KR102128945B1 - Video transmission system based on edge cloud - Google Patents

Abstract

The present invention relates to an edge cloud-based video transmission system capable of resolving a problem of vulnerable security. The edge cloud-based video transmission system may comprise: a plurality of cameras; an edge location server which is arranged between the plurality of cameras and a cloud data center server, responds to a video request packet to receive a first video of a first camera among the plurality of cameras received from a client terminal to control the first video acquired through the first camera to be supplied to the client terminal as a live video by streaming, and stores the live video supplied to the client terminal as a recorded video in a database unit; and the cloud data center server to receive a recorded video satisfying a preset condition among recorded videos stored in the database unit to store the recorded video.

Description

VIDEO TRANSMISSION SYSTEM BASED ON EDGE CLOUD}

The present invention relates to an edge cloud-based image transmission system. In particular, the present application relates to an image transmission system capable of streaming and transmitting edge cloud-based CCTV relocation.

According to the development of technologies such as artificial intelligence (AI), the Internet of Things (IOT), and autonomous driving, the amount of data coming and going through a network may explode. Since the computing server must be able to process such a large amount of data without delay, recently, edge computing-related technologies have attracted attention as a technology that can complement cloud computing, which processes all data centrally. have.

1 is a view for explaining a conventional cloud computing.

Referring to FIG. 1, cloud computing refers to a method in which mobile users use a high-speed wireless network by storing and utilizing data in a data center (ie, cloud data center) called a cloud server.

However, cloud computing lightens the mobile user's device and allows the user to easily obtain data, but there is a problem of bandwidth limitation. That is, such cloud computing has a problem in that it is not possible to provide a latency increase caused by inaccessibility between a cloud and a user, a lack of support capability of a mobile device, and location-awareness.

Also, in the case of the cloud computing method, when a user registers a camera and wants to view an image of the camera, a video packet is sent to a data center (cloud data center) as shown in FIG. 1, and the transmitted image is sent back to the user It works by sending it. Due to this operation method, cloud computing has a high probability of missing images due to delays and network instability, and has a problem in that security is weak in stealing images due to hacking as encryption transmission is impossible.

When entering the Internet of Things in earnest, the amount of data collected centrally through various paths increases, and in the IoT environment where real-time processing is important, concentrated data must be processed without delay. In a concentrated cloud computing) environment, there is a limit to receiving results quickly.

In order to compensate for the problems of cloud computing, edge computing and edge cloud technologies have recently attracted attention.

In the IT infrastructure, the edge means a server or node located in the network closest to the user, and configuring the infrastructure to transmit and process data or content requested by the user closest to the user is the key. have.

Edge computing is a technology mainly characterized by reducing the data load that is driven to the center by giving computing power to edge equipment that was only a network terminal, and a cloud computing method that centrally processes data is used. Rather, it means a computing method that processes data from small branches to small facilities. In other words, edge computing refers to the concept of supporting a network in close proximity to a service place used by users called a periphery of a network, while the existing cloud computer supports a mobile network in the center of the data.

If edge computing is a technology that processes information in real time through a small distributed server, edge cloud means a cloud at the end. In general, in order to connect a specific point on the network, it goes through a number of routers, and one of them is called a hop. Edge computing/edge cloud is a computing/cloud service that can be connected to a specific device within one hop. do.

Edge computing is characterized by a shorter latency than cloud computing. Since it processes data directly from the nearest terminal or Internet of Things device, it can respond to situations without delay, and it can be effectively applied to the autonomous driving industry, etc. because it guarantees fast response speed.

Cloud computing affects all web/mobile services connected to it when a problem occurs in a central data center. On the other hand, since edge computing handles most of the computation on each device, it can be said to be safe compared to cloud computing in that attacking any one system does not damage the entire service, but it is still vulnerable to security. there is a problem.

The background technology of the present application is disclosed in Korean Registered Patent Publication No. 10-1202029.

The present application is intended to solve the above-mentioned problems of the prior art, and in the case of cloud computing, there is a high probability of image omission due to delay and network instability, and as the transmission of the encryption is impossible, security problems in the video deodorization due to hacking are weak. It aims to provide an edge cloud-based video transmission system that can be solved.

The present application is intended to solve the problems of the above-mentioned prior art, and enables real-time video viewing without delay at the same time as video storage, and enhances security to fundamentally block video viewing even when an illegal video is acquired in the middle. It aims to provide an edge cloud-based video transmission system.

However, the technical problems to be achieved by the embodiments of the present application are not limited to the technical problems as described above, and other technical problems may exist.

As a technical means for achieving the above technical problem, the edge cloud-based video transmission system according to an embodiment of the present application, a plurality of cameras; It is disposed between the plurality of cameras and the cloud data center server, and is acquired through the first camera in response to an image request packet for receiving the first image of the first camera among the plurality of cameras received from the client terminal. An edge location server that controls the first video to be provided as the live video to the client terminal by streaming, and stores the live video provided to the client terminal as a recorded video in the database unit; And a cloud data center server that receives and stores, from the edge location server, a recorded image that satisfies a preset condition among the recorded images previously stored in the database unit, and the recorded image that satisfies the preset condition is the database. It is a recorded video which is judged to have the storage time of the recorded video stored in the unit exceeds a preset time, and the edge location server provides and stores the live video based on the edge cloud, and to the cloud data center server. The transmission of the recorded image may be performed, but only the recorded image that satisfies the preset condition among the previously stored recorded images may be delivered to the cloud data center server.

The above-described problem solving means are merely exemplary and should not be construed as limiting the present application. In addition to the exemplary embodiments described above, additional embodiments may exist in the drawings and detailed description of the invention.

According to the above-described problem solving means of the present application, through the provision of an edge cloud-based image transmission system, in the case of cloud computing, there is a high probability of image omission due to delay and network instability, and hacking due to hacking as encryption transmission is impossible It is possible to solve the problem of weak security in video capture.

According to the above-described problem solving means of the present application, through the provision of an edge cloud-based video transmission system, it is possible to view a real-time video simultaneously with video storage without delay, and enhance security to watch the video even if the video is illegally acquired in the middle. Can be blocked by default.

However, the effects obtainable herein are not limited to the effects described above, and other effects may exist.

1 is a view for explaining a conventional cloud computing.
2A to 2C are diagrams showing a schematic configuration of an edge cloud-based image transmission system according to an embodiment of the present application.
3 is a diagram schematically showing a structure of a Hedra hashgraph considered in an edge cloud-based image transmission server according to an embodiment of the present application.
4 is a view for explaining an example of providing an extended image of the first image in the edge cloud-based image transmission server according to an embodiment of the present application.
5 is a view for explaining an angle change image obtained by the angle control of the second camera in the edge cloud-based image transmission server according to an embodiment of the present application.
6 to 8 are diagrams for explaining an angle control example of the selective superimposed image acquisition camera for acquiring the replacement image in the edge cloud-based image transmission server according to an embodiment of the present application.

Hereinafter, embodiments of the present application will be described in detail with reference to the accompanying drawings so that those skilled in the art to which the present application pertains may easily practice. However, the present application may be implemented in various different forms and is not limited to the embodiments described herein. In addition, in order to clearly describe the present application in the drawings, parts irrelevant to the description are omitted, and like reference numerals are assigned to similar parts throughout the specification.

Throughout this specification, when a part is "connected" to another part, it is not only "directly connected", but also "electrically connected" or "indirectly connected" with another element in between. "It includes the case where it is.

Throughout this specification, when a member is positioned on another member “on”, “on the top”, “top”, “bottom”, “bottom”, “bottom”, it means that a member is on another member. This includes cases where there is another member between the two members as well as when in contact.

Throughout the present specification, when a part “includes” a certain component, it means that the component may further include other components, not to exclude other components, unless otherwise stated.

2A to 2C are diagrams showing a schematic configuration of an edge cloud-based image transmission system 1000 according to an embodiment of the present application.

Hereinafter, the edge cloud-based image transmission system 1000 according to an embodiment of the present application will be referred to as the present system 1000 for convenience of description.

2A to 2C, the system 1000 includes a plurality of cameras 10 (1, 2, 3, 4, ...), an edge location server 100, a client terminal 200, and a cloud data center server It may include 400.

Here, the edge location server 100 refers to a server (or device) capable of transmitting an edge cloud-based image according to an embodiment of the present application, and the edge cloud-based image transmission server 100 according to an embodiment of the present application (100, Or an edge cloud-based video transmission device. Hereinafter, the edge location server 100 will be referred to as the present server 100 for convenience of description.

The cloud data center server 400 may be referred to as a cloud data center, data center, or the like.

The client terminal 200 may refer to a terminal of a user (customer) that requests an image providing for an image that a user wants to see, and receives the corresponding image from the server 100.

The client terminal 200 includes PCS (Personal Communication System), GSM (Global System for Mobile communication), PDC (Personal Digital Cellular), PHS (Personal Handyphone System), PDA (Personal Digital Assistant), IMT (International Mobile Telecommunication)- 2000, Code Division Multiple Access (CDMA)-2000, WCode Division Multiple Access (W-CDMA), Wireless Broadband Internet (Wibro) terminal, Smartphone, SmartPad, Tablet PC, Notebook, Wearable Device, All types of wired/wireless communication devices, such as a desktop PC, may be mobile or portable devices (mobile devices), but are not limited thereto.

As another example, the client terminal 200 may include an IOT device, an autonomous driving vehicle, an autonomous driving drone, a smart car, and the like.

The plurality of cameras 10 (1, 2, 3, 4, ...) may be differently represented by an image acquisition device, a photographing device, and CCTV. The plurality of cameras 10 (1, 2, 3, 4, ...) may be obtained by photographing a static image (image) and/or a dynamic image (movie). The plurality of cameras 10 may include a first camera 1, a second camera 2, a third camera 3, a fourth camera 4, and the like.

In the following description of the present application, contents described with respect to any one camera among the plurality of cameras 10 are for each of the remaining cameras except the one of the multiple cameras 10, even if omitted. The same can be applied to the description.

The cloud data center server 400 may mean, for example, a facility that collects equipment necessary for providing IT services such as a server, a network, and storage in one building, operates 24 hours a day, 365 days a year, and manages it. The cloud data center server 400 may perform a function of storing and processing all information generated in the industry, such as cloud computing, big data analysis, and IoT implementation.

The cloud data center server 400 can receive data from a plurality of main servers (100, edge location servers) distributed over various regions, store it in its own database (not shown), and perform a function of managing it. have.

The server 100 may include an edge cloud 310. The server 100 may be referred to differently as an edge node by way of example. In the example shown in FIG. 2A, as an example, the server 100 is illustrated as having a separate configuration from the edge cloud 310, but is not limited thereto, and as another example, the server 100 itself is an edge cloud 310. Can be

The server 100 (or edge cloud) may include computing equipment, storage equipment, and network equipment. The server 100 may store data transmitted from the client terminal 200 in a storage device and manage the stored data in a file format. Here, the storage device included in the server 100 may mean the database unit 160.

The server 100 may extract metadata from files stored in the database unit 160 (storage equipment) as an example, and transmit the extracted metadata to the cloud data center server 400. At this time, the metadata includes, for example, file information, identification information of the present server 100 (or edge cloud) managing the corresponding file, identification information of the client terminal 200 transmitting the corresponding file to the server 100, and the like. It may include.

