EP2235883A1 - Système de sécurité de réseau et physique adaptable basé sur des menaces - Google Patents

Système de sécurité de réseau et physique adaptable basé sur des menaces

Info

Publication number
EP2235883A1
EP2235883A1 EP08861502A EP08861502A EP2235883A1 EP 2235883 A1 EP2235883 A1 EP 2235883A1 EP 08861502 A EP08861502 A EP 08861502A EP 08861502 A EP08861502 A EP 08861502A EP 2235883 A1 EP2235883 A1 EP 2235883A1
Authority
EP
European Patent Office
Prior art keywords
threat level
security
surveillance
threat
security system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP08861502A
Other languages
German (de)
English (en)
Other versions
EP2235883A4 (fr
Inventor
Seth Cirker
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP2235883A1 publication Critical patent/EP2235883A1/fr
Publication of EP2235883A4 publication Critical patent/EP2235883A4/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/18Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength
    • G08B13/189Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems
    • G08B13/194Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems
    • G08B13/196Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems using television cameras
    • G08B13/19665Details related to the storage of video surveillance data
    • G08B13/19669Event triggers storage or change of storage policy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Definitions

  • the present exemplary system and method relate to surveillance, monitoring, and network security devices. More particularly, the present exemplary system and method relate to network and physical facility security systems that adapt according to threat levels.
  • Network security systems continually monitor and manage traffic on a network in order to protect information on the network and to prevent unwanted traffic from entering or otherwise using the network.
  • Network security systems also manage traffic in order to improve efficiency of the network. These systems employ firewalls, proxies, antivirus software, data encryption, intrusion prevention systems, and other devices and methods to manage and control network traffic.
  • Surveillance or monitoring apparatuses often include video cameras allowing surveillance images to be viewed and/or recorded at a remote location.
  • video cameras allowing surveillance images to be viewed and/or recorded at a remote location.
  • an industrial plant, a public school, or a medical facility may have several video cameras at various locations throughout the building and grounds, each camera being communicatively coupled to one or more video screens and/or recorders at central security stations.
  • Video cameras are also coupled to computers hosting any number of software programs capable of converting video images received from the video cameras into a digital format. Such digital video recordings are particularly useful because they can be digitally transmitted over an Internet or intranet and stored as necessary.
  • personal communication devices such as cellular phones, pagers, and personal digital assistants (PDAs) are becoming increasingly popular commercial products. As wireless communication technology becomes widespread and affordable, wireless communication is nearly ubiquitous. In fact, a number of cellular phones are capable of both sending and receiving video images as well as digital photographs. Consequently, it is possible to transmit surveillance images and videos from a video camera to a remote personal communication device, such as a cell phone or other mobile device.
  • security system in one form or another.
  • the security system includes network and communication security as well as physical facility security.
  • Physical security utilizes motion detectors, cameras, and automatic door locks.
  • traditional security systems fail to fully utilize network and physical facility protection systems.
  • a centralized surveillance and monitoring system is communicatively connected to various monitoring devices such as video and audio recorders.
  • the centralized surveillance and monitoring system is configured to receive, either automatically or manually, a threat-level status.
  • the centralized surveillance system will activate specific cameras or other monitoring devices that are usually inactive to protect privacy concerns. Specific application for privacy sensitive areas such as restrooms and locker rooms is provided for.
  • the centralized surveillance system also monitors and controls network and communication traffic. Where the monitored and controlled communication traffic may include, but is not limited to, cell phones, cell phone repeaters, landlines, fixed phone lines, and VoIP phones.
  • One exemplary embodiment of a security system for a network and physical facility includes an interface configured to respond to a received threat level, and a computing module configured to determine whether the received threat level exceeds a threshold value assigned to each portion of the security system. That is, at a certain threat level, portions of the security system will activate and others will remain inactive. As the threat level increases, heightened security measures will be taken.
  • a mobile transmitter device is configured to transmit a wireless signal to a remote device that provides control of area-specific monitoring and security devices.
  • the control and activation of monitoring and security devices may depend on a location of the mobile transmitter and information transmitted.
  • the mobile transmitter may comprise of a key fob, PDA, cell phone, radio transmitter, RFID tag, or other devices capable of wireless communication.
  • similar control and activation of monitoring devices may be performed through fixed devices, such as panic buttons and wall mounted control panels.
  • the network and facility security system may be controlled remotely via an Internet or intranet connection.
  • the present system and method includes, according to one exemplary embodiment, a program allowing a user to group monitoring devices, assign priority levels, and generally manage a wide variety of security and convenience devices.
  • the program is configured to control many devices, including, but not limited to, lights, door locks, windows, cameras, video recorders, audio recorders, motion sensors, heat sensors, visual analytic devices, smoke and other foreign substance detectors, and any other sensor useful for convenience or security.
  • the system and method may monitor the location of a mobile transmitter within a facility, receive a wireless signal from the mobile transmitter, and provide control of specific portions of the system based on the location and information transmitted.
  • the centralized security system maintains complete control of all aspects of the network and other communication to and from the facility.
  • FIG. 1 is a block diagram illustrating a surveillance system, according to one exemplary embodiment.
  • Fig. 2 is a block diagram illustrating the components of a threat based configurable surveillance system, according to one exemplary embodiment.
  • Fig. 3 is a block diagram illustrating the operational configuration and interaction of an operations center, according to one exemplary embodiment.
  • Fig. 4 is a flow chart illustrating a method for selectively configuring a surveillance system in response to a perceived threat level, according to one exemplary embodiment.
  • Fig. 5 is a flow chart illustrating a method for controlling all communication in and out of a facility when necessary, according to one exemplary embodiment.
  • Fig. 6 is a wireless transmitter configured to communicate with a surveillance system, according to one exemplary embodiment.
  • Fig. 7 is a system diagram of a wireless access point configured to be selectively activated, according to one exemplary embodiment.
