EP3195552A1 - Vorrichtung und verfahren zum verwalten eines netzwerks - Google Patents
Vorrichtung und verfahren zum verwalten eines netzwerksInfo
- Publication number
- EP3195552A1 EP3195552A1 EP15728429.0A EP15728429A EP3195552A1 EP 3195552 A1 EP3195552 A1 EP 3195552A1 EP 15728429 A EP15728429 A EP 15728429A EP 3195552 A1 EP3195552 A1 EP 3195552A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- information
- entities
- network
- server
- group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Definitions
- the present invention relates inter alia to an apparatus and method for managing a network (e.g., a closed network).
- the present invention relates to an apparatus and method for providing an interface between an internal network and an external network.
- the present invention relates to an apparatus and method for managing and / or controlling the entities of the first group of entities of the internal network.
- the present invention relates, inter alia, to an apparatus and method for a wireless infrastructure and / or a wired infrastructure (e.g., optical fiber) in the outdoor area (e.g., for light, sensors, appliances, APPs, traffic, and other web applications).
- a wireless infrastructure and / or a wired infrastructure e.g., optical fiber
- infrastructure measures for example, systems for detecting information in the outdoor area are known, which include one or more devices with one or more means for detecting information in the outdoor area.
- lighting systems are known which comprise one or more remotely controllable devices for controlling a light source.
- a disadvantage of these known systems is the communication with and between the respective devices of the systems. Because this communication takes place via public networks such as the Internet, so that the communication is particularly susceptible to attacks (eg, the interception, manipulation and / or blocking) by unauthorized third parties.
- An object of the present invention is therefore to overcome the above-mentioned disadvantages.
- the method according to the first aspect of the invention is a method for providing an interface between the internal network and the external network.
- the method according to the first aspect of the invention is further a method of selectively providing information (eg, payload information).
- the method according to the first aspect of the invention is a method for outdoor wireless infrastructure (eg, for lights, sensors, appliances, APPs, and other web applications).
- a server e.g., the first server disclosed below.
- a first server comprising one or more means for at least partially performing and / or controlling the method according to the first aspect of the invention or respective means for at least partially performing and / or controlling the steps of Method according to the first aspect of the invention.
- the first server is a server for providing an interface between the internal network and the external network.
- the first server is also a server for selectively providing information (e.g., payload information).
- the first server is a wireless outdoor infrastructure server (e.g., for lights, sensors, devices, APPs, and other web applications).
- a server is to be understood as a hardware (for example a server device).
- a server device includes means arranged to cause the provision of one or more services to other programs and / or devices.
- a server device comprises at least one processor and at least one memory containing one or more server programs with program instructions, wherein the memory and the program instructions are arranged to cause the server device, together with the at least one processor, to switch to other programs and / or devices to provide multiple services.
- the first server is a server device.
- the first server is a first server device comprising means configured to execute and / or control the method according to the first aspect of the invention and / or the steps of the method according to the first aspect of the invention.
- the first server is a first server device comprising at least one processor and at least one memory containing one or more server programs with program instructions, wherein the memory and the program instructions are set up to cause the first server device together with the at least one processor. to execute and / or to control the method according to the first aspect of the invention and / or the steps of the method according to the first aspect of the invention.
- the first server is a first server device comprising at least one processor and at least one memory including one or more server programs with program instructions, wherein the memory and the program instructions are arranged to cause the first server device together with the at least one processor to perform the at least partially execute and / or control the following steps:
- Group of entities of the external network is available.
- a processor should be understood as meaning, for example, control units, microprocessors, microcontrol units such as microcontrollers, digital signal processors (DSP), application-specific integrated circuits (ASICs) or field programmable gate arrays (FPGAs).
- the memory containing the program instructions may for example be part of the processor, for example a (non-volatile or volatile) program memory and / or main memory of the processor or a part thereof.
- the first server is a first server device further comprising one or more communication means, the communication means being arranged to send and / or receive information.
- An example of a communication means is a network interface, the network interface being configured to send and / or receive information over one or more network connections.
- a network interface comprises, for example, a network card, an antenna, a network module, a network switch and / or a modem.
- a first server program comprising program instructions which cause a device (eg the first server device) to at least partially execute the method and / or the steps of the method according to the first aspect of the invention first server program is executed by one or more processors of the device.
- the first server program may, for example, be distributed over a network (e.g., the internal network and / or the external network).
- the first server program may be at least partially software and / or firmware of a processor. It may equally be at least partially implemented as hardware.
- the first server program may be stored on a computer-readable storage medium, e.g. a touchable, magnetic, electrical, electromagnetic, optical and / or other type of storage medium.
- the storage medium may be, for example, part of the processor of the first server (for example the first server device), for example a (non-volatile or volatile) program memory and / or main memory of the processor or a part thereof.
- a method which comprises: Initiating and / or controlling a functional recovery and / or a functional update of one or more entities of a first group of entities of the internal network.
- the method according to the second aspect of the invention is a method for managing and / or controlling the entities of the first group of entities of the internal network.
- the method according to the first aspect of the invention is a method for outdoor wireless infrastructure (eg, for lights, sensors, appliances, APPs, and other web applications).
- a server e.g., the second server disclosed below.
- a second server comprising one or more means for at least partially performing and / or controlling the method according to the second aspect of the invention or respective means for at least partially performing and / or controlling the steps of Method according to the second aspect of the invention.
- the second server is a server for managing and / or controlling the entities of the first group of entities of the internal network.
- the second server is a server for outdoor wireless infrastructure (e.g., for lights, sensors, devices, APPs, and other web applications).
- the second server is a second server device.
- the second server is a second server device comprising means arranged to execute and / or control the method according to the second aspect of the invention and / or the steps of the method according to the second aspect of the invention
- second server comprises a second server device comprising at least one processor and at least one memory having one or more server Programs with program instructions, wherein the memory and the program instructions are arranged to cause the second server device together with the at least one processor to carry out the method according to the second aspect of the invention and / or the steps of the method according to the second aspect of the invention and / or to control.
- the second server is a second server device comprising at least one processor and at least one memory including one or more server programs with program instructions, wherein the memory and the program instructions are arranged to cause the second server device to communicate with the at least one processor at least partially execute and / or control the following steps:
- the second server is a second server device further comprising one or more communication means, the communication means being arranged to send and / or receive information.
- An example of a communication means is a network interface, the network interface being arranged to send and / or receive information via one or more network connections.
- a second server program comprising program instructions for causing a device (eg the second server device) to at least partially execute the method and / or the steps of the method according to the second aspect of the invention second server program is executed by one or more processors of the device.
- the second server program can, for example, be distributed over a network (eg the internal network and / or the external network).
- the second server profile The program may be at least partially software and / or firmware of a processor. It may equally be at least partially implemented as hardware.
- the second server program can for example be stored on a computer-readable storage medium, for example a touchable, magnetic, electrical, electromagnetic, optical and / or other type of storage medium.
- the storage medium may for example be part of the processor of the second server device, for example a (non-volatile or volatile) program memory and / or main memory of the processor or a part thereof.
- the method according to the third aspect of the invention is a method of providing an interface between the internal network and the external network and managing and / or controlling the entities of the first group of entities of the internal network.
- the method according to the third aspect of the invention is a method for outdoor wireless infrastructure (e.g., for light, sensors, devices, APPs, and other web applications).
- the steps of the method according to the third aspect of the invention are performed and / or controlled by one or more servers (eg, the first server and the second server).
- a system comprising one or more servers, wherein the servers each comprise one or more means arranged, the method according to the third aspect of the invention and / or the steps of the method according to to execute and / or control the third aspect of the invention together.
- the system according to the third aspect of the invention includes the first and second servers.
- the first server and the second server are the same server.
- the first server device described above and the second server device described above are the same server device (eg, a single server device) comprising means arranged, the method according to the first and second aspects of the invention, and / or the steps of the method according to the first and the second second aspect of the invention and / or to control.
- the system according to the third aspect of the invention comprises at least this server or server device (e.g., this one server device).
- the first server and the second server are at least partially different.
- the first server device and the second server device are at least partially different.
- the system according to the third aspect of the invention comprises at least the first server and the second server at least partially different from the first server (e.g., the first server device and the second server device at least partially different from the first server device).
- a computer program comprising program instructions which cause a device for at least partially executing the method and / or the steps of the method according to the third aspect of the invention, if the computer program of one or more processors of the Device is running
- the computer program according to the third aspect of the invention can be distributable, for example, via a network (eg the internal network and / or the external network).
- the computer program according to the third aspect of the invention may be at least partially software and / or firmware of a processor. It can equally at least partially implemented as hardware.
- the computer program according to the third aspect of the invention can be stored, for example, on a computer-readable storage medium, for example a touchable, magnetic, electrical, electromagnetic, optical and / or other type of storage medium.
- the storage medium may for example be part of a processor, for example a (non-volatile or volatile) program memory and / or main memory of the processor or a part thereof.
- the information is received at a device.
- information may be received at a device over a network connection.
- the first information is received at one of the first server and / or the first server device.
- the first information is received via one or more network connections of the internal network.
- the first information is received from an entity of the internal network.
- the first server device comprises one or more communication means, the communication means being arranged to receive the first information (e.g., to receive from one entity of the internal network via one or more network connections of the internal network).
- the first information is received from the second server and / or the second server device.
- the second server is arranged to receive the first information from an entity of the internal network and send to the first server.
- the second server is set up to receive the first information from an entity of the internal network entity and to send it to the first server unsolicited (eg in the form of a push transmission). This is advantageous, for example, to ensure that the sending of the first information to the second server is under the control of the entities of the internal network and can not be controlled by (unauthorized) entities of the external network.
- information should be understood to mean, for example, information that can be processed by a processor, such as data.
- information may be contained in one or more data containers, such as one or more data packets and / or one or more files.
- data may include digital information and / or analog information.
- Information and / or data may be transmitted (i.e., transmitted and / or received) by, for example, current signals, voltage signals, optical signals and / or radio signals.
- the first information is contained in one or more data packets received at the first server and / or at the first server device.
- the first information is contained in one or more files received by the first server and / or the first server device.
- information should be understood to originate from an entity if the information has been at least partially generated and / or captured by the entity and / or means of the entity.
- the first information has been at least partially generated and / or acquired by one or more entities of the internal network and / or means of the entities of the internal network.
- the first information is the result of preprocessing performed by one or more entities of the internal network and / or means of the entities of the internal network (eg pre-processing, encrypytion, authentification, etc.).
- pre-processing serves to ensure optimal and / or secure transmission.
- information should be understood as being based on another information if the information comprises the other information, for example at least partially, and / or the information is at least partially the result of a summary and / or processing of the other information.
- the information based on the first information is at least partially the result of processing and / or summarizing the first information.
- An information type of information is, for example, at least partially dependent on the place of creation and / or the location of the detection and / or the purpose of the information.
- Examples of information types are control information, environmental information (e.g., traffic information, weather information, and / or brightness information), and / or state information.
- control information such as a control instruction and / or a control parameter is used, at least in part, to control an entity (e.g., a device).
- environmental information is used, at least in part, to inform one or more detectable characteristics of the environment at one or more locations (e.g., about traffic, weather, and / or brightness).
- State information for example, is for informing about the state of an entity (e.g., a device).
- the first information is for example environmental information (eg traffic information, weather information and / or brightness information) and / or state information. - -
- a data container such as a data packet and / or a file containing at least a portion of information may include an indication of the information type of the information.
- the data packets may further include an indication of the information type of the first information.
- the files may further include an indication of the information type of the first information (e.g., a corresponding file name extension).
- the first information contains an indication of the information type of the first information.
- information should be understood as being obtainable by an entity if the information can be obtained at the entity.
- information is available to an entity if the information is receivable, readable, detectable, retrievable, and / or decryptable by the entity.
- the information is receivable, for example, available to the entity.
- information is encrypted sent to an entity that is set up to receive and decrypt the information, the information is receivable and decryptable, for example, at the entity.
- information is sent in response to a retrieval of the information to an entity configured to receive the information, the information is retrievable and receivable, for example, by the entity, that is, available at the entity.
- the first Information receivable only by the entities of the first group of entities of the external network read bar, detectable, retrievable and / or decryptable.
- the first information and / or information based on the first information is provided by the first server such that the first information is receivable, readable, detectable, retrievable, and / or only by the entities of the first group of entities of the external network. or decryptable.
- the first information and / or the information based on the first information is sent only to the entities of the first group of entities (eg sent only encrypted to the entities of the first group of entities).
- a group of entities of the external network includes one or more entities of the external network.
- a group of entities of the internal network includes one or more entities of the internal network.
- only the entities of a group of entities of the external network are authorized to obtain information from the information type associated with the group of entities of the external network.
- a group of entities of the external network includes all entities of the external network with the authority to obtain information of a particular type of information.
- these permissions specify rules for providing information about each type of information.
- authorization information about the permissions of one or more groups of entities of the external network may be stored.
- only the entities of the first group are entities of the external one
- Network is entitled to receive information from the information type of the first information and / or the information based on the first information.
- the first information and / or the information based on the first information at least partially as a function of an assignment of an information type of the first information and / or on the first information , , tion based on a first group of entities of the external network such that the first information and / or based on the first information information is available only through the (legitimate) entities of the first group of entities of the external network, according to the first Aspect of the invention, for example, be ensured that the first information and / or based on the first information information only by the entities of the information type of the first information and / or based on the first information information associated first group of entities of the external network and not obtainable by entities of a group of entities of the external network other than the first group of entities.
- a function recovery and / or a function update of one or more entities of a first group of entities of the internal network for example, it is to be understood that the one or more entities of the first group of entities of the internal network include function recovery information or providing function update information such that the one or more entities of the first group of entities of the internal network are enabled to restore and / or update the function.
- each of the function recovery information and / or function update information provided to an entity of the one or more entities of the first group of entities of the internal network is at least partially different from the others for further entities of the one or more entities of the first group of entities of the internal one Network provided function recovery information and / or function update information.
- one or more Entities of the first group of entities of the internal network each have a respective function recovery information (eg, an individual function recovery information) and / or a respective function update information (eg, an individual function update information) provided.
- corresponding function recovery information and / or corresponding function update information is sent to the one or more entities of the internal network (e.g., via one or more network connections of the internal network).
- corresponding function recovery information and / or corresponding function update information is sent by the second server to the one or more entities of the internal network (e.g., via one or more network connections of the internal network).
- the one or more entities of the first group of entities of the internal network are the entities of the first group of entities whose function (s) are to be recovered and / or updated.
- the one or more entities of the first group of entities are the entities of the first group of entities whose function recovery and / or function update are to be initiated and / or controlled (e.g., by the second server).
- the first group of entities of the internal network comprises, for example, the entities of the internal network whose function recovery and / or function update can be initiated and / or controlled (e.g., by the second server).
- updating a function of an entity it should be understood in the present case, for example, that one or more functions of the entity are changed, for example by adding a function to the entity, deactivating a function of the entity, and / or activating a function of the entity.
- the restoration of a function of an entity should be understood, for example, to mean that one or more functions of the entity are in a defined state (eg the delivery condition).
- updating and / or restoring a function of an entity may include storing a program in a memory of the entity and / or changing a program stored in a memory of the entity.
- Such a program may be, for example, at least partially a driver program, an operating system program and / or an application program.
- functions can be added and / or removed.
- the (eg, software) support eg, software plug-and-play support
- the (eg, software) support may be added and / or removed as a function of a component so that the entities of the first group of entities of the internal network can be connected to such a component
- a network is to be understood as meaning, for example, a device and / or an infrastructure for the transmission of information (for example data).
- Examples of a network are a wired network and / or a wireless network.
- An example of a wired network is an Ethernet.
- Another example of a wired network is a PoE network (PoE: Power over Ethernet, e.g., an IEEE 802.3af 2003 network or IEEE
- a PoE network should be understood to include PoE + (Power over Ethernet Plus) and UPoE (Universal Power over Ethernet) networks.
- An example of a wireless network is a mobile radio network such as a GSM network (GSM: Global System for Mobile Communications), a GPRS network (GPRS: General Packet Radio Service), a UMTS network (UMTS: Universal Mobile , ,
- an LTE Long Term Evolution
- an advanced LTE network an advanced LTE network
- a wireless communication network is an IEEE 802 wireless network such as a WLAN (WLAN: Wireless Local Area Network, an IEEE 802.11 network, eg an IEEE 802.11b network), a Wi MAX network (WiMAX: Worldwide Interoperability for Microwave Access, an IEEE 802.16 network), a Bluetooth network (an IEEE 802.15.1 network), a Zigbee network (an IEEE 802.15.4 network), and a 6L0WPAN network (6L0WPAN: IPv6 over low power Wireless Personal Area Network, eg an IEEE 802.15.4 network).
- a network is, for example, a network with a mesh topology (mesh topology). However, other network topologies are also conceivable (e.g., star topology and / or ring topology).
- a network may be composed of several different interconnected networks (e.g., include one or more wired networks and / or one or more wireless networks).
- An example of a network composed of several different interconnected networks is the Internet.
- Information can be communicated over the network connections of a network according to one or more network protocols supported by the network.
- network protocols include the Transmission Control Protocol and Internet Protocol (TCP / IP) protocols, the User Datagram Protocol (UDP), and the Internetwork Packet eXchange (IPX) protocol.
- TCP / IP Transmission Control Protocol and Internet Protocol
- UDP User Datagram Protocol
- IPX Internetwork Packet eXchange
- the entities of a network should be understood, for example, to mean devices which are set up to transmit and / or receive information about the network (eg via one or more network connections of the network to send and / or receive).
- the entities of a network are interconnected, for example, via one or more network connections of the network.
- the entities of a network may at least partially interconnected via one or more encrypted network connections of the network.
- the entities of the internal network are interconnected (e.g., directly interconnected) via one or more network connections of the internal network.
- the entities of the internal network e.g., immediately
- the entities of the internal network are connected to the internal network.
- the entities of the internal network are set up and / or include communication means arranged to send and / or receive information (eg, directly) via the internal network (eg, to send and receive one or more network connections of the internal network) / or to receive).
- the entities of the internal network may be grouped together, such a group comprising, for example, a master entity and one or more slave entities.
- a group comprising, for example, a master entity and one or more slave entities.
- the master entity of such a group is connected (e.g., directly) to the internal network.
- the entities of such a group are interconnected via a local wireless network (e.g., a local wireless network other than the internal network).
- the network connections over the local wireless network are protected network connections (e.g., VPN connections).
- the slave entities of such a group are only indirectly connected to the internal network via the master entity of the group.
- the slave entities of such a group may only indirectly send and / or receive information over the internal network via the master entity of the group.
- the master entities eg, the master entities of such a group
- the master entities are established and / or include communication means configured to send (and / or receive) information (eg, directly) over the internal network (eg, via one or more Send and / or receive network connections of the internal network) and information about the local network.
- - send and / or receive loose network eg directly (eg to send and / or receive via one or more network connections of the local wireless network).
- the slave entities eg, the slave entities of such a group
- the slave entities are established and / or include communication means configured to send (eg, directly) information (eg, only) over the local wireless network and / or to receive (eg via one or more network connections of the local wireless network to send and / or receive).
- the entities of the external network are over one or more
- Network connections of the external network are interconnected (e.g., directly interconnected).
- the entities of the external network are established and / or include communication means arranged to send (and / or receive) information (eg, directly) over the external network (eg, to send and / or via one or more network connections of the external network to recieve).
- the internal network and the external network are two different networks.
- the internal network and the external network are only indirectly and not directly connected.
- information can be exchanged, for example, via the first server (eg exchanged exclusively via the first server).
- the first server is at least partially constituted as an information diode to provide an unidirectional interface for transmitting information of the information type of the first information from the internal network to the external network, and to transmit information from the external network to the external network internal network at least partially blocked.
- the first server can carry out additional functions. - take such as a data analysis function.
- the first server is an analysis server (eg, an analytic server).
- the second server is an entity of the internal network.
- the first server is connected only to the second server as an entity of the internal network.
- the second server is directly connected to the first one.
- the other entities of the internal network are only connected to the first server via the second server.
- the first information from one or more entities of the internal network is received at the second server and sent and received by the second server to the first server. This is advantageous, for example, to ensure that the transmission of information from the internal network is controlled by an entity of the internal network (e.g., by the second server of the internal network).
- the second server can take on additional functions for the other entities of the internal network, such as e.g. a
- Management function a content management function, a remote control function and / or a remote maintenance function.
- the internal network may include one or more entities that are wireless or wired (e.g., via PoE or PLC) (e.g., via PoE or PLC).
- the internal network is at least partially the network of an infrastructure of an automation and / or control system (e.g., an Industrie 4.0 infrastructure).
- the entities of the internal network and / or the internal network support cloud computing and / or edge computing and / or fog computing.
- the internal network is at least partially the network of an outdoor wireless infrastructure (eg, a system for capturing information in the outdoor area and / or a lighting system).
- the second server is a backend server and / or a backend server device of the wireless infrastructure. , -
- the internal network is the network of an outdoor information gathering system and the entities of the internal network include one or more devices having one or more external information gathering means [e.g. Sensors).
- the entities of the internal network include one or more devices having one or more external information gathering means [e.g. Sensors).
- the internal network is the network of a lighting system (e.g., a street lighting system), and the entities of the internal network include one or more devices for controlling a light source (e.g., controlling a street lamp bulb).
- the devices for controlling a lighting device further comprise one or more means for detecting information in the outdoor area.
- the devices for controlling a light source are at least partially remotely controllable and / or remotely maintainable (e.g., by the second server).
- a device for controlling a luminous means is described, for example, in the patent application with the file reference DE 10 2014 102 678.0, which is expressly incorporated herein by reference.
- such a device is for example a device manufactured by the company ICE Gateway under the product name ICE Gateway.
- the external network is the Internet
- the entities of the external network include one or more Internet-enabled user devices, such as smartphones, computers, notebook computers, and / or tablet computers.
- the present invention enables the communication of information between two separate networks (eg, two separate infrastructures) at least in the direction from the internal network to the external network.
- two separate networks eg, two separate infrastructures
- an unidirectional interface for the transmission of information from the internal network to the external network may be provided.
- information of different types of information can in each case be transmitted to different groups of entities of the external network. , -
- the present invention thus enables a protected and selective exchange of information between two separate networks (e.g., an internal network of an outdoor information system and / or a lighting system and a public network). Further, the present invention enables the central management of the function (s) of the entities of a first group of entities of the internal network. This is advantageous, for example, to enable, at least in part, remote control of the function (s) of entities of the first group of entities of the internal network and remote maintenance of those entities (e.g., by the second server).
- the devices and methods of the first, second, and third aspects of the invention are each an apparatus and method for managing (e.g., operating) the internal network.
- the invention enables and / or supports, for example, so-called FoG computing.
- intelligent entities at both ends of an overall network eg, the internal and / or external network
- process pre-
- the information and / or data is pre-processed in the internal network and in individual entities of the internal network, for example, before being aggregated and analyzed by the first and / or second server and / or in the external network ( processing).
- the first information is provided by the server device such that the first information is obtainable only by authenticated entities of the first group of entities of the external network. Authenticate the entities of the first group of entities of the external
- a network is understood to mean, for example, that for each of the entities of the first group of entities of the external network, it is checked whether the respective entity is one of the entities of the first group of entities of the external network. For example, an entity of the first group of entities of the external network is authenticated after it has been positively tested whether the entity is an entity of the first group of entities of the external network.
- the first information is obtainable only by authenticated entities of the first group of entities of the external network if access to the first information and / or the retrieval of the first information is protected.
- This can be achieved, for example, if the first information is encrypted (eg encrypted so that it can only be decrypted by entities of the first group of entities of the external network) and / or if the first information is in a protected memory area (eg in a password-protected Storage area accessible only by the entities of the first group of entities of the external network).
- the method according to the first and second aspects of the invention further comprises authenticating the entities of the first group of entities of the external network (eg, by the first server).
- the means of the first server eg the first server device
- the means of the first server are set up to authenticate Execute and / or control the entities of the first group of entities of the external network.
- authenticating the entities of the first group of entities of the external network comprises checking for each of the entities at least in part depending on an authentication feature of the respective entity, whether the entity is one of the entities of the first group of entities of the external network.
- authenticating the entities of the first group of entities of the external network further comprises receiving an authentication feature from each of the entities of the first group of entities of the external network (e.g., via one or more network connections).
- An entity's authentication feature is, for example, a network address of the entity, a network address range in which the entity's network address resides, a password (eg, a password entered by a user on the entity), a biometric of a user of the entity (eg, an entity detected biometric feature of a user of the entity) and / or a cryptographic key (eg, a public key and / or a secret key of an encryption method).
- a password eg, a password entered by a user on the entity
- a biometric of a user of the entity eg, an entity detected biometric feature of a user of the entity
- a cryptographic key eg, a public key and / or a secret key of an encryption method
- authenticating the entities of the first group of entities of the external network includes checking for each of the entities (e.g., at least in part, depending on an authentication feature) whether the entity is entitled to obtain information from the information type of the first information.
- different types of information are respectively associated with at least partially different groups of entities of the external network.
- different types of information are each associated with different groups of entities of the external network.
- these various associations reflect the permissions of the respective groups of entities of the external network to obtain information of a particular type of information, and / or, for example, provide rules for providing information of the particular types of information.
- the first server is configured to provide a rules engine for providing an interface between an internal network and an external network and for selectively providing information at least in part depending on the rules imposed by the associations.
- allocation information about the assignment of the information type of the first information and / or the information based on the first information to the first one may be provided
- further allocation information about the assignment of further information types may be respectively to a group of entities of the external network (eg, one different from the first group of entities of the external network Group of entities of the external network).
- the association information specifies rules for the provision of information of the respective information types by the first server device.
- the first server device is set up, a rules engine to provide an interface between an internal server
- the membership of an entity to a group of entities and / or the authority of an entity may, for example, be derived from a user of the entity - -
- the provision of the first information and / or the information based on the first information comprises storing the first information and / or the information based on the first information in a first memory area (eg by the first server), wherein the first storage area is associated with the first group of entities of the external network.
- the means of the first server eg the first server device
- the first storage area is a storage area of a memory of the first server device.
- the first memory area is a memory area of a memory of a device different from the first server device.
- the first storage area is a database, a partition of a storage, and / or a storage.
- the first storage area is separated from other storage areas by software and / or hardware.
- the information stored in the first storage area is obtainable only by the entities of the first group of entities of the external network.
- the first memory area is protected in such a way that access to the information stored in the first memory area and / or retrieval of the information stored in the first memory area only by (eg authenticated) entities of the first group of entities of the external network - - is possible.
- the first memory area is password protected.
- the first storage area is encrypted.
- different memory areas are each assigned at least partially to different groups of entities of the external network.
- the different memory areas are separated from the other memory areas by software and / or hardware. This is advantageous, for example, to enable separation of the information of the different types of information associated with different groups of entities of the external network.
- providing the first information and / or the information based on the first information comprises transmitting the first information and / or the information based on the first information (e.g., by the first server).
- the means of the first server e.g., the first server device
- the means of the first server is arranged to execute and / or control the transmission of the first information and / or the information based on the first information.
- the first information and / or the information based on the first information is contained in one or more (transmitted) data packets.
- the first information and / or the information based on the first information is contained in one or more (sent) files.
- the function recovery information and / or the function update information is part of a (sent) message.
- the first information and / or the information based on the first information is encrypted (eg via one or more encrypted network connections).
- the first information and / or the information based on the first information is sent encrypted (eg via one or more encrypted network connections) in such a way that they are only transmitted through the entities of the first group of entities are receivable and decryptable. This is advantageous, for example, for protecting the first information and / or the information based on the first information during the transmission and for ensuring that the information is available only to entities of the first group of entities of the external network.
- the first information and / or the information based on the first information is sent unsolicited (e.g., sent in the form of a push transmission).
- the first information and / or the information based on the first information is sent unsolicited by the first server (for example, sent in the form of a push transmission). This is advantageous, for example, to ensure that the control over the transmission lies with the first server and / or the first server device and can not be controlled by (for example, unauthorized) entities of the external network.
- the first information and / or the information based on the first information is sent to one or more entities of the external network.
- the first information and / or the information based on the first information is sent from the server device to one or more entities of the external network.
- the first information and / or the information based on the first information is sent from the first server and / or the first server device (eg only) to the entities of the first group of entities of the external network.
- the first information and / or the information based on the first information is sent from the first server and / or the first server device only to authenticated entities of the first group of entities of the external network (eg, only to entities of the first group of entities of the external network) external network previously authenticated by the first server).
- This is advantageous, for example, to ensure that the information is available only to entities of the first group of entities of the external network.
- the first information and / or the information based on the first information is sent from the server device (eg only) to a server of the external network.
- the server of the external network is set up to make the first information and / or the information based on the first information available only to entities of the first group of entities and / or to ensure that the first information and / or information on the first first information based information is available only through entities of the first group of entities.
- the server of the external network is set up, a network portal for accessing the first information and / or the information based on the first information and / or for retrieving the first information and / or the information based on the first information by the entities of first group of entities of the external network.
- a network portal can be, for example, a web page and / or a program interface such as an interface for SAP applications (Systems Applications Products, SAP) that can be accessed over a network.
- SAP applications Systems Applications Products, SAP
- SAP Systems Applications Products
- a network portal may be a portal for the remote control and / or remote maintenance of devices for controlling a light source (e.g., connected LED bulbs and / or LED lights).
- a network portal may also be a portal for providing traffic data (e.g., traffic information) or a portal for providing retail marketing data (e.g., marketing information).
- traffic data e.g., traffic information
- retail marketing data e.g., marketing information
- a network portal can also be a portal for providing information collected by local sensors such as C02, ozone, precipitation and / or noise and / or the like. For example, the portals provide information as a basis for further decisions or processes that may lead to further events and conclusions.
- the server of the external network is set up, a network portal for authenticating the entities of the first group of entities of the external network and / or for accessing the first information and / or on the provide first information based information and / or for retrieving the first information and / or the information based on the first information by the authenticated entities of the first group of entities of the external network.
- a network portal for authenticating the entities of the first group of entities of the external network and / or for accessing the first information and / or on the provide first information based information and / or for retrieving the first information and / or the information based on the first information by the authenticated entities of the first group of entities of the external network.
- the provision of the first information and / or the information based on the first information comprises summarizing the first information with at least one further piece of information [e.g. by the first server], and providing the aggregated information (e.g., by the first server).
- the summarized information should be understood, for example, as information based on the first information.
- the means of the first server (e.g., the first server device) is arranged to execute and / or control the merging of the first information with at least one further piece of information and providing the aggregated information.
- the first information and the further information are aggregated, analyzed and / or evaluated.
- the aggregation, analysis and / or evaluation can take place, for example, by applying an aggregation algorithm, an analysis algorithm and / or an evaluation algorithm to the first information and the further information.
- An example of an evaluation algorithm is an algorithm for statistical evaluation (eg an algorithm for determining an average value and / or the distribution of values).
- the summarized information includes only the result of the summary, such as the result of the aggregation of the information. - result of the analysis of the information and / or the result of the evaluation of the information.
- the first information and the other information are each environmental information.
- the first information and the further information are analyzed for recurring environmental situations in order to be able to make a prediction for the future development of the environmental situation.
- an analysis of traffic information may reveal that, in a given traffic situation, the likelihood of the future emergence of congestion is particularly high.
- the first information and the further information are each status information informing of the state of an entity of the internal network.
- the first information and the further information are evaluated as to whether maintenance of the entity of the internal network is necessary (for example, because the state of the entity of the internal network deteriorates).
- the state information can inform, for example, about the state of the luminous means.
- the state information may include a current / average value for the supply voltage, the brightness, and / or the supply current of the light source.
- a (e.g., statistical) change in this value may indicate a need for maintenance of the illuminant.
- information for example, information based on the first information
- the first information is information of a Bluetooth device (eg, a Bluetooth ID) detected by a radiation sensor for Bluetooth signals.
- This information can be evaluated, for example together with other information detected by the radiation sensor, to provide a traffic count for the location , , of the radiation sensor (eg a count of cars).
- traffic information eg, information based on the first information
- the information of a Bluetooth device eg a Bluetooth ID
- a sound sensor in order not only to recognize the device, but also whether it is a pedestrian, a bicycle, a car and / or another vehicle and / or in which direction the device is moving.
- a Bluetooth device eg a Bluetooth ID
- a sound sensor in order not only to recognize the device, but also whether it is a pedestrian, a bicycle, a car and / or another vehicle and / or in which direction the device is moving.
- all cars passing by the location of the radiation sensor / sound sensor eg all cars driving in a certain direction
- traffic information eg as information based on the first information
- This is particularly advantageous if the information would otherwise be grouped together by a plurality of entities of the external network.
- the provision of the first information and / or the information based on the first information comprises processing the first information (eg by the first server), and providing the processed information (eg - - through the first server).
- the processed information is to be understood, for example, as information based on the first information.
- the means of the first server (e.g., the first server device) is arranged to perform and / or control the processing of the first information, and the provision of the processed information.
- processing the first information means, for example, the organization, analysis and / or modification of the first information.
- the organization, analysis and / or modification of the first information can be done, for example, by applying a data processing algorithm to the first information.
- An example of a data processing algorithm is an evaluation algorithm and / or an analysis algorithm.
- the processed information includes, for example, only the result of organizing, analyzing, and / or altering the first information.
- the first information is status information informing about the state of an entity of the internal network.
- the first information is evaluated as to whether maintenance of the entity of the internal network is necessary [eg, because the state of the entity of the internal network is out of a predetermined state].
- the state information can inform, for example, about the state of the bulb.
- the state information may include a current / average value for the supply voltage, the brightness, and / or the supply current of the light source. If this value is above or below a threshold value, maintenance of the illuminant may be necessary, for example.
- information eg, information based on the first information
- the method further comprises receiving second information (eg by the first server), the second information originating from an entity of a second group of entities of the external network, and providing the second information and / or information based on the second information (eg, by the first server) such that the second information is obtainable only at one or more entities of the internal network.
- second information eg by the first server
- the second information originating from an entity of a second group of entities of the external network
- the means of the first server (eg the first server device) is arranged to receive second information, the second information originating from an entity of a second group of entities of the external network, and providing the second information and / or the information based on the second information such that the second information and / or the information based on the second information is available only to one or more entities of the internal network to execute and / or control.
- the second information is received at the first server.
- the second information is received via one or more network connections of the external network.
- the second information is received encrypted (eg via one or more encrypted network connections).
- the first server device comprises one or more communication means, the communication means being arranged to receive the second information (eg, to receive over one or more network connections of the external network).
- the second information is contained in one or more data packets received at the server device.
- the second information is contained in one or more files received at the server device.
- an item of information is to be understood, for example, as coming from an entity if the information has been at least partially generated and / or captured by the entity and / or a means of the entity.
- the second information has been at least partially generated and / or acquired by the entity of the second group of entities of the external network and / or a means of the entity of the second group of entities of the external network.
- the second information is received by the entity of the second group of entities of the external network that have and / or have at least partially generated and / or acquired the second information.
- the second information is received by the first server from the entity of the second group of entities of the external network that have and / or at least partially generated and / or acquired the second information.
- the second information from the entity of the second group of entities of the external network, and / or the means of which at least partially generated and / or acquired the second information is sent to a server of the external network.
- the second information is received from the server of the external network.
- the second information is received by the first server from the server of the external network.
- the external network server is configured to provide a network portal for receiving second information from the entities of the second group of entities of the external network.
- a network portal can have a , ,
- a gantry may be a portal for remote control and / or remote maintenance of devices for controlling a light source (e.g., connected LED bulbs and / or LED lights).
- a portal may also be a portal for providing traffic data (e.g., traffic information) or a portal for providing retail marketing data (e.g., marketing information).
- a portal may also be a portal for providing information acquired by local sensors such as C02, ozone, precipitation and / or noise and / or the like. For example, the portals provide information as a basis for further decisions or processes that may lead to further events and conclusions.
- the external network server is arranged to provide a network portal for authenticating the entities of the second group of entities of the external network and / or for receiving the second information by the authenticated entities of the second group of entities of the external network. This is advantageous, for example, to ensure that the second information originates only from entities of the second group of entities of the external network.
- the information based on the second information is at least partially the result of processing and / or summarizing the second information.
- the server device By providing the second information and / or the information based on the second information by the server device such that the second information or the information based on the second information is available only at one or more entities of the internal network can be ensured, for example that the second information and / or the information on the second Information that is based on information can only be obtained by the entities of the internal network and not by entities of the external network.
- information should be understood to be available, for example, as available from an entity, if the information can be obtained at the entity.
- the second information and / or the information based on the second information is provided such that the second information and / or the information based on the second information is receivable, readable, detectable, retrievable, and only by one or more entities of the internal network / or is decryptable.
- the second information and / or the information based on the second information is sent only to one or more entities of the internal network (e.g., sent only encrypted to the entities of the internal network).
- the first server device is at least partially constituted as an information diode to provide an unidirectional interface for transmitting information of the information type of the first information from the internal network to the external network, and to transmit information from the external network at least partially blocked to the internal network.
- the first server device is at least partially constituted as an information diode so as to further provide an unidirectional interface for the transmission of information originating from the second group of entities of the external network from the external network to the internal network Transmission of other information from the external network to the internal network at least partially blocked.
- the second information and / or the information based on the second information from the first server and / or the first server device sent to the second server and / or the second server device and received there and sent by the second server to one or more other entities of the internal network (eg sent encrypted).
- This is advantageous, for example, to ensure that the transmission of information from the internal network is controlled by an entity of the internal network (eg by the second server).
- an unidirectional interface may be provided for the transmission of the information originating from the second group of entities of the external network from the external network to the internal network.
- This is advantageous, for example, to prevent immediate access to the internal network and to be able to limit the communication with the entities of the internal network to the second group of entities of the external network.
- the present invention thus enables a protected and selective exchange of information between two separate networks.
- the second information and / or the information based on the second information is provided only if the second information originates from an entity of the second group of entities of the external network.
- authorization information about the permissions of one or more groups of entities of the external network may be stored.
- This authorization information specifies, for example, rules for the provision of the second information by the first server device.
- the first server device is configured to provide a rules engine for providing an interface between an internal network and an external network and for selectively providing information at least in part depending on the rules specified by the authorization information.
- the second information and / or the information based on the second information is provided only when the second information is received from an entity of the second group of entities of the external network and / or via a protected network connection.
- a protected network connection is, for example, a network connection via which information is transmitted in encrypted form.
- An example of a protected network connection is a network connection of a VPN network and / or a network connection according to the https protocol (Hypertext Transfer Protocol Secure, https).
- the second information and / or the information based on the second information is provided only when the second information originates from an authenticated entity of the second group of entities of the external network (eg becomes).
- the second information and / or the information based on the second information is provided by the first server device only if the second information is from an authenticated entity of the second group of entities of the external network at the server device and / or via a protected network connection is received at the server device.
- an entity of the second group of entities of the external network By authentication of an entity of the second group of entities of the external network, it should be understood herein, for example, that the entity of the second set of entities is checked to see if the entity is one of the entities of the second set of entities of the external network. For example, an entity of the second group of entities of the external network is authenticated after it has been positively tested whether the entity is an entity of the second set of entities.
- the method according to the first and third aspects of the invention further comprises authenticating the entity of the second group of entities of the external network (e.g., by the first server).
- the means of the first server e.g., the first server device
- the means of the first server is arranged to execute and / or control the authentication of the entity of the second group of entities of the external network.
- authenticating entities of the second group of entities of the external network is understood herein to mean that the entity of the second set of entities is checked to see if the entity is one of the entities of the second set of entities of the external network.
- authenticating the entity of the second set of entities comprises checking for the entity at least in part depending on an entity's authentication feature as to whether the entity is one of the entities of the second set of entities.
- authenticating the entity of the second group of entities of the external network further comprises receiving an authentication feature from the entity (e.g., via one or more network connections).
- authenticating the entities of the first set of entities includes checking for each of the entities (eg, at least in part, depending on an authentication feature) - the entity is authorized to submit information to one or more entities of the internal network.
- the method further comprises checking the second information and / or checking the information based on the second information (e.g., by the first server).
- the means of the first server e.g., the first server device
- the means of the first server is arranged to execute and / or control the checking of the second information and / or the checking of the information based on the second information.
- the second information and / or the information based on the second information may be provided such that the second information is obtainable only at one or more entities of the internal network.
- the second information and / or the information based on the second information is provided only if the examination results at least in part depending on provisioning rule information, the second information and / or the information based on the second information may be provided in such a way, the second information is only available at one or more entities of the internal network.
- corresponding provisioning rule information is stored in a memory of the first server (e.g., the first server device).
- the provisioning rule information specifies that the second information and / or the information based on the second information may be provided only when the second information originates (eg, is received) from an entity of the second group of entities of the external network and / or or whether the second entity originated (eg is received) from an authenticated entity of the second group of entities of the external network.
- the provisioning rule information specifies that the second information and / or the information based on the second information may be provided only when the second information is received in a predetermined time slot.
- the provisioning rule information specifies that the second information and / or the information based on the second information may be provided only if it comprises one or more predetermined instructions and / or parameters, and that the second information and / or the Information based on the second information may not be provided if it comprises deviating instructions and / or parameters.
- the provisioning rule information specifies that the second information and / or the information based on the second information may be provided only if it does not include more than a predetermined number of instructions and / or parameters.
- the checking is advantageous, for example, in order to prevent the second information and / or the information based on the second information from being provided in an abusive manner.
- the provision of the second information and / or the information based on the second information comprises storing the second information and / or the information based on the second information in a second memory area (eg by the first server), the second storage area being associated with the entities of the internal network.
- the means of the first server eg the first server device
- the means of the first server are arranged to execute and / or control the storage of the second information and / or the information based on the second information in a second memory area, the second one -.
- Memory area is assigned to the entities of the internal network.
- the second storage area is a storage area of a memory of the first server device.
- the second memory area is a memory area of a memory of a device different from the first server device.
- the information stored in the second storage area is available only through the entities of the internal network.
- the second memory area is protected such that access to the information stored in the second memory area and / or retrieval in the second memory area
- Storage area stored information is only possible by entities of the internal network.
- the second memory area is password protected.
- the second memory area is encrypted. This is advantageous, for example, to enable a separation of the second information and / or the information based on the second information from other information, such as the first information.
- the provision of the second information and / or the information based on the second information comprises sending the second information and / or the information based on the second information to one or more entities of the second information internal network (eg through the first server).
- the means of the first server e.g., the first server device
- the means of the first server is arranged to execute and / or control the transmission of the second information and / or the information based on the second information to one or more entities of the internal network.
- the second information and / or the information based on the second information is contained in one or more (transmitted) data packets.
- the second information and / or the second information contain underlying information in one or more (sent) files.
- the function recovery information and / or the function update information is part of a (sent) message.
- the second information and / or the information based on the second information is encrypted to one or more entities of the internal network (eg, via one or more encrypted network connections). This is advantageous, for example, to protect the second information during the transmission.
- the sending of the second information and / or the information based on the second information is initiated by one or more entities of the internal network (e.g., by the second server).
- the second information or the information based on the second information is retrieved by one or more entities of the internal network (e.g., the second server).
- This is advantageous, for example, to ensure that the control over the transmission of the second information and / or the information based on the second information lies with the entities of the internal network (eg at the second server and / or the second server device) and not from (eg unauthorized) entities of the external network can be controlled.
- the second information and / or the information based on the second information is sent only to the second server.
- the second server is set up to make the second information and / or the information based on the second information available only to entities of the internal network and / or to ensure that the second information or the information based on the second information is only through Entities of the internal network is available.
- the summarized information should be understood, for example, as information based on the second information.
- the means of the first server (e.g., the first server device) is arranged to execute and / or control the merging of the second information with at least one further piece of information and the provision of the aggregated information.
- the second information and the further information are aggregated, analyzed and / or evaluated.
- the aggregation, analysis and / or evaluation can take place, for example, by applying an aggregation algorithm, an analysis algorithm and / or an evaluation algorithm to the second information and the further information.
- An example of an evaluation algorithm is an algorithm for statistical evaluation (eg an algorithm for determining an average value and / or the distribution of values).
- the summarized information includes only the result of the summary, such as the result of the aggregation of the information, the result of the analysis of the information, and / or the result of the evaluation of the information.
- providing the second information and / or the information based on the second information comprises processing the second information and providing the processed information (e.g., by the first server).
- the means of the first server e.g., the first server device
- the means of the first server is arranged to execute and / or control the processing of the second information and the provision of the processed information.
- processing the second information means, for example, the organization and / or modification of the second information.
- the organizing and / or altering of the second information may, for example, be done by applying a data processing algorithm to the second information.
- An example of a data processing algorithm is an analysis algorithm and / or an evaluation algorithm.
- the processed information includes, for example, only the result of organizing and / or changing the second information. This is advantageous, for example, to relieve the entities of the internal network and allow central processing of the second information, so that the entities of the internal network receive the processed information and do not have to process the information first. This is particularly advantageous if the second information would otherwise be processed by a plurality of entities of the internal network.
- the entities of the first group of entities of the external network are at least partially different (eg, completely different) from the entities of the second group of entities of the external network.
- Entities of the second groups of entities of the external network are at least partially identical (e.g., completely identical).
- the second information and / or the information based on the second information comprises control information such as a control instruction and / or a control parameter for controlling one or more entities of the internal network.
- Control instructions are, for example, instructions to a device for controlling a luminous means which cause the device to turn on, turn off and / or dim the luminous means.
- Control parameters are, for example, a turn-on instant, a turn-off instant, a dimming value, a turn-on / -off brightness threshold, a supply voltage value, and / or a supply current value.
- control information comprises one or more firing tables.
- a firing table is based, at least in part, on a defined calendar for a location (such as a solar calendar, civil calendar, nautical calendar, and / or the like) that defines the time of sunset and / or sunrise at the location.
- this calendar can be arbitrarily customized by an editor by a user.
- a light intensity per unit time is assigned.
- a firing table may cause light from the bulb to first start at 50% and then increase to 100% and then fall back to 30% after a few hours.
- the start and end times can change by a few minutes each day. , ,
- the first information and / or the information based on the first information comprise environmental information and / or state information.
- the first information is environmental information acquired and / or created by a means of an entity of the internal network and / or an entity of the internal network.
- one or more entities of the internal network include one or more sensors, wherein the sensors are configured to capture and / or create environmental information.
- a sensor is to be understood as meaning, for example, a device (eg a video camera) and / or a component (eg a CCD sensor and / or a CMOS sensor), in particular an electrical or electronic component which is set up for certain physical or chemical properties (eg: radiation, temperature, humidity, pressure, sound, brightness or acceleration) and / or can quantitatively record the material quality of its environment qualitatively or as a measured variable.
- a sensor may be wired and / or wirelessly connected to an entity of the internal network.
- the entities of the internal network are configured and / or include communication means configured to be connected to one or more sensors and to receive and / or transmit information from the sensors to the sensors.
- a sensor may be connected to a network interface, a data interface, and / or an analog-to-digital converter of an entity of the internal network.
- An example of a network interface and / or a data interface is a USB interface, an IEEE 1394 interface, a CAN bus interface, a Zigbee interface, a Bluetooth interface, a serial interface such as an R232 interface and / or a parallel interface such as an IEEE 1284
- the entities of the internal network are responsible for a soft- standard plug & play sensor support (eg due to a corresponding function update). It is also conceivable that a sensor is part of a mobile device such as a mobile phone, wherein the mobile device is wired and / or wirelessly connected to an entity of the internal network and / or the mobile device is an entity of the internal network.
- a sensor examples include a temperature sensor (eg a thermometer, a thermocouple and / or a thermoresistor), an ambient temperature sensor, a brightness sensor, a motion sensor (eg a motion detector), an acoustic sensor, an ultrasound sensor, radiation sensor (eg for WLAN).
- a temperature sensor eg a thermometer, a thermocouple and / or a thermoresistor
- an ambient temperature sensor e.g. a thermometer, a thermocouple and / or a thermoresistor
- a brightness sensor e.g., a brightness sensor
- a motion sensor eg a motion detector
- an acoustic sensor eg.g., an ultrasound sensor
- radiation sensor eg for WLAN
- Signals and / or Bluetooth signals a sound sensor (eg a microphone), an optical sensor, an infrared sensor, a light sensor (eg a photodiode and / or a photoresistor), an image sensor (eg an image camera, a CMOS sensor and / or a CCD sensor), a video sensor (eg, a video camera, a CMOS sensor and / or a CCD sensor), a current sensor, a voltage sensor, a power sensor, a chemical sensor (eg, a gas sensor), an explosive material detection sensor, a precipitation sensor and / or a vibration sensor.
- a sound sensor eg a microphone
- an optical sensor e.g a infrared sensor
- a light sensor eg a photodiode and / or a photoresistor
- an image sensor eg an image camera, a CMOS sensor and / or a CCD sensor
- a video sensor eg, a video
- the first information is information of a Bluetooth device (eg, a Bluetooth ID) detected by a radiation sensor for Bluetooth signals, which can be collected, summarized and / or processed, for example, for counting cars in traffic, and / or as a basis can be used for marketing information (eg for location-based advertising on smartphones).
- the first information is a state information acquired and / or created by a means of an entity of the internal network and / or an entity of the internal network.
- State information is, for example, information about the state of a device for controlling a luminous means, such as, for example, information about one or more control events (eg turn-on, turn-off, power consumption, supply voltage value and / or supply voltage).
- - - Current value of the bulb) and / or one or more fault events [eg power failure, failure of the bulb).
- initiating and / or controlling the function update of the one or more entities of the first group of entities of the internal network is at least partially dependent on one of an entity of the second group of entities of the external network second information.
- initiating and / or controlling the function update of the one or more entities of the first group of entities of the internal network occurs at least in part in response to receiving the second information.
- the second information is control information for the one or more entities of the first group of entities of the internal network. For example, updating and / or restoring the function of the one or more entities of the first group of entities of the internal network is controlled and / or initiated according to the control information. For example, if the control information includes a control parameter for the one or more entities of the first group of entities of the internal network, then an appropriate recovery and / or update of the
- the second information is control information sent from and received by the first server and / or the first server device to the second server and / or the second server device.
- the second server is arranged to control and / or initiate an update and / or restoration of the function of the one or more entities of the first group of entities of the internal network according to the control information.
- the method further comprises transmitting function monitoring information to each entity of the first group of entities of the internal network (eg, by the second server), and receiving one or more function recovery request information from the one one or more entities of the first group of entities of the internal network (eg, by the second server), wherein causing and / or controlling the feature recovery of the one or more entities of the first group of entities of the internal network is at least partially dependent upon the received function recovery request information.
- the means of the second server (eg, the second server device) is arranged to send respective performance monitoring information to each entity of the first group of entities of the internal network, and to receive one or more performance recovery request information from the one or more entities of the first group of Initiate and / or control entities of the internal network, wherein causing and / or controlling the functional recovery of the one or more entities of the first group of entities of the internal network at least partially in response to the received function recovery request information.
- function monitoring information is understood to mean, for example, any information that is suitable for function monitoring of an entity of the first group of entities of the internal network (for example, capable of cooperating with a watchdog functionality of the entity of the first group of entities of the internal network).
- the format of the function monitoring information is predetermined.
- the health monitoring information is contained in one or more data packets.
- the function monitoring information is in one or more files.
- the feature monitoring information is part of a message, such as a keep-alive message.
- the health monitoring information for each entity of the first group of entities of the internal network is at least partially equal.
- the function monitoring information for each entity of the first group of entities of the internal network is at least partially different.
- function recovery request information is to be understood as meaning, for example, any information that is suitable for at least partially triggering and / or controlling the functional recovery of the one or more entities of the first group of entities of the internal network.
- the format of the function recovery request information is given.
- each of the function recovery request information is contained in one or more data packets.
- each of the function recovery request information is contained in one or more files.
- each of the function recovery request information is part of a message, e.g. a recovery message.
- each of the function recovery request information is generated and sent by each one of the one or more entities of the first group of entities.
- each function recovery request information includes information about the function (s) to be recovered of the respective entity of the one or more entities of the first group of entities.
- function recovery request information includes information about the software (eg, the revision level of an operating system and / or program) and / or about the hardware (eg, processor type and / or storage capacity) of the particular entity.
- the entities of the first group of entities of the internal network each have watchdog functionality.
- the watchdog functionality for the respective entity monitors whether a health monitoring information (eg, in a specific time period) is received at the respective entity. For example, if no feature monitoring information (eg, in a particular time period) is received at the respective entity, the watchdog functionality causes and / or controls that function recovery request information is generated and sent by the respective entity (eg, sent to the second server).
- the watchdog functionality includes causing (eg suspecting a malfunction or manipulation of the respective device for controlling a light bulb) to transfer the respective entity to a functional and / or safe state.
- the watchdog functionality may cause the respective entity and / or a subsystem of that particular entity to be disabled and converted to a functional and / or secure state.
- the watchdog functionality may cause a primary operating system of the respective entity to be replaced by a secondary operating system (eg, a minimum, guaranteed functional, and normally inactive emergency operating system).
- a memory of a processor of the particular entity containing the primary operating system could be replaced transparently (eg, on the principle of a double buffer) by another memory of the processor of that particular entity containing the secondary operating system.
- the secondary operating system could be started (eg by a boot process of the entity, eg the watchdog functionality may include initiating the boot process) and from this functional and / or secure state a function recovery request information may be generated and sent by the respective entity (eg to the entity) second server is sent).
- a boot process of the entity eg the watchdog functionality may include initiating the boot process
- a function recovery request information may be generated and sent by the respective entity (eg to the entity) second server is sent).
- initiating and / or controlling the functional recovery of the one or more entities of the first group of entities of the internal network occurs at least in part in response to the received functional recovery request information.
- receiving the one or more function recovery request information e.g., at the second server
- functional monitoring information is repeatedly sent to each entity of the first group of entities of the internal network.
- function monitoring information is sent to each entity of the first group of entities of the internal network at regular and / or irregular intervals.
- the transmitted health monitoring information is at least partially different.
- the transmitted function monitoring information is at least partially the same.
- initiating and / or controlling the function recovery and / or the function update of the one or more entities of the first group of entities of the internal network comprises sending a function recovery information and / or Function update information (eg, a respective function recovery information and / or a respective function update information) to each of the one or more entities of the first group of entities of the internal network (eg, by the second server).
- a function recovery information and / or Function update information eg, a respective function recovery information and / or a respective function update information
- the means of the second server eg the second server device
- the means of the second server is set up to send the function recovery information.
- , mation and / or the function update information to execute and / or control each of the one or more entities of the first group of entities of the internal network.
- each of the function recovery information and / or function update information sent to an entity of the one or more entities of the first group of entities of the internal network is at least partially different from the others to the further entities of the one or more entities of the first group of entities internal network information, and / or feature update information.
- each entity of the one or more entities of the first group of entities of the internal network are each sent respective functional restoration information (eg, individual function recovery information) and / or respective feature update information (eg, individual feature update information).
- the one or more entities of the first set of entities are the entities of the first set of entities whose function (s) are to be restored and / or updated.
- the one or more entities of the first group of entities are the entities of the first group of entities whose function recovery and / or function update is to be initiated (e.g., by the second server).
- function recovery information e.g., a respective function recovery information
- the function recovery information and / or the function update information is contained in one or more (transmitted) data packets.
- the function recovery information and / or the function update information is in one or more (sent) files - - contain.
- the function recovery information and / or the function update information is part of a (sent) message.
- the function recovery information and / or the function update information is sent over one or more network connections of the internal network.
- the respective function recovery information comprises a respective function recovery program and / or the respective functional update information comprises a respective function update program.
- the function recovery information and / or the function update information for each of the one or more entities of the first group of entities of the internal network includes a function recovery program and / or a function update program, respectively.
- each of the function recovery information and / or function update information sent to an entity of the one or more entities of the first group of entities of the internal network is at least partially different from the others to the further entities of the one or more entities of the first group of entities internal network information, and / or feature update information.
- each of the function recovery information and / or function update information sent to a respective one of the one or more entities of the first group of entities of the internal network includes a respective function recovery program and / or a respective function update program (eg, a function recovery program and / or a function update program) for the respective entity of the one or more entities of the first group of entities of the internal network).
- the function recovery program and / or the function update program is at least partially different for each of the one or more entities of the first group of entities of the internal network.
- the function recovery program and / or the function update program for each of the one or more entities of the first group of entities of the internal network are at least partially identical.
- a function recovery program includes program instructions that cause an entity of the first group of entities of the internal network (eg, a device) to recover one or more functions of the entity (eg, to store a program in a memory of the entity and / or to modify one cause the program to be stored in a memory of the entity) when the function recovery program is executed by one or more processors of the entity.
- the respective function recovery program comprises program instructions that cause the respective entity of the first group of entities of the internal network to function recovery when the function update program is executed by one or more processors of that particular entity.
- a function update program includes program instructions that cause an entity of the first group of entities of the internal network (eg, a device) to update one or more functions of the entity (eg, to store a program in a memory of the entity and / or to modify one in one Cause memory of the entity stored program) when the function recovery program is executed by one or more processors of the entity.
- the respective function update program includes program instructions that cause the respective entity of the first group of entities of the internal network to update functions when the function update program is executed by one or more processors of that particular entity.
- such a function update program may also link functions of multiple entities of the internal network.
- environmental information acquired by a sensor connected to a first entity of the internal network may affect (e.g., control) a function of a second entity of the internal network (e.g., a controller of a lighting device).
- a first function update program a corresponding function update of the first entity of the internal network and by a second function update program a corresponding function update of the second entity of the internal network can be initiated.
- An example of a function recovery program and / or a function update program is an installation program and / or an update program.
- the function recovery information for each of the one or more entities of the first group of entities of the internal network includes a function recovery time and / or a recovery period, respectively.
- the functional recovery time specifies a time at which the entity from which the functional recovery information is received commences and / or completes the functional recovery (eg, the time at which the recovered function (s) will be activated).
- the function recovery period specifies a time period for which the entity at which the functional recovery information is received commences and / or completes the functional recovery (eg, the period in which the restored function (s) will be activated). This is advantageous, for example, for centrally managing the time / period of functional recovery. - and / or to be able to control. For example, you can prevent all entities from activating the restored feature (s) at the same time.
- the functional recovery time and / or the functional recovery period is at least partially different for each of the one or more entities of the first group of entities of the internal network.
- the function recovery information provided for the one or more entities of the first group of entities of the internal network each differ at least in part from the function recovery time and / or the function recovery period.
- the one or more entities of the first group of entities of the internal network are devices for controlling a luminous means in order to prevent the luminous means from being activated all at once (resulting, for example, in a breakdown of the energy supply network of the luminous means and / or the lighting network could lead).
- the function update information for each of the one or more entities of the first group of entities of the internal network comprises a function update time and / or a function update period, respectively.
- the function update timing specifies a time at which the entity at which the function update information is received is the one
- Function update starts and / or completes (eg the time when the updated function (s) will be activated).
- the function update period specifies a time period for which the entity at which the feature update information is received begins and / or completes the feature update (eg, the period in which the updated feature (s) are activated ). This is for example advantageous to the time / period - - to centrally manage and / or control the function update. For example, it can be prevented that all entities simultaneously activate the updated feature (s).
- the function update time and / or function update period is at least partially different for each of the one or more entities of the first group of entities of the internal network.
- the function update information provided for the one or more entities of the first group of entities of the internal network each differ at least in part from the function update time and / or the function update period.
- the one or more entities of the first group of entities of the internal network are devices for controlling a luminous means in order to prevent the luminous means from being activated all at once (resulting, for example, in a collapse of the energy supply network of the luminous means). or the lighting network).
- the internal network is a closed network (e.g., a private network).
- a closed network is used exclusively for communicating information between entities of a closed group of entities.
- entities of the closed group of entities can communicate information over the closed network.
- a closed network may be physically and / or logically separate from other networks.
- An example of a closed network is, for example, a virtual private network (VPN).
- VPN virtual private network
- the second server is an entity of the closed group of entities. - -
- the internal network at least partially includes a machine-to-machine network.
- the internal network is at least partially a machine-to-machine network.
- Machine-to-machine stands for the automated exchange of information between terminals such as sensors, machines, vending machines, vehicles or containers with each other and / or with a server device, e.g. using the Internet and various access networks such as mobile networks.
- the internal network at least partially includes a VPN network.
- the internal network at least partially includes the network of outdoor wireless infrastructure (e.g., an outdoor information collection system and / or a lighting system).
- outdoor wireless infrastructure e.g., an outdoor information collection system and / or a lighting system.
- external wireless infrastructure is meant, for example, an infrastructure (e.g., a network) for at least partially wireless communication of information (e.g., data) between various entities of one or more systems.
- the internal network at least partially includes a wired network such as a PoE network.
- a PoE network For example, one or more entities of the internal network are connected to a PoE switch via a PoE network, and the PoE switch is connected to the second server via another network (eg, the Internet and / or a VPN network), for example ,
- the PoE switch is part of an entity of the internal network.
- the internal network at least partially includes the network of a lighting system.
- the entities of the internal network are part of an illumination system, wherein the entities of the internal network include, for example, one or more devices for controlling a light source and the second server.
- the devices for controlling a luminous means are at least partially via a line-connected _.
- Network such as a PoE network or a PLC network connected to the second server and / or the second server device.
- This is advantageous, for example, in order to be able to use the same connection (for example the same line and / or the same cable) for supplying power to a device for controlling lighting means and for communicating with this device for controlling a lighting device.
- the devices for controlling a luminous means are at least partially connected via a wireless network to the second server and / or the second server device.
- the devices for controlling a light source are connected to the second server and / or the second server device via a machine-to-machine network and / or a VPN network.
- the machine-to-machine network and / or the VPN network extend over one or more wired networks and / or one or more wireless networks.
- the second server is connected to the first server and / or the first server device.
- the devices for controlling a light source to the one with the first server and / or the first server device.
- the devices for controlling a light source e.g., only
- the second server is connected to the one with the first server and / or the first server device.
- one or more of the entities of the internal network comprises one or more communication means arranged to provide an access point of a wireless network (eg, an access point of a Wi-Fi network). Hot spots).
- a wireless network eg, an access point of a Wi-Fi network. Hot spots
- the external network is an open network (eg, a public network).
- an open network is used to convey information between entities of an open group of entities.
- All entities of the open group of entities can join (eg, if they are set up to send and / or receive information over the open network) and provide information over the open network.
- An example of an open network is, for example, the Internet.
- one or more servers of the external network are connected to the first server (eg the first server device).
- a server of the external network receives the first information and / or the information based on the first information from the first server and, as described above, provides a network portal for accessing the first information and / or the first information based information and / or retrieving the first information and / or information based on the first information by the entities of the first group of entities of the external network.
- a server of the external network receives the second information from the entity of the second group of entities of the external network, and sends the second information to the first server (e.g., the first server device).
- FIG. 1 is a block diagram of an exemplary embodiment of a system according to the third aspect of the invention.
- FIG. 1 a block diagram of an exemplary embodiment of a server according to the first aspect of the invention.
- FIG. 1 a block diagram of an exemplary embodiment of a server according to the second aspect of the invention.
- FIG. 12 is a flowchart showing steps of an exemplary embodiment of the method according to the first aspect of the invention.
- FIG. 12 is a flowchart showing steps of an exemplary embodiment of the method according to the first aspect of the invention;
- FIG. shows a flowchart with communication steps of an exemplary embodiment of the method according to the first aspect of the invention;
- FIG. 12 is a flowchart showing steps of an exemplary embodiment of the method according to the second aspect of the invention.
- FIG. 1 shows a flowchart with steps of an exemplary embodiment of the method according to the second aspect of the invention.
- Fig. 1 shows a block diagram of an exemplary embodiment of a system 1 according to the third aspect of the invention.
- the system 1 is divided into 3 zones, which are overwritten in Fig. 1 with zone 1, zone 2 and zone 3.
- the zones correspond, for example, to different levels of protection.
- zone 3 has the highest level of protection
- zone 2 has the medium level of protection
- zone 1 has the lowest level of protection.
- Zone 3 of the system 1 comprises servers 10 and entities 11 and 12 of an internal network 13.
- Server 10 is an entity of the internal network.
- Server 10 is a second server according to the second and third aspects of the invention.
- the servers 10 and entity 11 and the optional entity 12 are shown by way of example.
- zone 3 includes one or more other optional entities of the internal network.
- zone 3 of the system 1 comprises only one entity of the internal network (e.g., the only entity of the internal network).
- zone 3 of system 1 includes all entities of the internal network.
- the server 10 and the entities 11 and 12 of the internal network 13 are connected to the internal network 13 and via the internal network 13 via respective network links 14, 15 and 16 of the internal network 13.
- the network connections 14 and 15 are shown in FIG. 1 by way of example as wireless network connections and the network connection 16 by way of example as a wired network connection. However, it is also conceivable that the network connections 14 and 15 are at least partially wired network connections and / or the network connection 16 at least partially a wireless network connection.
- the internal network 13 is a closed network (e.g., a private network).
- the server 10 and the entities 11 and 12 of the internal network 13 may communicate (e.g., send and / or receive) information over the internal network 13.
- information is transmitted encrypted in the internal network (e.g., between the server 10 and / or the entities 11 and 12).
- FIG. 1 also shows the optional entities IIa and IIb as well as the optional network 11c and the optional component lld, which are each connected via one of the wireless network connections 17a, 17b, 17c and 17d to entity 11 of the intrinsic network.
- - - Network 13 are connected.
- the entity is connected to further optional entities, components and / or networks (eg 1 to n entities, components and / or networks).
- the wireless network links 17a, 17b, 17c, and 17d are network links of a local wireless network.
- the wireless network connections 17a, 17b, 17c, and 17d are protected network connections over a local wireless network (eg, VPN connections).
- entity 11 and optional entities IIa and IIb form a group of entities of the internal network, where entity 11 is, for example, a master entity and entities IIa and IIb are, for example, slave entities.
- entity 11 is, for example, a master entity and entities IIa and IIb are, for example, slave entities.
- the slave entities of such a group are only indirectly connected to the internal network 13 via the master entity of the group (eg via the network connection 17a and / or 17b to the master entity and via the master entity to the internal network 13 connected).
- the slave entities of such a group may only indirectly send and / or receive information over the internal network 13 via the master entity of the group.
- the entity 11 may be connected via the network links 17c to a network 11c other than the internal network, such as a local wireless network (e.g., a mesh network and / or an ad hoc network).
- a local wireless network e.g., a mesh network and / or an ad hoc network.
- the entity 11 may be connected via the network connection 17d to an external component lld such as a sensor.
- internal network 13 includes a first network (eg, a wireless network) and a second network (eg, a wired network).
- the first network is a wireless machine-to-machine network.
- the second network is a VPN network that is based on a public network such as the Internet. , ,
- the internal network 13 is the network of a lighting system.
- server 10 is a backend server of the lighting system.
- entity 11 and optional entities IIa, IIb, and 12 are devices for controlling a light bulb that are connected to one or more bulbs.
- the server 10 is configured to communicate information via the internal network 13 to the entities 11 and 12.
- the server 10 is arranged to communicate information via the internal network 13 and the entity 11 to the entities IIa and IIb.
- the server 10 has cryptographic keys necessary for, for example, transmitting information to the entities 11, IIa, IIb, and 12 of the internal network.
- these cryptographic keys are necessary to convey information (e.g., control information) from the server 10 to the entities 11, 11a, 11b and 12 via the internal network 34.
- the server 10 may only communicate with the internal network 13 via network connection 16 and with the server 20 via connection 22.
- Zone 1 of the system 1 comprises servers 30 and 32 as well as entities 31 and 33 of the external network 34. Illustrated in FIG. 1 are the server 30 and the entity 31 as well as the optional server 32 and the optional entity 33 by way of example. However, it is conceivable that in addition to the optional server 32 and optional entity 33, zone 1 may include one or more other optional servers and / or entities of the external network. Furthermore, it is also conceivable that zone 1 of the system 1 comprises only one entity of the external network.
- the servers 30 and 32 and the entities 31 and 33 of the external network 34 are interconnected via respective network links 35, 36, 37 and 38 of the external network 34 to the external network 34 and via the external network 34.
- the network connections 35, 36, 37 and 38 are shown by way of example in FIG. 1 as a wired network connection. However, it is also conceivable that the network connections 35, 36, 37 and 38 are at least partially wireless network connections. , ,
- the external network 34 is an open network (e.g., a public network).
- the servers 30 and 32 as well as the entities 31 and 33 of the external network 34 may communicate (e.g., send and / or receive) information over the external network 34.
- the external network 34 includes the Internet.
- servers 30 and 32 are Internet servers.
- the entities 31 and 33 are Internet-enabled user devices such as smartphones, computers, notebook computers, and / or tablet computers.
- servers 30 and 32 are arranged to receive information from the server 20 and to provide access and / or retrieval via the external network 34 by entities of one or more groups of entities of the external network 34 and / or information of entities of one or more groups of entities of the external network 34 via the external network 34 and to send to the server 20.
- servers 30 and 32 are arranged to provide a network portal as a user interface.
- servers 30 and 32 are user interface servers (e.g., user interface servers).
- servers 20 and 32 are arranged to provide a programming interface (e.g., an API interface).
- servers 30 and 32 are programming interface servers (e.g., API servers).
- Zone 2 of the system 1 comprises a server 20.
- Server 20 is a first server according to the first and third aspects of the invention. It is conceivable that, in addition to the server 20, zone 2 comprises one or more further first servers.
- connection 22 is a network connection over a closed network (eg, a VPN network) over which only server 10 and server 20 can communicate information.
- connection 24 is a network connection over a closed network (eg, a VPN network) over which only entity 31 and server 20 can communicate information.
- firewalls 22, 25, and 26 are arranged. These may be, for example, hardware-based and / or software-based firewalls.
- the firewalls provide additional separation of the zones.
- a firewall 25 is arranged in the connections 23 and 24, a firewall 25 is arranged in connection 22 .
- a firewall 21 is arranged in connection 22 .
- at least partially diode servers are arranged in these connections.
- the entities 11 and 12 of the internal network 13 (in zone 3) are, for example, exclusively via the server 10 (in zone 3) and the server 20 (in zone 2) with the servers 30 and 32 and the entities 31 and 33 of the external network 34 (in zone 3).
- information between the entities 11 and 12 of the internal network 13 and the servers 30 and 32 and the entities 31 and 33 of the external network 34 may be communicated exclusively through the server 10 and the server 20.
- the server 20 thus provides, for example, an interface between the internal network 13 and the external network 34.
- users over the entities of the external network 34 may not communicate directly with the entities of the internal network 13 (eg, the lighting system), but only through the servers 20 with the entities of the internal network.
- the internal network 13 eg, the lighting system
- control information for the lighting system may be sent to the entities 11 and 12 (eg, via the server 20 and server 10 only (eg, a backend server of the lighting system) - -
- Server 20 is, for example, an analysis server (e.g., an analytic server).
- the server 10 and the server 20 are separated and shown connected only by connection 22.
- the server 10 and the server 20 are the same server.
- the functions of the server 10 and the server 20 in this case may be provided by two virtualized server instances of the same server.
- the servers 30 and 32 and the server 20 are the same server.
- the functions of the servers 30 and 32 and the server 20 in this case may be provided by three virtualized server instances of the same server.
- servers 10 and 20, entities 11, 12, and internal network 13, as well as network connections 14, 15, 16 form an intelligent outdoor infrastructure, for example, for controlling and managing components of a distributed system such as a lighting system an automation and / or production system (eg an Industrie 4.0 infrastructure).
- a distributed system such as a lighting system an automation and / or production system (eg an Industrie 4.0 infrastructure).
- optional entities IIa and IIb are also part of such infrastructure.
- FIG. 2a shows a block diagram of an exemplary embodiment of the first server 20 according to the first and third aspects of the invention.
- Processor 200 is designed in particular as a microprocessor, microcontroller such as microcontroller, digital signal processor (DSP), application-specific integrated circuit (ASIC) or Field Programmable Gate Array (FPGA).
- microcontroller such as microcontroller, digital signal processor (DSP), application-specific integrated circuit (ASIC) or Field Programmable Gate Array (FPGA).
- DSP digital signal processor
- ASIC application-specific integrated circuit
- FPGA Field Programmable Gate Array
- Processor 200 executes program instructions stored in program memory 220 and, for example, stores intermediate results or the like in main memory 210.
- program memory 220 is a non-volatile memory such as a flash memory, a magnetic memory, an EEPROM memory (electrically erasable programmable read only memory) and / or an optical memory. -
- Main memory 210 is for example a volatile or non-volatile memory, in particular a random access memory (RAM) such as a static RAM memory (SRAM), a dynamic RAM memory (DRAM), a ferroelectric RAM memory (FeRAM). and / or a magnetic RAM memory (MRAM).
- RAM random access memory
- SRAM static RAM memory
- DRAM dynamic RAM memory
- FeRAM ferroelectric RAM memory
- MRAM magnetic RAM memory
- Program memory 220 is preferably a local volume permanently attached to the server 20.
- Hard disks permanently connected to the server 20 are, for example, hard disks installed in the server 20.
- the data carrier can also be, for example, a data carrier which can be connected separably to the server 20, such as a memory stick, a removable data carrier, a portable hard disk, a CD, a DVD and / or a floppy disk.
- Program memory 220 stores the operating system of server 20, which is at least partially loaded into main memory 210 when the server 20 is started and executed by the processor 200.
- the operating system of Server 20 is preferably a Windows, UNIX, Linux, Android, and / or iOS operating system.
- the operating system of the server 20 is different from the operating system of the server 10 in order to make it more difficult to attack the server 20 and the server 10.
- server 20 Only the operating system allows the use of server 20 for data processing. It manages, for example, resources such as main memory 210 and program memory 220 and network interface 230 as well as optional network interface 240, provides basic functions to other programs through programming interfaces, among other things, and controls the execution of programs.
- resources such as main memory 210 and program memory 220 and network interface 230 as well as optional network interface 240, provides basic functions to other programs through programming interfaces, among other things, and controls the execution of programs.
- program instructions 220 store, for example, program instructions which, when the processor 220 executes the program instructions, cause the processor 220 at least to carry out the method according to the first and third aspects of the invention - - partially perform and / or control.
- program instructions 220 store, for example, program instructions which, when the processor 220 executes the program instructions, cause the processor 220 at least to carry out the method according to the first and third aspects of the invention - - partially perform and / or control.
- a first server program according to the first aspect of the invention is stored in program memory 220.
- Processor 200 controls network interface 230 and optional network interface parts 240, with control of network interfaces 230 and 240 being enabled, for example, by a device translator that is part of the kernel of the operating system.
- Network interfaces 230 and 240 are, for example, each a network card, a network module and / or a modem and are each set up to establish one or more connections of the control device 20 to a network.
- network interfaces 230 and 240 are each configured to receive information about the network and forward it to processor 200 and / or to receive information from processor 200 and send it over the network.
- network interface 230 is configured to send information to one or more entities of an external network (eg, one or more of servers / entities 30, 31, 32, and 33 of external network 34) and / or information from one or more To receive entities of the external network (eg from one or more of the server / entities 30, 31, 32 and 33 of the external network 34).
- network interface 230 is configured to send and / or receive information about connections 23 and 24.
- optional network interface 240 is configured to send information to one or more entities of an internal network (eg, server 10) and / or to receive information from one or more entities of the internal network (eg, server 10).
- optional network interface 240 is configured to send and / or receive information over connection 22.
- server device 20 comprises only one network interface, which is set up corresponding to network interface 230 and network interface 240. -.
- FIG. 2b shows a block diagram of an exemplary embodiment of the second server 10 according to the first and third aspects of the invention.
- the structure of server 10 corresponds to the structure of server 20.
- Processor 100 executes program instructions stored in program memory 120 and stores, for example, intermediate results or the like in main memory 110.
- program memory 120 is a non-volatile memory such as flash memory. Memory, a magnetic memory, an EEPROM memory (electrically erasable programmable read only memory) and / or an optical memory.
- Main memory 110 is, for example, a volatile or non-volatile memory, in particular a random access memory (RAM) such as a static RAM (SRAM), a dynamic RAM (DRAM), a ferroelectric RAM (FeRAM).
- RAM random access memory
- SRAM static RAM
- DRAM dynamic RAM
- FeRAM ferroelectric RAM
- Program memory 120 is preferably a local volume permanently attached to server 10.
- Hard disks permanently connected to the server 10 are, for example, hard disks which are built into the server 10.
- the data carrier may also be, for example, a data carrier which can be detachably connected to the server 10, such as a memory stick, a removable data carrier, a portable hard disk, a CD, a DVD and / or a floppy disk.
- the operating system is stored by server 10, which is at least partially loaded into main memory 110 when the server 10 is started and executed by the processor 100.
- server 10 is preferably a Windows, UNIX, Linux, Android, and / or iOS operating system.
- the operating system of the server 10 is different from the operating system of the server 20 to complicate an attack on the server 10 and the server 20 - -
- server 10 Only the operating system allows the use of server 10 for data processing. It manages, for example, resources such as main memory 110 and program memory 120 and network interface 130 as well as optional network interface 140, provides basic functions, among other things through programming interfaces, to other programs and controls the execution of programs.
- program instructions 120 store, for example, program instructions which, when the processor 120 executes the program instructions, cause the processor 120 to execute and / or control the method according to the first and third aspects of the invention at least in part.
- program instructions 120 store, for example, program instructions which, when the processor 120 executes the program instructions, cause the processor 120 to execute and / or control the method according to the first and third aspects of the invention at least in part.
- a first server program according to the first aspect of the invention is stored in program memory 120.
- Processor 100 controls network interface 130 and optional network interfaces 140, with control of network interfaces 130 and 140 being enabled, for example, by a device replay program that is part of the kernel of the operating system.
- Network interfaces 130 and 140 are, for example, each a network card, a network module and / or a modem and are each set up to establish one or more connections of the control device 10 to a network.
- network interfaces 130 and 140 are each configured to receive information about the network and forward it to processor 100 and / or to receive information from processor 100 and send it over the network.
- network interface 130 is configured to send information to one or more other entities of the internal network (eg, one or more of entities 11 and 12 of internal network 13) and / or information from one or more other entities of the external network (eg from one or more of the entities 11 and 12 of the internal network 13).
- network interface 130 is configured to send and / or receive information over network connection 16.
- Network interface 140 configured to send information to server 20 and / or receive information from server 20.
- optional network interface 140 is configured to send and / or receive information over connection 22.
- server 10 includes only a network plant interface, which is set up according to the network interface 130 and the network interface 140.
- step 300 shows a flowchart 3 with steps of an exemplary embodiment of the method according to the first aspect of the invention, which are executed and / or controlled by the server 20 according to FIG. 2a.
- program instructions of a program stored in the program memory 220 executed by the processor 200 cause the server 20 to execute and / or control the steps of the flowchart 3.
- the steps of the flowchart 3 will be described by way of example in connection with the system 1 shown in FIG.
- the steps of flowchart 3 may also be part of an exemplary embodiment of the method according to the third aspect of the invention (e.g., along with the steps of flowcharts 6 and / or 7 described below).
- step 300 first information is received at the server 20, wherein the first information originates from one or more entities of the internal network 13.
- the first piece of information comes from the entity 11 of the internal network 13.
- information is to be understood, for example, as originating from an entity, if the information is at least partially generated by the entity and / or means of the entity, and / or was recorded.
- the entity 11 and / or entity 11 has at least partially created and / or created the first information.
- the first information is an environmental information (eg, brightness information) that is at least partially detected by a sensor of the entity 11.
- first information is a state information generated at least in part by the entity 11.
- the server 20 receives the first information from server 10 or one of the entities 11, IIa, IIb, and 12 of the internal network 13.
- the entity 11 sends the acquired and / or generated first information to the server 10 via the internal network 13 (eg, via the network connections 14 and 16 of the internal network 13).
- the server 10 receives the first information via the internal network 13 from the entity 11 and sends it via the connection 22 to the server 20.
- the first information is received in step 300 from the server 10 via the connection 22 at the server 20.
- the first information or information based on the first information is at least partially related to a first type of information of the first information and / or the information based on the first information to a first group of entities of the external network 34 Server 20 is provided such that the first information and / or based on the first information information is available only through the entities of the first group of entities of the external network 34.
- information should be understood herein to be available, for example, as being obtainable by an entity, if the information at the entity can be obtained.
- information is available to an entity if the information is receivable, readable, detectable, retrievable, and / or decryptable by the entity.
- the information based on the first information is at least partially the result of processing and / or summarizing the first information. - -
- different types of information are each assigned to different groups of entities of the external network 13. For example, only the entities of a group of entities of the external network are authorized to obtain information from the information type associated with the group of entities of the external network.
- a group of entities of the external network includes all entities of the external network with the authority to obtain information of a particular type of information.
- authorization information and / or association information are stored in the program memory 220 of the server 20, respectively.
- the entity 31 of the external network 34 is entitled to obtain information of the information type of the first information and / or the information based on the first information (eg, environmental information).
- the entity 31 is an entity of the first group of entities of the external network 34 that are authorized to obtain information of the information type of the first information and / or the information based on the first information (other possible entities of that group of entities of the external Network are not shown).
- the first information and / or the information based on the first information is provided in step 301 by the server 20, for example, such that it is available at the entity 31 of the external network 34 (eg by the entity 31 of the external network 34 receivable and / or retrievable).
- the first information is sent from server 20 to server 30, which is set up, for example, the first information for accessing and / or retrieving via external network 34 through entity 31 (eg via network connections 35 and 37 of FIG external network 34) and by other entities of the first group of entities of the external network.
- entity 31 eg via network connections 35 and 37 of FIG external network 34
- the first information and / or the information based on the first information is sent by server 20 (eg directly) to the entity 31 and further entities of this group of entities of the external network.
- the first information is provided in step 301 such that it is not passed through by the first group of entities of the external - -
- Network's various entities of external network 34 e.g., entity 33 of external network 34.
- the entity 33 of the external network 34 is only entitled to obtain information from an information type (e.g., state information) different from the information type of the first information.
- the entity 33 is an entity of a group of entities of the external network 34 that are authorized to obtain information from an information type different from the information type of the first information (further possible entities of this group of entities of the external network are not shown, for example). If information of such an information type is obtained at the server 20 in step 300, it is provided in step 301, for example, available at the entity 33 of the external network 34 (eg, receivable by the entity 33 of the external network 34) / or is available).
- the information is sent to entity 32, which is, for example, set up to provide the information for accessing and / or retrieving via external network 34 through entity 33 (e.g., via network connections 36 and 38 of external network 34).
- entity 33 e.g., via network connections 36 and 38 of external network 34.
- a second information is received at the server 20, wherein the second information originates from an entity of a second group of entities of the external network 34.
- the second information comes from the entity 31 of the external network 34.
- the second information is at least partially acquired and / or generated by the entity 31.
- the second information is at least partially a user input captured by the entity 31.
- entity 31 is , the external network 34, an entity of the second group of entities of the external network 34, which are entitled to transmit information via the server 20 to one or more entities of the internal network 13 (further possible entities of this group of entities of the external network are not shown).
- the second information is received at step 302 from the server 30 at the server 20 (e.g., via network connection 23).
- the external network server 30 is configured to receive the second information from an entity of the second group of entities of the external network and send it to the server 20.
- the second information is received by the entity 31 at the server 20 in step 302.
- the second information and / or information based on the second information is provided by the server 20 such that the second information is obtainable only at one or more entities of the internal network 13.
- information should be understood herein to be available, for example, as being obtainable by an entity, if the information at the entity can be obtained.
- information is available to an entity if the information is receivable, readable, detectable, retrievable, and / or decryptable by the entity.
- the second information and / or the information based on the second information is provided in step 303 for accessing and / or retrieving by the server 10 of the internal network 34.
- the second information and / or the information based on the second information is sent in step 303 to the server 10, which is configured to transmit information to the entities 11 and 12 via the internal network 13.
- the second information and / or the information based on the second information is sent to the server 10 in step 303 only when the server 10 retrieves and / or accesses the second information.
- FIG. 3b shows a flow diagram 4 with steps of an exemplary embodiment of the method according to the first aspect of the invention, which are executed and / or controlled by the server 20 according to FIG. 2a.
- program instructions of a computer program stored in the program memory 220 executed by the processor 200 cause the server 20 to execute and / or control the steps of the flowchart 4.
- the steps of the flowchart 4 will be described by way of example in connection with the system 1 shown in FIG.
- the steps of flowchart 4 may also be part of an exemplary embodiment of the method according to the third aspect of the invention (e.g., along with the steps of flowcharts 6 and / or 7 described below).
- step 400 first information is received at server 20 from server 10 of internal network 13 (e.g., via connection 22).
- the first information comes from the entity 11 of the internal network.
- the first information is processed and / or summarized with further information.
- processing the first information means, for example, the organization, analysis and / or modification of the first information.
- the organization and / or modification of the first information can be done, for example, by applying a data processing algorithm to the first information.
- the images can be sent to an observation camera (eg for privacy reasons) with poor resolution, unless certain events occur, such as a stand-alone bag. , -
- the first information and the further information are aggregated, analyzed and / or evaluated.
- the detection of Bluetooth signals by a radiation sensor for Bluetooth signals the existence and direction of a device in a circular environment around the radiation sensor can be determined, and by an ultrasonic sensor, the position and structure of the object can be detected.
- Other summaries of information may be used, for example, to provide marketing information (such as when a store would like to give discounts to a select number of customers, or to evaluate how many customers are nearby, and how often they have already been there).
- shocks can be detected and evaluated by comparing them with the position and history of vibration information at other locations to determine whether it is shock from an earthquake or, for example, shock from passing traffic.
- summarized and / or processed information usually represent a greater additional value than information acquired by individual sensors.
- the result of these value-added services can lead to even more complex processes that can subsequently be executed.
- the flow of information eg, the flow of information to a passing pedestrian
- the response to the sent messages for example, can be recorded, processed and evaluated again, for example, to be different and more effective when the events occur again.
- the result of processing and / or summarizing in step 401 is, for example, information based on the first information.
- the first information and / or the information based on the first information is sent to one or more entities of the external network 34.
- entities of the external network 34 For example, as described above, only the entities of a first group of entities of the external network 34 are allowed to obtain information of the information type of the first information and / or the information based on the first information.
- the entity 31 of the external network 34 is entitled to obtain information of the information type of the first information and / or the information based on the first information.
- the first information and / or the information based on the first information is sent in step 402 to the entity 30, which is set up, for example, the first information and / or the information based on the first information for accessing and / or or retrieving over the external network 34 by the entity 31 (eg, via the network connections 35 and 37 of the external network 34) and / or to provide further entities of the first group of entities of the external network.
- the external network server 30 is set up, a network portal for authenticating the entities of the first group of entities of the external network, and for accessing the first information and / or the first information based on the authenticated entities of the first group of entities of the external network.
- authenticating the entities of the first group of entities includes checking for each of the entities (eg, at least in part, depending on an authentication feature) whether the entity is eligible for information of the information type of the first information and / or the information based on the first information To receive information.
- step 403 second information is received from an entity of the external network 34 at the server 20.
- the second Information in step 403, as described above in detail at step 302, is received at the server 20 from the server 30 (eg, via network connection 23).
- the external network server 30 is configured to provide a network portal for authenticating the entities of the second group of entities of the external network 34 and for receiving the second information from one of the authenticated entities of the second group of entities of the external network 34.
- the external network server 30 is further configured to send the second information received from one of the authenticated entities of the second group of entities of the external network to the server 20.
- authenticating the entities of the second set of entities includes checking for each of the entities (eg, at least in part, depending on an authentication feature) whether the entity is authorized to provide information about the server 20 to one or more entities of the internal network 13 to submit.
- the second information is processed by the server 20 and / or summarized with further information.
- processing the second information means, for example, the organization, analysis and / or modification of the second information.
- the organization, analysis and / or modification of the second information can be carried out, for example, by applying a checking algorithm and / or a data processing algorithm to the second information. Summarizing the second information with a further piece of information, the present case For example, it can be understood that the second information and the further information are aggregated and / or evaluated.
- the result of processing and / or summarizing in step 405 is, for example, information based on the second information.
- step 405 the second information and / or the information based on the second information is sent to one or more entities of the internal network.
- the second information and / or the information based on the second information is sent to one or more entities of the internal network only if the second of one (eg, authenticated) entity of the second group of entities of the external Network originates.
- the second information and / or the information based on the second information is sent in step 405 to the server 10 of the internal network 13, which is configured to communicate information to the entities 11 and 12 via the internal network 13.
- the second information and / or the information based on the second information is not sent to the server 10 until the server 10 has the second information and / or the information based on the second information retrieves and / or accesses it.
- FIGS. 4a and 4b show a flowchart 5 with communication steps of an exemplary embodiment of the method according to the first aspect of the invention, which run in the system 1 according to FIG.
- entity 11 of internal network 13 sends first information to server 10 of internal network 13.
- the first information is environmental information (eg, brightness information) captured at least partially by a sensor of entity 11.
- the first information for example, an at least partially generated by the entity 11. - -
- State information is.
- the entity 11 sends the acquired and / or generated first information to the server 10 via the internal network 13 (eg, via the network connections 14 and 16 of the internal network 13).
- the first information is sent to server 10 of the internal network 13 received.
- the server 10 receives the first information in step 501 via the internal network 13 from the entity 11 (e.g., via the network connections 14 and 16 of the internal network 13).
- the first information is sent from entity 10 of internal network 13 to server 20 (e.g., via connection 22).
- step 503 the first information is received at the server 20 (e.g., via connection 22). This corresponds, for example, at least substantially to step 400 described above.
- the first information is subsequently processed and / or summarized by the server 20.
- step 504 the first information and / or information based on the first information is sent from the server 20 to the entity 30 of the external network 34 (e.g., via connection 23). This corresponds, for example, at least substantially to the above-described step 402.
- the external network server 30 is set up, a network portal for authenticating the entities of the first group of entities of the external network, and for accessing the first information and / or the first information based on the authenticated entities of the first group of entities of the external network.
- authenticating the entities of the first group of entities includes checking for each of the entities (eg, at least in part, depending on an authentication feature) whether the entity is eligible for information of the information type of the first information and / or the information based on the first information To receive information.
- the entity 31 of the external network 34 is entitled to obtain information of the information type of the first information and / or the information based on the first information.
- step 505 the first information and / or the information residing on the first information is received at the entity 30 of the external network 34 (e.g., via connection 23).
- the first information and / or information based on the first information is subsequently provided by the server 30 via the network portal for accessing and / or retrieving over the external network 34 by (eg authenticated) entities of the first group of entities of the external network ,
- step 506 the entity 31 accesses the first information and / or the information based on the first information (e.g., via the network connections 35 and 37, e.g., via the network portal).
- step 507 the first information and / or the information based on the first information in response to the access to the first information and / or the information based on the first information in step 506 from the server 30 to the first entity 31 of the external Network 34 sent (eg via the network factory connections 35 and 37).
- the server 30 first authenticates the entity 31 of the external network 34 and then sends the first information and / or the information based on the first information in response to the access to the first information and / or the information based on the first information Step 506 to the authenticated first entity 31 of the external network 34.
- the first information and / or information based on the first information is received at the entity 31 from the server 30 (eg, via the network connections 35 and 37).
- step 509 second information is sent from entity 31 to server 30 (e.g., via network connections 35 and 37).
- the second information is at least partially detected and / or generated by the entity 31.
- the second information is at least partially a user input captured by the entity 31.
- the external network server 30 is configured to provide a network portal for authenticating the entities of the second group of entities of the external network and for receiving the second information from one of the authenticated entities of the second group of entities of the external network.
- authenticating the entities of the second set of entities includes checking for each of the entities (eg, at least in part, depending on an authentication feature) whether the entity is authorized to supply information about the server 20 to one or more entities of the internal network 13 to transfer.
- only the entities of the second group of entities of the external network 34 are authorized to communicate information via the server 20 to one or more entities of the internal network 13.
- the entity 31 of the external network 34 is authorized to communicate information about the server 20 to one or more entities of the internal network 13.
- the entity 31 of the external network 34 first authenticates itself to the server 30 (eg via the network portal) and then sends the second information to the server 30 of the external network 34 (eg via the network portal).
- the second information is received at the server 30 from the entity 31 (eg, via the network connections 35 and 37).
- step 511 the second information is sent from server 30 to server 20 (e.g., via connection 23).
- the external network server 30 is further configured to send the second information received from one of the authenticated entities of the second group of entities of the external network to the server 20.
- the second information is sent from the server 30 to the server 20 only when entity 31 of the external network 34 has authenticated to the server 30.
- step 512 the second information is received at the server 20 (e.g., via connection 23). This corresponds at least substantially to step 403 described above.
- the second information is subsequently processed and / or summarized by the server 20.
- step 513 the second information and / or information based on the second information is retrieved by the server 10 from the server 20 (e.g., via connection 22).
- step 514 the second information and / or the information based on the second information is sent from the server 20 to the server 10 in response to the retrieval in step 507 (e.g., via connection 22). This essentially corresponds to the above-described step 405.
- step 515 the second information and / or the information based on the second information is received at the server 10 (eg via connection 22).
- step 516 the second information and / or the information based on the second information is sent from the server 10 to the entity 11 (and eg the entity 12) (eg via the network connections 16 and 14).
- step 517 the second information and / or information based on the second information is received by entity 11 (eg, via network connections 16 and 14).
- FIG. 5a shows a flowchart 6 with steps of an exemplary embodiment of the method according to the second aspect of the invention, which are executed and / or controlled by the server 10 according to FIG. 2b.
- program instructions of a computer program stored in the program memory 120 executed by the processor 100 causes the server 10 to execute and / or control the steps of the flowchart 6.
- the steps of the flowchart 6 will be described by way of example in connection with the system 1 shown in FIG.
- the steps of flowchart 6 may also be part of an exemplary embodiment of the method according to the third aspect of the invention (e.g., along with the steps of flowcharts 4 and / or 5 described above).
- a function update and / or a functional recovery of one or more entities of a first group of entities of the internal network 13 is initiated and / or controlled.
- updating a function of an entity it should be understood in the present case, for example, that one or more functions of the entity are changed, for example by adding a function to the entity, deactivating a function of the entity, and / or activating a function of the entity.
- restoring a function of an entity it should be understood in the present case, for example, that one or more functions of the entity are transferred to a defined state (eg, the delivery state).
- the first group of entities of the internal network comprises, for example, the entities of the internal network whose function recovery and / or function update can be initiated and / or controlled by the server 10.
- the entities of the first group of entities of internal network 13 include entities 11, IIa, IIb, and 12 of internal network 13 (other possible entities of the first group of entities of internal network 13 are not shown).
- the entities of the first group of entities of the internal network 13 are preferably all entities of the internal network other than the server 10.
- the one or more entities of the first group of entities of the internal network will provide function recovery information and / or function update information is provided such that the one or more entities of the first group of entities of the internal network are enabled to restore and / or update the function (s).
- corresponding function recovery information and / or function update information is sent in step 600 from the server 10 to the one or more entities of the internal network (e.g., via the network connections 14, 15 and 16 of the internal network 13).
- the one or more entities of the first group of entities of the internal network are the entities of the first group of entities whose function (s) are to be recovered and / or updated.
- the one or more entities of the first group of entities are the entities the first group of entities whose function recovery and / or function update is to be initiated and / or controlled by the server 10.
- FIG. 5b shows a flow diagram 7 with steps of an exemplary embodiment of the method according to the second aspect of the invention, which are executed and / or controlled by the server 10 according to FIG. 2b.
- program instructions of a computer program stored in the program memory 120 executed by the processor 100 cause the server 10 to execute and / or control the steps of the flowchart 7.
- the steps of the flow chart 7 will be described by way of example in connection with the system 1 shown in FIG.
- the steps of flowchart 7 may also be part of an exemplary embodiment of the method according to the third aspect of the invention (e.g., along with the steps of flowcharts 4 and / or 5 described above).
- respective health monitoring information from server 10 is sent to each entity of a first group of entities of the internal network (e.g., via network connections 14, 15 and 16).
- the first group of entities of the internal network comprises, for example, the entities of the internal network whose function recovery and / or function update can be initiated and / or controlled by the server 10.
- the entities of the first group of entities of internal network 13 include entities 11, IIa, IIb, and 12 of internal network 13 (other possible entities of the first group of entities of internal network 13 are not shown).
- a function monitoring information should be understood to mean, for example, any information that is suitable for function monitoring of an entity of the first group of entities of the internal network (eg suitable with a watchdog functionality of the entity of the first group of entities of the internal group). network).
- the format of the function monitoring information is predetermined.
- the respective health monitoring information for each entity of the first group of entities of the internal network is at least partially equal.
- the respective function monitoring information for each entity of the first group of entities of the internal network is at least partially different.
- the entities 11, IIa, IIb, and 12 of the first group of entities of the internal network each have watchdog functionality.
- the watchdog functionality for each entity monitors whether feature monitoring information (e.g., in a particular time period) is being received at the respective entity. For example, if no feature monitoring information (e.g., in a particular time period) is received at the respective entity, the watchdog functionality causes and / or controls that function recovery position request information is sent from the respective entity to the server 10.
- function monitoring information is sent to each entity of the first group of entities of the internal network at regular and / or irregular intervals.
- one or more function recovery request information from one or more entities of the first group of entities of the internal network 13 is received at the server 10.
- function recovery request information is received from entities 11 and 12 of the first group of entities of internal network 13 (eg, via network connections 14 and 16, and 15 and 16).
- functional recovery request information is understood here to mean, for example, any information that is suitable for triggering and / or controlling the functional recovery of the one or more entities of the first group of entities of the internal network 13, at least in part.
- the format of the function recovery position request information is given.
- each of the function recovery request information is generated and sent by each one of the one or more entities of the first group of entities.
- respective function recovery information is sent to each entity of the one or more entities of the first group of entities of the internal network 13.
- sending the respective function recovery information to the entity of the one or more entities of the first group of entities of the internal network 13 is at least partially responsive to the one or more function recovery request information received in step 701.
- respective function recovery information is sent to each of the one or more entities of the first group of entities of the internal network 13, from which function recovery request information was received in step 701.
- the respective function recovery information for the respective entity of the one or more entities of the first group of entities of the internal network includes a function recovery program with program instructions that cause the respective entity of the first group of entities of the internal network 13 to recover one or more functions of the entity (eg, cause a program to be stored in a memory of the entity and / or to modify a program stored in a memory of the entity) when the function recovery program is executed by one or more processors of the respective entity.
- An example for A feature recovery program is an installer and / or an update program.
- the respective function recovery information for the respective entity of the one or more entities of the first group of entities of the internal network 13 includes a function recovery time and / or a function recovery period.
- the functional recovery time specifies a time at which the respective entity will begin and / or complete functional recovery (e.g., the time at which the recovered function (s) will be activated).
- the functional recovery period specifies a time period for the entity to begin and / or complete the functional recovery (e.g., the period in which the recovered function (s) will be activated).
- the functional recovery time and / or the functional recovery period is at least partially different for each of the one or more entities of the first group of entities of the internal network.
- a first function recovery information having a first function recovery time is sent to the entity 11 of the internal network (eg, via the network connections 16 and 14), and a second function recovery information is sent to the entity 12 of the internal network with a second one of the first different recovery times sent (eg via the network connections 16 and 15).
- the state of the art also lacks, for example, a secure and easy-to-use infrastructure for DC-based sensors, devices and as a communication hub for many smartphones and tablets and intelligent cars.
- the security of a possible infrastructure which is based on a variety of sensors and devices in the outdoor area, but requires some security.
- the failure of such an infrastructure would mean the failure of all related services. Therefore, such an infrastructure must not only provide the basic services, but also be protected against failures and attacks and / or be able to recover from failures and attacks (hackers, power and network failure) (recovery).
- the present invention is particularly advantageous because it provides a suitable secure and reliable infrastructure for DC powered luminaires, sensors, devices, APPs, and Web applications that can be used reliably, flexibly, and cost-effectively by many applications.
- the present invention enables the provision of an outdoor infrastructure for light, sensors, APPs, traffic and cloud services in smart cities (outdoor wireless infrastructure for lights, sensors, APPs, traffic and cloud services in smart cities).
- An infrastructure may include, but is not limited to, networked intelligent entities (eg, devices for controlling a light bulb), an internal network (eg, an M2M network of telco such as DT), and one or more Zone 3 servers.
- networked intelligent entities eg, devices for controlling a light bulb
- an internal network eg, an M2M network of telco such as DT
- Zone 3 servers e.g, the sum of the entities, the internal network, and the one or more servers of Zone 3 provides an intelligent infrastructure.
- the present invention that instead of a complete component (eg a complete luminaire), for example, a "none-finished component” (none-finished component) can be connected to the infrastructure.
- the entities of the internal network can be grouped.
- a master has 3G or LTE or 2G ... connection. Others are connected to Master.
- an external network e.g., a meshed network.
- the entities of the internal network for example, become part of another network (eg, if 3G / networks and / or power should fail.)
- An outdoor lighting system on a smart building usually also comprises distributed networks Components in buildings based on meshed networks.
- a Telco network is 1-n (can also be multiple networks if it is international).
- the Telco network collects everything and connects to the one or more Zone 3 servers.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Telephonic Communication Services (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102014113336.6A DE102014113336A1 (de) | 2014-09-16 | 2014-09-16 | Vorrichtung und Verfahren zum Verwalten eines Netzwerks |
PCT/EP2015/061131 WO2016041646A1 (de) | 2014-09-16 | 2015-05-20 | Vorrichtung und verfahren zum verwalten eines netzwerks |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3195552A1 true EP3195552A1 (de) | 2017-07-26 |
Family
ID=53385582
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP15728429.0A Withdrawn EP3195552A1 (de) | 2014-09-16 | 2015-05-20 | Vorrichtung und verfahren zum verwalten eines netzwerks |
Country Status (5)
Country | Link |
---|---|
US (1) | US20170230462A1 (de) |
EP (1) | EP3195552A1 (de) |
CA (1) | CA2961332C (de) |
DE (1) | DE102014113336A1 (de) |
WO (1) | WO2016041646A1 (de) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10437814B2 (en) | 2015-07-10 | 2019-10-08 | Whether or Knot LLC | Systems and methods for weather data distribution |
DE102016124993A1 (de) * | 2015-12-22 | 2017-06-22 | Hirschmann Automation And Control Gmbh | Netzwerk mit teilweiser unidirektionaler Datenübertragung |
DE102016008957B4 (de) | 2016-07-13 | 2018-01-25 | Audi Ag | Direkter Zugriff auf Bussignale in einem Kraftfahrzeug |
US10317888B2 (en) | 2017-03-01 | 2019-06-11 | PLETHORA IloT, S.L. | Device and system including multiple devices for supervision and control of machines in industrial installation |
CN108109625B (zh) * | 2017-12-21 | 2021-07-20 | 北京华夏电通科技股份有限公司 | 手机语音识别内外网传输系统及方法 |
CN110248449A (zh) * | 2018-03-08 | 2019-09-17 | 上海仪电(集团)有限公司中央研究院 | 基于NB-IoT通信方式的户外照明控制系统 |
TWI678083B (zh) * | 2018-05-29 | 2019-11-21 | 英業達股份有限公司 | 電訊傳輸裝置、電訊傳輸方法及智能燈具系統 |
CN110225079B (zh) * | 2019-04-26 | 2022-01-21 | 视联动力信息技术股份有限公司 | 一种设备控制方法、装置及可读存储介质 |
CN111065082B (zh) * | 2019-12-31 | 2022-07-19 | 广东工业大学 | 一种无线网关的通信控制方法及系统 |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001033759A1 (en) * | 1999-11-03 | 2001-05-10 | Avantcom Network, Inc. | Method of sharing proprietary information |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5742762A (en) * | 1995-05-19 | 1998-04-21 | Telogy Networks, Inc. | Network management gateway |
US5958016A (en) * | 1997-07-13 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Internet-web link for access to intelligent network service control |
GB9816087D0 (en) * | 1998-07-23 | 1998-09-23 | Simoco Int Ltd | Radio communications network |
US20010042241A1 (en) * | 2000-01-21 | 2001-11-15 | Fujitsu Limited | Apparatus and method for executing program using just-in time-compiler system |
JP3763393B2 (ja) * | 2000-10-26 | 2006-04-05 | シャープ株式会社 | 通信システム、端末装置、再生プログラムを記録した記録媒体、サーバ装置、およびサーバプログラムを記録した記録媒体 |
US20070086433A1 (en) * | 2005-10-19 | 2007-04-19 | Cunetto Philip C | Methods and apparatus for allocating shared communication resources to outdial communication services |
US8857704B2 (en) * | 2012-01-13 | 2014-10-14 | Logic PD, Inc. | Methods for embedding device-specific data to enable remote access to real time device data |
US9122255B2 (en) * | 2012-09-15 | 2015-09-01 | Honeywell International Inc. | Remote access gateway configurable control system |
DE102014102678B4 (de) | 2013-06-13 | 2016-09-15 | Ice Gateway Gmbh | Vorrichtung und Verfahren zum Steuern eines Leuchtmittels |
-
2014
- 2014-09-16 DE DE102014113336.6A patent/DE102014113336A1/de not_active Withdrawn
-
2015
- 2015-05-20 WO PCT/EP2015/061131 patent/WO2016041646A1/de active Application Filing
- 2015-05-20 CA CA2961332A patent/CA2961332C/en not_active Expired - Fee Related
- 2015-05-20 EP EP15728429.0A patent/EP3195552A1/de not_active Withdrawn
-
2017
- 2017-03-16 US US15/460,498 patent/US20170230462A1/en not_active Abandoned
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001033759A1 (en) * | 1999-11-03 | 2001-05-10 | Avantcom Network, Inc. | Method of sharing proprietary information |
Non-Patent Citations (2)
Title |
---|
MALCOLM W STEVENS: "An Implementation of an Optical Data Diode - DSTO-TR-0785", 1 May 1999 (1999-05-01), Salisbury, South Australia, XP055267742, Retrieved from the Internet <URL:http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.83.8650&rep=rep1&type=pdf> [retrieved on 20160422] * |
See also references of WO2016041646A1 * |
Also Published As
Publication number | Publication date |
---|---|
US20170230462A1 (en) | 2017-08-10 |
CA2961332A1 (en) | 2016-03-24 |
CA2961332C (en) | 2020-01-21 |
WO2016041646A1 (de) | 2016-03-24 |
DE102014113336A1 (de) | 2016-03-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2016041646A1 (de) | Vorrichtung und verfahren zum verwalten eines netzwerks | |
EP3008975B1 (de) | Vorrichtung und verfahren zum steuern eines leuchtmittels | |
AT513782B1 (de) | Vorrichtung und Verfahren zur Übermittlung von Daten | |
DE112018006701T5 (de) | Multihardware-beschleunigte inferenz auf der basis von dienstgütevereinbarungen | |
DE112019003309T5 (de) | Vorrichtung für einen sicheren sendungsempfang mit delegierungskette | |
EP2975801B1 (de) | Verfahren zum Erkennen eines Angriffs in einem Computernetzwerk | |
EP2299650A1 (de) | Verfahren zur Anomalie-Erkennung in einem Kontrollnetzwerk | |
DE112017007393T5 (de) | System und verfahren für netzwerkvorrichtungssicherheits- und vertrauenswertbestimmung | |
EP3876127A1 (de) | Gerätefernwartung auf basis verteilter datenspeicherung | |
DE102020112592A1 (de) | Anwendungsverhaltensbezogene Fingerabdrücke | |
DE202022102631U1 (de) | Intelligentes Verteidigungssystem gegen verteilte Denial of Service (DDoS) Angriffe in Internet of Things (IoT) Netzen | |
WO2018224277A1 (de) | Datenschutzkonfiguration für elektronische geräte in einem netzwerk | |
EP3314844B1 (de) | Datenverarbeitungseinrichtung und verfahren zum betrieb derselben | |
DE102022108862A1 (de) | Plattform für datenschutzgerechtes dezentrales lernen und die überwachung von netzwerkereignissen | |
DE112016000705T5 (de) | Automatisches Entdecken und An-Bord-Nehmen von elektronischen Vorrichtungen | |
WO2021197823A1 (de) | Verfahren zur behandlung einer anomalie von daten, insbesondere bei einem kraftfahrzeug | |
CN103248630A (zh) | 基于数据挖掘的网络安全态势分析方法 | |
EP2480019A1 (de) | Bereitstellen eines vorbestimmten Inhalts über ein offenes Funknetz | |
EP3349187B1 (de) | Verfahren zur bereitstellung von wenigstens einem antriebsparameter wenigstens eines türsystems | |
WO2021197824A1 (de) | Verfahren zur behandlung einer anomalie von daten, insbesondere bei einem kraftfahrzeug | |
WO2021197827A1 (de) | Verfahren zur behandlung einer anomalie von daten, insbesondere bei einem kraftfahrzeug | |
DE102013112730B4 (de) | Rechnerzentrum und Verfahren zum Betrieb eines Rechnerzentrums | |
DE102018221775A1 (de) | Multifunktionssensor | |
CN117938885A (zh) | 基于智能合约的数据去重方法及装置 | |
DE102022202149A1 (de) | Geräteübergabe |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20170407 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20200123 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
19U | Interruption of proceedings before grant |
Effective date: 20210701 |
|
19W | Proceedings resumed before grant after interruption of proceedings |
Effective date: 20220201 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20210701 |