel appartient éventuellement l'équipement. Par mise en place, pour chaque équipement informatique à surveiller, d'une boucle impédante sur une connexion restée libre, il est alors possible de contrôler de manière simple et peu coûteuse la présence dudit équipement.In order to remedy these drawbacks, the invention proposes to exploit the presence, at the level of IT distribution, connectors oversized compared to the needs of the application network. Each piece of equipment indeed has plots of connection remained free, not connected to the card local area network adapter to which belongs possibly the equipment. By setting up, for each computer equipment to be monitored, impedant loop on a connection remained free it is then possible to control in a simple and little way expensive the presence of said equipment.

Plus précisément, l'invention a pour objet un procédé de surveillance d'équipements informatiques montés sur un système de câblage. Ce procédé consiste à détecter et comparer des valeurs d'impédance d'une interface de fin de ligne, installée à l'extérieur solidairement de l'équipement à surveiller ou à l'intérieur de cet équipement sur la carte de communication, à une valeur située dans un intervalle standard puis à une valeur de référence élevée, supérieure à l'intervalle standard, à centraliser et enregistrer les données correspondant aux comparaisons effectuées, à visualiser les états correspondant aux données et identifiant des événements relatifs à une connexion, une déconnexion et une intervention sur chaque équipement à surveiller, et à déclencher l'alarme adaptée en cas de manipulation non autorisée. Avantageusement, l'alarme est accompagnée de consignes personnalisées, par exemple relatives au type d'équipement déconnecté ou à la configuration locale.More specifically, the subject of the invention is a computer equipment monitoring process mounted on a cabling system. This process consists of detect and compare impedance values of a end-of-line interface, installed outside jointly with the equipment to be monitored or inside this equipment on the map of communication, to a value located in an interval standard then at a high reference value, greater than the standard interval, to centralize and save the data corresponding to the comparisons performed, to view the states corresponding to the data and identifying events relating to a connection, disconnection and intervention on each piece of equipment to monitor, and trigger the appropriate alarm in the event of unauthorized handling. Advantageously, the alarm is accompanied by instructions customized, for example relating to the type equipment disconnected or to local configuration.

Une inhibition de surveillance par l'utilisateur ou la maintenance pendant une durée prédéterminée peut être prévue pour les équipements mobiles (portables) ou pour tout équipement. Cette inhibition correspond à un événement prévu de déconnexion ou d'intervention sur place, du fait de circonstances particulières (réparation, maintenance, déménagement, etc.). Si la déconnexion est effectuée dans la plage de temps prévue, l'information est alors enregistrée comme un événement sans déclencher l'alarme.User monitoring inhibition or maintenance for a predetermined period of time may be provided for mobile (portable) equipment or for all equipment. This inhibition corresponds to a planned disconnection or intervention event on place, due to special circumstances (repair, maintenance, moving, etc.). If the logout is performed within the time range information is then recorded as a event without triggering the alarm.

Selon un mode de réalisation, la variation d'impédance de l'interface de fin de ligne de chaque équipement surveillé est détectée par référence à une valeur d'impédance élevée, par exemple égale à deux fois la valeur d'impédance de l'interface, en tenant compte de sa tolérance. Une valeur d'impédance détectée strictement supérieure, respectivement inférieure ou égale, à cette valeur de référence élevée, signifie une déconnexion, respectivement une intervention de ou sur l'équipement surveillé.According to one embodiment, the variation impedance of the end of line interface of each monitored equipment is detected by reference to a high impedance value, for example equal to two times the interface impedance value, taking account of his tolerance. Impedance value detected strictly higher, respectively lower or equal to this high reference value means a disconnection, respectively an intervention of or on monitored equipment.

Outre les états de connexion, déconnexion / intervention, autorisés ou non des équipements surveillés, le procédé de l'invention selon une forme de réalisation particulière, détecte également un état d'intervention non autorisée sur ligne par détection des faibles impédances correspondant à une mise en court circuit de la ligne. Cette détection se fait par étude des variations d'impédance par référence à une valeur d'impédance basse, par exemple à la valeur d'impédance de l'interface en tenant compte de sa tolérance. La détection de cet état correspond à une intervention sur ligne non autorisée et déclenche une alarme avec une consigne d'intervention.In addition to the connection states, disconnection / intervention, authorized or not authorized monitored equipment, the method of the invention according to a particular embodiment, detects also a state of unauthorized intervention on line by detection of low impedances corresponding to a short circuit of the line. This detection is done by studying variations impedance by reference to an impedance value low, for example at the impedance value of the interface taking into account its tolerance. The detection of this state corresponds to an intervention on line not authorized and triggers an alarm with a intervention instruction.

Les enregistrements des variations d'impédance du procédé selon l'invention permet la _ traçabilité_, c'est-à-dire la constitution d'un historique des connexions, déconnexions et interventions opérées sur les portables et autres équipements surveillés.The records of the variations in impedance of the process according to the invention allows _ traceability_, that is to say the constitution of a history of connections, disconnections and interventions carried out on laptops and other monitored equipment.