Here, the file information may include information regarding the size, type, and creation time of the file. For example, when the server 100 transmits only metadata to the cloud data center server 400, the cloud data center server 400 may include a plurality of edges including the server 100 or the server 100. It is possible to prevent excessive traffic from being generated to the location server.

When the recorded image stored in the database 160 satisfies a preset condition, the server 100 displays metadata regarding the recorded image (data) that satisfies the preset condition or the recorded image that satisfies the preset condition. It can be delivered (provided, transmitted) to the cloud data center server 400. Here, the description of the preset condition will be described later.

The server 100 may allocate computing resources, storage resources, network resources, etc. to client terminals existing in a preset area (or an area covered by an edge cloud) to which it belongs.

The present server 100 (edge location server) may be disposed between the plurality of cameras 10 and the cloud data center server 400.

The server 100 may include a reception unit 110, an image transmission unit 120, a verification packet transmission unit 130, a control unit 140, a selection menu providing unit 150, and a database unit 160.

The receiving unit 110 may receive an image request packet for receiving the first image of the first camera 1 among the plurality of cameras 10 from the client terminal 200 as an example.

The control unit 140 responds to an image request packet for receiving the first image of the first camera 1 received from the client terminal 200, and the first image obtained through the first camera 1 is cloud data. It is possible to control (ie, control the operation of the first camera) to be provided to the real-time client terminal 200 by streaming as a live image without storing the center server 400.

The controller 140 may simultaneously provide a live image for the client terminal 200 and store the live image for the first image provided to the client terminal 200 as a recorded image in the database 160.

When the control unit 140 receives the first image from the first camera 1 directly to the client terminal 200 when received, the corresponding first image provided to the client terminal 200 is a live image of the first image. It can be referred to as Meanwhile, when the live image of the first image provided to the user terminal 200 is stored in the database unit 160, the first image stored in the database unit 160 (especially, the live image of the first image provided to the client terminal) Image) may be referred to as a recorded image of the first image.

The controller 140 of the server 100 provides the first image obtained from the first camera 1 to the client terminal 200 based on the edge cloud 310 and/or the database unit 160. Can be saved. In addition, the control unit 140 may transmit the recorded image of the first image stored in the database unit 160 to the cloud data center server 400 based on the edge cloud 310.

At this time, as described above, the server 100 may be a separate configuration from the edge cloud 310 as an example, but is not limited thereto, and the server 100 itself may be an edge cloud.

The control unit 140 may transmit the recorded image to the cloud data center server 400 only for the recorded image that satisfies a preset condition among the recorded images previously stored in the database 160.

Here, the recorded image that satisfies the preset condition may mean a recorded image determined to be a storage time of the recorded image stored in the database 160 exceeds a preset time. The preset time may be, for example, 1 day (24 hours). However, this is only an example to help understanding of the present application, and is not limited thereto, and the preset time may be variously set in units of minutes, seconds, hours, and days based on user input. have.

For example, when the recorded image of the first image among the recorded images previously stored in the database 160 meets a preset condition, the control unit 140 receives the recorded image of the corresponding first image that satisfies the preset condition. It can be delivered to the cloud data center server 400. In particular, when the storage time for the recorded image of the first image stored in the database 160 is greater than or equal to 1 day (24 hours), the control unit 140 satisfies the preset condition of the recorded image of the first image. It is determined that it is a recorded image, and the recorded image of the first image that satisfies a preset condition may be delivered (provided) to the cloud data center server 400.

The cloud data center server 400 may receive and store a recorded image that satisfies a preset condition from among the recorded images previously stored in the database unit 160 from the edge location server (this server 100).

That is, when the recorded image of the first image stored in the database unit 160 of the server 100 exceeds a preset time (for example, 24 hours), the cloud data center server 400 is sent from the server 100. The recorded image of the first image exceeding the preset time to be transmitted may be received and stored in a database (not shown) provided in the cloud data center server 400.

The server 100 performs deletion processing on the recorded image (for example, the recorded image of the first image) delivered to the database unit 160 as the storage time stored in the database unit 160 exceeds a preset time. can do.

That is, the controller 140 delivers the recorded images exceeding a preset time among the recorded images stored in the database 160 to the cloud data center server 400 by the controller 140, and at the same time, the cloud data center server. The recorded image transmitted to the 400 may be deleted from the database unit 160 so that it does not remain in the database unit 160.

At this time, the control unit 140 of the server (100, edge location server) receives a request for providing a recorded image requesting to obtain a recorded image corresponding to the first image of the first camera 1 from the client terminal 200. If it is, it may be determined whether the recorded image of the corresponding first image exists in the database 160.

As a result of the determination, if a recorded image of the first image exists in the database 160, the controller 140 may provide the recorded image of the first image stored in the database 160 to the client terminal 200.

On the other hand, if there is no recorded image of the first image in the database 160 as a result of the determination, the controller 140 exceeds the preset time for the recorded image of the first image stored in the database 160. As it is delivered to the cloud data center server 400, it recognizes that it exists in the cloud data center server 400, and then records the recorded image of the first image stored in the cloud data center server 400 in the cloud data center server 400 ) Can be provided to the client terminal 200.

At this time, in the example of the present application, the server 100 receives the recorded image of the first image stored in the cloud data center server 400 from the cloud data center server 400 and provides it to the client terminal 200 However, the present invention is not limited thereto, and in another example, the server 100 includes a cloud data center server 400 such that the recorded image of the first image stored in the cloud data center server 400 is directly provided to the client terminal 200. ) To send a request message requesting the provision of the recorded video to the client terminal 200. Accordingly, the cloud data center server 400 may directly provide the recorded image of the first image to the client terminal 200 through the network 300 in response to the request message received from the server 100. have. At this time, the description of the network 300 will be described later.

In the system 1000, two types of IP bands may be set as an example for a plurality of cameras 10. Here, the two types of IP may include an IP for authentication (public IP for authentication) as the first type of IP, and a multicast IP for video streaming as the second type of IP.

Here, the IP for authentication, which is the first type of IP, may mean an initial setting for the camera and an IP for registering the camera to the server 100. The multicast IP, which is a second type of IP, may mean an IP used for video transmission only. The server 100 may receive an image from a camera and store it in the database unit 160 using, for example, a multicast protocol corresponding to a multicast IP.

When the client terminal 200 corresponding to the user wants to receive an image (first image) of the first camera 1 as an example, the image from the cloud data center server 400 as in the cloud computing illustrated in FIG. 1. Rather than being delivered, the first image may be provided as a live image from the first camera 1 by control by the server 100 without going through the cloud data center server 400. Through this, the client terminal 200 may receive and view the first image of the first camera 1 as a live image in real-time streaming from the first camera 1.

The user can register the camera owned by the user through the client terminal 200 to the server 100. By such registration, the server 100 links the identification information of the client terminal 200 with the identification information of the camera registered by the client terminal 200 (for example, IP information corresponding to the camera). It can be stored in the database 160 as identification matching information.

In this case, it is assumed that the first camera 1 is registered by the client terminal 200 as an example in the server 100. After registration, it is assumed that the server 100 has received a request (that is, a video request packet) for receiving the image of the first camera 1 from the client terminal 200.

In this case, the verification packet transmission unit 130 to be described later of the server 100, for example, the identification matching information (that is, identification matching information stored in association with a plurality of cameras) stored in the database unit 160 is a client terminal ( 200). The multicasting IP of the corresponding camera may be transmitted to the client terminal 200 through the transmission of the identification matching information.

Thereafter, the server 100 responds to the video request packet received from the client terminal 200, and the primary authentication information (login authentication information) by the client terminal 200 itself and the secondary by the server 100 Based on the authentication information, it is determined whether both the first authentication information and the second authentication information are normally authenticated, and when both of the authentication information are successfully authenticated as a result of determination, the first video of the first camera 1 is a live video client. The operation of the first camera 1 can be controlled to be provided to the terminal 200. Through this, the client terminal 200 may receive and view the first image as a live image.

According to the present server 100, when normal authentication is performed, the image of the first camera 1 is stored in the cloud data center without going through the cloud data center server 400 (that is, after the client is stored in the cloud data center) Without being provided to the terminal), it is stored in the server 100 through the edge cloud 310 and can be provided as a live image directly to the client terminal 200 and displayed.

According to the present server 100, the packet received by the cloud data center server 400 from the client terminal 200 is a recorded image that satisfies a preset condition, in particular, of a request for the client terminal 200 to provide a recorded image (ie, Since the storage time of the recorded video stored in the database unit occurs only when a request is made to receive a preset time), it is possible to prevent excessive traffic to the cloud data center server 400. have.

In other words, since the first image of the first camera 1 is stored in the server 100 and is provided as a live image through real-time streaming to the client terminal 200, the client in the cloud data center server 400 Since the packet (that is, the packet transmitted from the client terminal to the cloud data center) occurs only when the IP-related packet for authentication and the recorded video stored in the cloud data center server 400 are played, the cloud data center server ( 400) can be reduced.

The server 100 of the recorded images stored in the database unit 160, the time stored in the database unit 160 exceeds the preset time (for example, 24 hours) (elapsed) recorded image cloud data center server (400).

In addition, in the system 1000, images provided from a plurality of cameras 10 may be compressed and/or encrypted and transmitted (ie, compressed images and/or encrypted images may be transmitted). That is, a video (live video) provided from the server 100 to the client terminal 200 from a plurality of cameras 10, a video provided from the server 100 to the cloud data center server 400 (recorded video) Alternatively, an image (recorded image) provided from the cloud data center server 400 to the client terminal 200 may be compressed and/or encrypted and transmitted.

The present system 1000 may provide enhanced security in video transmission (transmission and reception). In addition, even in the case of illegally obtaining an image in the middle of an image transmitted/received between each component in the system 1000, it is possible to prevent the viewing of the illegally acquired image by default (blocking).

The system 1000 can enhance (enhance) the security by preventing the provision of the encrypted image from verifying personal information or information of central data in edge computing. In addition, according to the system 1000, even if the cloud data center server 400 receives an external attack (eg, a DDoS attack), the service (eg, an image providing service) may be used by the edge cloud 310. You can do it.

In addition, as the system 1000 can be connected to the IOT device, it is possible to provide a user (customer) for the occurrence of a specific event so that the video transmission (transmission) confirmation can be made faster. In addition, since the system 1000 can reduce traffic transmitted to the cloud data center server 400, maintenance costs can be reduced.

Video transmission in edge computing, which performs computing on end devices, requires a lot of network performance. At this time, in the conventional cloud computing method as shown in FIG. 1, as data processing is concentrated in a data center (cloud data center), a delay occurs in use (that is, a delay occurs in an image provided to a client terminal). There is a problem that data loss occurs during synchronization.

In contrast, the system 1000 may transmit the distributed data using a distributed open architecture by performing image transmission based on the edge computing method. In the present system 1000, the transmission (provision) of an image to the client terminal 200 from the server 100 or the edge cloud 310 can be performed by multicast through direct streaming, and the server 100 ) Can be provided in real time without delay to the client terminal 200 in real time while saving the image. That is, the client terminal 200 may view an image of the camera without delay through image acquisition based on the edge cloud 310.

As mentioned above, in the conventional cloud computing type CCTV service, as the image acquired by the camera is directly provided to the cloud data center, the cloud data center (cloud data center server) stores the image received from the camera and uses it. The service is performed by sending it to the client terminal 200. Therefore, the provision of a CCTV service based on the conventional cloud computing method has a disadvantage in that a delay occurs severely and many cameras cannot be set for edge computing.