  • an exemplary system and method for securing a network and physical facility in response to a perceived threat is described herein. More specifically, an exemplary security system includes an interface configured to respond to a received threat level and modify permissions, bandwidth, or other aspects of the network, limit communication to and from the facility, and control physical surveillance and monitoring devices of the facility and grounds. In conjunction with the network security system, a method is disclosed for modifying certain aspects of the network upon a determination that a threat level exceeds a predetermined threshold value. Additionally, the present exemplary security system includes controlling a monitoring system including surveillance equipment in privacy- sensitive areas. In conjunction with the monitoring system, a method is described for determining which surveillance devices should be activated, based on a privacy threshold value and a perceived threat level.
  • a mobile transmitter is configured to transmit a wireless signal to a remote device, which provides control of one or more surveillance devices depending on a location of the mobile wireless transmitter and the information transmitted from the mobile transmitter.
  • the transmitted information may include a threat level condition for activating surveillance equipment or requests to activate specific systems in a prescribed location while the mobile device is at or near the location.
  • the term “mobile transmitter” is meant to be understood broadly as any wireless transmitter device that does not directly and physically connect with a phone, internet, or other communication cable.
  • the term “surveillance device” is meant to be understood broadly as including any device used for monitoring one or more people or a space, including, but in no way limited to, image receiving devices such as cameras, audio receiving devices such as microphones, motion detecting devices, and may further include security devices such as door and window locks as well as lighting.
  • network is meant to be understood broadly as any connection between at least two components such that the components are able to communicate with each other, including electrical communication, wireless communication, or other communication method.
  • Fig. 1 illustrates a surveillance system (100) that may be modified to operate according to the present exemplary system and method.
  • a traditional surveillance system (100) may include any number of surveillance components.
  • the exemplary system of Fig. 1 includes a plurality of audio collection devices (130) such as microphones, a plurality of image collection devices (120) such as cameras, one or more motion sensors (140), an audible alarm component (150), and a central monitoring/processing device (110).
  • a plurality of audio collection devices such as microphones
  • a plurality of image collection devices such as cameras
  • one or more motion sensors (140) such as an audible alarm component
  • 150 audible alarm component
  • central monitoring/processing device 110
  • the various surveillance components (120-150) may be communicatively coupled to the central monitoring/processing device (110) by either a dedicated hardwire connection (160) or a wireless connection facilitated by any number of wireless transmitters and receivers (170).
  • the prior art surveillance system (100) may be communicatively coupled to a standard telephone line or a mobile telecommunications system.
  • the exemplary surveillance system (100) may be configured to effectively monitor a remote area of interest.
  • prior art surveillance systems are limited by the fact that privacy considerations prohibit monitoring of certain areas, such as bathrooms, dressing rooms, classrooms and other privacy- sensitive areas.
  • a surveillance system that selectively activates surveillance components in sensitive areas only when a perceived threat level justifies the activation.
  • a centralized system when the benefits of ubiquitous surveillance outweigh individuals' rights to privacy, a centralized system will activate surveillance components in areas not typically monitored.
  • Fig. 2 illustrates an exemplary threat based surveillance control system (200), according to one exemplary embodiment.
  • the exemplary system is configured to allow video and other surveillance systems to provide variable levels of observation proportionate to perceived threat levels.
  • the present threat based surveillance control system (200) is configured to interrupt and automatically regulate a connection between the cameras and other surveillance devices of a surveillance system and the monitoring (231) and recording (232) components.
  • a program (230) within the system (200) determines which surveillance devices are to be connected to any selective number of monitoring devices, such as recorders (232) or monitors (231), under specific threat levels.
  • the program (230) is implemented via software, firmware and/or hardware.
  • cameras that were traditionally connected to recording and/or monitoring equipment can be selectively disconnected from the recording and/or monitoring equipment, and thereby made unobserved until perceived threats justify connection of the cameras to the recording and/or monitoring equipment.
  • Permission to activate or reconnect certain cameras to the monitoring equipment is granted based upon changes in threat levels including data automatically provided by any number of sources including, but in no way limited to, Federal, State and Local governments such as the Homeland Security Advisory System for terrorist threats (HSAS) or the National Oceanic & Atmospheric Administration for natural disasters (NOAA).
  • threat level information can be provided to the exemplary threat based surveillance control system (200) through wired and/or wireless connections. Furthermore, a log detailing the individual or event responsible for each identified threat level change is maintained, thereby providing accountability for any increase or decrease in surveillance level. Details of the present exemplary threat based surveillance control system (200) and its operation will be provided below with reference to Figs. 2-5.
  • the present exemplary threat based surveillance control system (200) can include an operations center (210) communicatively coupled to a security system interface (220) and a threat level based surveillance control program (230).
  • the operations center (210) is configured to provide threat level information to the security system interface (220).
  • the operations center (210) is communicatively coupled to any number of sources authorized to provide threat based indications including, but in no way limited to, automated threat level sources (212) or manually authorized threat level sources (214).
  • automated threat level sources (212) capable of automatically providing threat based indications may include, but are in no way limited to Federal, State and Local governments such as the Homeland Security Advisory System for terrorist threats (HSAS) or the National Oceanic & Atmospheric Administration for natural disasters (NOAA).
  • manually authorized threat level sources (214) may include, but are in no way limited to supervisors, principals, or other supervisory personnel having an authorized user login.
  • the operations center (210) may be an external "manned" service dedicated to monitoring perceived conditions for a number of clients, or, alternatively, the operations center (210) may be an individual component of the threat based surveillance control system (200).
  • the operations center (210) may receive and determine a threat based indication via any number of communication interfaces including, but in no way limited to, local wired and/or wireless connections such as computers including desktops, laptops, tablets, handhelds or personal digital assistants (PDAs); panic buttons which may enable predefined functions such as recording, activating an alarm and displaying the appropriate video on a monitor; external transmitters such as activation of a "Police Department” or "Fire Department” transmitter during an emergency response; a voice response system which allows access using devices such as wired, wireless, cellular or Voice over Internet Protocol (VoIP) phones; internet connections which allow broadband connection to connect to the system from a remote location; a dial- up connection which allows a low speed data connection to be utilized to connect to the system from a remote location and/or a wireless (cellular / radio) interface configured to provide an alternate remote connection should telephone lines and/or internet connections be unavailable.
  • the above-mentioned communication interfaces may be any number of communication interfaces including, but in no way limited to, local wire
  • Fig. 3 illustrates an exemplary operational configuration and interaction of an operations center (210), according to one exemplary embodiment.
  • threat information may be received from a national automated source (300) or by authorized users (305) and may be received by an automated threat level collection module (310) or a manual threat level collection module (315). Additionally, threat information may be transmitted to a remote system properties library (332) for future processing. The received threat information is collected to establish a current threat level condition (320). The current threat level condition (320) is then processed (330) by the operations center and may assign a quantitative value to the threat level. Once existing threat levels have been determined, the threat levels and the surrounding circumstances can be stored in a threat level change log (334) for future analysis.
  • the change in threat levels is also transmitted to the maintenance subsystem (336).
  • the maintenance subsystem (336) is configured to supervise the condition of remote systems such that if an equipment failure occurs, the maintenance subsystem (336) alerts the operations center (210) so that a notice may be relayed to an appropriate system administrator.
  • the maintenance subsystem may actively supervise all of the components in use during an identified threat level.
  • the threat level determined is then transmitted to the remote system communications portion (340) of the operations center (210).
  • the communications portion (340) of the operations center (210) can then transmit the determined threat level to any number of remote systems (380) via various communication mediums including, but in no way limited to, an internet connection (350), a dial-up or dedicated connection, or a wireless connection (370).
  • the security system interface (220) can include a hardware component configured to receive the threat level information.
  • the threat level information can be provided to the security system interface (220) in numerous ways, such as from the operations center (210) via an internet connection, through a dial-up connection or wirelessly (i.e. radio interface).
  • Threat level information can additionally be provided to the security system interface (220) locally through wired and/or wireless connections, a voice response system or via the Internet. As illustrated in Fig.
  • the local communication of threat level information may be provided by local threat level changes (222) as input by a graphical user interface (GUI) or voice command, or as triggered by a direct local alarm input (224), as generated by a the triggering of a panic button, intrusion sensor (i.e. motion detection, glass breakage, forced entry, etc.), fire alarm (heat / smoke / fire detection, pull boxes), power failure indicator, and/or environmental sensors (i.e. water, humidity, temperature, vibration, or presence of a foreign substance).
  • GUI graphical user interface
  • 224 direct local alarm input
  • intrusion sensor i.e. motion detection, glass breakage, forced entry, etc.
  • fire alarm heat / smoke / fire detection, pull boxes
  • power failure indicator i.e. water, humidity, temperature, vibration, or presence of a foreign substance.
  • the security system interface (220) In addition to receiving the threat level information, the security system interface (220) also provides inputs and outputs that can be used for connection to devices such as alarm contacts as well as for interfacing to other equipment for management, supervisory, and/or control purposes. Additionally, when required by legacy systems (i.e. coax based systems) any coax video stream interface components (228) used for controlling a legacy video stream can be incorporated into the security system interface (220).
  • legacy systems i.e. coax based systems
  • any coax video stream interface components (228) used for controlling a legacy video stream can be incorporated into the security system interface (220).
  • the security system interface (220) is also configured to communicate threat level information, such as threat levels, source and time of threat level change, etc., to external sources (226).
  • threat level information such as threat levels, source and time of threat level change, etc.
  • the threat level may be provided to external sources by standalone alphanumeric displays, as a status indication on local computing devices such as PDAs and laptops, or as a text message to wireless devices (phones, pagers, etc.) of previously identified personnel such as police.
  • the security system interface (220) may be configured to provide outputs (analog, digital & IP.) to control external devices in response to changes in threat levels.
  • the security system interface (220) may be configured to control external alarm systems to initiate police or security response, limit or grant access to doors by controlling the locks, control building management systems such as lighting control (i.e. intelligent video detecting motion could leave lights on after hours while personnel are present), and/or communicate through public address systems by playing pre-recorded messages in response to changes in threat levels.
  • the surveillance system interface may also provide supervision of co-located systems including, but in no way limited to, UPS battery monitoring, equipment maintenance alarms (i.e. failure, high temperature), and unauthorized equipment access / tamper alarms.
  • the security system interface (220) is controlled by, or is communicatively linked to a computing device running a threat level based surveillance control program (230).
  • the threat level based surveillance control program (230) is user configured with a rule set defining the permitted surveillance level of each camera and/or surveillance device under each specific threat level and then controls the system functionality appropriately based upon the current threat level communicated by the security system interface (220), or if a security system interface is not present, by local network threat level data (238).
  • all or a portion of the threat level based surveillance control program (230) can be incorporated directly into the surveillance system components (i.e.
  • the threat level based surveillance control program (230) includes a customizable user interface for each type of environment (i.e. schools, retail location, industrial location) that controls the features of the surveillance system (200), such as the recording, monitoring or analysis of camera imagery, based upon specific threat levels.
  • the threat level based surveillance control program (230) provides a single, straightforward, intuitive interface to features of system components even in multi-vendor or multi-technology systems.
  • the interface generated by the threat level based surveillance control program (230) may be user specific, or in other words, specially designed for each user.
  • authorized users only requiring limited access to make threat level changes are presented a simple and streamlined screen that only displays the limited options available to the user.
  • administrators can be provided a more complex screen allowing them to perform system configurations (234), modify system date and time (235), and the like.