L'invention concerne également un système de mise en oeuvre de ce procédé. Un tel système comporte, comme interface de fin de ligne, une boucle impédante sur une paire de plots disponible d'un boítier interface à la carte d'adaptation réseau de l'équipement informatique, classiquement raccordée au réseau par un cordon de brassage. La présence de la boucle est vérifiée par un détecteur de surveillance à interface analogique / numérique couplé à la boucle à l'aide d'un cordon de brassage spécifique, et qui délivre un message numérique de présence par comparaison à au moins une valeur d'impédance, à partir de composants logiques connus. Ces messages sont traités pour déclencher des messages d'information ou d'alarme en fonction des messages reçus.The invention also relates to a delivery system. implementing this process. Such a system includes, as end of line interface, an impeding loop on a pair of studs available from an interface box at the computer equipment network adapter card, conventionally connected to the network by a brewing. The presence of the loop is verified by an interface monitoring detector analog / digital coupled to the loop using a specific patch cord, which delivers a digital presence message compared to au minus an impedance value, from components known logics. These messages are processed for trigger information or alarm messages by depending on the messages received.

Selon une forme particulière de réalisation les détecteurs de surveillance sont groupés dans des unités centrales d'acquisition d'interface de communication sur le réseau, l'ordinateur de surveillance traitant les informations ainsi communiquées.According to a particular embodiment the surveillance detectors are grouped in units communication interface acquisition units on the network, the monitoring computer processing the information thus communicated.

Dans un exemple de réalisation, les messages de présence sont accompagnés de messages de consigne personnalisés en cas de déconnexion non autorisée, et le processeur de l'ordinateur de surveillance est informé des déconnexions autorisées pour les équipements concernés pendant une durée prédéterminée. Dans ce dernier cas, le processeur de l'ordinateur de surveillance peut enregistrer une séquence de données contenant l'information d'identification de l'utilisateur, d'identification de l'équipement concerné et de la durée de déconnexion. Le message numérique de présence de cet équipement, qui contient également la séquence d'identification de l'équipement, est alors inhibé par un sous-programme adapté du processeur pendant la durée prédéterminée.In an exemplary embodiment, the messages of presence are accompanied by setpoint messages personalized in the event of unauthorized disconnection, and the monitoring computer processor is informed of authorized disconnections for equipment concerned for a predetermined period. In the latter case, the computer's processor monitoring can record a sequence of data containing the identification information of user, equipment identification concerned and the duration of disconnection. The message digital presence of this equipment, which contains also the equipment identification sequence, is then inhibited by an adapted subroutine of the processor for the predetermined time.

Pour enregistrer les états de connexion, déconnexion et d'intervention, une détection de variation l'impédance, par réponse à une valeur élevée, égale par exemple au double de l'impédance d'origine de la boucle, peut être obtenue avec les détecteurs de surveillance du système selon l'invention. De plus, une impédance de la boucle inférieure à la valeur d'impédance d'origine peut également être détectée par les détecteurs de surveillance et enregistrée par le processeur de l'ordinateur de surveillance. Cet enregistrement correspond à un état d'intervention non autorisée sur ligne. Le processeur traduit ces détections par affichage d'informations concernant des événements de connexion, de déconnexion ou d'intervention, par déclenchement d'alarmes et / ou des consignes adaptées au site ainsi détecté en cas d'interventions autorisées (déconnexion de l'équipement ou intervention sur l'équipement ou sur ligne).To save connection states, disconnection and intervention, detection of variation the impedance, by response to a high value, equal for example to twice the original impedance of the loop, can be obtained with the detectors of monitoring of the system according to the invention. In addition, a loop impedance lower than the value original impedance can also be detected by surveillance detectors and recorded by the monitoring computer processor. This recording corresponds to an intervention state not authorized on line. The processor translates these detections by displaying information concerning login, logout or intervention, by triggering alarms and / or instructions adapted to the site thus detected in the event authorized interventions (disconnection of equipment or intervention on the equipment or on line).

D'autres caractéristiques et avantages de l'invention apparaítront à la lecture de la description qui suit, relative à un exemple de réalisation détaillé, accompagnée des figures annexées qui représentent, respectivement :

  • la figure 1, le schéma organisationnel d'un exemple de système de surveillance selon l'invention ;
  • la figure 2, des exemples d'états d'affichage du moniteur de l'ordinateur de surveillance ;
  • les figures 3 et 4, deux organigrammes logiques des principales étapes de deux modes de réalisation du procédé de surveillance selon l'invention.
Other characteristics and advantages of the invention will appear on reading the description which follows, relating to a detailed embodiment, accompanied by the appended figures which represent, respectively:
  • FIG. 1, the organizational diagram of an example of a monitoring system according to the invention;
  • FIG. 2, examples of display states of the monitor of the surveillance computer;
  • Figures 3 and 4, two logical flowcharts of the main steps of two embodiments of the monitoring method according to the invention.