In order to solve this problem, the system 1000 is viewed as a server that can provide (intermediately) an image as stream information (streaming) between a plurality of cameras 10 and the cloud data center server 400. Server 100 (edge location server) can be arranged.

According to the present server 100, the live image of the first image of the first camera 1 is transmitted directly from the first camera 1 to the client terminal 200 or delivered through the server 100. The first image of the first camera 1 may be stored in the database unit 160 of the present server 100. In addition, the image (recorded image) stored in the server 100 can be transmitted (backed up) to the cloud data center server 400 when a preset time has been exceeded so that it can be stored (stored) in the cloud data center server 400. have.

In conventional cloud computing, Tx/Rx video packets are generated (existing) when transmitting and receiving recorded or live video in real time. On the other hand, in the system 1000, only packets for real-time video multicast to the user (to the client terminal) via the edge relocation server (this server, 100) are generated (existing), and the video storage server In the in-cloud data center server 400, only a packet receiving an image (ie, a packet receiving a recorded image from the server) may be generated (existing). Through this, the system 1000 in the cloud data center server 400, compared to the conventional cloud computing method, the network utilization can be reduced by about 50% or more, that is, the effect of reducing the load of data Can provide.

The system 1000 is an image delivered from a plurality of cameras 10 to the cloud data center server 400, which is a central data center, so that the corresponding image can be delivered in an encrypted state, so that secure image transmission is performed. can do.

In addition, in the system 1000, as an example, image transmission between the server 100 (or edge cloud) and the camera 10, which is an end device, consists of SSL encrypted transmission based on a Secure Socket Layer (SSL). Accordingly, it is possible to make it impossible to intercept the image transmitted between the server 100 and the camera 10 in the middle. That is, the system 1000 may improve security of video transmission based on encrypted transmission.

In addition, the system 1000 can robustly cope with a failure. That is, in a conventional cloud computing, when a failure occurs in a cloud data center (cloud data center server), a fatal blow may occur. On the other hand, in the system 1000, even if a failure occurs in the cloud data center server 400, the edge service of the edge service is provided through the present server 100 (or edge cloud) disposed (prepared) between the camera and the cloud data center server 400. Since the provision can be made, it is possible to make it possible to more simply handle the response of the generated failure.

Hereinafter, the edge location server 100 that is the edge cloud-based image transmission server 100 according to an embodiment of the present application will be described in more detail.

The receiving unit 110 may receive an image request packet for acquiring the first image of the first camera 1 among the plurality of cameras 10 (1, 2, 3, 4, …) from the client terminal 200. have.

That is, the client terminal 200 sees the video request packet for acquiring an image that one wants to see from among images captured through a plurality of cameras 10 (1, 2, 3, 4, ...) to the server 100. Can transmit. For example, when the image desired to be viewed by the client terminal 200 (or, the image to be acquired) is the first image captured and acquired through the first camera 1, the client terminal 200 may include the first camera 1 ), the video request packet for acquiring the first video may be transmitted to the server 100. Through this, the receiver 110 may receive a video request packet transmitted from the client terminal 200.

In an example of the present application, the video request packet received by the reception unit 110 is illustrated as a packet for acquiring the first image of the first camera 1, but is not limited thereto, and the reception unit 110 receives The video request packet is a packet for acquiring an image photographed through at least one camera among the plurality of cameras 10 (ie, a packet for acquiring at least a part of a plurality of images photographed through a plurality of cameras). May be

Hereinafter, it will be exemplified that the video request packet received by the receiving unit 110 is a video request packet for acquiring the first image of the first camera 1. According to this, the contents described with respect to the first camera 1 may be applied to the description of each of the plurality of cameras 10 (1, 2, 3, 4, ...) even though the contents are omitted below.

The image transmission unit 120 may encrypt the first image of the first camera 1 with respect to the client terminal 200 in response to the image request packet received from the reception unit 110 and transmit it by multicast. Here, the video request packet may include information about the video request for the client terminal 200 to acquire the first video of the first camera 1.

The image transmission unit 120 may acquire a first image photographed through the first camera 1 from the first camera 1 through the network 300 in response to the received image request packet. Thereafter, the image transmission unit 120 may encrypt the first image obtained from the first camera 1 and transmit it by multicast. Through this, the client terminal 200 may obtain the first image of the encrypted first camera 1 from the image transmission unit 120 of the server 100 through multicast.

At this time, in an example of the present application, the image transmission unit 120 only encrypts the first image obtained from the first camera 1 and then transmits it to the client terminal 200 through multicast, but is limited to this. It is not. As another example, the image transmission unit 120 may obtain an encrypted first image from the first camera 1 in response to the received image request packet, and obtain the encrypted first image from the client terminal through multicast. It can be transmitted to (200). The latter case may be preferred here by way of example.

The network 300 may include the edge cloud 310 described above as an example. In addition, the network 300 is, for example, 3GPP (3rd Generation Partnership Project) network, LTE (Long Term Evolution) network, World Interoperability for Microwave Access (WIMAX) network, Internet (Internet), Local Area Network (LAN), Wireless LAN (Wireless Local Area Network), WAN (Wide Area Network), PAN (Personal Area Network), mobile network, Bluetooth network, NFC (Near Field Communication) network, satellite broadcasting network, analog broadcasting network, DMB (Digital Multimedia) Broadcasting) network, and the like, but are not limited thereto.

In the system 1000, the server 100, the client terminal 200, and the plurality of cameras 10 may be connected to each other through the network 300, and data (eg, video, through the network 300). Data transmission and reception of a video request packet, verification packet, selection menu, and the like) may be performed.

In the database unit 160, images captured through the plurality of cameras 10 may be encrypted and stored. That is, the receiving unit 110 not only receives the video request packet, but also can receive an image captured by the camera corresponding to the video request packet through the network 300 in response to the received video request packet.

At this time, the receiving unit 110 may receive the image captured by the camera corresponding to the video request packet, and store the encrypted image in the database unit 160. That is, when the image receiving packet for acquiring the first image of the first camera 1 is received, the receiving unit 110 receives the first image photographed through the first camera 1 through the network 300. It can be encrypted and stored in the database unit 160.

In other words, the receiving unit 110 receives the encrypted first image from the first camera 1 through the network 300 in response to the received image request packet, and receives the encrypted first image from the database unit ( 160). Thereafter, the image transmission unit 120 may transmit the encrypted first image stored in the database unit 160 to the client terminal 200 in multicast in response to the received image request packet.

The database unit 160 that encrypts and stores the image captured by the plurality of cameras 10 may be provided in the server 100 as an example, but is not limited thereto. As another example, the database unit 160 may be provided separately from the server 100, and in this case, the database unit 160 may be provided in the form of an image server as illustrated in FIG. 2C. .

The client terminal 200 may obtain the encrypted first image of the first camera 1 from the server 100 by multicast transmission by the image transmission unit 120.

After the multicast transmission in the image transmission unit 120, the verification packet transmission unit 130 is used for authentication and decryption of image transmission for the encrypted first image of the first camera 1 transmitted to the client terminal 200. The verification packet including the decryption key may be transmitted to a part of the cameras and the client terminal 200 of the plurality of cameras 10 (1, 2, 3, 4, ...).

As an example, the verification packet transmission unit 130 may include some of the remaining cameras 2, 3, 4, ..., except for a camera (eg, a first camera) corresponding to a video request packet among a plurality of cameras 10. And the client terminal 200 may transmit a verification packet.

The control unit 140 encrypts the encrypted first image received by the client terminal 200 when it is verified that there is no abnormality as a result of verifying whether the decryption key included in the verification packet received by the client terminal 200 is abnormal. It can be controlled to be released.

Through this, the client terminal 200 through the decryption control by the control unit 140, the password for the encrypted first image received by the client terminal 200 is released, so that the encrypted first image is live. It can be provided as a video.

In this case, verification of the presence or absence of an abnormality of the decryption key included in the verification packet received by the client terminal 200 is performed when a plurality of abnormality confirmation requests corresponding to a preset number are transmitted from the client terminal 200, in a plurality It may be made by checking whether there is an abnormality by a plurality of random cameras randomly selected from among some of the cameras 2, 3, 4, ... which have received the verification packet in response to the request for verifying the abnormality.

At this time, the number of the random cameras (used) involved in the verification of whether or not the decryption key included in the verification packet received by the client terminal 200 is used is a request for confirming a plurality of abnormalities transmitted from the client terminal 200 It can be n equal to the number of.

In addition, a plurality of random cameras (used) involved in verifying whether or not the decryption key included in the verification packet received by the client terminal 200 is used is the first of some cameras 2, 3, 4, ... It may include one camera selected from the same network group belonging to the same network as the camera 1 and (n-1) cameras selected from a heterogeneous network group belonging to a different network from the first camera 1. At this time, the plurality of random cameras may include n cameras selected from heterogeneous network groups when it is detected that a communication error occurs in the same network group belonging to the same network as the first camera 1.

Specifically, it is assumed that there are ten cameras 10. For example, the first cameras 1 to 3 are connected to the first network, the fourth cameras 4 to 7 are connected to the second network, and the eighth to tenth cameras are connected to the first network. 3 Can be connected by network. For example, the first network may be an Internet network, the second network may be a Bluetooth network, and the third network may be a mobile network, but is not limited thereto. According to this, the network 300 may include a plurality of types of networks including a first network, a second network, and a third network.

The plurality of cameras 10 may be grouped into a plurality of groups according to the type (or type) of the network. For example, the first cameras 1 to 3 connected to the first network 3 are the first group, the fourth cameras 4 to 7 connected to the second network are the second group, and the third group The eighth to tenth cameras connected through the network may be represented as a third group.

According to this, the same network group belonging to the same network as the first camera 1 means that as the first camera 1 belongs to the first network, the first camera 1 to the third camera 3 are It may mean the included first group. Meanwhile, a heterogeneous network group belonging to a network different from the first camera may mean a second group and a third group including the fourth cameras 4 to 10 cameras.

At this time, after the client terminal 200 receives the verification packet including the decryption key for video transmission authentication and decryption for the encrypted first image from the verification packet transmission unit 130, the client terminal 200 receives In order to check whether there is an abnormality in the decryption key included in the verification packet (that is, in order to confirm whether the decryption key is abnormal), a plurality of anomaly verification requests corresponding to a preset number may be transmitted to the server 100. have.

Here, it is assumed that the preset number is three. In this case, the client terminal 200 may transmit three abnormality check requests (abnormality check request packets) to the server 100.

At this time, the control unit 140 responds to the three abnormality check requests transmitted from the client terminal 200, and some cameras (ie, the first of the plurality of cameras) that have received the verification packet to confirm the abnormality of the decryption key Of the remaining cameras (2, 3, 4, ...) except the camera, three cameras corresponding to the number of requests for checking whether there is an abnormality may be selected as a random camera. According to this, it may mean a case in which n of the plurality of random cameras described above is three.