  • the threat level based surveillance control program (230) is configured to identify and coordinate system features.
  • the threat level based surveillance control program (230) is configured to coordinate on-site monitoring devices, allowing logical names to be assigned to groups or individual monitoring devices (i.e. "Security - Main Entrance”, “Security - Roaming PDA", “Main Office”, “Police - Wireless Devices”, etc.). Additionally, the threat level based surveillance control program (230) may monitor and adjust on-site recording quality (resolution, frame rate & storage time) depending on the threat level. Furthermore, control of known technologies may be incorporated into the threat level based surveillance control program (230) including, but in no way limited to, remote access and monitoring and use of intelligent video devices using sophisticated threat identification processes such as graffiti detection from video analytics (236).
  • the threat level based surveillance control program (230) allows an administrator to form logical and meaningful surveillance areas or groups and assign each group or area with a sensitivity designator.
  • monitored locations having similar sensitivities to privacy may be grouped and named. For example, high privacy areas such as restrooms, locker rooms, and changing rooms may be grouped. Similarly, non-sensitive areas such as hallways, student parking lots, cafeterias, and libraries may be grouped and assigned a lower sensitivity designator.
  • the threat level based surveillance control program (230) may then correlate the assigned sensitivity designator with a received threat level to determine whether monitoring of the grouped areas is justified and/or to provide treatment to received video streams from the network cameras (237).
  • the treatment of various areas by the threat level based surveillance control program (230) may be modified based on a custom calendar.
  • the sensitivity designator of the various grouped areas may be modified based on a predetermined event such as nighttime, weekends, holidays, sporting events, and the like.
  • the present threat level based surveillance control program (230) receives information from the security system interface (220) and evaluates the received information to define a one-time event such as a change in threat level due to intrusion detection, a fire alarm, or a wireless radio interface such as from police transmitters or panic transmitters.
  • a one-time event such as a change in threat level due to intrusion detection, a fire alarm, or a wireless radio interface such as from police transmitters or panic transmitters.
  • data corresponding to the change in threat level is recorded on an electronic memory device. By recording any change in threat level, a history of each threat level status change is created that is traceable to an individual user or specific event.
  • the threat level based surveillance control program (230) provides the functionality of the present exemplary threat based surveillance control system (200). As shown, the threat level based surveillance control program (230) is communicatively coupled to the monitoring devices (231), the recording devices (232), and any remote access device such as a router or the like (233). Consequently, the threat level based surveillance control program (230) generates the user interface viewed by anyone monitoring the system.
  • the threat level based surveillance control program (230) manages, accesses, and executes the third party equipment protocols, voice response system/communications/security protocols, maintenance and software upgrades, and logging system used for efficient use of the present exemplary system.
  • Fig. 4 illustrates an exemplary method of operation of the present exemplary threat based surveillance control system (200), according to one exemplary embodiment.
  • initially setting up the threat based security system including establishing sensitivity and threat thresholds (step 400).
  • conditions and designators are established for areas of privacy sensitivity.
  • privacy thresholds indicating when a threat is severe enough to justify surveillance of the designated areas are established.
  • the privacy threshold values are assigned after considering expected privacy associated with each designated area. For example, a privacy threshold value associated with a locker room or restroom would be significantly larger than a privacy threshold value associated with a hallway, a commons area, or other public area. Consequently, it will take a larger threat to justify the activation of surveillance equipment within highly sensitive areas.
  • the privacy threshold and the threat levels are each assigned numeric values corresponding in degree with both the desirability of privacy and the severity of the threat.
  • the monitored locations are identified and grouped according to sensitivity (step 410).
  • the monitored locations are grouped and identified with a sensitivity designator (step 420) such that areas of similar sensitivity will be treated the same depending on perceived threats.
  • each and every location being monitored may have an independent sensitivity designator.
  • the system (200) is ready to receive perceived threat level indicators (step 430).
  • the threat level indicators may be received by the system (200) from a number of sources including, but in no way limited to an operations center (210; Fig. 2) or local alarm inputs (224; Fig. 2).
  • the perceived threat level indicator is received (step 430)
  • the threat level is evaluated and the proper authorities are notified (step 440) if necessary.
  • the received threat levels are then correlated with the established group sensitivities and privacy thresholds (step 450) for each monitored location.
  • the perceived threat level is compared to the privacy thresholds established for each group based on their sensitivities (step 460).
  • the surveillance equipment associated with the identified group is activated and the devices associated with the locations are enabled (step 470).
  • Fig. 5 illustrates an exemplary method of operation of the present exemplary threat based surveillance control system (200), according to one exemplary embodiment. Fig. 5 particularly relates to the response the system will have on network security as well as control of communication to and from the facility. As illustrated in Fig. 5, initially setting up the threat based security system including establishing restriction thresholds (step 500).
  • the restriction threshold of each subsystem and the threat levels are assigned numeric values corresponding in degree with both the desirability of protection and the severity of the threat.
  • step 510 With the system (200) setup and the thresholds established, restrictable subsystems are identified and grouped according to intrusiveness (step 510). Subsequently, each grouped subsystem is assigned a rating (step 520). According to one exemplary embodiment, depending on perceived threats some network and communication features will be disabled while others continue to function.
  • the system (200) is ready to receive perceived threat level indicators (step 530).
  • the threat level indicators may be received by the system (200) from a number of sources including, but in no way limited to an operations center (210; Fig. 2) or local alarm inputs (224; Fig. 2).
  • the perceived threat level indicator is received (step 530)
  • the threat level is evaluated and the proper authorities are notified (step 540) if necessary.
  • the received threat levels are then correlated with the established restriction thresholds (step 550) for each subsystem. During correlation, the perceived threat level is compared to the restriction thresholds established for each subsystem (step 560).
  • the network or communication devices associated with the subsystem are deactivated or restricted (step 570). If, however, the perceived threat level does not exceed the threshold for an identified subsystem (NO, step 560), the surveillance equipment associated with the group's areas is not activated (step 580).
  • the network or communication devices associated with the subsystem are deactivated or restricted (step 570). If, however, the perceived threat level does not exceed the threshold for an identified subsystem (NO, step 560), the surveillance equipment associated with the group's areas is not activated (step 580).
  • Fig. 7 illustrates a wireless access point (700), according to one exemplary embodiment.
  • the wireless access point (700) may include, but is in no way limited to, a security system interface such as an access point module (710), an antenna (715), and a switched wireless transmitter/receiver (720).
  • a security system interface such as an access point module (710), an antenna (715), and a switched wireless transmitter/receiver (720).
  • a number of possible components have been eliminated from the illustrated wireless access point (700) including, but in no way limited to, network connections, power supplies, wiring, additional antennas, and the like.
  • the wireless access point (700) is configured to act as a selectively activated access point that can be activated or deactivated depending on a received threat level or pre-determined date and/or time.
  • the wireless access point (700) is configured to receive, via the antenna (715) and/or wired alarm or network connections (not shown) an indication of threat level.
  • the received signal is sent from the wireless transmitter/receiver (720) to the access point module (710).
  • the access point module is a processor configured to evaluate the received signal and selectively activate the functionality of the wireless transmitter/receiver (720).
  • the transmission capabilities of the wireless transmitter/receiver (710) can be disabled to prevent unauthorized use of the access point.
  • the reception capabilities of the wireless transmitter/receiver (720) are maintained to allow for the selective re-activation of the access point (700) via an activation signal or condition.
  • Any number of typically 'open' or 'public' network or communication access points such as computers, Internet, Intranet, fax machines, telephones, cell phone repeaters and other devices might be disabled after hours or during time of elevated threat. Alternatively, such subsystems may be significantly restricted, but not entirely disabled, in order to provide a secure network and communication system.
  • personnel desiring to use network and communication systems after hours or during high threat level crisis may due so with passwords or access cards.
  • the presence of an authorized Mobile Transmitter (discussed below) will automatically allow greater use of network and communication subsystems.
  • a cell phone jammer may be activated by the security system to prevent outgoing calls and all other outgoing communication is restricted by the security system.
  • An exemplary panic transmitter for the system and method of the present specification includes a key fob transmitter (600, Fig. 6) configured to send a wireless signal to the security system interface.
  • Fig. 6 illustrates an exemplary embodiment of a key fob configured to communicate with the security system interface.
  • the key fob transmitter (600) may be able to attach to a key chain or otherwise retained in a person's possession such that the person may carry the key fob transmitter (600) with him or her at all times while on the premises.
  • each teacher at a school may have a key fob transmitter (600) with a panic button (605).
  • a teacher may press the panic button (605) to send a signal to the security system interface (220) or another remote device connected to the security system interface. Pressing the panic button (605) sends a new threat level condition to the security system interface in order to activate surveillance equipment or to send messages to law enforcement, a fire department, or other emergency responders, if so desired.
  • the threat level provided by the transmitter (600) may be limited to the specific room in which the transmitter (500) is located. Thus, only surveillance equipment within the room or immediate area of the room may be activated, without activating any other systems in other areas of the building. The threat level may also be limited in other ways, such as only activating some of the surveillance equipment within the room.
  • the panic button (605) may need to be pressed for a certain amount of time before sending a signal, or the transmitter (600) may include some other accidental activation prevention measure.
  • the mobile transmitter (600) may also include the capability to activate or deactivate other, non-emergency systems for preventative safety measures or merely for convenience, either automatically or by pressing a second button (610).
  • Such capabilities may include, but are in no way limited to, lighting control, unlocking/locking doors, activating a temperature control system, activating alarm systems, or activating cameras in a classroom for recording presentations, recording after hour activities in a certain area, or the like.
  • a transmitter with the capability to control lighting allows a person to turn on lights before entering a room or hallway in order to improve visibility and reduce the likelihood of accidents.
  • the transmitter sends a wireless signal to a single operation center that determines the location of the transmitter either through triangulation, RFID tags, transmission proximity detectors, or other methods, so that only systems within a predetermined distance of the transmitter are activated, either automatically or upon pressing of a button.
  • a single operation center that determines the location of the transmitter either through triangulation, RFID tags, transmission proximity detectors, or other methods, so that only systems within a predetermined distance of the transmitter are activated, either automatically or upon pressing of a button.
  • the systems in the person's previous location deactivate, such as lights turning off and doors locking.
  • a person may activate certain cameras as they travel from one area to another, so that the cameras monitor the person as he/she moves from room to room. Pressing a separate button on the transmitter may activate each individual system. Alternatively, one button may activate a plurality of systems.
  • the transmitter may also be used to send a message to other personnel within the building to notify that a certain event has occurred, such as sending a page or text to a custodian that a mess needs to be cleaned up.
  • RFID radio frequency identification detector
  • the mobile transmitter of Fig. 6 is configured with multiple buttons.
  • some buttons on the device are configured for non-emergency use and other buttons are exclusively for emergency use.
  • buttons may be configured to control lights, door locks and other non-emergency functions, while a panic button may secure any number of doors, activate monitoring devices or perform other emergency functions associate with the surveillance and monitoring system.
  • each wireless device is assigned a unique user ID allowing the surveillance and monitoring system to log which user activated which services. For example, a log of exactly who authorized a raise in threat level would be possible.
  • unique IDs for each of the transmitters would allow lost or stolen devices to be blacklisted or disabled.
  • each wireless device is configured with a unique ID so that when an administrator pushes an emergency button the system will respond differently then when a staff member or guest pushes the button on his or her wireless device. For example, in response to the administrator, the system may begin surveillance and notify authorities, while the system may respond to staff and guest emergencies by notifying the administrator.
  • Wireless devices may be further modified to include two-way communication.
  • the wireless device is capable of receiving video or audio from the surveillance and monitoring system.
  • One advantage of a wireless device communicatively connected to the surveillance and monitoring service is that areas such as basements would still allow for communication between the wireless devices and the central system.
  • location of the transmitter will be known and GPS type services might be provided to either the central system or to the wireless transmitter.
  • the wireless transmitter is capable of receiving directions as a response to a specific emergency. For example, audio alerts, directions, or even navigation out of the building or to a safe place within the building.
  • Size and shape of the wireless transmitter may vary widely depending on the functionality. Devices allowing only one-way communication via a multiplicity of buttons or sensors may be very small, while devices capable of displaying video or audio may need to be slightly larger. However, it is often desirable to have small transmitters such as a key fob that allow a user to discretely signal an emergency. Even with an extremely small form factor like a key fob it is possible to include minimal two-way communication, such as blinking lights (620) or a tone from a speaker (630). Specifically, an indication that the device is working may be comforting to the person utilizing the device during an emergency. Such notification may be given the user via lights or audio confirmation on the wireless device itself, or alternatively through a public announcement system.
  • the mobile transmitter may range from single-button devices to more complex devices capable of two-way communication and/or even video.
  • a wide variety of mobile transmitters are configured to operate in conjunction with the same system. This is particularly useful as it allows visitors or typical employees to have limited access, such as only the ability to signal an emergency, while security personal or administrators may be equipped with more complex fully functional transmitters allowing for complete control of the system.
  • the mobile transmitter presents a more complex user interface allowing for greater system control, such a device may be similar to or integrated within cell phones or personal digital assistants (PDA).
  • PDA personal digital assistants
  • a more complex device allows for more detailed control over the systems in each area, such as the capability to set the temperature, or to raise or lower the volume of a sound system.
  • the more complex wireless device may also connect to a different remote device within each room.
  • a remote device may control only the systems within the room in which it is located.
  • the more complex wireless device may also communicate with the remote device through any wireless connection, such as infrared, Bluetooth, Wi-Fi, or Wi-Max.
  • the complex mobile transmitter (actually a transceiver) may provide for password, voice, or other authentication in order to activate any or all of the systems.
  • the present exemplary threat based surveillance control system (200) manages commercial and/or government shared wireless systems.
  • Wi-Fi networks Municipal Wi-Fi (wireless broadband) networks are becoming more and more popular. These networks typically provide a combination of "Public” and "Government” (i.e. Public Safety) usage.
  • Public and "Government” (i.e. Public Safety) usage.
  • the present threat based surveillance control system (200) can modify available bandwidth in high threat situations. Consequently, the present system could be used to automatically increase "Government” bandwidth when required without limiting "public” access during normal operation.
  • the present threat based surveillance control system (200) can be applied to commercial radio systems such as integrated digital enhanced networks (Sprint/Nextel).
  • commercial radio systems such as integrated digital enhanced networks (Sprint/Nextel).
  • critical users i.e. "utilities” such as gas, water, and electric companies
  • the present threat based surveillance control system (200) can be applied, according to one exemplary embodiment, to modify available bandwidth in high threat situations, thereby guaranteeing that priority communications are not compromised.
  • the teachings of the present threat based surveillance control system (200) can be applied to provide data to manage network security systems.
  • the level of corporate data network security is typically determined by evaluating the risk to the system and functionality required by the users. Networks that are too secure become more complicated, difficult to use, and less efficient.
  • the present threat based surveillance control system (200) is used to compliment network security systems and automatically adjust the security/functionality balance appropriately under high threat level situations, thereby making systems more secure without impacting performance under normal circumstances.
  • the present threat based surveillance control system (200) can be utilized to add increased functionality to current data protection systems such as automatically performing more frequent or more "off-site" back-ups during elevated threat periods. Additionally, according to one exemplary embodiment, the present threat based surveillance control system (200) may interact with system software to modify safety settings and perform higher security operations. For example, according to one exemplary embodiment, the present threat based surveillance control system (200) may interact with e-mail software to block or strip attachments when an elevated threat level exists. [0075] Blocking or stripping attachments may be useful in preventing computer viruses, worms, and other similar threats from being spread throughout a network if a virus or worm is detected on a machine connected to the network.
  • Attachments may also be blocked to prevent secure data from being disseminated if an initial security breach is detected, such as if an unfamiliar Internet Protocol (IP) address is detected.
  • IP Internet Protocol
  • email and other electronic messaging (such as text messaging) capabilities may be monitored and limited in other emergency situations in order to prevent private or threatening data from being sent, or to allow for law enforcement or other emergency personnel to transmit messages to a specific group of users on the network or on multiple networks.
  • the present threat based surveillance control system (200) may be extended to access control systems and alarm systems.
  • Providing access control systems with threat level information different rules or access restrictions can be automatically implemented during high threat situations. For example, according to one exemplary embodiment, areas that are normally accessible to "visitors", such as parking structures, could become temporarily restricted during high threat situations. This permits access control systems to allow normal facility access during standard conditions while providing increased protection when needed.
  • Providing alarm systems with threat level information different protection levels can be applied automatically during high threat situations. For example, during normal hours when a perimeter alarm system would have been otherwise deactivated, in an elevated threat level situation, special "zoning" can be activated providing protection of secondary entrances and coverage such as glass breakage. Additionally, during natural disasters such as a hurricane the system could monitor damage resulting in open windows or doors. This would allow the alarm system to be more efficient by offering increased functionality.
  • the present system and method selectively monitors sensitive areas depending on threat levels. More specifically, the present system and method provide variable levels of observation proportionate to the current threat level.
  • a surveillance system interface is configured to selectively activate and deactivate inputs and outputs to surveillance devices based on a received threat level.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Alarm Systems (AREA)

Abstract

L'invention concerne un système de sécurité (200) pour un réseau, incluant une interface de système de sécurité (220) conçue pour répondre à un niveau de menace reçu, et un module de calcul (230) conçu pour déterminer si le niveau de menace reçu dépasse une valeur seuil (560) attribuée au réseau, le réseau étant modifié (570) lorsqu'il est déterminé que le niveau de menace dépasse la valeur seuil. L'invention concerne en outre un système de sécurité de modification basé sur des menaces (200) similaire pour surveiller des équipements de communication et des équipements physiques. Un niveau de menace (222) est comparé (460) à des valeurs seuil attribuées pour déterminer si des dispositifs de sécurité physiques doivent être activés ou bien si les systèmes de communication doivent être désactivés (470).
EP08861502.6A 2007-12-18 2008-12-18 Système de sécurité de réseau et physique adaptable basé sur des menaces Withdrawn EP2235883A4 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US1450907P 2007-12-18 2007-12-18
PCT/US2008/087510 WO2009079648A1 (fr) 2007-12-18 2008-12-18 Système de sécurité de réseau et physique adaptable basé sur des menaces

Publications (2)

Publication Number Publication Date
EP2235883A1 true EP2235883A1 (fr) 2010-10-06
EP2235883A4 EP2235883A4 (fr) 2014-10-01

Family

ID=40795926

Family Applications (1)

Application Number Title Priority Date Filing Date
EP08861502.6A Withdrawn EP2235883A4 (fr) 2007-12-18 2008-12-18 Système de sécurité de réseau et physique adaptable basé sur des menaces

Country Status (3)

Country Link
EP (1) EP2235883A4 (fr)
CA (1) CA2747520A1 (fr)
WO (1) WO2009079648A1 (fr)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8584030B2 (en) 2009-09-29 2013-11-12 Honeywell International Inc. Systems and methods for displaying HVAC information
US8565902B2 (en) 2009-09-29 2013-10-22 Honeywell International Inc. Systems and methods for controlling a building management system
EP2302470A3 (fr) 2009-09-29 2014-06-11 Honeywell International Inc. Systèmes et procédés pour configurer un système de gestion de construction
US9756076B2 (en) * 2009-12-17 2017-09-05 American Express Travel Related Services Company, Inc. Dynamically reacting policies and protections for securing mobile financial transactions
US8577505B2 (en) 2010-01-27 2013-11-05 Honeywell International Inc. Energy-related information presentation system
US8947437B2 (en) 2012-09-15 2015-02-03 Honeywell International Inc. Interactive navigation environment for building performance visualization
US20150304343A1 (en) 2014-04-18 2015-10-22 Intuit Inc. Method and system for providing self-monitoring, self-reporting, and self-repairing virtual assets in a cloud computing environment
US10121007B2 (en) 2014-02-21 2018-11-06 Intuit Inc. Method and system for providing a robust and efficient virtual asset vulnerability management and verification service
US10757133B2 (en) 2014-02-21 2020-08-25 Intuit Inc. Method and system for creating and deploying virtual assets
US9298927B2 (en) 2014-02-27 2016-03-29 Intuit Inc. Method and system for providing an efficient vulnerability management and verification service
US11294700B2 (en) 2014-04-18 2022-04-05 Intuit Inc. Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets
US9516044B2 (en) * 2014-07-31 2016-12-06 Intuit Inc. Method and system for correlating self-reporting virtual asset data with external events to generate an external event identification database
US9330263B2 (en) 2014-05-27 2016-05-03 Intuit Inc. Method and apparatus for automating the building of threat models for the public cloud
US10102082B2 (en) 2014-07-31 2018-10-16 Intuit Inc. Method and system for providing automated self-healing virtual assets
EP3621050B1 (fr) 2018-09-05 2022-01-26 Honeywell International Inc. Procédé et système permettant d'améliorer le contrôle des infections dans une installation
US10978199B2 (en) 2019-01-11 2021-04-13 Honeywell International Inc. Methods and systems for improving infection control in a building
US11620594B2 (en) 2020-06-12 2023-04-04 Honeywell International Inc. Space utilization patterns for building optimization
US11783652B2 (en) 2020-06-15 2023-10-10 Honeywell International Inc. Occupant health monitoring for buildings
US11783658B2 (en) 2020-06-15 2023-10-10 Honeywell International Inc. Methods and systems for maintaining a healthy building
US11914336B2 (en) 2020-06-15 2024-02-27 Honeywell International Inc. Platform agnostic systems and methods for building management systems
US11184739B1 (en) 2020-06-19 2021-11-23 Honeywel International Inc. Using smart occupancy detection and control in buildings to reduce disease transmission
US11823295B2 (en) 2020-06-19 2023-11-21 Honeywell International, Inc. Systems and methods for reducing risk of pathogen exposure within a space
US11619414B2 (en) 2020-07-07 2023-04-04 Honeywell International Inc. System to profile, measure, enable and monitor building air quality
US11402113B2 (en) 2020-08-04 2022-08-02 Honeywell International Inc. Methods and systems for evaluating energy conservation and guest satisfaction in hotels
US11894145B2 (en) 2020-09-30 2024-02-06 Honeywell International Inc. Dashboard for tracking healthy building performance
US11662115B2 (en) 2021-02-26 2023-05-30 Honeywell International Inc. Hierarchy model builder for building a hierarchical model of control assets
US11372383B1 (en) 2021-02-26 2022-06-28 Honeywell International Inc. Healthy building dashboard facilitated by hierarchical model of building control assets
US11474489B1 (en) 2021-03-29 2022-10-18 Honeywell International Inc. Methods and systems for improving building performance
CN114844676B (zh) * 2022-04-02 2023-12-05 国网湖北省电力有限公司 一种电力监控系统网络安全威胁应急处置系统及方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020125998A1 (en) * 1998-06-22 2002-09-12 Petite Thomas D. System and method for monitoring and controlling remote devices
US20050222820A1 (en) * 2003-02-26 2005-10-06 Intexact Technologies Limited Security system and a method of operating
WO2008112954A1 (fr) * 2007-03-14 2008-09-18 Seth Cirker Système d'informations basé sur une menace activé sélectivement