En référence au schéma organisationnel illustré en figure 1, un système de surveillance selon l'invention comprend :

  • des terminaux ETTD (initiales de Equipement Terminal de Traitement de Données) sous surveillance tel que le terminal I ;
  • une architecture de précâblage comportant une prise terminale par terminal, qui est une prise de type RJ 45 référencée 10 ou un module capillaire de répartition 2 (pour au moins deux terminaux) reliée au terminal par un bus ; par exemple un bus Ethernet 8, de type 10 base T est utilisé dans le cas de l'ordinateur de surveillance 4 du système de surveillance (voir ci-après) et du terminal ETTD surveillé 1 ;
  • une architecture de réseau local (LAN), comportant des rocades de liaison 3 entre distributeurs d'étage (non représentés) couplés à des modules de ressource de l'applicatif de réseau 6, couplés d'une part aux modules capillaires 2 et aux terminaux 1 et, d'autre part, aux noeuds concentrateurs 7 de l'architecture réseau ; chaque terminal peut être relié au réseau par connexion d'une carte interne d'adaptateur réseau (par exemple Ethernet 10 Base T), d'un boítier interface, le tout connecté à un cordon de brassage K de l'applicatif réseau ;
  • une architecture du système de surveillance selon l'invention, utilisant une boucle impédante B sur une paire de plots disponibles PI P2 dans le boítier interface de sécurité mis en place pour chaque terminal sous surveillance 1 (voir partie agrandie PA sur la figure 1); la boucle B est une interface de fin de ligne munie d'un contact M de désaccouplement du boítier interface et de l'équipement à surveiller ; elle est reliée par l'intermédiaire d'un cordon de brassage K' à un détecteur de surveillance analogique /numérique 11 via un module capillaire 2 ; ces détecteurs 11 sont regroupés par groupe de 31 dans des unités centrales d'acquisition 12 ; ces unités transmettent des informations à un ordinateur de surveillance 4 par l'intermédiaire d'un bus de communication 13 jusqu'à une interface de communication 14, un RS 485 / RS 232 dans l'exemple de réalisation, par l'intermédiaire d'une rocade 3 et de son module capillaire 2.
With reference to the organizational diagram illustrated in FIG. 1, a monitoring system according to the invention comprises:
  • DTE terminals (initials of Data Processing Terminal Equipment) under surveillance such as terminal I;
  • a pre-wired architecture comprising a terminal socket per terminal, which is an RJ 45 type socket referenced 10 or a distribution capillary module 2 (for at least two terminals) connected to the terminal by a bus; for example an Ethernet bus 8, of type 10 base T is used in the case of the monitoring computer 4 of the monitoring system (see below) and of the monitored DTE terminal 1;
  • a local area network (LAN) architecture, comprising link rings 3 between floor distributors (not shown) coupled to resource modules of the network application 6, coupled on the one hand to the capillary modules 2 and to the terminals 1 and, on the other hand, to the hub nodes 7 of the network architecture; each terminal can be connected to the network by connection of an internal network adapter card (for example Ethernet 10 Base T), of an interface box, all connected to a patch cord K of the network application;
  • an architecture of the surveillance system according to the invention, using an impedant loop B on a pair of available pads P I P 2 in the security interface box set up for each terminal under surveillance 1 (see enlarged part PA in FIG. 1 ); the loop B is an end of line interface provided with a contact M for uncoupling the interface box and the equipment to be monitored; it is connected via a patch cord K 'to an analog / digital monitoring detector 11 via a capillary module 2; these detectors 11 are grouped into groups of 31 in central acquisition units 12; these units transmit information to a surveillance computer 4 via a communication bus 13 to a communication interface 14, an RS 485 / RS 232 in the example of embodiment, via a ring road 3 and its capillary module 2.

Ce boítier interface de sécurité PA comprend un connecteur K, K' du type RJ45 dont quatre bornes K sont connectées au réseau et dont deux autres bornes K' P1, P2 réalisent la boucle B. Le boítier interface peut être réalisé à l'intérieur ou à l'extérieur de l'équipement à surveiller.This PA security interface box includes a connector K, K 'of the RJ45 type, of which four terminals K are connected to the network and of which two other terminals K' P 1 , P 2 make the loop B. The interface box can be made at inside or outside of the equipment to be monitored.

En fonctionnement, l'ordinateur de surveillance 4 visualise sur un moniteur E les états des terminaux sous surveillance. Le processeur de l'ordinateur gère un algorithme de surveillance dont l'exécution sous forme informatique est à la portée de l'homme de l'art pour traduire les informations fournies par les unités centrales d'acquisition par un message en clair qui apparaít sur le moniteur E, et qui concerne les états de connexion, de déconnexion ou d'intervention relative à chaque terminal sous surveillance. L'algorithme contient une soubroutine d'inhibition afin de discriminer les déconnexions et interventions autorisées des actions non autorisées.In operation, the monitoring computer 4 view terminal states on an E monitor under surveillance. The computer processor manages a monitoring algorithm whose execution under computer form is within the reach of ordinary skill in the art to translate the information provided by the units central clearing house with a clear message which appears on monitor E, and which concerns the states of connection, disconnection or relative intervention at each terminal under surveillance. The algorithm contains an inhibition soubroutine in order to discriminate disconnections and interventions authorized unauthorized actions.