At this time, when selecting three random cameras, the control unit 140 is selected from the same network group (ie, the first group) belonging to the same network as the first camera 1 among some of the cameras 2, 3, 4, …. One camera can be selected at random. For example, one camera (random camera) randomly selected from the same network group may be the second camera 2. In addition, when selecting three random cameras, the control unit 140 is a heterogeneous network group (that is, a second group) belonging to a network group different from the first camera 1 among some of the cameras 2, 3, 4, ... In the third group), two cameras can be selected at random. For example, two cameras (random cameras) randomly selected from heterogeneous network groups may be a fifth camera and a tenth camera.

That is, the control unit 140 selects a plurality of (3) random cameras among some of the cameras (2, 3, 4, ...), and some of the plurality of random cameras have a video request packet received from the receiving unit 110 Camera (ie, the first camera) and the group belonging to the same network (the same network group) are selected, while the rest of the plurality of random cameras other than the above part is connected to a network different from the camera corresponding to the video request packet. It can be selected from the group to which it belongs (heterogeneous network group).

Thereafter, n (three) random cameras (eg, the second camera, the fifth camera, and the tenth camera) selected by the control unit 140 request each of three or more abnormalities transmitted from the client terminal 200 In response, it is possible to perform an abnormality check. That is, each of the random cameras (for example, the second camera, the fifth camera, and the tenth camera) selected by the control unit 140 in response to the three abnormality confirmation requests transmitted from the client terminal 200 is a client terminal. It can be confirmed whether the decryption key included in the verification packet received by the 200 is abnormal.

At this time, in selecting a plurality of (3) random cameras among some of the cameras (2, 3, 4, ...), for example, when it is detected that a communication error has occurred in the same network group, the controller 140 is heterogeneous Three random cameras can be selected within the network group.

Here, the communication error occurs in the same network group means that an abnormality occurs in the same network (for example, the first network) to which the cameras (first camera to third camera) included in the same network group belong (eg, In general, the reception sensitivity of the first network is equal to or lower than the preset reception sensitivity, or the first network communication is disconnected). The cameras 100 belong to the server 100 (ie, the first network) through the same network (eg, the first network). It may mean a state in which data transmission/reception with 1 camera to a third camera) is impossible. That is, the communication error occurs in the same network group is due to an abnormality in the network (first network) corresponding to the same network group, due to cameras (first camera to third camera) connected to the network. It may mean a case in which it is impossible to confirm the presence or absence of an abnormality in the request for presence or absence.

For example, when it is detected that a communication error occurs in the same network group, the controller 140 may select a fifth camera, a sixth camera, and an eighth camera as three random cameras in a heterogeneous network group.

In this case, n (three) random cameras selected by the control unit 140 (for example, the fifth camera, the sixth camera, and the eighth camera) request the presence or absence of three or more transmitted from the client terminal 200 In response to each, it is possible to perform an abnormality check. That is, each of the random cameras (for example, the fifth camera, the sixth camera, and the eighth camera) selected by the control unit 140 in response to the three abnormality confirmation requests transmitted from the client terminal 200 is a client terminal. It can be confirmed whether the decryption key included in the verification packet received by the 200 is abnormal.

According to this, the server 100 in verifying the presence or absence of an abnormality of the decryption key included in the verification packet received by the client terminal 200, a plurality of randomly performing verification of an abnormality for a plurality of anomaly confirmation requests Cameras are not considered only as cameras belonging to the same network group, some are considered as cameras belonging to the same network group, while others are considered as cameras belonging to heterogeneous network groups. When it occurs, it can only be considered as cameras belonging to a heterogeneous network group.

In the present server 100, at least a part of some of the cameras 2, 3, 4,… that have received the verification packet transmitted from the verification packet transmission unit 130 is due to a network communication error (for example, the first When the second camera and the third camera belonging to the same first network as the camera are unable to confirm the abnormality of the request to check for abnormality (due to the communication disconnection of the first network). ), among cameras 2, 3, 4, ..., which have received the verification packet, cameras belonging to a heterogeneous network group can be stably and easily checked for anomalies.

At this time, the verification of whether or not the decryption key included in the verification packet received by the client terminal 200 from the control unit 140 is verified is a plurality of random cameras randomly selected from some of the cameras 2, 3, 4, ... If it is determined that there is no abnormality as a result of checking whether there is an abnormality, the decryption key received by the client terminal 200 may be temporarily verified (temporary determination) as having no abnormality. Thereafter, if it is determined that there is no abnormality in the decryption key received by the client terminal 200 as a result of self-determination in the client terminal 200, the controller 140 determines that the decryption key received by the client terminal 200 is not abnormal. Final verification (final judgment) is possible.

In connection with the self-determination of the client terminal 200, the client terminal 200 may receive a verification packet including identification information of the first camera 1 as a verification packet from the verification packet transmitter 130. Thereafter, the client terminal 200 includes identification information of the first camera 1 included in the verification packet received from the verification packet transmission unit 130 and the encrypted first video received from the video transmission unit 120. It is possible to perform self-determination comparing whether the identification information of the camera (ie, the camera corresponding to the encrypted first image) matches, and if the results of the self-determination match with each other, the decryption key received by the client terminal 200 is abnormal. It can be judged that there is no.

According to this, in the system 1000, when the client terminal 200 performs verification of the presence or absence (abnormality) of the decryption key received from the server 100, the primary verification by a plurality of random cameras ( After performing the temporary verification, temporary determination), by applying the double verification, such as performing the second verification (final verification, final determination) by the self-determination to the client terminal 200, is provided to the client terminal 200 The authentication for the image (ie, the image transmission authentication for the first image of the first camera transmitted to the client terminal) may be provided to be made with higher reliability.

When the control unit 140 is verified as having no abnormality as a result of verification of whether or not the decryption key included in the verification packet received by the client terminal 200 is verified, 1 for the encrypted first image received by the client terminal 200 It is possible to control the decryption of the encrypted first video so that only conference playback is allowed.

That is, the controller 140 finally receives the client terminal 200 based on the first verification (temporary verification) by a plurality of random cameras and the second verification (final verification) by the client terminal 200's own judgment. When it is determined that there is no abnormality in one decryption key (verification), the client terminal 200 may allow the client terminal 200 to play back the image (ie, the encrypted first image) provided from the server 100 only once. ) Can perform the control of decryption (decryption of the encrypted first image) such that only one play is allowed for the encrypted first image received.

In this case, suppose that a re-request for replaying the first video having been played once is transmitted from the client terminal 200 after the playback of the encrypted first video has been performed once. In this case, the control unit 140 may include a plurality of random cameras considered when one of the cameras 2, 3, 4,… is allowed to play in response to the re-request of a plurality of abnormalities generated to respond to the re-request. Whether there is an abnormality caused by a plurality of random cameras that are randomly selected again from the rest of the cameras except the second camera, the fifth camera, the tenth camera, or the fifth camera, the sixth camera, and the eighth camera in another example. Through verification, it is possible to re-verify whether the decryption key received by the client terminal 200 is abnormal. At this time, if it is verified that there is no abnormality as a result of the re-verification, the control unit 140 may control the first image to be reproduced again.

Meanwhile, the decryption key (for example, a video transmission authentication and decryption key for decryption of the first camera encrypted image) considered in the system 1000 to the server 100 is the client terminal 200. It is a value generated by using a hashgraph every time the image is encrypted, and may be a value that is generated to change over time. Here, the hashgraph may mean a Hedera Hashgraph. The detailed description of the hash graph is as follows.

3 is a diagram schematically showing a structure of a hedera hash graph considered in the edge cloud-based image transmission server 100 according to an embodiment of the present application.

Referring to FIG. 3, the data structure of the hash graph and the consensus algorithm provide a new platform for distributed consensus. That is, the algorithm using the data structure of the hash graph uses distributed consensus and provides a new authentication method. The goal of the distributed consensus (consensus) algorithm is to provide a way to allow some devices to agree on the order in which they generated transactions when a single device does not trust all devices. This hashgraph algorithm can be said to be a system that creates trust when the devices do not already trust each other. Here, the equipment is a device capable of receiving a verification packet in the system 1000, and may exemplarily mean a plurality of cameras 10 and a client terminal 200, but is not limited thereto.

Hash graphs are approached in a fundamentally new way, and by using the authentication method according to the change of time, the authentication method can be implemented from the current point of view. According to the application of such a hashgraph, the server 100 may generate a decryption key that changes over time every time an encrypted image is transmitted using the hashgraph and include it in a verification packet to transmit it.

The server 100 is capable of generating a transaction on all devices through encryption of image transmission using a hash graph (that is, through transmission of an encrypted image using a hash graph), from which a container (block) is generated. It can be stored and shared across distributed networks. The encryption video transmission technology using the hash graph considered in this server 100 can be said to be an efficient method capable of mutual authentication as encryption transaction data is included in all containers during video transmission. In the system 1000, all data transactions are left as records, which can be changed from one to the whole function.

In other words, while a blockchain has a tree-like structure that constantly branches as it grows, the hashgraph can have a structure that merges back into the body and intertwines rather than pruning for new growth. The hashgraph allows any device to transact, which can be reflected in blocks, and finally spread (shared) across the distributed network. In the hashgraph, all blocks are used, and none of the blocks may be discarded. In a hashgraph, all branches continue to exist forever, and they can be efficient by eventually merging together.

In the general blockchain network, when a specific transaction occurs, the entire network participates in consensus and verification, whereas in the hashgraph, the node not only generates the transaction, but also creates pieces of information about the current state or past history of the network in the form of a report. You can propagate by selecting neighbor nodes at random. Here, the node may mean, for example, a plurality of cameras 10 considered in the system 1000. In addition, in the structure of the hash graph, when new information occurs, content can be added to the previously propagated report, and nodes can be randomly selected again to continue propagating. In a hashgraph, this process can be repeated over and over, which can be called gossiping.

The hashgraph is a way to achieve consensus through a new algorithm method, and the exact name of the algorithm can be called the Swirlds hashgraph consensus algorithm. As described above, the nodes of the hash graph generate and propagate the information in the form of a report, and this report may include a hash value indicating the time when the information was acquired. The concept of including this hash value in a report can be called gossip about gossip. This hashgraph's network gossiping and gossip about gossip can consequently allow the network to check the order of information generation. The implication of this method is that nodes with relatively high consensus authority in a typical blockchain network can prevent the possibility of malicious data delay and tampering.

In addition, the hashgraph network can know who generated what information and when by simply checking the hash value. A consensus is naturally drawn when it is assumed that a specific node performs a virtual vote based on the belief that it will not vote against useful information on the network. According to this hash graph, it is possible to realize high performance, security, fairness and reliability compared to a blockchain network.

The system 1000 to the server 100 encrypt and transmit/receive images captured through a plurality of cameras 10 (that is, when transmitting/receiving encrypted images), for example, hashgraph distribution agreement (Consensus) Can operate based on the algorithm.

Since the hashgraph consensus algorithm provides almost perfect efficiency for bandwidth use, the system 1000 or the server 100 performs hundreds of thousands of transactions per second in a single shard (a fully connected peer-to-peer mesh of the network) by the hashgraph. Can handle it. The consensus time can be measured in seconds, not minutes, hours or days.

Accordingly, the present system 1000 to the server 100 may process (process) the encryption of an image captured and acquired through a plurality of cameras 10 using a hashgraph, through which a frame (image of every moment) Frame) It is possible to check up to the time request unit, and it can be used and expressed through the steps of vector value, meta value, time data and image display.

Through this, the present system 1000 to the server 100 allow all of the above-described steps to be distributed and processed by using only one computer, and all tasks are performed separately between different nodes, so that no one (any node) You can avoid having a complete original image. According to this method, the present system 1000 to the server 100 may be used as a security advantage for data leakage and use. That is, the present system 1000 to the server 100 may have strong characteristics for data leakage and use.

According to the present system 1000 to the server 100 that encrypts and transmits (transmits) an image by using such a hash graph, the system 1000 to the server 100 confirm the unique authentication method linked to each other. Through this, it is possible to determine the authenticity of mutual data. In addition, the present system 1000 to the server 100 is stable against security and hacking, and even if it is leaked to the outside, the corresponding image may be viewed or deodorized so that it cannot be viewed. In addition, the present system 1000 to the server 100 may allow a minimum delay time to decrypt the encrypted image (ie, a minimum delay time can be guaranteed).

The present system 1000 to the server 100 provide a video encryption technology using a hashgraph, while applying video encryption at a low cost (while applying video encryption at a small cost) and further transmitting large-scale using multicast In the above, it is possible to stably transmit (transmit) an image without abnormal performance of the network.

The system 1000 to the server 100 that transmits the encrypted video in a multicast using the hashgraph, the video without using other encryption functions such as VPN and SSL (Secure Sockets Layer), AES-265, etc. It can be quickly encrypted and processed.

The system 1000 to the server 100 are related to video transmission (transmission) encryption technology using multicast, and the cost of video transmission used for video surveillance, for example, is encrypted by encrypting the video in real time using a hashgraph. Reduce and increase efficiency. In addition, the system 1000 to the server 100 may transmit the encrypted video in multicast, thereby reducing the load on the server and the client terminal 200, and the plurality of cameras 10 and the client terminal ( 200). Here, the server may mean the server 100. That is, the server 100 may be a server that provides an image obtained from a plurality of cameras 10 to the client terminal 200.

The system 1000 to the server 100 propose a multicast video transmission (transmission) technology using a Hedera hashgraph. The technology proposed in the present application can be effectively applied to a distributed infrastructure, and from this, the present application can provide a stable encryption video transmission service at a lower cost to customers and small and medium-sized enterprises worldwide.

In other words, according to the present system 1000 to the present server 100 that provides a video transmission technology using a hash graph, the present application is in order to enable all customers around the world to use and operate the encrypted system at a lower cost in terms of price and efficiency. can do.

In general, from the point of view of the installer installing the encrypted system, the installers will find an encryption technology that is inexpensive, easy to use, and has no inconvenience in use.

Accordingly, according to the present system 1000 to the server 100, the present application uses a hash graph to significantly reduce costs in a system requiring other encryption as well as a video transmission system, and improves the speed and quality of video stream processing. Can be improved. In addition, the present system 1000 to the server 100 can be easily used (applied) to hardware manufacturers, installers, etc., as well as individuals and companies in the video technology market. In addition, the present system 1000 to the server 100 may provide a personal life to be safe and comfortable.

In addition, according to the present system 1000 to the server 100, the present application can provide convenience in data exchange and maintenance of a shared database. For example, in the case where an operator encrypts and transmits an image using a technology suggested by the present application, for example, the present application can be linked with a company capable of marketing analysis in real time to collect and share data. You can have a complete database of your favorite items, and provide them to help your business effectively.

Furthermore, when the technology proposed in the present application (that is, a multicast encrypted video transmission technology using a hash graph) is applied not only to a closed-network video solution but also to an Internet open platform (that is, encryption of video is applied to the Internet open platform, so that multi When a cast transmission is made), the present application can make the database of an external agency (eg, police, prosecution, etc.) more easily form (configure) an integrated security network while security is enhanced.

According to the present system 1000 or the server 100, the present application can search for a criminal's picture or a real picture as an image by a police or prosecutor, for example, so that a criminal can be caught and processed in real time. In addition, as an example, when the client terminal 200 is a mobile/portable terminal such as a mobile phone, the server 100 is capable of interworking with a mobile terminal such as a mobile phone (that is, as the video can be provided to the mobile terminal) ) Through this, images about kidnapping, stolen vehicles, etc. can be distributed in real time, so that investigation of kidnapping or stolen vehicles can be made easier.

In other words, referring to FIGS. 2B and 2C, in the system 1000 and the server 100, transmission (transmission) of images captured by a plurality of cameras 10 may be performed by an encryption method. In addition, the server 100 may provide a function for verifying authentication transaction data based on efficient rules (that is, a verification function for a decryption key included in a verification packet).

For example, when the unique key value associated with the client terminal 200 is input, the server 100 receives the image (image data) captured by the cameras associated with the unique key value using the input unique key value, thereby receiving the encrypted image. It can be stored in the database unit 160. Here, the unique key value may mean identification information (unique identification ID information) of the client terminal 200.

For example, when the terminal of the first user is the client terminal 200 and the cameras owned by the first user are the first cameras 1 to 4, the client terminals 200 of the first user The related cameras may mean the first camera 1 to the fourth camera 4. As another example, the fifth to seventh cameras may be cameras owned by a second user different from the first user. In this case, cameras associated with the client terminal of the second user may refer to the fifth to seventh cameras.

According to this, the receiving unit 110 of the server 100 may receive a video request packet from the client terminal 200, wherein the video request packet includes identification information of the client terminal 200 and the corresponding client terminal 200. Camera-related information on which camera image is to be acquired among related cameras may be included. Through this, a unique key value (that is, identification information of the client terminal) associated with the client terminal 200 may be input to the server 100 by the video request packet.

Subsequently, the reception unit 110 responds to the received video request packet, based on the inputted unique key value, an image captured by the cameras associated therewith (for example, the first cameras that are cameras associated with the first client terminal) The image captured through the fourth camera) may be received as an encrypted image and stored in the database 160.

The video transmission unit 120 may transmit a video of a camera corresponding to the video request packet (in particular, a camera corresponding to camera-related information included in the video request packet) in multicast in response to the received video request packet.

The image transmission unit 120 may transmit a video (first image) of a camera (for example, the first camera) corresponding to the video request packet in multicast in real time. At this time, the first image of the first camera transmitted in real time may be, for example, an image captured from the first camera 1 without being stored in the database unit 160, and may be an image that is multicast or encrypted. It may be an image that is multicast by extracting the encrypted first image previously stored in the database 160 from the database unit 160.

In other words, the video (for example, the first video of the first camera) for a specific camera requested by the client terminal 200 is multicast by the server 100 as an example using a unique key value of the client terminal 200 In real time, it may be encrypted and transmitted. Through this, the client terminal 200 may acquire (receive) the encrypted image transmitted from the server 100.

At this time, the video transmission information by the server 100, that is, the video transmission information indicating that the server 100 provided the encrypted first video of the first camera 1 to the client terminal 200 is a network. The client terminal 200, the server 100, and the plurality of cameras 10 connected to each other via the 300 are shared with each other, so that the client terminal 200, the server 100, and the plurality of cameras 10 are known. Can.

Thereafter, the verification packet transmission unit 130 of the server 100 transmits a verification packet including a decryption key to some of the cameras 2, 3, 4, ... of the client terminal 200 and the plurality of cameras 10. Can transmit.

Thereafter, in the server 100, verification of the presence or absence (abnormality) of the decryption key included in the verification packet received by the client terminal 200 may be performed by an unspecified number of linked cameras among the plurality of cameras 10. have. Here, the unspecified multiple linked cameras that perform verification of the presence or absence of an abnormality with respect to the decryption key are particularly among some of the cameras 2, 3, 4,… which have received the verification packet transmitted from the verification packet transmitter 130. It may mean a plurality of random cameras that are randomly selected.

If the control unit 140 of the server 100 is verified through the verification based on whether the decryption key is abnormal by the unspecified multiple linked cameras (ie, a plurality of random cameras), if the decryption key is verified as having no abnormality, , It can be controlled so that the user corresponding to the client terminal 200 can view the video requested by the user. In the present application, verification refers to a function of authenticating and decrypting video transmissions.

According to this server 100, the server 100 can be verified even if there are different equipment for video transmission, and effective verification (restore) by reconfiguring the verification with the authentication key value even in a situation where communication disconnection or other problems occur. ).

Referring back to Figure 2c, for example briefly as follows. As an example, the client terminal 200 may perform an authentication request through an image server in order to receive the images of the first cameras 1 and 1. At this time, the authentication request may mean transmission of a video request packet. The video server can be interlocked with the server 100, and through this, the video server receives the authentication request status received from the client terminal 200 (that is, the video server receives the video request packet). Can tell. Through this, when the authentication request is made from the client terminal 200, the server 100 may receive a video request packet corresponding to the authentication request.

After the reception unit 110 of the server 100 receives the video request packet, the verification packet transmission unit 130 may transmit the verification packet. In addition, the video transmission unit 120 of the server 100 in response to receiving the video request packet, the first video image of the first camera (1) toward the client terminal 200 encrypted multicast form Can be transferred to. That is, the image transmission unit 120 may transmit the encrypted first image of the first camera 1 to the client terminal 200 in multicast.

Thereafter, the client terminal 200 selects randomly (randomly) selected cameras (ie, randomly selected cameras) among the cameras receiving the verification packet transmitted by the verification packet transmitter 130 to view the received encrypted first image. Random cameras) to verify whether there is an abnormality in the decryption key included in the verification packet received by the user. In addition, the client terminal 200 itself can perform verification of the abnormality of the decryption key at its own discretion. Based on this result, if there is no abnormality in the verification result by the random cameras, and if there is no abnormality in the result of the self-determination result by the client terminal 200, as the encryption of the encrypted first image is released, the client terminal 200 The user of) can view the corresponding first image (the first image that has been decrypted) through the client terminal 200.

In this case, the first image in which the encryption is released may be viewed through the client terminal 200 and may be stored in a storage unit (not shown) in the client terminal 200 as an example.

In addition, after the first image, which has been decrypted, is provided once through the client terminal 200 (that is, after it has been played and viewed once), the client terminal 200 wants to view the first image again. (That is, when a re-request for replaying the first image is made again), the client terminal 200 again performs the above-described verification process (ie, verification by random cameras and verification by the client terminal itself) (ie , Perform re-verification), and view the first image again based on the re-verification results.

At this time, information (recording information) regarding various data transmitted and received in the system 1000 may be shared with various devices (for example, a plurality of cameras or client terminals, the device) connected through the network 300, In this system 1000, a value that is changed in units of time (decryption key-related value that is changed in real time over time) is authenticated, and an image providing service can be made based on the value.

Here, the various data transmitted and received in the system 1000 includes a request by the client terminal 200, a re-request, a video request packet, or a verification packet by the server 100, a client terminal 200 or the server 100 ) May include data related to video transmission/reception time, encryption decryption time, and the like.

Meanwhile, the server 100 may include a selection menu providing unit 150.

The selection menu providing unit 150 responds to the image request packet (image request packet for acquiring the first image of the first camera) received from the reception unit 110, and the plurality of cameras 10 (1, 2, 3) , 4, ...), when there is a second camera that acquires a second image including at least a partial region of the first image acquired through the first camera 1 as an overlapping region, the expansion including the first image A first selection menu for selecting whether or not to receive an image may be provided to the client terminal 200. That is, the selection menu providing unit 150 may provide the first selection menu to be displayed on the screen of the client terminal 200. The description of this may be more easily understood with reference to FIG. 4.

4 is a view for explaining an example of providing an extended image of a first image in the edge cloud-based image transmission server 100 according to an embodiment of the present application.

Referring to FIG. 4, as an example, among the plurality of cameras 10 (1, 2, 3, 4, …), the first image I1 and the second camera (obtained and captured by the first camera 1) Suppose that there exists an area r overlapping each other between the second images I2 captured and acquired by 2). That is, for example, suppose that the camera that acquires the image I2 including at least a partial region of the first image I1 as the overlap region r is the second camera 2. In other words, when the second camera 2 acquires the second image I2, for example, at least a portion r of the first image I1 acquired through the first camera 1 is overlapped. Suppose that you acquire 2 images (I2).

At this time, when the receiving unit 110 receives the video request packet, the selection menu providing unit 150 is obtained through the first camera 1 among the plurality of cameras 10 (1, 2, 3, 4, ...) It can be confirmed whether there is a second camera 2 that acquires a second image I2 including at least a partial region of the first image I1 as the overlap region r. As a result of the confirmation, since the second camera 2 acquires the image I2 so as to overlap with respect to at least a partial area r of the first image I1, the selection menu providing unit 150 displays the first image I1 A client terminal 200 may provide a first selection menu for selecting whether to receive the included extended image.

At this time, when the video transmission unit 120 is selected to receive the extended video in response to the provision of the first selection menu (that is, in response to the provision of the first selection menu, the selection to receive the extended video from the client terminal) When input information is received), the extended image of the first image including the first image I1 and the second image I2 may be encrypted and transmitted by multicast.

In this case, the extended image of the encrypted first image transmitted through the image transmission unit 120 includes an image corresponding to the remaining region s where the overlapped region r is excluded from the second image I2 and the first image. It may be an image including (I1).

That is, the extended image of the encrypted first image transmitted through the image transmission unit 120 is not an image generated by simply adding the entire second image I2 to the first image I1, but the first image ( Refers to an image generated by adding only the second image I2 corresponding to the remaining region s except the overlapped overlapping region r with the first image I1 among the second images I2) can do.

According to this, the server 100 in providing (transmitting) the expanded image of the encrypted first image, the overlapping area included in one of the two images considered when generating the expanded image of the first image (that is, In this case, an extended image may be generated and provided (transmitted) with the overlapped regions overlapping each other) removed.

To this end, although not shown in the drawings, the image transmission unit 120 may include an image editing unit (not shown) for generating an extended image.

The image editing unit (not shown) generates an extended image of the first image including the first image I1 and the second image I2 when it is selected to receive the extended image in response to the provision of the first selection menu. Can. In this case, as described above, the image editing unit (not shown) may remove only the one of the plurality of overlapping regions with respect to the overlapping region and remove the other overlapping regions. Based on this, the image editing unit (not shown) performs image editing that connects the second image I2 and the first image I1 including only the remaining region s in which the overlapped region is removed (excluding) into one image. By performing it, an extended image of the first image can be generated.

In addition, the image editing unit (not shown) may perform image editing to generate an alternative image using a superimposed image acquisition camera in the following description. The detailed description will be described later.

The server 100 generates and encrypts an extended image with the overlapped area removed, thereby reducing the encryption time compared to the case of generating and encrypting the extended image without removing the overlapped region, as well as obtaining unnecessary images. (Or storage of unnecessary images in the database unit) and memory usage can be reduced. Here, the memory may mean a memory corresponding to the database unit.

In addition, when the acquisition of the first image from the first camera 1 is impossible, the selection menu providing unit 150 may display a second selection menu for selecting whether to receive the replacement image of the first image in the client terminal 200 ).

Here, the state in which the acquisition of the first image is impossible means that, for example, the first camera 1 is broken or a communication error occurs in a network (for example, the first network) through which the first image is transmitted ( That is, it may mean a case in which the server 100 cannot acquire the first image for reasons such as when the network is in poor condition.

At this time, when the controller 140 is selected to receive the replacement image in response to the provision of the second selection menu (that is, in response to the provision of the second selection menu, the client terminal intends to receive the replacement image of the first image) When the selection input information is received), the second camera 2 to capture the replacement image of the first image by the second camera 2 capturing the region overlapping the first image (at least partially overlapping region) ) Can be controlled.

At this time, the control unit 140 is based on the size of the overlap region r overlapping between the first image I1 and the second image I2 before controlling the angle of the second camera 2 (that is, the camera Based on the size of the overlapping area before angle control), the angle of the second camera 2 in the direction in which the size of the overlapping area r overlapping between the first image I1 and the second image I2 becomes larger Can be controlled.

According to this, the size of the overlap region r in the second image I2 obtained through the second camera 2 before the angle control of the second camera 2 is exemplarily referred to as the first size In this case, after the angle control of the second camera 2 is performed, the size of the overlap region within the second image obtained through the second camera 2 may be a second size larger than the first size. At this time, after the angle control of the second camera 2 is achieved, the second image obtained through the second camera 2 is compared with the angle control before the angle control by the angle control of the second camera 2 As an angle-changed image, it may be referred to as an angle-changed image (especially, a second angle-change image).

Thereafter, the image transmission unit 120 encrypts the angle change image (especially, the angle change second image) obtained from the second camera 2 having the angle control as the replacement image of the first image I1, and then the client terminal ( 200). This can be more easily understood with reference to FIG. 5.

5 is a view for explaining an angle change image obtained by the angle control of the second camera in the edge cloud-based image transmission server 100 according to an embodiment of the present application. This may be described in comparison with FIG. 4.

4 and 5, when the selection menu providing unit 150 is in a state in which it is impossible to acquire the first image I1 from the first camera 1, selects whether to receive the replacement image of the first image The second selection menu to be provided may be provided to the client terminal 200.

When it is selected to receive an alternative image in response to the provision of the second selection menu, the control unit 140 may select between the first image I1 and the second image I2 before controlling the angle of the second camera 2. The angle of the second camera 2 may be controlled in a direction in which the size of the overlapping region overlapping between the first image I1 and the second image I2 is larger based on the size of the overlapping region r overlapping. have.

According to this, after the angle control of the second camera 2 is made, the size of the overlapping region r'in the angle change image (angle change second image) I2' obtained through the second camera 2, That is, the size of the overlapping region r'overlapping with the first image I1 is larger than the size of the overlapping region r in the second image I2 before the angle control of the second camera 2 is achieved. Can.

Subsequently, the image transmission unit 120 encrypts the angle change image (in particular, the angle change second image) I2' obtained from the second camera 2 having the angle control as a replacement image of the first image I1. Can be transmitted toward the client terminal 200.

The server 100 may also provide the client terminal 200 with an image requested by the client terminal 200 (ie, an image corresponding to an image request packet, for example, the first image of the first camera) to the client terminal 200. , By controlling the angle of the camera (for example, the second camera) photographing an area at least partially overlapping the corresponding image (the first image), the angle-controlled camera (the second camera) is replaced with the first image The image may be acquired and provided to the client terminal 200.

That is, even in a situation in which the client terminal 200 cannot provide the first image requested by the client terminal 200, the image service is provided by providing an image similar to the first image (alternative image) through angle control of another camera. It can increase the satisfaction of the offer.

In addition, the control unit 140 includes a plurality of overlapping image acquisition cameras for acquiring an image including at least a portion of the first image as an overlapping region in the plurality of cameras 10 (1, 2, 3, 4, ...). In this case, in order to acquire an alternate image of the first image, angles of at least some cameras may be selectively controlled among a plurality of superimposed image acquisition cameras. In this case, when the number of combinations (the number of combinations) of at least some of the cameras selectively controllable among the plurality of superimposed image acquisition cameras for obtaining an alternative image is plural, the controller 140 minimizes the number of cameras to be controlled. The angle may be controlled by selecting at least some cameras corresponding to the combination. This can be more easily understood with reference to FIGS. 6 to 8.

6 to 8 are diagrams for explaining an example of angle control of a selective superimposed image acquisition camera for acquiring an alternative image in the edge cloud-based image transmission server 100 according to an embodiment of the present application.

Referring to FIGS. 6 to 8, as illustrated in FIG. 6, for example, a plurality of cameras 10 (1, 2, 3, 4, ...), which are obtained through the first camera 1 Suppose that there are three cameras that acquire an image so that at least a portion of one image I1 overlaps (that is, there are second to fourth cameras).

Here, the second camera 2 acquires the second image I2 such that the second camera 2 includes the overlapping region r1 overlapping at least a portion of the first image I1, and the third camera 3 receives the first image The third image I3 is acquired to include the overlapping region r2 overlapping with at least some other regions of (I1), and the fourth camera 4 overlaps another at least some regions of the first image I1 Suppose that the fourth image I4 is acquired to include the overlapped region r3.

At this time, when the first image I1 of the first camera 1 requested by the client terminal 200 is in a state in which it is impossible to acquire (ie, the client terminal requests the first image of the first camera through the image request packet) , When the device is unable to provide the first image to the client terminal), the selection menu providing unit 150 displays a second selection menu for selecting whether to receive the replacement image of the first image I1. It can be provided to the terminal 200.

Suppose that in response to the provision of the second selection menu, the client terminal 200 selects to receive an alternative image of the first image I1. That is, when a response is received from the client terminal 200 that a replacement image of the first image I1 is provided, the control unit 140 may be configured in the plurality of cameras 10 (1, 2, 3, 4, …). It may be determined whether there is an overlapping image acquisition camera that acquires an image including at least a partial region of one image I1 as an overlapping region.

At this time, it is assumed that an overlapping image acquisition camera exists in a plurality of cameras 10 (1, 2, 3, 4, ...), but a plurality of such overlapping image acquisition cameras exist. Here, according to the illustrated example of FIG. 6, the plurality of superimposed image acquisition cameras include a second camera 2 that acquires a second image I2, a third camera 3 that acquires a third image I3, and It may mean the fourth camera 4 acquiring the fourth image I4.

As described above, in providing an alternative image of the first image I1, for example, a plurality of superimposed image acquisition cameras 2, 3, 4 in the plurality of cameras 10 (1, 2, 3, 4, ...) When present, the control unit 140 may selectively control the angle of at least a portion of the cameras among the plurality of superimposed image acquisition cameras 2, 3, and 4 in order to acquire the replacement image of the first image I1.

In this case, the control unit 140 may control the angles of the second camera 2 and the third camera 3 to obtain an alternative image of the first image I1, as shown in FIG. 7 as an example. . In this case, the receiver 110 may change the angle through the angle-controlled second camera 2 (2nd angle change image, I2') and the angle-controlled image through the angle-controlled third camera 3 ( It is possible to acquire (receive) the third image, I3') with an angle change. Thereafter, the above-described image editing unit (not shown) in the image transmission unit 120, based on the first image (I1), the angle change image of the obtained second camera 2 (second angle change image, I2' Acquisition (creation) of an alternate image of the first image I by combining at least a portion of the region and at least a portion of the angle-changed image of the acquired third camera 3 (third-angle-change image, I3') with each other. can do.

Specifically, the image editing unit (not shown) corresponds to the overlapping area r1 ″ overlapping with the first image I1 in the angle change image of the second camera 2 (second angle change image I2′). The first partial image to be extracted, and corresponds to the overlap region (r2'') overlapping with the first image I1 in the angle change image (the third angle change image, I3') of the third camera 3 The second partial image can be extracted. Thereafter, the image editing unit (not shown) may acquire (generate) the replacement image of the first image I by connecting (combining) the extracted first partial image and the second partial image.

In addition, the control unit 140, as another example, as shown in FIG. 8, the second camera (2), the third camera (3) and the fourth camera (4) for obtaining the replacement image of the first image (I1) ) Can be controlled. In this case, the receiver 110 may change the angle through the second camera 2 with the angle control (angle change second image, I2'') and the angle change image through the third camera 3 with the angle control. (An angle-changing third image, I3'') and an angle-changing image (an angle-changing fourth image, I4'') may be obtained (received) through the fourth camera 4 having angle control. Thereafter, the above-described image editing unit (not shown) in the image transmission unit 120, based on the first image (I1), the angle change image of the obtained second camera 2 (second angle change image, I2' At least a portion of') and at least a portion of the angle change image of the obtained third camera 3 (third angle change image, I3'') and an angle change image of the fourth camera 4 (angle change fourth By combining at least some regions of the image I4'') with each other, it is possible to acquire (generate) the replacement image of the first image I.

Specifically, the image editing unit (not shown) overlaps the first image I1 in the angle change image (second angle change second image I2'') of the second camera 2 (r1'''). The overlapping region r2''' that overlaps with the first image I1 in the angle change image (angle change third image, I3'') of the third camera 3 and extracts the first partial image corresponding to ) And extracts a second partial image corresponding to ), and overlaps with the first image I1 in the angle change image of the fourth camera 4 (the angle change fourth image, I4'') r3'' The third partial image corresponding to') may be extracted.

Thereafter, the image editing unit (not shown) may acquire (generate) the replacement image of the first image I by connecting (combining) the extracted first partial image, the second partial image, and the third partial image.

At this time, as in the example of FIG. 7 described above, an example of acquiring an alternate image through angle control of two cameras 2 and 3 may be referred to as an example of the first case. Also, as in the example of FIG. 8 described above, an example of acquiring an alternative image through angle control of three cameras 2, 3, and 4 may be referred to as an example of the second case.

According to this, when a plurality of superimposed image acquisition cameras 2, 3, and 4 are present in the plurality of cameras 10, the controller 140 is a plurality of superimposed image acquisition cameras 2 as an example of the first case. , 3, 4) alternative images may be obtained by selectively controlling the angles of the second camera 2 and the third camera 3, or, as another example, a plurality of overlaps as in the case of the second case Alternate images may be acquired by selectively controlling the angles of the second cameras 2 to 4 from the image acquisition cameras 2, 3, and 4, respectively.

According to this example of the present application, in the server 100, the number of combinations (the number of combinations) of at least some of the cameras selectively controllable among a plurality of superimposed image acquisition cameras for obtaining an alternate image is two (first Two cases including the example of the case and the case of the second case). That is, according to an example of the present application, it can be said that the number of combinations of at least some of the cameras that can be selectively controlled is a total of two including the first case and the second case.

As described above, when there are a plurality of combinations (the number of combinations) of at least some of the cameras selectively controllable among a plurality of overlapping image acquisition cameras for acquiring the replacement image, the controller 140 minimizes the number of cameras to be controlled. The angle may be controlled by selecting at least some cameras corresponding to the combination.

In the example of the first case, the number of cameras controlled for acquiring the substitute image is two, whereas in the example of the second case, the number of cameras controlled for the acquisition of the substitute image may be three. In this case, since the number of cameras controlled for acquiring the replacement image is less than that of the second case in the first case, the controller 140 may control the camera to be controlled as an example, as in the case of the first case among the two cases. The first by selecting the second camera 2 and the third camera 3 as at least some of the cameras corresponding to the combination with the minimum number, and controlling the angles of the second camera 2 and the third camera 3 It is possible to obtain an alternative image of the image I1.

The server 100 provides a replacement image of the first image in a situation where the client terminal 200 cannot provide the first image requested by the client terminal 200, a camera controlled for generation of the replacement image (overlapping image acquisition camera) It is possible to provide an image similar to or corresponding to the first image (alternative image) while minimizing the number of images.

That is, the server 100 can reduce the image editing time by generating an alternative image based on the angle-changed image acquired through a superimposed image acquisition camera controlled with a minimum number (which enables faster generation of alternative images). , It is possible to improve the quality of an image (a replacement image of the encrypted first image) provided to the client terminal 200 through combining between images using a small number of images.

According to the above-described description, the system 1000 can provide an encrypted image from a plurality of cameras 10, thereby enabling secure image transmission.

In addition, in the system 1000, as an example, image transmission between the server 100 (or the edge cloud) and the camera 10, which is an end device, may be performed through secure socket layer (SSL) encryption transmission. The image transmitted between the server 100 and the camera 10 may be prevented from being captured in the middle. That is, the system 1000 may improve security of video transmission based on encrypted transmission.

In addition, the system 1000 can robustly cope with a failure. That is, in a conventional cloud computing, when a failure occurs in a cloud data center (cloud data center server), a fatal blow may occur. On the other hand, in the system 1000, even if a failure occurs in the cloud data center server 400, the edge service of the edge service is provided through the present server 100 (or edge cloud) disposed (prepared) between the camera and the cloud data center server 400. Since the provision can be made, it is possible to make it possible to more simply handle the response of the generated failure.

In addition, through the provision of the present system 1000 and the present server 100, the present application can encrypt and transmit an image at a low cost without any abnormality in network performance in large-scale transmission. In addition, the present application can improve the reliability of verification by verifying whether the decryption key is abnormal using the result of confirming the abnormality by a plurality of random cameras and the result of self-determination by the client terminal.

The server 100 may be referred to differently as an encrypted video transmission server (or device) using edge cloud-based multicast.

In addition, in the present system 1000, the client terminal 200 is an operation detection unit that detects whether the first image of the first camera 1 whose password has been released is manipulated through encryption cancellation control by the control unit 140. (Not shown).

With the development of information and communication technology, the method of manipulating images has been developed day by day, and although manipulating images is simply used as a game, it is used for illegal or malicious purposes such as manipulation of legal evidence, manipulation of research results, and creation of false documents. It may be said that the development of a technique for detecting image manipulation is indispensable.

The recently standardized video compression standard, HEVC (High Efficiency Video Coding) supports high resolution by improving the image quality, and as compression efficiency is excellent, it is approximately 4 times higher than the existing video compression standard MPEG-2 (H.262). , H.264/AVC has about twice the compression performance.

Most of the known video manipulation detection techniques detect the manipulation of compressed video by using existing video compression standards such as MPEG-2, MPEG-4, and H.264/AVC, and these existing video compression standards The image manipulation detection technique applied to has a problem that cannot be applied to the recently standardized image compression standard HEVC. Accordingly, the manipulation detection unit (not shown) may detect whether manipulation of an image compressed by HEVC is performed.

In general, the operation process of the image is as follows. When the image is acquired, the obtained image may be encoded (or compressed) and recorded and stored in a recording medium or memory in the form of a bitstream. Subsequently, in order to perform an arbitrary editing, deletion, or the like operation of the recorded or stored image, a process of decoding an image recorded or stored in the form of a bitstream and converting it into a shape of the image may be performed. Thereafter, after manipulation of the decoded image, a process of encoding for recording or storage again may be performed. As such, two or more encoding processes may be performed on the manipulated image, whereas one encoding process may be performed on the non-manipulated images. The detector can detect whether the input image is manipulated. In other words, the detector may classify the input image into a non-manipulated image and a manipulated image. At this time, various methods exist as a method of detecting whether the input image is manipulated or classifying the input image into a non-manipulated image and a manipulated image.

In the present application, a description is given of a technique in which a client terminal 200 manipulation detection unit (not shown) can detect whether a video is manipulated using an encoding pattern.

In view of the fact that when two or more encoding (compression) processes are performed for image manipulation, an unnatural pattern appears different from when one encoding process is performed due to the manipulation of the image in the encoding pattern of the manipulated image. , The manipulation detection unit (not shown) may detect whether the image is manipulated using these different compression patterns. In particular, the manipulation detection unit (not shown) may detect whether the manipulation of the image is performed using a pattern of different encoding information generated during double compression in the compressed image using HEVC (High Efficiency Video Coding).

Specifically, the manipulation detection unit (not shown) of the client terminal 200 may detect whether the manipulation of the first image of the first camera 1 with the decryption is performed through the decryption control by the control unit 140. have. Here, the decrypted first image, that is, the image received from the server 100 by the client terminal 200 (first image) may be, for example, a compressed image using HEVC (High Efficiency Video Coding). .

The manipulation detection unit (not shown) detects whether the encryption-decrypted first image is manipulated according to the presence or absence of an encoding pattern having a feature that satisfies a predetermined feature condition among encoding patterns of the decrypted first image. Can.

Here, the pre-defined feature condition may mean a condition for a feature of a coding pattern that changes during double compression of an image using HEVC (High Efficiency Video Coding).

In addition, the pre-defined feature condition is a block structure (eg, a coding unit (CU), a transform unit (TU)) associated with an encoding pattern of HEVC that identifies whether to manipulate an image (ie, a first image in which the encryption is released). , It may mean a condition for a characteristic change of a PU (Prediction Unit).

In addition, the predefined feature condition, if the feature of the encoding pattern of the decrypted first image is out of the statistical tolerance of the statistical processing result for the block structure associated with the encoding pattern of the unmanipulated image, double compression it It may refer to a condition for determining that it corresponds to a feature in which a sudden change due to is detected and detecting the corresponding image (ie, the first image from which the password has been released) as being manipulated.

That is, in the HEVC double-compressed manipulated image, some encoding information may be significantly changed compared to the non-manipulated image. In view of this, the manipulation detection unit (not shown) determines a more effective determination as to whether the manipulation is performed. For this, characteristics of a block structure (CU, TU, PU) related to a coding pattern of HEVC may be considered.

In particular, the manipulation detection unit (not shown) may detect whether the manipulation of an image is performed in consideration of characteristics of a statistical characteristic change of a block structure related to an encoding pattern of HEVC. In more detail, the manipulation detection unit (not shown) is a block related to the encoding pattern of the unmanipulated image (non-manipulated image) in consideration of the characteristics of the statistical characteristic change of the block structure and the feature of the encoding pattern of the decrypted first image When it is out of the statistical allowable range of the statistical processing result for the structure, the first image with the decrypted code can be detected as the manipulation image.

In addition, the manipulation presence detection unit (not shown) may consider characteristics of a statistical characteristic change of a coding unit (CU) among block structures related to an encoding pattern of HEVC, in order to identify whether the manipulation of the first image in which the encryption is released is performed. have.

In other words, the pre-defined feature condition is the number of intra/inter CU blocks, the frequency of occurrence by size of the intra/inter CU blocks, and the number of intra/inter CU blocks in relation to a coding unit (CU), which is a coding pattern unit, among HEVC block structures. It may include conditions related to at least one of the distribution ratio of intra/inter CU blocks.

In HEVC, compression is basically divided into coding unit (CU) blocks as a coding pattern unit, and compression is performed for each CU in an intra (intra-prediction) or inter (inter-prediction) scheme. At this time, when at least a part of the decrypted first image is manipulated, an intra/inter CU ratio, a block size, etc. may rapidly change due to manipulation, and the manipulation detection unit (not shown) It is possible to detect whether the first image with the decrypted password is manipulated using the feature of the change in the statistical characteristics of the CU due to the image manipulation.

That is, the manipulation presence detection unit (not shown) is related to the change in the statistical characteristics of the CU, the number of intra/inter CU blocks, the frequency of occurrence of each intra/inter CU block by size (frequency according to size), and the distribution of intra/inter CU blocks. It is possible to detect whether the input image is manipulated in consideration of at least one statistical information among the ratios.

For example, the pre-defined feature is'the number of intra/inter CU blocks', and the pre-determined statistical feature condition related to the manipulation image is a range in which the number of intra/inter CU blocks is between 15 and 20. Suppose that it is a condition that appears within, and that the statistical characteristic condition that is predefined in relation to a non-manipulated image is'a condition in which the number of intra/inter CU blocks is within a range between 5 and 10'. At this time, if the number of intra/inter CU blocks of the input image (not the operation detection target) is 10, the presence/absence detection unit (not shown) may detect the decrypted first image as a non-operation image. . If the number of intra/inter CU blocks of the first image is 18, the manipulation detection unit (not shown) may detect the input image as the manipulation image.

As another example, it is assumed that the pre-defined feature is'the number of intra/inter CU blocks', and the pre-defined feature condition is'condition where the number of intra/inter CU blocks is 15 or more'. In this case, when the number of intra/inter CU blocks of the input image is 15, the manipulation presence detection unit (not shown) may detect the first image as the manipulation image.

In addition, as an example, it is assumed that the number of intra/inter CU blocks statistically appears in a range between 5 and 10 in the non-manipulated image, and that the number of intra/inter CU blocks of the input image is 15. In this case, the manipulation detection unit (not shown) has a statistical allowable range (that is, 5 to 10) of characteristics of the encoding pattern of the first image (that is, characteristics of the encoding pattern in which the number of intra/inter CU blocks is 15). Out of the range), it is possible to detect the first image with the decrypted password as an operation image. The above-mentioned examples are only one embodiment to aid understanding of the present application, and are not limited thereto, and can be applied in various ways.

When the client terminal 200 detects that the decrypted first image is a manipulated image, it displays the operation notification message on its own screen of the client terminal and simultaneously sends the first image to the edge location server (this server, 100). An image re-request packet for re-providing the image may be transmitted. In this case, when it is detected that the first image is a manipulated image, the operation notification message is illustrated only on the screen of the client terminal 200, but is not limited thereto, but is performed through the speaker unit of the client terminal 200. An operation notification signal may be provided.

According to this, the client terminal 200, through a manipulation detection unit (not shown), features of an encoding pattern that is changed during double compression of an image using HEVC (High Efficiency Video Coding) among the encoding patterns of the decrypted first image. Whether or not the corresponding image is manipulated can be detected according to the presence or absence of an encoding pattern having a feature that satisfies a predefined feature condition that is a condition for.

In addition, the client terminal 200 compresses to HEVC by detecting whether the image is manipulated using a predefined feature condition that is a condition for a characteristic change of a block structure related to an encoding pattern of HEVC that identifies whether the corresponding image is manipulated or not. It is possible to more effectively detect whether or not the manipulated image is manipulated.

In addition, when the feature of the encoding pattern of the decrypted first image is out of the statistical allowable range of the statistical processing result for the block structure associated with the encoding pattern of the unmanipulated image, the client terminal 200 determines the corresponding image (password). Is detected as the manipulated image, it is possible to effectively detect whether the image is manipulated.

The above description of the present application is for illustrative purposes, and those skilled in the art to which the present application pertains will understand that it is possible to easily modify to other specific forms without changing the technical spirit or essential features of the present application. Therefore, it should be understood that the embodiments described above are illustrative in all respects and not restrictive. For example, each component described as a single type may be implemented in a distributed manner, and similarly, components described as distributed may be implemented in a combined form.

The scope of the present application is indicated by the claims below, rather than the detailed description, and it should be interpreted that all changes or modifications derived from the meaning and scope of the claims and equivalent concepts thereof are included in the scope of the present application.

1000: Edge cloud-based video transmission system
100: edge location server
200: user terminal
400: cloud data center server
10: multiple cameras

Claims (16)

As an edge cloud-based video transmission system,
A plurality of cameras;
It is disposed between the plurality of cameras and the cloud data center server, and is acquired through the first camera in response to an image request packet for receiving the first image of the first camera among the plurality of cameras received from the client terminal. An edge location server that controls the first video to be provided as the live video to the client terminal by streaming, and stores the live video provided to the client terminal as a recorded video in the database unit; And
And a cloud data center server that receives and stores a recorded image that satisfies a preset condition among the recorded images previously stored in the database unit, from the edge location server.
The recorded video that satisfies the preset condition is a recorded video that is judged as the storage time of the recorded video stored in the database unit exceeds a preset time,
The edge location server performs provision and storage of the live image and delivery of a recorded image to the cloud data center server based on the edge cloud, but satisfies the preset condition among the pre-stored recorded images. Transmission of the recorded video to the cloud data center server is performed only for the recorded video,
The edge location server,
An image transmission unit for acquiring the encrypted first image from the first camera and transmitting it to the client terminal in response to the received image request packet;
A verification packet transmission unit transmitting a verification packet including a decryption key for video transmission authentication and decryption for the encrypted first image transmitted to the client terminal to some of the cameras and the client terminal;
A control unit configured to control the decryption of the encrypted first image received by the client terminal when it is verified that there is no abnormality as a result of verification of whether or not the decryption key included in the verification packet received by the client terminal is abnormal; And
In response to the received video request packet, when there is a second camera for acquiring a second image including at least a partial region of the first image obtained through the first camera as an overlapping region among the plurality of cameras, When the client terminal is provided with a first selection menu for selecting whether or not to receive an extended image including the first image, when the first image cannot be obtained from the first camera, the first image is replaced. And a selection menu providing unit providing a second selection menu for selecting whether to receive an image to the client terminal,
The client terminal receives the first video with the decrypted password as the live video through the decryption control by the control unit,
When the controller is selected to receive the replacement image in response to the provision of the second selection menu, causing the second camera capturing an area overlapping the first image to obtain the replacement image of the first image In order to control the angle of the second camera,
When the video transmission unit is selected to receive the extended video in response to the provision of the first selection menu, the extended video of the first video including the first video and the second video is encrypted and transmitted in multicast. , When it is selected to receive an alternative image in response to the provision of the second selection menu, encrypts and transmits an angle change image obtained from the second camera with angle control as an alternative image of the first image,
The control unit,
When there are a plurality of overlapping image acquiring cameras acquiring an image including at least a portion of the first image as an overlapping region in the plurality of cameras, acquiring the plurality of overlapping images to obtain a replacement image of the first image Selectively control the angle of at least some of the cameras,
When the number of combinations of the at least some cameras selectively controllable among the plurality of superimposed image acquisition cameras is plural for acquiring the replacement image, by selecting at least some cameras corresponding to the combination where the number of controlled cameras is the smallest, Edge-based video transmission system that controls angle. According to claim 1,
The edge location server, which performs deletion processing on the recorded image delivered to the database unit, an edge cloud-based image transmission system. According to claim 2,
The edge location server,
When a request for providing a recorded image requesting to acquire a recorded image corresponding to the first image of the first camera is received from the client terminal, it is determined whether the recorded image exists in the database unit,
If the determination result exists, the recorded image stored in the database unit is provided to the client terminal,
If the result of the determination does not exist, the cloud image center-based image transmission system that receives the recorded image stored in the cloud data center server and provides it to the client terminal. delete According to claim 1,
Verification of the presence or absence of the above,
When a plurality of abnormality confirmation requests corresponding to a preset number are transmitted from the client terminal, a plurality of randomly selected cameras among the partial cameras that have received the verification packet in response to the plurality of abnormality confirmation requests Edge cloud-based video transmission system, which is performed by checking for abnormality by a random camera. The method of claim 5,
Verification of the presence or absence of the above,
If it is determined that there is no abnormality as a result of checking whether there is an abnormality by the plurality of random cameras among the some of the cameras, it is temporarily verified that the decryption key received by the client terminal is not abnormal,
When it is determined that the decryption key received by the client terminal has no abnormality as a result of self-determination at the client terminal, it is finally verified that the decryption key received by the client terminal has no abnormality. . The method of claim 6,
The client terminal,
A verification packet including identification information of the first camera is received from the verification packet transmission unit,
As a result of performing self-determination comparing whether the identification information of the first camera included in the received verification packet and the identification information of the camera included in the encrypted first image received from the image transmission unit match, if they match It is determined that there is no abnormality in the decryption key, an edge cloud-based video transmission system. The method of claim 6,
The number of the plurality of random cameras is n equal to the number of the plurality of abnormality confirmation requests transmitted from the client terminal,
The plurality of random cameras,
Among the some of the cameras include one camera selected from the same network group belonging to the same network as the first camera and (n-1) cameras selected from heterogeneous network groups belonging to a different network from the first camera. ,
When it is detected that a communication abnormality occurs in the same network group, and includes n cameras selected from the heterogeneous network group, the edge cloud-based video transmission system. The method of claim 8,
The control unit,
When it is verified that there is no abnormality as a result of verifying whether or not the decryption key is abnormal, the edge cloud is to control the decryption of the encrypted first image so that only one playback of the encrypted first image is permitted. Based video transmission system. The method of claim 9,
The control unit,
When a re-request for replaying the first video having been played once is transmitted from the client terminal after the video is played once for the encrypted first video,
A plurality of randomly selected randomly from among the remaining cameras except for the plurality of random cameras considered when allowing one play among the some of the cameras in response to the re-request of a plurality of abnormalities generated to correspond to the re-request. An edge cloud-based video transmission system that re-verifies whether or not the decryption key is abnormal by confirming whether there is an abnormality by the camera and controls the first image to be replayable when it is verified that there is no abnormality as a result of re-verification. delete According to claim 1,
The edge image of the encrypted first image transmitted through the image transmission unit is an image including the first image and the image corresponding to the remaining region excluding the overlapped region among the second images. Based video transmission system. delete delete According to claim 1,
The client terminal,
And an operation detection unit configured to detect whether the operation of the first image in which the password is canceled is operated according to the presence or absence of an encoding pattern having a feature that satisfies a predefined feature condition among the encoding patterns of the first image in which the password is canceled. ,
The pre-defined feature conditions,
It is a condition for the characteristics of a coding pattern that changes during double compression of an image using HEVC (High Efficiency Video Coding),
It is a condition for a characteristic change of a block structure related to the encoding pattern of the HEVC that identifies whether to manipulate the first image,
If the feature of the encoding pattern of the first image is out of the statistical tolerance of the statistical processing result of the block structure associated with the encoding pattern of the non-manipulated image, it is a condition for detecting the first image as being manipulated, Edge cloud-based video transmission system. The method of claim 15,
The pre-defined feature conditions,
The HEVC block structure includes conditions related to at least one of the number of intra/inter CU blocks, the frequency of occurrence of each intra/inter CU block, and the distribution ratio of the intra/inter CU blocks in relation to a coding unit (CU).
The client terminal,
When it is detected that the first image in which the password is released is a manipulated image, an operation request message is displayed on the screen and at the same time, an image re-request packet is sent to the edge location server to request the provision of the first image again. Is an edge cloud-based video transmission system.

Images