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3764345B2 (ja) * 2001-03-19 2006-04-05 株式会社エヌ・ティ・ティ・ドコモ 移動通信端末装置及びサーバ装置
KR100466214B1 (ko) * 2001-12-21 2005-01-14 한국전자통신연구원 가변적인 보안 상황을 반영하는 보안 등급 설정방법 및이를 위한 기록 매체
US20050104773A1 (en) * 2003-11-17 2005-05-19 Clarke Christopher J.M. Mobile radiation surveillance network
US7944468B2 (en) * 2005-07-05 2011-05-17 Northrop Grumman Systems Corporation Automated asymmetric threat detection using backward tracking and behavioral analysis

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020125998A1 (en) * 1998-06-22 2002-09-12 Petite Thomas D. System and method for monitoring and controlling remote devices
US20050222820A1 (en) * 2003-02-26 2005-10-06 Intexact Technologies Limited Security system and a method of operating
WO2008112954A1 (fr) * 2007-03-14 2008-09-18 Seth Cirker Système d'informations basé sur une menace activé sélectivement

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2009079648A1 *

Also Published As

Publication number Publication date
EP2235883A4 (fr) 2014-10-01
CA2747520A1 (fr) 2010-06-25
WO2009079648A1 (fr) 2009-06-25

Similar Documents

Publication Publication Date Title
US9135807B2 (en) Mobile wireless device with location-dependent capability
US20120314063A1 (en) Threat based adaptable network and physical security system
EP2235883A1 (fr) Système de sécurité de réseau et physique adaptable basé sur des menaces
US8749343B2 (en) Selectively enabled threat based information system
JP7265995B2 (ja) 監視及びコンシェルジェサービスのためのスケーラブルなシステム及び方法
KR101072593B1 (ko) 네트워크를 이용한 무인경비시스템, 무인경비서비스의 제공방법 및 무인경비시스템의 설정방법
US7627665B2 (en) System and method for providing configurable security monitoring utilizing an integrated information system
US9495849B2 (en) Security monitoring system
US7899471B2 (en) Methods, systems and computer program products for remotely controlling wireless terminals based on premises-specific rules
US7468663B1 (en) Building security system
DK201500228A1 (en) Smart alarm system with user confirmed video stream notification of psap in combination with data safety and public emergency involvement using smartphone agents
US9589453B2 (en) Dynamic linking of security systems
US20030117280A1 (en) Security communication and remote monitoring/response system
US20120001755A1 (en) Virtual Presence after Security Event Detection
US20100097214A1 (en) System and method for monitoring a location
US11438449B2 (en) Community safety, security, health communication and emergency notification system with inter-organizational compatibility
US11984015B2 (en) Community emergency notification system with inter-organizational compatibility
CA2704244A1 (fr) Systeme de securite
JP2005208878A (ja) セキュリティシステム
KR20200094315A (ko) 네트워크를 이용한 무인경비시스템 및 무인경비시스템의 설정방법
EP3272107B1 (fr) Système de notification d'urgence communautaire avec compatibilité inter-organisationnelle
Wamandu et al. Home laser security system.

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20100719

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20140903

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/26 20060101AFI20140828BHEP

Ipc: H04L 9/32 20060101ALI20140828BHEP

Ipc: G08B 25/10 20060101ALI20140828BHEP

Ipc: G08B 25/01 20060101ALI20140828BHEP

Ipc: G08B 27/00 20060101ALI20140828BHEP

17Q First examination report despatched

Effective date: 20150724

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20161206