Chaque interface de détection 11 assure une double fonction : une fonction de saisie de changement d'état, - présence, ouverture ou court-circuit de la boucle -, et une fonction de communication vers son unité centrale d'acquisition 12 avec acquittement de cette communication.Each detection interface 11 provides a double function: a state change input function, - presence, opening or short-circuit of the loop -, and a communication function to its unit central acquisition unit 12 with acknowledgment of this communication.

Le processeur de surveillance acquitte chaque unité centrale 12 des messages reçus, les unités acquittant alors les interfaces de surveillance concernés de la réception de ces messages.The monitoring processor acknowledges each central unit 12 of the messages received, the units acknowledging the monitoring interfaces concerned with the receipt of these messages.

Des exemples d'affichage d'états I à VI de chaque équipement surveillé sont représentés en figure 2. Les états I, II et V se réfèrent à des événements correspondant, respectivement, à une information de connexion, de déconnexion et d'intervention autorisées. Les états III, IV et VI se référent à des alarmes correspondant, respectivement, à des déconnexions, des interventions sur ligne ou sur l'équipement, non autorisées. Les informations complémentaires fournies (prise, bureau, situation géographique, local technique et utilisateur) sont les mêmes dans le cas d'événements ou d'alarmes. Les alarmes déclenchent des consignes spécifiques à la nature de l'infraction identifiée (intervention sur ligne ou sur l'équipement, déconnexion) et à la situation géographique de l'équipement concerné.Examples of displaying states I to VI of each monitored equipment are shown in figure 2. The states I, II and V refer to events corresponding, respectively, to information from connection, disconnection and intervention authorized. States III, IV and VI refer to alarms corresponding, respectively, to disconnections, interventions on line or on equipment, no authorized. Additional information provided (outlet, office, geographic location, technical room and user) are the same for events or alarms. Alarms trigger setpoints specific to the nature of the identified offense (intervention on line or on equipment, logout) and the location of the equipment concerned.

Plus précisément, lorsqu'une infraction est opérée, le détecteur détecte cet événement et l'interface le traduit par un message numérique d'alarme transmis au processeur de l'ordinateur de surveillance 4 par l'unité d'acquisition concernée. Cet événement provoque ainsi une remontée d'alarme correspondant aux états III, IV ou VI en indiquant la configuration adoptée par le client utilisateur du réseau ou de l'équipement en question.More specifically, when an offense is operated, the detector detects this event and the interface translates it by a digital message alarm sent to the computer's processor surveillance 4 by the acquisition unit concerned. This event thus raises an alarm corresponding to states III, IV or VI indicating the configuration adopted by the client user of the network or equipment in question.

Dans le cas où la déconnexion est autorisée par une information préenregistrée dans le processeur, la remontée d'alarme par l'unité centrale concernée est inhibée pour cette connexion pendant une période de temps prédéterminée, et l'événement est annoncé en tant que tel sur le moniteur. Dans l'exemple de réalisation, l'information préenregistrée consiste en une séquence de données contenant

  • l'information d'identification de l'utilisateur, de l'équipement concerné et de l'opération prévue (déménagement, réparation, maintenance, changement de cartes, etc.) sous forme de mots de passe,
  • ainsi que la durée de déconnexion.
In the event that the disconnection is authorized by information pre-recorded in the processor, the alarm reporting by the central processing unit concerned is inhibited for this connection for a predetermined period of time, and the event is announced as such on the monitor. In the exemplary embodiment, the prerecorded information consists of a data sequence containing
  • information identifying the user, the equipment concerned and the planned operation (moving, repair, maintenance, changing cards, etc.) in the form of passwords,
  • as well as the duration of disconnection.

Le message numérique de présence de cet équipement transmis par l'unité centrale concernée, qui contient également la séquence d'identification de l'équipement, est alors inhibé par l'algorithme de surveillance pendant la durée prédéterminée.The digital message of the presence of this equipment transmitted by the central processing unit concerned, which contains also the equipment identification sequence, is then inhibited by the monitoring algorithm during the predetermined period.

Sur la figure 3, les principales étapes d'un premier mode de réalisation du procédé de surveillance selon l'invention sont illustrées sous la forme d'un organigramme logique de traitement des données de l'architecture de surveillance par l'algorithme de surveillance géré par l'ordinateur de surveillance. Ces données de variation d'impédance de l'interface de fin de ligne sont fournies par l'interface de surveillance de chaque équipement surveillé, une interface de surveillance étant par exemple basée sur la détection du détecteur surveillance décrit ci-dessus. Ces données sont traitées en référence à des valeurs d'impédance critiques, afin de classer les variations des impédances détectées, selon des états prédéterminés de l'équipement concerné : connexion, déconnexion et intervention, et selon des données d'autorisation pré-saisies.In Figure 3, the main steps of a first embodiment of the monitoring method according to the invention are illustrated in the form of a logical flow diagram for data processing the monitoring architecture by the algorithm of surveillance managed by the surveillance computer. These end interface impedance variation data lines are provided by the monitoring interface of each monitored equipment, a surveillance being for example based on detection of the surveillance detector described above. Those data are processed with reference to impedance values critical, in order to classify variations of impedances detected, according to predetermined states of the equipment concerned: connection, disconnection and intervention, and according to pre-entered authorization data.

