KR101572191B1 - IP camera router, routing method for providing image of IP camera and computer program - Google Patents

IP camera router, routing method for providing image of IP camera and computer program Download PDF

Info

Publication number
KR101572191B1
KR101572191B1 KR1020150071728A KR20150071728A KR101572191B1 KR 101572191 B1 KR101572191 B1 KR 101572191B1 KR 1020150071728 A KR1020150071728 A KR 1020150071728A KR 20150071728 A KR20150071728 A KR 20150071728A KR 101572191 B1 KR101572191 B1 KR 101572191B1
Authority
KR
South Korea
Prior art keywords
camera
address
communication port
request message
forwarding
Prior art date
Application number
KR1020150071728A
Other languages
Korean (ko)
Inventor
박성곤
전연호
Original Assignee
주식회사 비밥소프트웨어
박성곤
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 비밥소프트웨어, 박성곤 filed Critical 주식회사 비밥소프트웨어
Priority to KR1020150071728A priority Critical patent/KR101572191B1/en
Application granted granted Critical
Publication of KR101572191B1 publication Critical patent/KR101572191B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • H04L61/2007
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

A routing method for providing an IP camera router and an IP camera image is disclosed. The first network interface unit is connected to the external network and receives an address request message requesting an address of the IP camera from the user apparatus through the external network. The second network interface unit is connected to the internal network. The control unit allocates a communication port for forwarding to the IP address and the communication port of one or more IP cameras connected to the internal network, changes the allocated forwarding communication port according to preset update information, and responds to the address request message The IP address of the first network interface unit, and the address information including the IP address of the requested IP camera and the communication port for forwarding assigned to the communication port are transmitted to the user device through the external network, When receiving a video request message for requesting an IP camera video for the IP address included in the information and the forwarding communication port from the user device, the IP address and the communication port of the forwarding communication port, And controls the request message to be forwarded.

Description

[0001] IP camera routers, routing methods for providing IP camera images, and computer programs [

The present invention relates to an IP camera router and a routing method for providing an IP camera image, and more particularly, to an IP camera router and an IP camera image providing an image of an IP camera connected to an internal network to a user device connected to an external network To a routing method.

The IP camera provides images captured by a wired / wireless network connected to the camera, and includes a camera, a camera module, a decoder, an image compression chip, a CPU, and a network transmission chip. The analog video signal output from the camera module is converted into a digital video signal through a decoder, and the digital video signal is compressed and transmitted from the compression chip.

The IP camera is connected to an internal network (private IP network). A user located at a remote location from the internal network accesses an IP camera through an external network (public IP network) such as the Internet, Receive. Port forwarding is used for connection between the external network and the internal network. Port forwarding is a function that sends a packet to a specific port on the external network side by changing the port to the internal network side. Patent document 10-1241736 (published on March 11, 2013) and Korean Patent No. 10-1205690 (published on November 28, 2012) disclose such a patent document that utilizes such port forwarding in an IP camera.

However, Korean Patent No. 10-1241736 and Korean Patent No. 10-1205690 only mention the convenience of connection of an IP camera connected to an internal network through an external network, and are silent about the security problem blocking arbitrary user access have. When an arbitrary user is able to access the IP camera, problems such as invasion of privacy and leakage of personal information occur, and there is a high possibility that an offense is abused.

 In order to prevent this, an IP camera having a function of conducting an authentication procedure at the time of connection is being released. However, it is common for the general user to use the IP camera without setting the password of the IP camera because of troubles and difficulties in configuration and inconvenience in management and use.

Korean Patent Laid-Open No. 10-2005-0093071 (published on September 23, 2005) discloses a method of placing a separate server for performing user authentication. However, in the case where an unauthorized user directly obtains access information of the IP camera, Korean Patent Laid-Open No. 10-2005-0093071 (published on September 23, 2005) discloses a method of preventing unauthorized access to an IP camera There is no.

Korean Registered Patent No. 10-1241736 (Publication Date March 11, 2013) Korean Registered Patent No. 10-1205690 (Published Nov. 28, 2012) Korean Patent Publication No. 10-2005-0093071 (published on September 23, 2005)

SUMMARY OF THE INVENTION It is an object of the present invention to provide a method and system for preventing an unauthorized user from accessing an IP camera without accessing an IP camera, And to provide an IP camera router and a routing method for providing an IP camera image that can prevent reconnection and reception of images of an IP camera even if an unauthorized user obtains access information to the IP camera have.

It is another object of the present invention to provide an IP camera router capable of preventing an IP camera image from being exposed even when connection information of an IP camera is leaked to an unauthorized user, Method.

It is another object of the present invention to provide an IP camera router and a routing method for providing an IP camera image that can block access to an IP camera at a specific time.

According to an aspect of the present invention, there is provided an IP camera router including a first network interface unit connected to an external network and receiving an address request message requesting an address of an IP camera from a user apparatus through the external network, A second network interface unit connected to the internal network, and a communication port for forwarding to an IP address and a communication port of one or more IP cameras connected to the internal network, wherein the allocated forwarding communication port is set in advance In response to the address request message, an IP address of the first network interface unit and an address information including an IP address of the requested IP camera and a communication port for forwarding assigned to the communication port in response to the address request message To be transmitted to the user apparatus through the external network, When receiving a video request message requesting an IP camera image for an IP address and a forwarding communication port from the user device, And controlling the message to be forwarded.

Wherein the control unit checks whether the current time corresponds to the allowed time for the forwarding communication port when receiving the video request message, and if the current time corresponds to the allowed time, causes the video request message to be forwarded And if it does not correspond to the allowed time, forwarding of the video request message may be blocked.

Wherein the second network interface unit receives the streaming packet from the IP camera that has received the forwarded video request message and the control unit encrypts the received streaming packet and transmits the encrypted streaming packet through the external network To the user device, and in response to the address request message, control the security key for decrypting the streaming packet to be further transmitted to the user device.

Wherein the second network interface unit receives the streaming packet from the IP camera that has received the forwarded video request message and the control unit encrypts the received streaming packet and decrypts the streaming packet in the encrypted streaming packet And transmits the added security key to the user device via the external network.

The update information may include at least one of update interval information indicating a change interval of the forwarding communication port and update rule information indicating a change rule of the forwarding communication port.

According to another aspect of the present invention, there is provided a routing method for providing an IP camera image, the method comprising: assigning a communication port for forwarding to an IP address and a communication port of one or more IP cameras connected to an internal network; Receiving an address request message for requesting an address of an IP camera from a user device via an external network, and receiving, in response to the address request message, Transmitting address information including an IP address of the IP camera router and an IP address of the requested IP camera and a communication port for forwarding assigned to the communication port to the user device via the external network; The IP address included in the transmitted address information and the IP camera address for the forwarding communication port The method comprising: receiving a video request message for requesting a video request message, and, when receiving the video request message, forwarding the video request message to an IP address and a communication port to which a communication port for forwarding included in the address information is allocated .

The method may further include the steps of: checking whether the current time corresponds to the allowed time for the forwarding communication port when the video request message is received; if the current time does not correspond to the allowed time, And forwarding the video request message to the mobile terminal when the mobile terminal is in the allowed time.

The method includes receiving a streaming packet from an IP camera that has received the forwarded video request message, encrypting the received streaming packet, and transmitting the encrypted streaming packet to the user device over the external network Wherein the step of transmitting the address information may include transmitting a secret key for decrypting the streaming packet to the user device.

The method includes receiving a streaming packet from an IP camera that has received the forwarded video request message, encrypting the received streaming packet, and adding a security key for decrypting the streaming packet to the encrypted streaming packet And transmitting the stringing packet added with the secret key to the user device via the external network.

The update information may include at least one of update interval information indicating a change interval of the forwarding communication port and update rule information indicating a change rule of the forwarding communication port.

According to the IP camera router and the routing method for providing the IP camera image according to the present invention, since the IP camera router relays the access of the IP camera, the user of the external network can prevent direct access to the IP camera, It is possible to prevent the unauthorized user from accessing the IP camera even if the authentication process is not performed at the connection of the IP camera router and the IP camera IP address of the IP camera is not directly exposed to the external network due to the IP camera router, It is possible to prevent information about the camera from being acquired directly from the IP camera. Since the IP camera router periodically changes the forwarding port assigned to the IP camera, the user who has obtained the connection information reconnects and receives the image of the IP camera Can be prevented. In addition, since the IP camera router provides the image of the IP camera by encrypting it, it is possible to prevent the image of the IP camera from being exposed even if the unauthorized user obtains the connection information. In addition, the IP camera router can block the connection to the IP camera in a specific time period by forwarding the video request message only during the permission period.

1 is a configuration diagram showing a configuration of a preferred embodiment of an IP camera image providing system according to the present invention.
2 is a block diagram showing a configuration of a preferred embodiment of an IP camera router according to the present invention.
3 is a diagram illustrating an embodiment of a forwarding table.
FIG. 4 is a diagram illustrating an embodiment in which the forwarding table shown in FIG. 3 is updated.
5 is a configuration diagram showing a configuration of another preferred embodiment of the IP camera image providing system according to the present invention.
6 is a diagram showing another embodiment of the forwarding table.
7 is a diagram illustrating an embodiment in which the forwarding table shown in FIG. 6 is updated.
FIG. 8 is a flowchart illustrating a procedure of a preferred embodiment of a routing method for providing an IP camera image according to the present invention.

Hereinafter, an IP camera router according to the present invention and a routing method for providing an IP camera image will be described in detail with reference to the accompanying drawings. The structure and operation of the present invention shown in the drawings and described by the drawings are described as at least one embodiment, and the technical ideas and the core structure and operation of the present invention are not limited thereby.

Although the terms used in the present invention have been selected in consideration of the functions of the present invention, it is possible to use general terms that are currently widely used, but this may vary depending on the intention or custom of a person skilled in the art or the emergence of new technology. Also, in certain cases, there may be a term selected arbitrarily by the applicant, in which case the meaning thereof will be described in detail in the description of the corresponding invention. Therefore, it is to be understood that the term used in the present invention should be defined based on the meaning of the term rather than the name of the term, and on the contents of the present invention throughout.

1 is a configuration diagram showing a configuration of a preferred embodiment of an IP camera image providing system according to the present invention.

Referring to FIG. 1, an IP camera image providing system 1 may include a user apparatus 10, IP cameras 20, 20-2, and 20-3, and an IP camera router 100.

The user device 10 may be an electronic device capable of data communication. The electronic device may be a personal computer system such as a desktop, laptop, tablet, minicomputer, notebook, handheld computer, or may be a navigator or a digital TV such as IPTV and Smart TV, A broadcast terminal, a PDA (Personal Digital Assistants), a PMP (Portable Multimedia Player), and a beam projector.

The IP cameras 20, 20-2, and 20-3 can capture images and provide the captured images to the internal network 7 in real time. In addition, the IP cameras 20, 20-2, and 20-3 can support the OnVif protocol.

The IP cameras 20, 20-2, and 20-3 can provide images taken to be accessible through a specific URL (Uniform Resource Locator). For example, the IP camera 20 can provide an image captured so as to be accessible with the URL "rtsp: // user1: ******@192.168.11.2: 554 / onvif / viewurl ". That is, the user device 10 accesses the IP camera 20 with the URL "rtsp: // user1: ******@192.168.11.2:554/onvif/viewurl" A streaming packet can be received and displayed. "******" is the user password of the IP camera, "192.168.11.2" is the IP camera address, and "554" is the user name of the IP camera. Is the communication port, and "/ onvif / viewurl" is the path.

The IP camera router 100 can route the packets received through the external network 3 to the IP cameras 20, 20-2 and 20-3 connected to the internal network 7, To the user equipment 10 connected to the external network 3. The user equipment 10 may be connected to the external network 3 via a network.

The external network (3) may be composed of a backbone network and a subscriber network. The backbone network may be composed of one or a plurality of integrated networks of X.25 network, Frame Relay network, ATM network, MPLS (Multi Protocol Label Switching) network and GMPLS (Generalized Multi Protocol Label Switching) network. The subscriber network may be a fiber to the home (FTTH), an asymmetric digital subscriber line (ADSL), a cable network, a wireless LAN (IEEE 802.11b, IEEE 802.11a, IEEE 802.11g, IEEE 802.11n), WIBro HSDPA (High Speed Downlink Packet Access). In some embodiments, the external network 3 may be an Internet network, or may be a mobile communication network.

The internal network 7 may be a wired or wireless local area network (LAN), and may be, for example, Ethernet.

Also, the external network 3 may be a public IP network, and the internal network 7 may be a private IP network.

2 is a block diagram showing a configuration of a preferred embodiment of an IP camera router according to the present invention.

Referring to FIG. 2, the IP camera router 100 may include a first network interface unit 110, a second network interface unit 120, a controller 130, and a storage unit 140.

The first network interface unit 110 is connected to the external network 3 and receives an address request message for requesting an address of the IP camera from the user device 10 through the external network 3, The address information can be transmitted to the user device 10 through the external network 3 in accordance with the control. The address information may include an address of the first network interface unit 110 and a forwarding communication port assigned to an IP address and a communication port of the IP camera whose address is requested. The address of the first network interface unit 110 may be an IP address allocated to the IP camera router 100 to access the IP camera router 100 in the external network 3. [

The first network interface unit 110 may receive the video request message from the user apparatus 10 through the external network 3 and may transmit the streaming packet of the IP camera to the user apparatus 10. [ Here, the video request message may include an IP address and a communication port for forwarding, and may request an image of an IP camera having an IP address to which an included communication port for forwarding is allocated.

The second network interface unit 120 is connected to the internal network 7 and can receive a streaming packet from the IP camera through the internal network 7. The second network interface unit 120 may have an address and the address may be an IP address allocated to the IP camera router 100 to access the IP camera router 100 in the internal network 7. [

The control unit 130 executes an instruction and performs an operation associated with the IP camera router 100. [ For example, using the command retrieved from the storage unit 140, the control unit 130 can control input and output between the components of the IP camera router 100, and reception and processing of data.

The control unit 130 executes the program code together with the operating system and generates and uses data. The operating system is generally known and will not be described in more detail. For example, the operating system may be a Windows-based OS, Unix, LINUX, Palm OS, DOS, Android, iOS and Macintosh, or may be an operating system for a router. The operating system, other computer code, and data may reside within the storage unit 140 that operates in conjunction with the control unit 130. The program code may be a source code generation module and an execution code generation module.

The control unit 130 may assign a communication port for forwarding to the IP address and the communication port of the IP cameras 20, 20-2, and 20-3 connected to the internal network 7. [ The control unit 130 receives the IP address and communication port of the IP cameras 20, 20-2 and 20-3, the communication port for forwarding, the IP address of the IP cameras 20, 20-2 and 20-3, And the communication port for forwarding to the forwarding table.

The control unit 130 can change the assigned forwarding communication port according to the previously set update information. Here, the control unit 130 can change the communication port for forwarding recorded in the forwarding table. The update information may include at least one of update interval information indicating a change interval of the forwarding communication port and update rule information indicating a change rule of the forwarding communication port. For example, when the update interval information indicates 2 hours, the control unit 130 changes the forwarding communication port every 2 hours, and if the update interval information indicates 24 hours, the forwarding communication port is changed every 24 hours Change it. If the update rule information indicates a rule to replace the image request message for the corresponding IP camera 4 times, the controller 130 receives the image request message for the IP camera four times, Of the forwarding communication port.

When the first network interface unit 110 receives the address request message, the control unit 130 transmits the IP address of the first network interface unit 110, the IP address of the IP camera corresponding to the address request message, The address information including the communication port for forwarding assigned to the communication port is controlled to be transmitted to the user device 10 through the external network 7. [ Here, the control unit 130 can access the forwarding table to confirm the forwarding communication port.

When the first network interface unit 110 receives the video request message, the control unit 130 causes the video request message to be forwarded to the IP address and the communication port to which the forwarding communication port included in the video request message is allocated . Here, the controller 130 accesses the forwarding table to identify the IP address and the communication port to which the forwarding communication port included in the video request message is allocated.

In some embodiments, when the first network interface unit 110 receives the video request message, the control unit 130 determines whether the current time corresponds to the allowed time for the forwarding communication port, If yes, the video request message is controlled to be forwarded, and if not, the video request message can be prevented from forwarding.

In addition, when the second network interface unit 120 receives the streaming packet from the IP camera, the control unit 130 encrypts the received streaming packet and controls the encrypted streaming packet to be transmitted to the user device 10 . Here, the security key for decrypting the streaming packet may be transmitted from the IP camera router 100 to the user device 10 in advance, and may be added to the streaming packet and transmitted to the user device 10. [ For example, the control unit 130 may control the security key to be transmitted to the user device 10 in response to the address request message. Here, the security key may be a public key or a secret key generated by an RSA (Rivest, Shamir, Adleman) encryption algorithm, or may be a public key or a secret key generated by a Diffie-Hellman algorithm. The security key may also be a symmetric key generated with one of DES (Data Encryption Standard), AES (Advanced Encryption Standard), IDEA (Intemational Data Encryption Algorithm) and SEED.

The storage unit 140 may store the forwarding table. The storage unit 140 may be implemented as a read only memory (ROM), a random access memory (RAM), a hard disk drive, or the like.

3 is a diagram illustrating an embodiment of a forwarding table.

Referring to FIG. 3, the forwarding table 300 may include a camera address and a virtual address (router address) of the IP cameras 20, 20-2, and 20-3. For example, the virtual address of the first IP camera 20 is "rtsp: // id: pw@129.209.223.142: 1001 / onvif / viewurl" and the camera address is "rtsp: // id: pw@192.168. 11.2: 554 / onvif / viewurl ". Here, "1001" 310 is a communication port for forwarding assigned to IP address " 192.168.11.2 "and communication port" 554 ", and IP address "129.209.223.142" Address. "1002" 320 is a communication port for forwarding allocated to the IP address "192.168.11.3" and the communication port "554", "1003" 330 is the IP address "192.168.11.4" Is the communication port for forwarding assigned to "554 ".

When the video request message includes the virtual address "rtsp: // id: pw@129.209.223.142: 1001 / onvif / viewurl ", the controller 130 sets" 129.209.223.142:1001 " . 11.2: 554 "to forward the video request message to the internal network 7.

FIG. 4 is a diagram illustrating an embodiment in which the forwarding table shown in FIG. 3 is updated.

Referring to FIG. 4, the controller 130 updates the forwarding table 300 to the forwarding table 400. The control unit 130 changes the forwarding communication ports 310, 320 and 330 to 1010, 410, 1011, 420 and 1012, 430, respectively. The control unit 130 can change the forwarding communication ports 310, 320, and 330 at the same time and can individually change them according to the update information.

When the forwarding table 300 is updated with the forwarding table 400, the video request message including the virtual address "rtsp: // id: pw@129.209.223.142: 1001 / onvif / viewurl" is not forwarded. Therefore, in order to receive the image of the first IP camera 20, the user device 10 should access the virtual address "rts: // id: pw@129.209.223.142:1010/onvif/viewurl&quot ;.

5 is a configuration diagram showing a configuration of another preferred embodiment of the IP camera image providing system according to the present invention.

5, the IP camera image providing system 1 'includes a user device 10, IP cameras 20, 20-2 and 20-3, a router 30 and an IP camera router 100 . The IP camera image providing system 1 'further includes a router 30 in the IP camera image providing system 1 shown in FIG.

The router 30 and the IP camera router 100 are connected to each other via the network 5. [ Here, the network 5 may be a wire / wireless network. The router 30 allocates a private IP address to the IP camera router 100 or stores and manages a private IP address set in the IP camera router 100. [ The router 30 forwards the packet corresponding to the specific communication port range to the private IP address of the IP camera router 100.

The first network interface unit 110 of the IP camera router 100 in the IP camera image providing system 1 'is connected to the network 5 and sees the network 5 as an external network. In the IP camera image providing system 1 ', the address of the first network interface unit 110 may be a private IP address allocated or managed by the router 30.

The user device 10, the IP cameras 20, 20-2 and 20-3 and the IP camera router 100 of the IP camera image providing system 1 ' ), The IP cameras 20, 20-2, and 20-3, and the IP camera router 100, respectively, and a detailed description thereof will be omitted.

6 is a diagram showing another embodiment of the forwarding table.

Referring to FIG. 6, the forwarding table 600 may include a router address, a camera address and a virtual address (router address) of the IP cameras 20, 20-2, and 20-3. Here, "129.209.223.142" is the IP address of the router 30. The virtual address of the first IP camera 20 is "rtsp: // id: pw@192.168.11.1:1001/onvif/viewurl" and the camera address is "rtsp: // id: pw@192.168.11.2: 554 / onvif / viewurl ". Here, "1001" 610 is a communication port for forwarding assigned to IP address " 192.168.11.2 "and communication port" 554 ", and IP address "192.168.11.1" IP address. "1002" 620 is a communication port for forwarding allocated to the IP address "192. 168.11.3" and the communication port "554", "1003" 630 is the IP address "192. 168.11.4" Is the communication port for forwarding assigned to "554 ".

When the router 30 receives a packet having a communication port in the range of 1001 to 1100, the router 30 forwards the packet to the IP address "192.168.11.1" of the first network interface unit 110. For example, when the video request message including "rtsp: // id: pw@129.209.223.142: 1001 / onvif / viewurl" is received, the router 30 sets "129.209.223.142" to "192.168.11.1 &Quot;, and forwards the video request message to the network 5.

If the video request message includes the virtual address "rtsp: // id: pw@192.168.11.1: 1001 / onvif / viewurl ", the control unit 130 sets" 192.168.11.1:1001 & . 11.2: 554 "and forwards the video request message to the internal network 7.

7 is a diagram illustrating an embodiment in which the forwarding table shown in FIG. 6 is updated.

Referring to FIG. 7, the controller 130 updates the forwarding table 600 to the forwarding table 700. The control unit 130 changes the forwarding communication ports 610, 620 and 630 to 1010, 710, 1011, 720 and 1012, 730, respectively. The control unit 130 can simultaneously change the forwarding communication ports 710, 720, and 730, and can individually change them according to the update information.

When the forwarding table 600 is updated with the forwarding table 700, the video request message including the router address "rtsp: // id: pw@129.209.223.142: 1001 / onvif / viewurl" 223.142 "is forwarded from the router 30 to the IP camera router 100 by replacing the IP address " 192.168.11.1 ", but includes" rtsp: // id: pw@192.168.11.1:1001/onvif/viewurl " The video request message is not forwarded from the router 100. [ Therefore, in order to receive the image of the first IP camera 20, the user device 10 should access the virtual address "rts: // id: pw@129.209.223.142:1010/onvif/viewurl&quot ;.

FIG. 8 is a flowchart illustrating a procedure of a preferred embodiment of a routing method for providing an IP camera image according to the present invention.

Referring to FIG. 8, the user device 10 transmits a search request message to the IP camera router 100 through the external network 3 (S100). The IP camera router 100 receives the search request message.

In response to receiving the search request message, the IP camera router 100 searches the IP cameras 20, 20-2, and 20-3 connected to the internal network 7 (S105). Here, the IP camera router 100 can search the IP cameras 20, 20-2, and 20-3 using the OnVif protocol.

The IP camera router 100 transmits the search list including the result of searching the IP cameras 20, 20-2, and 20-3 to the user device 10 through the external network 30 (S110). The user device 10 can receive the search list, store the received search listing and display it on the screen.

The user device 10 transmits a modification save request message to the IP camera router 100 through the external network 30 (S115). IP camera router 100 receives the modified save request message. Here, the modification save request message may include camera setting information for changing the IP camera setting or router setting information for changing the IP camera router setting, and the camera setting information and the router setting information may be information inputted or selected from the user have. Here, the IP camera setting may be a setting for a stringing type (e.g., Onvif, RTSP, RTP), an IP address, a communication port, an ID, a password, and a parameter. The IP camera router settings may be settings for connection allowable time, access permission IP, and update information.

The IP camera router 100 allocates a communication port for forwarding to the IP address and the communication port of the IP cameras 20, 20-2, and 20-2 connected to the internal network 7 (S120). Here, the IP camera router 100 may record the communication port for forwarding assigned to the forwarding table. In addition, the IP camera router 100 may change the camera setting based on the camera setting information included in the modified save request message, or may change the router setting based on the router setting information included in the modified save request message. In addition, the IP camera router 100 may store the update information included in the modified save request message in the storage unit 140.

The IP camera router 100 transmits the result of storing the modified save request message to the user device 10 via the external network 3 (S125). The user device 10 can receive the storage result and display the received storage result on the screen.

The IP camera router 100 changes the allocated communication port for forwarding according to the update information (S130).

The user device 10 transmits an address request message to the IP camera router 100 requesting the address of the IP camera 20 through the external network 3 (S135). The IP camera router 100 receives an address request message requesting the address of the IP camera 20 from the user device 10 via the external network 3

In response to the address request message, the IP camera router 100 includes an IP address of the IP camera router for the external network 3, an IP address of the IP camera 20, and a communication port for forwarding assigned to the communication port To the user device 10 via the external network 3 (S140). The IP address of the IP camera router may be an IP address that the user device 10 can access to the IP camera router through the external network 3. [ For example, in the example of the forwarding table 300 of FIG. 3, the IP address of the IP camera router may be "129.209.223.142", and in the example of the forwarding table 600 of FIG. 6, The IP address may be "192.168.11.1" or "129.209.223.142 ".

 The user device 10 transmits an image request message requesting the image of the IP camera 20 to the IP camera router 100 through the external network 3 (S145). The IP camera router 100 receives a video request message requesting an image of the IP camera 20 from the user device 10 through the external network 3. [ Here, the video request message is transmitted using the address information transmitted in step S140.

Upon receiving the video request message, the IP camera router 100 determines whether the current time corresponds to the allowed time for the IP camera 20 (S150).

If so, the IP camera router 100 forwards the video request message received in step S145 to the IP camera 20 (step S155).

The IP camera 20 transmits the streaming packet to the IP camera router 100 through the internal network 7 (S160). The IP camera router 100 receives the streaming packet from the IP camera 20.

The IP camera router 100 transmits the streaming packet received in step S160 to the user device 10 via the external network 3 (S165). The user device 10 receives the transmitted streaming packet. In some embodiments, IP camera router 100 may encrypt the streaming packet and transmit the encrypted streaming packet. In addition, the security key for decrypting the encrypted streaming packet may be transmitted to the user device 10 in step S140.

In some embodiments, the IP camera router 100 may add a security key for decrypting the streaming packet to the user device 10 in a streaming packet that has encrypted and encrypted the streaming packet.

The user device 10 displays the streaming packet received in step S165. If the streaming packet is encrypted, the user device 10 can decrypt and display the streaming packet with the security key received from the IP camera router 100.

If it does not correspond to the allowable time, the IP camera router 100 blocks the forwarding of the video request message received in step S145 (S175). Here, the IP camera router 100 may discard the video request message.

The user device 10 transmits a camera setting change request message to the IP camera router 100 requesting the IP camera setting change through the external network 3 in step S180. The IP camera router 100 receives the transmitted camera setting change request message. The camera setting change request message may include camera setting information for changing the camera setting. The camera setting information may include an instruction to change the setting based on the OnVif protocol.

In step S185, the IP camera router 100 transmits a configuration change request message to the IP camera 20 through the internal network 7 according to the camera setting information included in the camera setting change request message received in step S180. The first IP camera 20 receives the setting change request message. Here, the setting change request message may include information generated based on the camera setting information included in the camera setting change request message received in step S180.

The IP camera 20 transmits the setting change result to the IP camera router 100 through the internal network 7 (S190). IP camera router 100 receives the setting change result.

The IP camera router 100 transmits the setting change result to the user device 10 through the external network 3 (S195). The user device 10 receives the setting change result and displays a setting change result to be received on the screen.

The present invention can also be embodied as computer-readable codes on a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored. Examples of the computer-readable recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like, and may be implemented in the form of a carrier wave (for example, transmission via the Internet) . The computer-readable recording medium may also be distributed over a networked computer system so that computer readable code can be stored and executed in a distributed manner.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is clearly understood that the same is by way of illustration and example only and is not to be taken by way of limitation in the embodiment in which said invention is directed. It will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the scope of the appended claims.

Claims (11)

A first network interface unit connected to an external network and receiving an address request message requesting an address of an IP camera from a user apparatus through the external network;
A second network interface unit connected to the internal network; And
Assigning a communication port for forwarding to an IP address and a communication port of one or more IP cameras connected to the internal network, periodically changing the assigned forwarding communication port according to preset update information,
Address information including an IP address of the first network interface unit and a forwarding communication port allocated to an IP address of a requested IP camera and a communication port in response to the address request message, To be transmitted to the user device,
When receiving an image request message for requesting an IP camera image for an IP address and a communication port for forwarding from the user device, the IP address of the communication port for forwarding included in the address information, And controlling the video request message to be forwarded to the IP address and the communication port of the IP camera router. The method according to claim 1,
Wherein,
When receiving the video request message, checking whether the current time corresponds to the allowed time for the forwarding communication port, controlling the video request message to be forwarded if the current time corresponds to the allowed time, And prohibits the forwarding of the video request message if the IP address is not within the allowed time. The method according to claim 1,
Wherein the second network interface unit comprises:
Receives a streaming packet from an IP camera that has received the forwarded video request message,
Wherein,
Encrypts the received streaming packet, controls the encrypted streaming packet to be transmitted to the user device via the external network, and in response to the address request message, transmits a secret key for decrypting the streaming packet to the user device To the IP camera router. The method according to claim 1,
Wherein the second network interface unit comprises:
Receives a streaming packet from an IP camera that has received the forwarded video request message,
Wherein,
Encrypts the received streaming packet, adds a security key for decrypting the streaming packet to the encrypted streaming packet, and transmits the encrypted streaming packet to the user device via the external network. The method according to claim 1,
The update information includes:
An updating interval information indicating an interval of changing the forwarding communication port, and an updating rule information indicating a changing rule of the forwarding communication port. Assigning a communication port for forwarding to an IP address and a communication port of one or more IP cameras connected to the internal network;
Periodically changing the assigned communication port for forwarding according to preset update information;
Receiving an address request message requesting an IP camera address from a user device via an external network;
In response to the address request message, address information including an IP address of the IP camera router for the external network and an IP address of the requested IP camera and a communication port for forwarding assigned to the communication port, To the user device via the network;
Receiving an image request message for requesting an IP camera image for an IP address and a forwarding communication port included in the transmitted address information from the user device through the external network; And
And forwarding the video request message to an IP address and a communication port to which the forwarding communication port included in the address information is allocated when the video request message is received. For routing. The method according to claim 6,
Confirming whether the current time corresponds to the allowed time for the forwarding communication port when the video request message is received; And
And blocking the forwarding of the video request message if it does not correspond to the allowed time,
Wherein the step of forwarding the video request message is performed when the video frame corresponds to the allowed time. The method according to claim 6,
Receiving a streaming packet from an IP camera that has received the forwarded video request message;
Encrypting the received streaming packet; And
Further comprising transmitting the encrypted streaming packet to the user device via the external network,
Wherein the step of transmitting the address information comprises:
And transmitting a security key for decrypting the streaming packet to the user device. The method according to claim 6,
Receiving a streaming packet from an IP camera that has received the forwarded video request message;
Encrypting the received streaming packet and adding a security key for decrypting the streaming packet to the encrypted streaming packet; And
Further comprising the step of transmitting a stringing packet to which the secret key is added to the user equipment through the external network. The method according to claim 6,
The update information includes:
Wherein the forwarding communication port includes at least one of update interval information indicating a changing interval of the forwarding communication port and updating rule information indicating a changing rule of the forwarding communication port. 11. A computer program stored on a medium for carrying out the method of any one of claims 6 to 10.



KR1020150071728A 2015-05-22 2015-05-22 IP camera router, routing method for providing image of IP camera and computer program KR101572191B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150071728A KR101572191B1 (en) 2015-05-22 2015-05-22 IP camera router, routing method for providing image of IP camera and computer program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150071728A KR101572191B1 (en) 2015-05-22 2015-05-22 IP camera router, routing method for providing image of IP camera and computer program

Publications (1)

Publication Number Publication Date
KR101572191B1 true KR101572191B1 (en) 2015-11-27

Family

ID=54847750

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150071728A KR101572191B1 (en) 2015-05-22 2015-05-22 IP camera router, routing method for providing image of IP camera and computer program

Country Status (1)

Country Link
KR (1) KR101572191B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180069462A (en) * 2016-12-15 2018-06-25 한화에어로스페이스 주식회사 Apparatus and method for registering camera
CN115065856A (en) * 2022-06-13 2022-09-16 深圳绿米联创科技有限公司 Data display method and data display system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005033250A (en) 2003-07-07 2005-02-03 Matsushita Electric Ind Co Ltd Relaying apparatus and port forward setting method
JP2008048050A (en) 2006-08-11 2008-02-28 Hitachi Kokusai Electric Inc Encrypted data communication system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005033250A (en) 2003-07-07 2005-02-03 Matsushita Electric Ind Co Ltd Relaying apparatus and port forward setting method
JP2008048050A (en) 2006-08-11 2008-02-28 Hitachi Kokusai Electric Inc Encrypted data communication system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180069462A (en) * 2016-12-15 2018-06-25 한화에어로스페이스 주식회사 Apparatus and method for registering camera
KR102596485B1 (en) 2016-12-15 2023-11-01 한화비전 주식회사 Apparatus and method for registering camera
CN115065856A (en) * 2022-06-13 2022-09-16 深圳绿米联创科技有限公司 Data display method and data display system
CN115065856B (en) * 2022-06-13 2024-05-03 深圳绿米联创科技有限公司 Data display method and data display system

Similar Documents

Publication Publication Date Title
CN108989848B (en) Video resource file acquisition method and management system
CN103299313B (en) Transfer management equipment, program, transmission and management system and transfer management method
EP3075096B1 (en) Method and system for encrypted communications
CN110912880B (en) Network distribution method and device, electronic equipment and storage medium
EP3748928A1 (en) Method and system for apparatus awaiting network configuration to access hot spot network apparatus
EP4164175B1 (en) Method for securely controlling smart home appliance and terminal device
KR101575222B1 (en) System, service provider device, service user device and method for providing image of IP camera and computer program
JP2007323553A (en) Adapter device performing encrypted communication on network and ic card
US20150141061A1 (en) Method for tracking a mobile device onto a remote displaying unit
EP2713547A1 (en) Media resource access control method and device
US20160277369A1 (en) Electronic device and communication method thereof
KR20090111256A (en) Home network control apparatus and method to obtain encrypted control information
KR101847636B1 (en) Method and apprapatus for watching encrypted traffic
KR101572191B1 (en) IP camera router, routing method for providing image of IP camera and computer program
US20160105407A1 (en) Information processing apparatus, terminal, information processing system, and information processing method
KR20150060050A (en) Network device and method of forming tunnel of network device
KR20150018024A (en) Data sharing method and data sharing system
KR101584986B1 (en) A method for network access authentication
CN114390520A (en) Key updating method, device, equipment and storage medium
CA2849174C (en) System and method for the safe spontaneous transmission of confidential data over unsecure connections and switching computers
KR101837064B1 (en) Apparatus and method for secure communication
CN114268492B (en) Distribution method, distribution device, robot, equipment, medium and distribution system
JP2008123021A (en) Digital information sharing system, digital information sharing server, terminal equipment, and digital information sharing method
CN108076456A (en) A kind of WiFi communication data security protection method and system based on more passwords
JP2005242547A (en) Remote service execution method, remote client, and remote service server

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20181002

Year of fee payment: 4

FPAY Annual fee payment

Payment date: 20191120

Year of fee payment: 5