La donnée de l'interface de surveillance est d'abord comparée à une valeur standard au premier état logique 21. La présence de la connexion de l'équipement surveillé se traduit par une valeur d'impédance de l'interface de fin de ligne I B comprise dans l'intervalle R+/- T(%), R étant la valeur standard et T(%) étant égal à sa tolérance relative (par rapport à la valeur de R). Par exemple, pour une boucle impédante telle que la boucle 9, R est égale à 1 kW et T(%) vaut 10%. L'affichage 22 du moniteur de surveillance correspond alors à l'état de connexion I (figure 2). Lorsqu'une variation d'impédance est mesurée par l'interface de surveillance selon l'enregistrement 23, une borne logique de comparaison 24 commande le classement des états de déconnexion autorisée II et de déconnexion non autorisée III (figure 2). Dans l'exemple de réalisation, la variation est composée aux valeurs supérieures à 2R + T(%) (états II et III) à la borne 24, aux valeurs de l'intervalle 2R + T(%).The data of the monitoring interface is first compared to a standard value in the first state logic 21. The presence of equipment connection monitored results in an impedance value of the end of line interface I B included in the interval R +/- T (%), R being the standard value and T (%) being equal to its relative tolerance (with respect to the value of R). For example, for an impedant loop such that loop 9, R is equal to 1 kW and T (%) is 10%. Display 22 of the surveillance monitor then corresponds to the connection state I (FIG. 2). When a change in impedance is measured by the monitoring interface according to record 23, a logic comparison terminal 24 controls the classification of authorized disconnection states II and unauthorized disconnection III (Figure 2). In the example of realization, the variation is composed with values greater than 2R + T (%) (states II and III) at the terminal 24, at the values of the interval 2R + T (%).

Si l'impédance mesurée I B est inférieure à 2R + T(%) (en %), l'état de l'équipement surveillé est un état d'intervention sur le site. En fonction de l'existence ou de l'absence d'une commande d'inhibition de maintenance 32 saisie à travers le réseau local (en abrégé LAN), l'intervention enregistrée est respectivement de type autorisé ou non autorisé, correspondant aux états V et VI (figure 2) visualisés respectivement en 33 et 34 par le moniteur de l'ordinateur de surveillance.If the measured impedance I B is less than 2R + T (%) (in%), the condition of the monitored equipment is a state of intervention on site. In terms of existence or absence of a muting command 32 maintenance entered through the local network (in abbreviated LAN), the recorded intervention is respectively of authorized or unauthorized type, corresponding to states V and VI (figure 2) displayed respectively in 33 and 34 by the monitor the monitoring computer.

Dans le cas d'une intervention non autorisée, les consignes prévues sont affichées et les alarmes locales et générales déclenchées en 35. Si l'impédance mesurée est supérieure à 2R + T(%), l'état de l'équipement surveillé est un état de déconnexion. En fonction de l'existence ou de l'absence d'une commande d'inhibition 25 provenant du LAN et fournie par l'utilisateur de l'équipement surveillé ou de la maintenance informatique, la déconnexion est respectivement de type autorisé ou non autorisé, correspondant aux états II et III (figure 2) visualisés en 26 et 27. Dans le cas d'une déconnexion non autorisée, les consignes s'affichent et les alarmes locales et générales se déclenchent en 28, telles que prédéfinies par le gestionnaire.In the case of unauthorized intervention, the planned instructions are displayed and local alarms and general triggered in 35. If the impedance measured is greater than 2R + T (%), the condition of the equipment monitored is a disconnection state. In terms of existence or absence of a muting command 25 from the LAN and supplied by the user of monitored equipment or maintenance computer, the disconnection is respectively of the type authorized or not authorized, corresponding to states II and III (Figure 2) shown in 26 and 27. In the case unauthorized disconnection, the instructions are displayed and local and general alarms are displayed trigger at 28, as predefined by the manager.

Selon un mode particulier de réalisation illustré à la figure 4 du procédé illustré à la figure 3, une borne logique de comparaison 29 supplémentaire permet de définir un état d'intervention non autorisée sur ligne (état IV de la figure 2). Lorsque l'impédance IB est inférieure à 2R + T%, la donnée est comparée à R - T(%) à la borne 29. Si alors l'impédance IB est supérieure à R - T(%), les états V et VI d'intervention sont détectés conformément à la figure 3. Une impédance IB est inférieure à R - T(%) est indicative d'un court-circuit opéré sur l'équipement. L'état correspondant est l'état IV d'intervention non autorisée sur ligne (figure 2).According to a particular embodiment illustrated in Figure 4 of the process illustrated in Figure 3, a additional comparison logic terminal 29 allows to define a state of unauthorized intervention on line (state IV of figure 2). When the impedance IB is less than 2R + T%, the data is compared to R - T (%) at terminal 29. If then the impedance IB is greater than R - T (%), intervention states V and VI are detected according to figure 3. An impedance IB is less than R - T (%) is indicative of a short circuit operated on the equipment. The corresponding state is the IV state of unauthorized intervention on line (figure 2).

Un tel état est affiché en 30 sur l'organigramme de la figure 4, et déclenche les consignes et les alarmes locales et générales adaptées en 31.Such a state is displayed at 30 on the flowchart in Figure 4, and triggers the instructions and local and general alarms adapted in 31.

Dans tous les cas d'affichage d'états II à VI, un retour à un état de départ 20, de type liaison non connectée et correspondant à une impédance de valeur infinie pour l'interface de fin de ligne boucle l'organigramme représenté. Un tel retour est en effet suivi de l'étape d'interrogation sur l'état de connexion I.In all cases of display of states II to VI, a return to a starting state 20, of type link not connected and corresponding to a value impedance infinite for loop end of line interface the organization chart represented. Such a return is indeed followed by the interrogation stage on the state of connection I.

L'invention n'est pas limitée aux exemples décrits et représentés. Il est par exemple possible de répartir les données provenant des unités centrales d'acquisition ou des détecteurs de surveillance sur différents processeurs et / ou sur différents moniteurs de visualisation en fonction de la localisation des équipements surveillés, par exemple sur des équipements disposés à proximité d'un équipement déconnecté, afin d'obtenir une information locale et de permettre ainsi une intervention plus efficace. Par ailleurs, les valeurs de référence d'impédance élevées ou inférieures peuvent varier en fonction des architectures concernées.The invention is not limited to the examples described and represented. It is for example possible to distribute data from central processing units acquisition or surveillance detectors on different processors and / or on different monitors of visualization according to the location of monitored equipment, for example on equipment arranged near disconnected equipment, so to obtain local information and thus allow a more effective intervention. In addition, high or lower impedance reference values may vary depending on the architecture concerned.

L'invention a été décrite en utilisant une boucle d'impédances B qui comporte deux impédances I1 et I2; cependant, l'invention peut être mise en oeuvre avec une boucle dans laquelle l'impédance I1 est remplacée par un circuit électronique actif qui réalise par exemple une étiquette électronique d'identification comportant un code. Lorsque le contact M est fermé (boítier interface enlevé), le circuit électronique est court-circuité, ce qui est détecté par l'unité centrale d'acquisition 12 via le détecteur de surveillance 11. Lorsque le contact M est ouvert (boítier interface non enlevé), le circuit électronique transmet sur les plots P1 et P2, le code série à l'unité centrale d'acquisition 12 sous forme de variations d'impédance, ce qui permet d'identifier le boítier. Lors d'une coupure de la liaison 8, l'unité centrale d'acquisition 12 détecte une impédance de valeur infinie, ce qui est interprété comme une déconnexion de l'équipement par rapport au réseau.The invention has been described using an impedance loop B which has two impedances I 1 and I 2 ; however, the invention can be implemented with a loop in which the impedance I 1 is replaced by an active electronic circuit which produces, for example, an electronic identification label comprising a code. When the contact M is closed (interface box removed), the electronic circuit is short-circuited, which is detected by the central acquisition unit 12 via the surveillance detector 11. When the contact M is open (interface box not removed), the electronic circuit transmits on the pads P 1 and P 2 , the serial code to the central acquisition unit 12 in the form of variations in impedance, which makes it possible to identify the case. When the link 8 is cut, the central acquisition unit 12 detects an impedance of infinite value, which is interpreted as a disconnection of the equipment with respect to the network.

Cette étiquette électronique peut être inhibée par l'unité centrale d'acquisition 12 lors d'une déconnexion autorisée de manière à ne pas être détectée par des équipements de surveillance aptes à lire ces étiquettes.This electronic tag can be inhibited by the central acquisition unit 12 during a disconnection allowed so as not to be detected by monitoring equipment capable of reading these tags.

Claims (13)

  1. Method of monitoring items of computer equipment (1) assembled on a pre-wiring system (2, 3) for connection to computer networks, characterised in that it consists in detecting and comparing impedance values of an end of line interface (9) installed on each item of equipment to be monitored, with a value situated in a standard range, then with a high reference value above the standard range, in collating and recording the data corresponding to the comparisons made, in displaying the states corresponding to the data and identifying events relating to connection, disconnection and intervention at each item of equipment to be monitored, and in tripping the alarm fitted in the event of unauthorised operation.
  2. Method according to claim 1, characterised in that a command inhibiting monitoring for a predetermined time is provided for the mobile items of equipment and any item of equipment on which an authorised operation is being carried out, the disconnection information then being detected, collated and recorded as an event without tripping the alarm.
  3. Method according to claim 1 or 2, characterised in that the data on comparison with the high impedance value is coupled with the inhibiting command when the impedance value of the end of line interface is respectively higher or lower than the high reference value, identifying the authorised or unauthorised disconnection states (II, III) and authorised or unauthorised intervention states (V, VI) respectively.
  4. Method according to one of the preceding claims, characterised in that an unauthorised on-line intervention state (IV) is identified when the impedance value of the end of line interface, compared with a lower reference value, after having been detected as being lower than the high reference value, is detected as being lower than that lower reference value.
  5. Monitoring system for implementation of the method according to any one of claims 1 to 3, characterised in that at the output of each item of equipment (1) to be monitored and equipped with a feeding prewiring module (2), it comprises at least one free pin (P1-P2) for connection to this module, in which is disposed an end of line interface (9) the presence of which is verified by a monitoring detector with an analogue/digital interface (11) which compares the impedance value of the loop (9) with the standard range and with the high value, and which delivers a digital message processed by the processor of a monitoring computer (4) in order to display screens (22, 26, 27, 33, 34) corresponding to states of connection, disconnection and intervention at the item of equipment, authorised or not according to logged inhibiting commands coming from the network and collated by the monitoring computer (4), and to trip alarm messages as a function of the messages received.
  6. System according to claim 5 for implementation of the method according to claim 4, characterised in that in addition, the monitoring detector (11) compares the impedance value of the loop (9) with the lower reference value when this impedance value is detected at a lower value than the high reference value in order to display (30) a short circuit state (IV).
  7. System according to claims 5 or 6, characterised in that the high reference value is equal to twice the standard value situated at least in a standard range and the lower reference value is equal to the lower value of the standard range.
  8. System according to claim 7, characterised in that the detection interfaces (11) are grouped at the heart of central acquisition units (12) which are coupled to the monitoring computer (4), each detection interface (11) performing a function of logging the changes of state of the loop and a function of communication to its central acquisition unit (12).
  9. System according to one of claims 7 or 8, characterised in that the processor of the monitoring computer (4) logs authorised disconnections for the items of equipment concerned for a predetermined period by recording a sequence of data containing information identifying the user, identifying the item of equipment concerned and the period of disconnection, the digital message indicating the presence of this item of equipment and also containing the sequence identifying the item of equipment then being inhibited by an adapted sub-routine of the processor for the predetermined period.
  10. Monitoring system according to any one of claims 7 to 9, characterised in that the data coming from the central acquisition units (12) is distributed between different processors and/or between different display monitors as a function of the location of the items of equipment to be monitored.
  11. System for monitoring terminals (1) according to claim 10, comprising
    a pre-wiring architecture having one feeding module (2) per terminal, distribution units (3) and at least two free wiring pins (10') of the feeding module of a monitoring computer (4),
    a network applications architecture coupled to the feeding modules (2) of the terminals (1) through the intermediary of the distribution units (3), and
    a monitoring architecture using the end of line interface (9) on each free socket (10) of the pins of the feeding modules (2) of the terminals (1) being monitored, each feeding module being connected to a monitoring detector with an analogue/digital interface (11), the central acquisition units (12) which group the detectors (11) transmitting information to the monitoring computer (4) through the intermediary of a bus (13) to a communications interface (14).
  12. System according to any one of the preceding claims 5 to 11, characterised in that the end of line interface (9) comprises two impedances (I1, I2) with given values.
  13. System according to any one of the preceding claims 5 to 11, characterised in that the end of line interface (9) comprises an active electronic circuit which produces an electronic identification label containing a code which is detected by the monitoring detector (11) when the contact M is open.
EP98949072A 1997-10-16 1998-10-16 Method for security control of computer equipment and implementing system Expired - Lifetime EP1010153B1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR9712980 1997-10-16
FR9712980A FR2770013B1 (en) 1997-10-16 1997-10-16 METHOD FOR MONITORING COMPUTER EQUIPMENT AND SYSTEM FOR IMPLEMENTING IT
PCT/FR1998/002230 WO1999021143A1 (en) 1997-10-16 1998-10-16 Method for security control of computer equipment and implementing system

Publications (2)

Publication Number Publication Date
EP1010153A1 EP1010153A1 (en) 2000-06-21
EP1010153B1 true EP1010153B1 (en) 2002-06-12

Family

ID=9512319

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98949072A Expired - Lifetime EP1010153B1 (en) 1997-10-16 1998-10-16 Method for security control of computer equipment and implementing system

Country Status (6)

Country Link
EP (1) EP1010153B1 (en)
AT (1) ATE219267T1 (en)
AU (1) AU9546298A (en)
DE (1) DE69806022D1 (en)
FR (1) FR2770013B1 (en)
WO (1) WO1999021143A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102006044328A1 (en) * 2006-09-19 2008-03-27 Siemens Ag Method and arrangement for detecting unauthorized manipulation of an electrical device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999053627A1 (en) 1998-04-10 1999-10-21 Chrimar Systems, Inc. Doing Business As Cms Technologies System for communicating with electronic equipment on a network
GB2346469A (en) * 1999-01-21 2000-08-09 I T Guard Limited Security system
FR2916557A1 (en) * 2007-05-24 2008-11-28 Frederic Alexandre Glaubert ELECTRONIC SAFETY DEVICE FOR MONITORING AND CONTINUOUS AND REAL-TIME PROTECTION OF ALL TYPES OF COMPUTER EQUIPMENT, IN PARTICULAR PORTABLE AND FIXED COMPUTERS.
CN110188579A (en) * 2019-05-29 2019-08-30 成都卫士通信息产业股份有限公司 A kind of port security safeguard and port security guard system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0015656B1 (en) * 1979-02-09 1983-12-14 Philip Charles Sefton Improvements relating to security equipment
US5406260A (en) * 1992-12-18 1995-04-11 Chrimar Systems, Inc. Network security system for detecting removal of electronic equipment
GB9301143D0 (en) * 1993-01-21 1993-03-10 Capella Electronics Ltd Method and apparatus for securing mains powered electrical equipment
CA2215524A1 (en) * 1995-03-17 1996-09-26 Mats Karling Alarm system for computer equipment connected in a network
US5675321A (en) * 1995-11-29 1997-10-07 Mcbride; Randall C. Personal computer security system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102006044328A1 (en) * 2006-09-19 2008-03-27 Siemens Ag Method and arrangement for detecting unauthorized manipulation of an electrical device

Also Published As

Publication number Publication date
ATE219267T1 (en) 2002-06-15
AU9546298A (en) 1999-05-10
EP1010153A1 (en) 2000-06-21
FR2770013A1 (en) 1999-04-23
DE69806022D1 (en) 2002-07-18
FR2770013B1 (en) 1999-11-26
WO1999021143A1 (en) 1999-04-29

Similar Documents

Publication Publication Date Title
EP1695485B1 (en) Method for automatically classifying a set of alarms emitted by sensors for detecting intrusions of a information security system
US20130262640A1 (en) Method and Apparatus for Interconnectivity between Legacy Security Systems and Networked Multimedia Security Surveillance System
US20120147192A1 (en) Video camera system
FR2953954A1 (en) Device for elaborating alert from communicating equipment of avionic system in e.g. military airplane, has detection unit processing object status consultation and receiving requests to transmit alerts associated with abnormalities
EP1010153B1 (en) Method for security control of computer equipment and implementing system
CN108408362A (en) A kind of intelligent transportation monitoring system and monitoring method for conveyer belt
US20160300477A1 (en) Wireless alarm system
FR3024809A1 (en) DOMOTIC DEVICE HAVING ALTERNATIVE COMMUNICATION LINK WITH REMOTE COMPUTER SERVER
EP3785158B1 (en) System for securing a cyber-physical method
CN111176153A (en) Machine room moving ring alarm system
US20050237176A1 (en) Stigmergic sensor security system
FR2831981A1 (en) METHOD AND DEVICE FOR ANALYZING ALARMS FROM A COMMUNICATION NETWORK
EP1326374B1 (en) Network management system based on trend analysis
FR2988953A1 (en) METHOD AND SYSTEM FOR FAULT CORRELATION ANALYSIS FOR A COMPUTER CENTER
CN105721237A (en) Equipment and network health monitoring using security systems
CN112905408B (en) Server for electric power operation and maintenance network safety monitoring and early warning system
EP3968598A1 (en) Method and firewall configured to control messages in transit between two communication elements
EP2351317B1 (en) Tool for the centralised supervision and/or hypervision of a set of systems having different security levels
CN209433548U (en) Warehouse monitoring system based on Zigbee wireless network
FR3102878A1 (en) security and surveillance system and its operating method
FR3087931A1 (en) METHOD AND SYSTEM FOR MONITORING A SECURITY INSTALLATION
EP1388830B1 (en) System and method for remote management of equipment
CN211885100U (en) Fire-fighting monitoring system
EP1648143B1 (en) Process and apparatus for the wireless, selective and spontaneous connection of at least two devices
CN118858203A (en) Multi-channel infrared gas detection system and method based on big data

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20000411

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17Q First examination report despatched

Effective date: 20001117

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020612

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRE;WARNING: LAPSES OF ITALIAN PATENTS WITH EFFECTIVE DATE BEFORE 2007 MAY HAVE OCCURRED AT ANY TIME BEFORE 2007. THE CORRECT EFFECTIVE DATE MAY BE DIFFERENT FROM THE ONE RECORDED.SCRIBED TIME-LIMIT

Effective date: 20020612

Ref country code: IE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020612

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020612

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020612

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020612

REF Corresponds to:

Ref document number: 219267

Country of ref document: AT

Date of ref document: 20020615

Kind code of ref document: T

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REF Corresponds to:

Ref document number: 69806022

Country of ref document: DE

Date of ref document: 20020718

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: FRENCH

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020912

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020912

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020913

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20020916

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021016

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021016

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021031

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20021031

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021031

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021031

NLV1 Nl: lapsed or annulled due to failure to fulfill the requirements of art. 29p and 29m of the patents act
PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20021220

REG Reference to a national code

Ref country code: IE

Ref legal event code: FD4D

Ref document number: 1010153E

Country of ref document: IE

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

BERE Be: lapsed

Owner name: *SIMATEL

Effective date: 20021031

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20030501

26N No opposition filed

Effective date: 20030313

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20021016

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20031024

Year of fee payment: 6

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050630

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST