KR102604713B1 - Security system for managing apartment house and method for operating thereof - Google Patents

Abstract

According to one embodiment, a security system for security of an apartment complex includes a plurality of wall pads included in each of a plurality of households included in the apartment complex, and only a server operatively connected to the plurality of wall pads. , and a module operatively connected to the complex server. A first wall pad among the plurality of wall pads corresponding to a first generation among the plurality of generations may include a first processor and a first communication circuit operatively connected to the first processor. The complex server may include a second processor and a second communications circuit operatively coupled to the second processor. The first processor obtains a first command for at least one of at least one third-party server connected to the complex server, and transmits first information associated with the first command to the complex through the first communication circuit. It can be set to transmit to the server. The second processor receives first information associated with the first command from the wall pad through the second communication circuit and, based on the first information, sends a message to a third-party server associated with the first command. The corresponding module may be identified, and second information associated with the first command may be transmitted to the module. The module may be configured to transmit a designated portion of the second information to the third party server associated with the first command.

Description

Security system for module-based apartment management and its operation method {SECURITY SYSTEM FOR MANAGING APARTMENT HOUSE AND METHOD FOR OPERATING THEREOF}

Various embodiments of the present disclosure relate to a security system for managing a module-based apartment complex and a method of operating the same.

In modern apartment complexes, various facilities and services are provided to increase living convenience. However, there are inconveniences in managing and using these facilities and services. In particular, information delivery within apartment complexes is generally provided using notice boards, etc., making information delivery inconvenient and the possibility of information being omitted being high. Additionally, responses to accidents or emergency situations that occur within an apartment complex may not occur quickly.

Accordingly, this problem was solved by developing the Wall Pad, a device for information transmission and safety management in apartment complexes. Wall pads are electronic devices installed on the walls of a home, and can perform various functions necessary for information transmission and safety management within an apartment complex. For example, an access control function can be performed using a wall pad. The access control device can be connected to the wall pad, and the access control device can be controlled according to manipulation of the wall pad, so that access control can be performed. For example, communication with other households can be performed using a wall pad. For example, a wall pad of one generation may be directly or indirectly connected to a wall pad of another generation, and communication between wall pads may be performed through a corresponding communication line. Accordingly, members of one household can communicate with other households (or apartment managers) using the wall pad. For example, it may be possible to respond to an emergency situation using a wall pad. For example, a wall pad can be connected wired or wirelessly to various types of sensors in the home. The wall pad can confirm whether or not it is an emergency situation based on sensing data from the sensor, and can respond according to the confirmation result directly or through another alarm device or communication device.

The wall pad may be connected to, for example, a management server that manages a plurality of wall pads. The management server may process data from each of the wall pads and may also perform communications with external devices (this may mean, for example, the Internet, or it may mean a third-party server within the complex).

As described above, communication can be performed between the wall pad and in-house devices, and data related to safety can be transmitted and received through the communication. For example, the access control device can be controlled through the wall pad, and the opening and closing of the front door in the house can be controlled by manipulating the access control device. Accordingly, if security between the wall pad and the access control device is not guaranteed, the access control device may be controlled by a person without external authority, and thus safety may not be guaranteed.

In addition, the security of communication by the server that manages multiple wall pads must be ensured. For example, if an unauthorized person simply accesses the server, he or she may access the wall pad, which may cause the problems described above. In addition, if the security of communication between the server and the third-party server is not guaranteed, the security of the service provided by the third-party server may not be guaranteed.

Various embodiments of the present disclosure relate to a module-based security system capable of ensuring security between multiple entities in the above-described apartment complex, entities included in the security system, and methods of operating them.

According to one embodiment, a security system for security of an apartment complex includes a plurality of wall pads included in each of a plurality of households included in the apartment complex, and only a server operatively connected to the plurality of wall pads. , and a module operatively connected to the complex server. A first wall pad among the plurality of wall pads corresponding to a first generation among the plurality of generations may include a first processor and a first communication circuit operatively connected to the first processor. The complex server may include a second processor and a second communications circuit operatively coupled to the second processor. The first processor obtains a first command for at least one of at least one third-party server connected to the complex server, and transmits first information associated with the first command to the complex through the first communication circuit. It can be set to transmit to the server. The second processor receives first information associated with the first command from the wall pad through the second communication circuit and, based on the first information, sends a message to a third-party server associated with the first command. The corresponding module may be identified, and second information associated with the first command may be transmitted to the module. The module may be configured to transmit a designated portion of the second information to the third party server associated with the first command.

According to one embodiment, a security system for security of an apartment complex includes a plurality of wall pads included in each of a plurality of households included in the apartment complex, and only a server operatively connected to the plurality of wall pads. , and a module operatively connected to the complex server. A first wall pad among the plurality of wall pads corresponding to a first generation among the plurality of generations may include a first processor and a first communication circuit operatively connected to the first processor. The complex server may include a second processor and a second communications circuit operatively coupled to the second processor. The first processor obtains a first command for at least one of at least one third-party server connected to the complex server, and transmits first information associated with the first command to the complex through the first communication circuit. It can be set to transmit to the server. The second processor receives first information associated with the first command from the wall pad through the second communication circuit and, based on the first information, sends a message to a third-party server associated with the first command. It may be configured to identify the corresponding module and transmit second information associated with the first command to the module. The module determines whether to transmit the second information to the server, and, based on confirmation that the second information will be transmitted to the server, sends at least some of the second information to the first command and It can be set to transmit to an associated third party server.

According to one embodiment, between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex The operating method of the connected module includes receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads, among the at least one third-party server, the An operation of confirming a third-party server corresponding to a first command, an operation of confirming some of the first information based on a third-party server corresponding to the first command, and some of the first information, It may include transmitting to a third-party server corresponding to the first command.

According to one embodiment, between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex The operating method of the connected module includes receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads, among the at least one third-party server, the An operation of checking a third-party server corresponding to a first command, based on the first information, whether the first command is included in at least one command supported by the third-party server corresponding to the first command. An operation of confirming, and based on the first command being included in the at least one command supported by a third-party server corresponding to the first command, matching some of the first information to the first command. It may include transmitting to a third party server.

According to various embodiments of the present disclosure, a security system, entities included in the security system, and their operating methods may be provided, which can ensure security between multiple entities in a common house.

1 is a diagram for explaining a security system according to an embodiment.
Figure 2 shows a block diagram of a wall pad and complex server according to one embodiment.
Figure 3 shows a flowchart for explaining the operation of a security system according to an embodiment.
Figure 4 is a flowchart for explaining the operation of a security system according to an embodiment.
Figure 5 is a diagram for explaining a security system according to an embodiment.
FIG. 6A is a diagram for explaining a security system according to an embodiment.
FIG. 6B is a diagram for explaining a security system according to an embodiment.
Figure 7 is a diagram for explaining a method of operating a security system according to an embodiment.
FIG. 8A is a diagram for explaining a method of operating a security system according to an embodiment.
Figure 8b is an example of a data format defined between two or more entities according to an embodiment.
Figure 9 is a flowchart for explaining the operation of a security system according to an embodiment.
Figure 10 is a flowchart explaining a method of operating a security system according to an embodiment.
Figure 11 is an example of a data format according to one embodiment.
Figure 12 is a diagram for explaining a method of operating a security system according to an embodiment.
FIG. 13 is a diagram for explaining information associated with at least one hardware according to an embodiment.
Figure 14 is a flowchart explaining a method of operating a security system according to an embodiment.
Figure 15 is a flowchart explaining a method of operating a security system according to an embodiment.
Figure 16 is a flowchart explaining a method of operating a security system according to an embodiment.
17A to 17D are diagrams for explaining a security system according to an embodiment.

Hereinafter, exemplary embodiments according to the present invention will be described in detail with reference to the contents depicted in the attached drawings. However, the present invention is not limited or limited by the exemplary embodiments. The same reference numerals in each drawing indicate members that perform substantially the same function.

It will be appreciated that embodiments of the present invention can be implemented in the form of hardware, software, or a combination of hardware and software. Any such software may, for example, store on volatile or non-volatile storage devices such as ROM, whether erasable or rewritable, or on memory such as RAM, memory chips, devices or integrated circuits. , or, for example, may be stored in a storage medium that is optically or magnetically recordable and readable by a machine (e.g., a computer), such as a CD, DVD, magnetic disk, or magnetic tape. The graphic screen updating method of the present invention can be implemented by a computer or a portable terminal including a control unit and a memory, and the memory is a machine suitable for storing a program or programs containing instructions for implementing embodiments of the present invention. You can see that this is an example of a readable storage medium. Accordingly, the present invention includes a program containing code for implementing the device or method described in any claim of the present specification and a machine-readable storage medium (such as a computer) storing such a program. Additionally, such programs may be transmitted electronically through any medium, such as communication signals transmitted over a wired or wireless connection, and the present invention includes equivalents thereof as appropriate.

1 is a diagram for explaining a security system according to an embodiment.

As shown in Figure 1, the security system includes a wall pad 101, home appliances/control devices 103a, 103b, 103c, a server 110, a security means 112, a module 114, and a third It may include at least some of the user servers 116 and 117, the construction company application 130, the manager device 135, and the authentication cloud 137.

Referring to FIG. 1, a security system according to one embodiment may include a wall pad 101. The wall pad 101 may be placed, for example, in each unit of an apartment complex. The wall pad 101 can be installed, for example, on the wall of a unit in an apartment complex, but there is no limit to its installation location. The wall pad 101 is a smart device equipped with various functions such as an intercom, door opening function, and home network, which are mainly used in apartment complexes, and is a product developed to improve the convenience and safety of living in apartment complexes.

For example, the wall pad 101 may provide various functions. Although not shown, the wall pad 101 may include a display capable of providing (or expressing, or displaying) a user interface (hereinafter referred to as UI). Here, the display may be implemented to include, for example, a touch panel (or together with a touch panel), and in this case, the wall pad 101 may be implemented to include a touch screen. In this embodiment, the wall pad 101 is described as including a touch screen, but may be hardware (e.g., a display, a speaker, etc.) for representing data (e.g., graphic data) for user recognition. Those skilled in the art will understand that there is no limitation as long as the device includes (but is not limited to) hardware for receiving user input (which may be, but is not limited to, a touch panel, microphone, etc.). The wall pad 101 may provide a UI for various functions through, for example, a touch screen.

For example, the wall pad 101 may provide a UI for an access control function. There are no restrictions on how the access control function can be implemented. In the first example, the access control function UI may include at least one visual object (eg, an open button and/or a close button) for simply controlling the opening and closing of the door. For example, when it is confirmed that the open button is designated, the wall pad 101 may transmit data for the open function to the first home appliance/control device 103a. The first home appliance/control device 103a may be, for example, a door opening and closing device. The door opening and closing device may open (or unlock) the entrance door based on receiving data for the opening function. In a second example, the wall pad 101 may implement an access control function based on password input. The wall pad 101 can manage the password set (or adjusted) by the user. The wall pad 101 may represent, for example, a UI for entering a password. When a password is entered through the UI, the wall pad 101 can compare the entered password with the password being managed, and if both passwords are the same, data for the opening function is sent to the first home appliance/control device 103a. Can be sent. The first home appliance/control device 103a may be, for example, a door opening and closing device. The door opening and closing device may open (or unlock) the entrance door based on receiving data for the opening function. In a third example, the wall pad 101 may implement an access control function based on security information. Security information is not limited as long as it is information generated based on an existing method for unlocking security, such as biometric information, onetime password (OTP), or a code generated in another way. The wall pad 101 may manage security information or store information for generating security information and an algorithm for generating security information. The wall pad 101 can compare security information received through a UI, sensor, or communication with managed or created security information. If both security information are the same, data for the opening function can be transmitted to the first home appliance/control device 103a. The first home appliance/control device 103a may be, for example, a door opening and closing device. The door opening and closing device may open (or unlock) the entrance door based on receiving data for the opening function.

Meanwhile, the above-described UI input method may be performed based on voice recognition rather than visual objects. For example, the wall pad 101 supports a standalone (SA) type voice recognition function (or voice recognition AI model), or a non-standalone (NSA) type voice recognition function. Can support recognition function. In the case of the SA type, the wall pad 101 can analyze the meaning of the voice input by the wall pad 101 alone, identify the control target device, and identify the control command. The wall pad 101 can transmit a control command to the identified control target device. The control target device that has received the control command may perform at least one operation corresponding to the received control command. In the case of the NSA type, the wall pad 101 is connected to an external entity with more computing power (for example, it may be just a server, or a dedicated server for voice recognition connected through the Internet, but there are restrictions on the type of external entity). You can query speech recognition with . The external entity can analyze the meaning of the queried voice, identify the controlled device, and identify the control command. An external entity may provide information about a controlled device and/or control command to the wall pad 101. The wall pad 101 may transmit a control command to the identified control target device based on the received information. The control target device that has received the control command may perform at least one operation corresponding to the received control command. Those skilled in the art will recognize that user input in various embodiments of the present disclosure may be performed based on voice recognition as well as input/output through the touch screen as described above, and may be implemented by various other user control methods. You will understand.

For example, the wall pad 101 may perform a home appliance control function. For example, various types of smart home appliances may be included in the home, and at least some of the home appliances/control devices 103a, 103b, and 103c in FIG. 1 may be smart home appliances. Here, smart home appliances may include lighting devices, air conditioning devices, heating devices, fuel (eg, gas) opening/closing control devices, heating devices such as induction, etc., and there is no limitation to their types. The wall pad 101 may provide at least one UI that can control various types of home appliances. Each of the at least one UI may be implemented to include at least one visual object for controlling the function of the home appliance, but there is no limitation on the form of implementation.

Meanwhile, although not shown, the wall pad 101 may be implemented as a smart phone or wearable device (e.g., smart watch, smart glasses, VST device, HMD, smart contact lens, etc., but the implementation form There are no restrictions) and communication can be performed. The functions provided by the wall pad 101 described above may be implemented with, for example, a smart phone or wearable device. For example, when a home appliance control function is performed, a UI for the home appliance control function may be provided by a smart phone or wearable device. Control commands can be input through the UI provided by a smart phone or wearable device. The smart phone or wearable device can transmit the received control command to the corresponding control target device. For example, the wall pad 101 may first receive a control command from a smart phone or wearable device and transmit the received control command to the corresponding control device. In this case, the wall pad 101 may be connected to the home network. It can be implemented like a controller. Meanwhile, this is an example, and those skilled in the art will understand that depending on implementation, a smart phone or wearable device may directly communicate with the control target device without going through the wall pad 101.

The wall pad 101 according to one embodiment may communicate with home appliances/control devices 103a, 103b, and 103c to perform various functions as described above. The wall pad 101, for example, communicates with the home appliances/control devices 103a, 103b, and 103c through wired communication (for example, it may be wired communication of the RS-485 standard, but is not limited). It can be done. Alternatively, the wall pad 101 may communicate with the home appliances/control devices 103a, 103b, and 103c through wireless communication. For example, wireless communication can be implemented in various ways, such as Bluetooth (e.g., basic rate/enhanced data rate/low energy, etc., without limitation), NFC, Zig-bee, thread, UWB, Wifi-direct It can be based on various standards such as, but there are no restrictions on the implementation method. Meanwhile, the wall pad 101 may be implemented based on a manufacturer's unique method and/or may support a standard for connecting a whole home network (eg, Matter standard), and there is no limitation in the implementation method.

The wall pad 101 according to one embodiment transmits data corresponding to a user command received through the UI to at least some of the home appliances/control devices 103a, 103b, and 103c through wired and/or wireless communication. can be provided. The wall pad 101 can identify a control target device among the home appliances/control devices 103a, 103b, and 103c, and provide data corresponding to a user command to the identified control target device.

Alternatively, the wall pad 101 may represent information received from the home appliances/control devices 103a, 103b, and 103c, or may transmit it to another entity. For example, the wall pad 101 may receive temperature from a temperature measurement sensor, and express the received temperature through a UI, or other entities (e.g., a smart phone, a wearable device, or just a server 110 )) can be provided. Accordingly, the user can check the currently sensed information and control the external entity or the wall pad 101 to provide an appropriate command, and the external entity can relay the command to the wall pad 101. The wall pad 101 may provide the received command to a control target device among the home appliances/control devices 103a, 103b, and 103c. For example, if the temperature is low, the user command may be to increase the temperature through the heating device, and the wall pad 101 may transmit at least one command to cause the temperature to increase to the heating device. Alternatively, the wall pad 101, based on the received sensing information, is based on rule-based or artificial intelligence-based without a user command, and automatically controls home appliances/control devices 103a, At least some of 103b and 103c) may be controlled.

As described above, the wall pad 101 can transmit and receive data for control and/or sensing data with the home appliances/control devices 103a, 103b, and 103c. If the communication is not secure, there is a possibility that an accident may occur at home or personal information may be leaked. For example, if the access control device is hijacked by an unauthorized person, the door may be opened and closed arbitrarily. For example, if the gas control device is hijacked by an unauthorized person, gas may be controlled to leak. For example, if an in-house video recording device is stolen by an unauthorized person, there is a possibility that the captured video may be leaked, and various security risks may exist in addition to the examples mentioned above. Accordingly, secure communication must be performed between the wall pad 101 and the home appliances/control devices 103a, 103b, and 103c, which will be described in more detail later.

According to one embodiment, the wall pad 101 may only communicate with the server 110. For example, the wall pad 101 can only perform LAN-based communication with the server 110, but there are no restrictions on the communication method. Meanwhile, in FIG. 1, the server 110 is shown as functionally connected to one wall pad 101, but this is for convenience of explanation, and one server 110 includes a plurality of wall pads 101. ) can be connected to. For example, each of the plurality of wall pads 101 may be placed in each of a plurality of households. Only the server 110 can perform at least one operation for managing a plurality of households. If the wall pad 110 serves as a controller of a home network within one household, only the server 110 may serve as a controller of a network of a plurality of wall pads 110, and/or a wall pad ( 110) and may serve as an intermediary between external entities. Meanwhile, although not shown, a plurality of wall pads 101 may be connected to a switch device, and an implementation in which the switch device is connected only to the server 110 may also be possible.

Communication between the wall pad 101 and the server 110 needs to be secure. For example, when the security of communication between the wall pad 101 and the server 110 is stolen, an external hijacker manipulates the wall pad 101, causing various types of problems or personal information leaks as described above. There is a possibility. As described above, when the wall pad 101 and the complex server 110 perform LAN-based communication, the communication between the wall pad 101 and the complex server 110 increases security by using VPN. You can do it. For example, a device for VPN may be implemented physically independently from the wall pad 101. In this case, the VPN device may be connected to the wall pad 101. In another example, a function for VPN may be supported in the wall pad 101. In this case, the VPN device may be physically included in the wall pad 101, or the wall pad 101 may be implemented to support the corresponding function. In addition, the device for server-side VPN may be implemented to be connected only to the server 110 or to be included only in the server 110. According to the above description, the wall pad 101 and the complex server 110 can perform VPN-based communication, and thus security can be increased.

Communication between the wall pad 101 and the server 110 may be transmitted by replacing the above-described VPN or additionally by including a code in the data. For example, the wall pad 101 and the server 110 may generate a one-time password and store the one-time password as a code in the data (e.g., which may be a header, but there is no limitation on the area it contains). You can include it and send it. The wall pad 101 and the complex server 110 can check whether the code included in the received data was transmitted from an authorized device. For example, the wall pad 101 and the complex server 110 generate a one-time password in the same manner, compare it with the received one-time password, and determine whether the data is transmitted from an authorized device based on the comparison result. You can check. Meanwhile, the above-described OTP method is merely illustrative and there are no restrictions on the code generation method for security. For example, the wall pad 101 and the complex server 110 may generate a code based on at least one identification information of at least one included part, which will be described in more detail later.

According to one embodiment, only the server 110 may communicate with the third-party servers 116 and 117. The third-party servers 116 and 117 may be operated, for example, by a company associated with communal services in an apartment complex. At least some of the third-party servers 116 and 117 may be operated, for example, by an elevator management company in an apartment complex. The third-party server may, for example, perform the current elevator location and/or elevator call function. For example, when an elevator call command is input to the wall pad 101, the wall pad 101 may simply transmit the elevator call command, which is a command to an external entity, to the server 110. The elevator call command may include, for example, identification information of the wall pad 101, location information of the wall pad 101, and/or identification information and/or location information of the household in which the wall pad 101 is installed. There is no limit to the type of data included. Only the server 110 can identify the third-party server receiving the command for the external entity. Only the server 110 may transmit a command to an external entity (eg, an elevator call command) to a confirmed receiving target third-party server. The third-party server may perform operations based on the received command. For example, the third-party server may perform the received command, which is an elevator call, and thereby move the elevator to the floor of the unit corresponding to the wall pad 101. Alternatively, at least some of the third-party servers 116 and 117 may be parcel management servers. For example, the parcel management server may provide a parcel arrival notification to the wall pad 101 corresponding to the household through the server 110, based on the arrival of parcels for a specific household. For example, a parcel arrival notification may include information about the parcel arrival location, but there is no limitation on the type of data included.

As described above, only the server 110 and the third-party servers 116 and 117 can communicate with each other, and the security of the communication needs to be ensured. If the security of the communication is not guaranteed, the hijacker may simply access the wall pad 101 through the server 110, and accordingly, if the security of the communication is not guaranteed, the various types of There is a possibility that an accident or personal information leak may occur. According to one embodiment, only the server 110 and the third-party servers 116 and 117 may perform VPN-based communication. According to one embodiment, the server 110 and the third-party servers 116 and 117 may perform secure communication based on transmitting and receiving packets containing codes.

According to one embodiment, the module 114 may only relay communication between the server 110 and the third-party servers 116 and 117. The module 114 may be implemented to include, for example, sub-modules 114a and 114b corresponding to third-party servers 116 and 117, respectively. The submodule 114a may, for example, store (or be accessible to) information about commands defined between the server 110 and the third-party server 116. For example, if the third-party server 116 is a server for an elevator call, the sub-module 114a may provide information about at least one command associated with the elevator call (e.g., elevator call command, elevator location notification) commands, etc.) can be saved.

For example, the sub-module 114a may check commands included in the data based on data received from the outside. If the included command is included in commands related to a pre-stored function, the sub-module 114a may simply transmit the command to the server 110. For example, if the command received from the third-party server 116 is an elevator location notification command, the command can be simply transmitted to the server 110 because the command is included in the pre-stored command list. Only the server 110 can provide the corresponding command to the wall pad 101. Accordingly, the wall pad 101 can express an operation based on the corresponding command, for example, the location of an elevator.

Meanwhile, there is also a possibility that the hijacker's device connects to the third-party server 116. For example, the server 110 and/or the third-party server 116 may support wired and/or wireless Internet, thereby increasing the possibility that a hijacker's device may connect to the third-party server 116. there is. In this case, the hijacker's device may only attempt to connect to the server 110 and the wall pad 101 through the third-party server 116. In this case, the data resulting from the attempt may include a code for the purpose of hijacking, and the data may be provided to the submodule 114a. The sub-module 114a can check the information in the corresponding data to determine whether it is included in the existing command list. The submodule 114a can confirm that the code for hijacking is not included in the existing command list. The submodule 114a can block the data based on the fact that the information identified in the received data is not included in the existing command list, and thus the code for theft purpose is not simply provided to the server 110. It may not be possible. According to the above-described approach, module 114 can filter out unauthorized data between only server 110 and third-party server 116, thereby increasing security.

According to one embodiment, the manager device 135 may only connect to the server 110 based on executing the construction company application 130. The construction company application 130 may be, for example, an application produced by (or managed by) a company that builds an apartment complex and/or simply manages the server 110, but is not limited thereto. There is a possibility that an error may occur in the management server 110, and the error needs to be managed by the manager device 135. Alternatively, firmware for the management server 110 may be added, in which case firmware addition needs to be performed through the manager device 135. The manager device 135 may perform authentication through, for example, the authentication cloud 137 and may only connect to the server 110 after successful authentication is confirmed. Authentication methods include password-based authentication, biometric-based authentication, token-based authentication, social media authentication, and/or public key. (public key)-based authentication may be included, but this is an example and is not limited.

However, communication between the server 110 and the construction company application 130 needs to be secure. If the security of the communication is not guaranteed, the hijacker may simply access the wall pad 101 through the server 110, and accordingly, if the security of the communication is not guaranteed, the various types of There is a possibility that an accident or personal information leak may occur. According to one embodiment, the complex server 110 and the construction company application 130 may perform VPN-based communication. According to one embodiment, the complex server 110 and the construction company application 130 may perform secure communication based on transmitting and receiving packets containing codes.

According to one embodiment, a security means 112 may operate only between the server 110 and the builder application 130. The security means 112 may, for example, be executed only by the server 110, and/or may be executed only by an entity that is physically and/or logically independent from the server 110, but there is no limitation on the execution entity. . The security means 112 may transmit and receive data based on, for example, VPN. The security means 112 may, for example, be implemented as software that is simply executed by the server 110 . The security means 112 may, for example, be implemented as a device supporting a VPN that is physically connected to the server 110, but there is no limitation in its type. The security means 112 is, for example, just software executed by the server 110, and security may be increased based on code, which will be described later.

Figure 2 shows a block diagram of a wall pad and complex server according to one embodiment.

According to various embodiments, the wall pad 101 may include at least one of a processor 120, a communication circuit 122, or a memory 121. According to various embodiments, the server 110 may include at least one of a processor 140, a communication circuit 142, or a memory 141.

According to various embodiments, at least one of the processor 120 or the processor 140 is a CPU, GPU, NPU, ASIC, FPGA, MCU, a ROM storing a control program for control, and a signal input from the outside or It may include at least one RAM that stores data or is used as a storage area for tasks performed in the electronic device 101. The CPU may include single core, dual core, triple core, or quad core. CPU, ROM, and RAM can be interconnected through an internal bus. Operations performed by the wall pad 101 according to various embodiments may be performed, for example, by the processor 120 or by other hardware under the control of the processor 120. Alternatively, performing a specific operation by the wall pad 101 may mean that a specific operation is performed as an instruction stored in the memory 121 is executed. Operations performed only by the server 110 according to various embodiments may be performed, for example, by the processor 140 or by other hardware under the control of the processor 140. Alternatively, performing a specific operation by the server 110 may simply mean that the specific operation is performed as an instruction stored in the memory 141 is executed.

According to various embodiments, at least one of the memory 121 or the memory 141 may include both the ROM and RAM, and may include instructions (or programs, applications, etc.) for performing various operations as described above. and/or algorithms (but are not limited to). For example, at least one of the memory 121 or the memory 141 may be, but is not limited to, instructions (or, programs, applications, and/or algorithms) for generating code included in packets between the two entities. ) and/or information for code generation (e.g., may be, but is not limited to, a secret and/or key). At least one of the memory 121 or the memory 141 may be implemented as at least one of volatile memory and non-volatile memory, and there is no limitation on the form of implementation.

According to various embodiments, at least one of the communication circuit 122 or the communication circuit 142 may transmit and receive data through communication. There is no limitation to the method of communication performed in at least one of the communication circuit 122 or the communication circuit 142. For example, at least one of the communication circuit 122 or the communication circuit 142 may be connected based on a LAN. Meanwhile, as described above, the communication circuit 122 and the communication circuit 142 may perform communication based on VPN. In one embodiment, communication circuitry 122 and communication circuitry 142 are implemented to support VPN, or in another embodiment, at least one VPN function between communication circuitry 122 and communication circuitry 142. It may also be implemented to further involve external entities for support. Meanwhile, in another embodiment, the communication circuit 122 and the communication circuit 142 may be implemented to perform wireless communication.

Meanwhile, although not shown, the wall pad 101 includes at least one input module and/or output module for providing a UI, such as a touch screen, display, button, microphone, speaker, and/or lamp. It can be done, and there are no restrictions on the means for providing UI.

Figure 3 shows a flowchart for explaining the operation of a security system according to an embodiment.

According to one embodiment, the manager device 135 may execute a management application in operation 301. Based on the management application (e.g., it may also be called a construction company application as described in FIG. 1, but there is no limitation on its publishing and/or management entity), the manager device 135 is only a server ( 110). The management application may be, for example, an application produced by (or managed by) a company that builds an apartment complex and/or simply manages the server 110, but is not limited thereto. There is a possibility that an error may occur in the management server 110, and the error needs to be managed by the manager device 135. Alternatively, firmware for the management server 110 may be added, in which case firmware addition needs to be performed through the manager device 135.

According to one embodiment, the manager device 135 may perform an authentication procedure based on the authentication cloud 137 in operation 303. The manager device 135 may perform authentication through, for example, the authentication cloud 137 and may only connect to the server 110 after successful authentication is confirmed. Authentication methods may include, but are not limited to, password-based authentication, biometric-based authentication, token-based authentication, social media authentication, and/or public key-based authentication. In operation 305, the manager device 135 may obtain authentication information, for example, based on an authentication procedure. The manager device 135 may only connect to the server based on the authentication information in operation 307. The manager device 135 may only perform interaction with the server 110 in operation 309 . Although security can be guaranteed by only accessing the server 110 based on authentication information confirmed based on authentication, in some cases, authentication information may be stolen, and/or based on various hacking programs, only the server 110 ), there may be a possibility that a hijacker may access it. In other embodiments, only the server 110 implements the security measures 112, and/or an entity for implementing the security measures 112 operates solely between the server 110 and the administrator device 135. It may be connected negatively.

Figure 4 is a flowchart for explaining the operation of a security system according to an embodiment.

Referring to Figure 4, only server 110 may, in operation 401, execute security measures 112. In the example of Figure 4, it is described as if only the server 110 executes the security means 112, but this is just an example and, as described above, the entity for executing the security means 112 is only the server. Those skilled in the art will understand that there may be an operative connection between 110 and manager device 135. Meanwhile, the administrator device 135 with authority may simply request access to the server 110 in operation 403. The access request may include, for example, transmission of data and/or request for data, but there is no limitation in type. At operation 405, only the server 110 may determine whether to allow the administrator device 135 based on the security means 112. If it is determined to allow the manager device 135 according to the result of operation 405, the server 110 may only perform communication with the permitted manager device 135 in operation 407. For example, the security means 112 may operate based on VPN and/or code, but there is no limitation on the implementation method. Meanwhile, as described above, the security means 112 may only be executed by an entity external to the server 110. Here, those skilled in the art will understand that the external entity is not limited as long as it is an entity that can be physically and/or logically distinguished from the server 110.

In one example, unauthorized device 400 may request access in operation 409. For example, the server 110 may allow access from the outside according to the various purposes described above, and accordingly, the unauthorized device 400 may request access through a point where there is a security leak. Only the server 110, in operation 411, may determine whether to allow the unauthorized device 400 based on the app filter. For example, in the unauthorized device 400, access may be requested using a different application than the management application. Since the management application is not equipped with functions for illegal purposes, the unauthorized device 400 may request access based on data not provided by the management application. The unauthorized device 400 cannot establish a tunnel with the server 110 based on VPN and/or fails the security authentication verification procedure using a security code, and therefore cannot connect to the server 110. . The server 110 may only restrict communications to unauthorized devices 400 that are not permitted, in operation 413 . For example, server 110 may simply not process information received from unauthorized device 400 and/or not provide requested data, and there are no restrictions on how this may be restricted. According to the above-mentioned information, theft can be prevented only through paths where the server 110 allows external access for various purposes.

Figure 5 is a diagram for explaining a security system according to an embodiment.

According to one embodiment, only the server 110 may communicate with the third-party server 116. The third-party server 116 may be operated, for example, by a company associated with communal services in an apartment complex. The third-party server 116 may be operated, for example, by an elevator management company within a condominium, as described above. The third-party server may, for example, perform the current elevator location and/or elevator call function. For example, when an elevator call command is input to the wall pad 101, the wall pad 101 may simply transmit the elevator call command, which is a command to an external entity, to the server 110. The elevator call command may include, for example, identification information of the wall pad 101, location information of the wall pad 101, and/or identification information and/or location information of the household in which the wall pad 101 is installed. There is no limit to the type of data included. Only the server 110 can identify the third-party server receiving the command for the external entity. Only the server 110 may transmit a command for an external entity (eg, an elevator call command) to the confirmed receiving target third-party server 117. The third-party server 117 may perform operations based on the received command. For example, the third-party server 117 operates (or controls another entity (e.g., elevator control device)) to perform an operation to move the elevator to the floor corresponding to the household where the wall pad 101 is installed. can do.

Meanwhile, the third-party server 117 may communicate with the outside world for various purposes. In this case, there is a possibility that the third-party server 117 communicates with the outside world by wire or wirelessly. In particular, depending on the vendor, there is a possibility that the third-party server 117 is implemented to support the function of communicating with the outside based on cellular communication such as LTE. In this case, access to the unauthorized device 501 may be requested through an external route to the third-party server 117. If the device 501 only connects to the server 110 through the third-party server 117, there may be a possibility of an accident and/or personal information being leaked. For example, simply by operating the server 110 through the device 501, information obtainable by the wall pad 101 is provided to the device 501, and/or controlled by the wall pad 101. Capable of controlling device functions. Accordingly, there is a risk that images captured by a camera connected to the wall pad 101 may be stolen and/or a gas control device connected to the wall pad 101 may be manipulated.

In the example of FIG. 5, only the server 110 and the third-party server 117 can communicate with each other, and the security of the communication needs to be ensured. According to one embodiment, only the server 110 and the third-party server 117 may perform VPN-based communication. For example, only server 110 may support the functionality of a VPN and/or be connected to an external entity that supports the functionality of a VPN. For example, third party server 117 may support the functionality of a VPN and/or be connected to an external entity that supports the functionality of a VPN. Only a VPN-based tunnel can be established between the server 110 and the third-party server 117 (or between entities connected to each of them), and data can be transmitted/received through the tunnel. Accordingly, the security can be increased. Alternatively, only the server 110 and the third-party server 117 can perform secure communication based on sending and receiving packets containing a code, and the generation of the code will be described in more detail later. do.

FIG. 6A is a diagram for explaining a security system according to an embodiment.

In contrast to Figure 5, in the embodiment of Figure 6A, module 114 may merely relay communications between server 110 and third party server 117. The module 114 may, for example, be implemented exclusively for the third-party server 117, but this is an example and the module 114 may be implemented to manage two or more third-party servers. For example, the module 114 may check information about commands that can be processed by the third-party server 117. Table 1 may be an example of commands that can be processed by a third-party server for elevator management, for example.

code command 1001 elevator call 1010 Elevator location notification 1011 elevator emergency notification

Those skilled in the art will understand that the above table is merely illustrative, that more types of commands may exist, and that some of Table 1 may not be supported. The above commands can be processed by the third-party server 117, and their number may be relatively small. The module 114 may store (or be accessible) information about commands (e.g., a list of commands), for example as shown in Table 1.

According to one embodiment, module 114 may only receive data from server 110, or may receive data from a third party server 117. Module 114 may, for example, check whether received data corresponds to a pre-specified command.

For example, the command “elevator location notification” may be transmitted from the third-party server 117 to the module 114. The module 114 may confirm that the received command of “elevator location notification” is included in the command list already being managed. Accordingly, the module 114 may simply transmit the received “elevator location notification” command to the server 110. However, the server 110 may transmit the received “elevator location notification” command to the wall pad 101 of the corresponding household, and the wall pad 101 provides content notifying the elevator location based on the command. can do.

For example, malicious code may be transmitted from third-party server 117 to module 114. The module 114 may confirm that the received malicious code is not included in the command list that is already being managed. Accordingly, the module 114 can simply transmit the received malicious code to the server 110.

For example, the command “call elevator” may be transmitted only from server 110 to module 114. The module 114 may confirm that the received command “elevator call” is included in the command list already being managed. Accordingly, the module 114 may transmit the received “elevator call” command to the third-party server 117. The third-party server 117 may perform an operation to call an elevator to the corresponding household based on the received “elevator call” command.

For example, images captured with an in-house camera may be transmitted only from the server 110 to the module 114. The module 114 may confirm that the received image is not included in the command list that is already being managed. Accordingly, the module 114 may not transmit the received image to the third-party server 117. Accordingly, external leakage of information to be managed within the home network including the wall pad 101 can be prevented.

Meanwhile, it is an example that the module 114 operates only between the server 110 and the third-party server 117, and the present disclosure is not limited thereto. For example, module 114 may be coupled to wall pad 101 and server 110 and/or operate between wall pad 101 and server 110 only. For example, module 114 may pre-store and/or access types of data (e.g., types of commands) that can be transmitted and received between wall pad 101 and server 110. there is. In this case, the module 114 can simply check whether the data transmitted from the wall pad 101 to the server 110 is of a predefined type. Alternatively, the module 114 may simply check whether the data transmitted from the server 110 to the wall pad 101 is of a predefined type. If the data is of a predefined type, the module 114 can forward the received data. If the data is not of a predefined type, the module 114 may not transmit the received data. Meanwhile, there are no restrictions on where the module 114 is connected and/or operated. For example, the module 114 may be connected to and/or operate between the home appliance/control device 103 and the wall pad 101 . Accordingly, only data of a defined type can be transmitted and received between the home appliance/control device 103 and the wall pad 101, and transmission and reception of other types of data may be blocked. For example, module 114 may be coupled to and/or operate solely between server 110 and builder application 130. Accordingly, only data of a defined type can be transmitted and received between the server 110 and the constructor application 130, and transmission and reception of other types of data may be blocked.

FIG. 6B is a diagram for explaining a security system according to an embodiment.

In the embodiment of FIG. 6B, the module 114 may only relay communication between the server 110 and the third-party servers 117, and one module 114 may be used to relay communication between the server 110 and the third-party servers 117. Data can be transmitted and received with fields 117. For example, one module 114 may manage commands that can be processed by a plurality of third-party servers 117. Table 2 may be an example of a command for communication with a plurality of third-party servers 117, for example.

Third Party Server Identification Information code command Elevator Management Third Party Server 1001 elevator call 1010 Elevator location notification 1011 elevator emergency notification Courier Management Third Party Server 1001 Delivery arrival notification 1010 Delivery location inquiry

Those skilled in the art will understand that the above table is merely illustrative, that more types of commands may exist, and that some of Table 2 may not be supported. The above command can be processed by a plurality of third-party servers 117, and the number may be relatively small. Module 114 may store (or be accessible to) information about third-party server identification information and commands (e.g., a command list), for example, as shown in Table 2.

According to one embodiment, module 114 may only receive data from server 110, or may receive data from a third party server 117. Module 114 may, for example, check whether received data corresponds to a pre-specified command. For example, the module 114 refers to information such as Table 2 and determines whether the command corresponding to the third-party server that sent the data is included in the command list corresponding to the third-party server. , you can decide whether to send or receive data.

Figure 7 is a diagram for explaining a method of operating a security system according to an embodiment.

According to one embodiment, module 114 may receive first data from third party server 117. If included in a specific entity of module 114 (e.g., if module 114 is included only in server 110 and/or is executed only by server 110), module 117 The operation of can be understood as an operation by a specific entity. Module 114 may verify information in the received data, at operation 703. Module 114 may determine whether the identified information satisfies specified filtering conditions in operation 705. If the specified filtering condition is satisfied (705 - Yes), the module 114 may block the first data in operation 707. If the specified filtering condition is not satisfied (705-No), the module 114 may simply provide the first data to the server 110 in operation 709. For example, module 114 may only check data types defined between server 110 and third-party server 117. Module 114 may check whether the first data is included in (or corresponds to) a predefined data type. If the first data is not included in (or corresponds to) a predefined data type, the module 114 may determine that the filtering condition is satisfied and block the first data in operation 707. If the first data is included in (or corresponds to) a predefined data type, the module 114 determines that the filtering condition is not satisfied and simply provides the first data to the server 110 in operation 709. can do. Meanwhile, in FIG. 7, the determination of whether to transmit or receive data from the third-party server 117 to the server 110 by the module 114 is explained, but in a similar (or identical) manner to the module 114, Those skilled in the art will understand that whether to transmit or receive data from the server 110 to the third-party server 117 may be determined simply by this. In addition, as described above, those skilled in the art will understand that the module 114 is not defined only between the local server 110 and the third-party server 117, and that the module 114 may be defined among various entities. will be.

FIG. 8A is a diagram for explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 8A will be described with reference to FIG. 8B. Figure 8b is an example of a data format defined between two or more entities according to an embodiment.

According to one embodiment, module 114 may receive first data from third party server 117, in operation 801. Module 114 may parse designated data from the received first data, at operation 803 . For example, referring to FIG. 8B, data 820 may include a header area 821 and a payload area 822, but the structure of the data field is merely illustrative and there are no restrictions on its implementation form. Those skilled in the art will understand that there is no such thing. For example, the payload area 822 may include various types of designated commands (in the example of FIG. 8B, delivery-related information such as delivery notification, delivery number, long-term storage notification, etc.). Within the payload area 822, a portion containing information related to the type and/or instruction of the corresponding instruction may be defined between both entities in advance. The module 114 may, for example, parse only pre-designated portions of data. Module 114 may simply provide the parsed data to server 110, at operation 805. Accordingly, only at least a portion of the payload 821, rather than the entire data 820, may be transmitted to the server 110. At least part of the payload 821 here is not limited as long as it is an area containing instructions, for example.

Meanwhile, let us assume that malicious code is provided to the module 114 through the third-party server 117. The module 114 may parse at least a portion of the payload containing malicious code and transmit it to the server 110. In this case, only a portion of the malicious code can be selected and transmitted to the server 110, so the malicious code cannot be operated and security can be increased.

Figure 9 is a flowchart for explaining the operation of a security system according to an embodiment.

According to one embodiment, module 114 may only receive first data from server 110, in operation 901. For example, the user may operate the wall pad 101 to input an elevator call command. The wall pad 101 can simply transmit the command “call the elevator” to the server 110. Only the server 110 can be configured to transmit a command “call the elevator” to the third party server 177. Accordingly, the server 110 may transmit a command such as “call the elevator” to the third-party server 117 through the module 114. Accordingly, module 114 may only receive first data from server 110, as in operation 901.

According to one embodiment, module 114 may confirm information in the received first data in operation 903. In operation 905, the module 114 may check whether the first data is data permitted to be leaked externally. For example, the module 114 may pre-store or make accessible at least one directive defined between the server 110 and the third-party server 117. The module 114 may check whether the first data is included in at least one predefined command as whether the first data is data permitted to be leaked to the outside. Accordingly, when the first data is included in at least one predefined command, the first data can be confirmed as data permitted to be leaked to the outside. If the first data is not included in at least one predefined command, the first data may be confirmed as data that is not permitted to be leaked to the outside. If the first data is confirmed to be data permitted to be leaked externally (905 - Yes), the module 114 may provide the first data to the third party server 117 in operation 907. If the first data is confirmed to be data that is not permitted to be leaked to the outside (905-No), the module 114 may block the leak of the first data in operation 909.

If a command such as “elevator call” is received by the module 114, the module 114 determines that “elevator call” is only defined between the server 110 and the third-party server 117 for elevator management. You can check what is included in the commands. In this case, the module 114 may transmit an allowed “elevator call” command to the third-party server 117. If malicious code is installed in the wall pad 101, the wall pad 101 may transmit images captured by the in-house camera to the outside simply through the server 110. In this case, module 114 may simply receive images from server 110. In this case, the module 114 may confirm that the received image is not included in commands defined between the server 110 and the third-party server 117 for elevator management. In this case, the module 114 can block the leakage of images. Accordingly, through the module 114, only defined commands can be transmitted and received between the two entities, and transmission and reception of other commands or data can be blocked, thereby increasing security. This may be possible as the third-party server supports only a relatively small number of commands for a particular service.

Figure 10 is a flowchart explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 10 will be described with reference to FIG. 11. Figure 11 is an example of a data format according to one embodiment.

According to one embodiment, module 114 may only receive first data from server 110 in operation 1001. Module 114, in operation 1003, may parse the specified data from the first data. For example, referring to FIG. 11 , first data 1100 may include a header area 1101 and a payload area 1102. The designated area of the payload area 1102 may contain various types of instructions. For example, in the embodiment of FIG. 11, the payload area 1102 may include commands defined for a third-party server for parcel management, such as inquiring whether a parcel has been received or inquiring about the parcel number, but the types are It is merely illustrative. For example, the type of command and/or the part where its content is located within the payload 1102 may be predefined, and the module 114 may parse at least a portion of the corresponding area. Module 114 may determine, in operation 1005, whether the parsed specified data corresponds to at least some of the plurality of specified types. The plurality of designated types herein may be, for example, types that are predefined only between the server 110 and the third-party server 117. If the parsed designated data corresponds to at least some of the plurality of designated types (1005 - Yes), the module 114 may provide the designated data to the third party server 117 in operation 1007. If the parsed designated data does not correspond to at least some of the plurality of designated types (1005 - No), the module 114 may block data leakage in operation 1009.

If a command such as “delivery number inquiry” is received by the module 114, the module 114 only transmits “delivery number inquiry” between the server 110 and the third-party server 117 for parcel management. You can confirm that it corresponds to some of the defined types. In this case, the module 114 may transmit an allowed “elevator call” command to the third-party server 117. If malicious code is installed in the wall pad 101, the wall pad 101 may transmit images captured by the in-house camera to the outside simply through the server 110. In this case, module 114 may simply receive images from server 110. In this case, module 114 may parse some of the received images. The module 114 may confirm that the parsing result does not correspond to at least some of the types defined between the server 110 and the third-party server 117 for parcel management. In this case, the module 114 can block the leakage of images. Accordingly, through the module 114, only data of types corresponding to the types defined between the two entities can be transmitted and received, and transmission and reception of other commands or data can be blocked, thereby increasing security. You can.

Figure 12 is a diagram for explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 12 will be described with reference to FIG. 13. FIG. 13 is a diagram for explaining information associated with at least one hardware according to an embodiment.

According to one embodiment, the wall pad 101 and the home appliance device 103 may share information associated with at least one hardware in operation 1201. In one example, the wall pad 101 and the home appliance device 103 may share information associated with at least one hardware through communication. For example, referring to FIG. 13, information associated with at least one hardware corresponding to the wall pad 101 includes the serial number 1301 of the processor of the wall pad 101 and the serial number of the memory of the wall pad 101. It may include a number 1302 and/or a serial number 1303 of the communication circuit of the wall pad 101. In addition, those skilled in the art will understand that any information provided in connection with hardware, such as the hardware's MAC address and LAN port number, can be used. For example, the information associated with at least one hardware corresponding to the home appliance device 103 includes the serial number 1311 of the processor of the home appliance device 103, the serial number 1312 of the memory of the home appliance device 103, and / Or it may include the serial number 1313 of the communication circuit of the home appliance device 103. In addition, those skilled in the art will understand that any information provided in connection with hardware, such as the hardware's MAC address and LAN port number, can be used. In this case, the wall pad 101 and the home appliance 103 may share information through a secure information sharing method (for example, it may be DH, but there is no limit), but there are restrictions on the method. There is no Alternatively, the server 110 may only manage information associated with at least one hardware of the home appliance device 103 and/or the wall pad 101, and the server 110 may only manage the wall pad 101 and/or the home appliance. Information associated with at least one hardware may be provided to the device 103. In another example, the wall pad 101 and the home appliance device 103 may share information associated with at least one piece of hardware through another method rather than through communication. For example, the wall pad 101 may provide a UI that allows input of information related to at least one hardware of the home appliance device 103. The administrator may input information related to at least one piece of hardware through the UI of the wall pad 101, for example.

According to one embodiment, the wall pad 101 may generate a seed using at least some of the information associated with at least one hardware in operation 1203. In one example, wall pad 101 may use, for example, all of the information associated with at least one piece of hardware as a seed. In one example, the wall pad 101 may use, for example, information that changes all of the information associated with at least one piece of hardware as a seed. For example, the wall pad 101 may generate a seed by performing a modification algorithm, such as applying a hash function to all information. In one example, wall pad 101 may use, for example, a portion of all information associated with at least one piece of hardware as a seed. An algorithm for selecting part of all information associated with at least one piece of hardware may be stored in advance by, for example, the wall pad 101 and the home appliance device 103. For example, the algorithm may be an algorithm that selects a combination of even-numbered letters of all SNs. For example, the algorithm may be an algorithm that selects one of a plurality of SNs. For example, an algorithm may be possible to select a memory SN among processor SN, memory SN, and communication device SN, and there is no limitation. Alternatively, the algorithm may be an algorithm that selects some of the processor SNs, some of the memory SNs, and some of the communication device SNs and combines them. Meanwhile, the algorithm may be implemented dynamically. For example, if the memory SN is selected among the processor SN, memory SN, and communication device SN at the first time point, the communication device SN may be selected among the processor SN, memory SN, and communication device SN at the second time point. The wall pad 101 may generate the first OTP based on the seed in operation 1205, and there is no limit to the OTP generation method. In operation 1207, the wall pad 101 may encrypt plaintext, which is data to be transmitted, using the first OTP, and ciphertext may be generated. Meanwhile, those skilled in the art will understand that the above-described OTP generation is merely illustrative, and that there are no limitations to the method of generating a code for encryption in addition to the OTP.

According to one embodiment, the wall pad 101 may transmit the encrypted text to the home appliance device 103 in operation 1209. For example, the plain text could be “command to increase the boiler temperature by 3 degrees.” The ciphertext can be generated based on encryption using the code confirmed through the above-described process of the plaintext “command to increase the boiler temperature by 3 degrees.” The home appliance device 103 may generate a seed using at least some of the information associated with at least one hardware in operation 1211. In operation 1213, the home appliance device 103 may generate a first OTP based on the seed. In operation 1215, the home appliance device 103 may decrypt the encrypted text based on the first OTP. The process of the home appliance device 103 generating a seed and/or the process of generating the first OTP may be the same as the process performed by the wall pad 101. Accordingly, the home appliance device 103 can check the plain text “command for increasing the boiler temperature by 3 degrees.” The home appliance device 103 may perform an operation corresponding to the command.

On the other hand, the wall pad 101 may be implemented to transmit the first OTP and the command together to the home appliance device 103 instead of operating by encrypting a plaintext command using the first OTP. In this case, the home appliance device 103 may generate a first OTP. If the generated first OTP is the same as the first OTP received from the wall pad 101, the home appliance device 103 may perform an operation corresponding to the command. If the generated first OTP is not the same as the first OTP received from the wall pad 101, the home appliance device 103 may not perform an operation corresponding to the command. Accordingly, even if the hijacker accesses the wall pad 101 and inputs a “command to increase the boiler temperature by 20 degrees” and transmits it to the home appliance device 103, at least one piece of information related to hardware, a seed generation method, Unless the code generation method and/or encryption method is hijacked, unauthorized instructions cannot be executed. In particular, information associated with at least one hardware is written on the internal components of the wall pad 101 and/or the home appliance 103, and cannot be stolen online unless the corresponding components are disassembled offline. In addition, if the method of generating a seed, a method of generating a code, a method of generating a ciphertext, etc. are implemented dynamically, it is impossible for an unauthorized person to manipulate the wall pad 101 and the home appliance device 103. Meanwhile, in FIG. 12, the process of the wall pad 101 transmitting data to the home appliance device 103 has been described, but the home appliance device 103 may also transmit data to the wall pad 101, for details about this Those skilled in the art will understand that the above can be applied mutatis mutandis.

Meanwhile, in Figure 12, the data transmission, reception and processing method between the wall pad 101 and the home appliance 103 has been described, but the same data transmission, reception and processing method can also be used between the pairs of entities described in Figure 1. Those skilled in the art will understand that this may be done. For example, the data transmission/reception and processing method described in FIG. 12 may be applied even between the wall pad 101 and the server 110. For example, the data transmission, reception and processing method described in FIG. 12 can be applied only between the server 110 and the third-party server 117. For example, the data transmission/reception and processing method described in FIG. 12 may be applied only between the server 110 and the manager device 115.

Figure 14 is a flowchart explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 14 assumes that this is performed by, for example, the wall pad 101. Meanwhile, as described above, those skilled in the art will understand that the embodiment of FIG. 14 may also be performed by the home appliance device 103 exchanging data with the wall pad 101. In addition, since there is no limitation on the type of entity, those skilled in the art will understand that the embodiment of FIG. 14 may be performed only by the server 110, the third-party server 117, and/or the administrator device 115. .

According to one embodiment, the wall pad 101 may obtain information associated with at least one hardware in operation 1401. For example, the wall pad 101 assumes that information related to at least one hardware of the home appliance device 103 has been acquired. The wall pad 101 may select any one of at least one hardware in operation 1403. For example, the wall pad 101 may select at least one of the processor, memory, and/or communication module of the home appliance device 103. For example, the wall pad 101 may select one piece of hardware. For example, the wall pad 101 may select a plurality of pieces of hardware, which will be described in more detail later. For example, the selection method may be implemented by selecting specific hardware. For example, the selection scheme may be implemented dynamically, in which case the selected hardware may change. The wall pad 101 may generate a seed based on information about the selected hardware in operation 1405. For example, the wall pad 101 may select the SN of the memory of the home appliance device 103 and generate a seed based on the SN of the selected memory. In one example, the wall pad 101 may use the SN of the selected memory as a seed. In one example, the wall pad 101 may select at least some of the SNs of the selected memory and use them as seeds. In one example, the wall pad 101 may obtain the seed by applying a change algorithm (eg, hash function, etc.) to the SN of the selected memory. There are no restrictions on how to generate a seed based on information associated with the selected hardware.

Meanwhile, in the above description, a method in which the wall pad 101 generates a seed using at least one hardware information of the other home appliance device 103 has been described, but this is an example. The wall pad 101 may generate a seed using at least one piece of hardware information, and in this case, it may transmit the at least one piece of hardware information to the home appliance device 103. In another example, the wall pad 101 may initially refer to both its own at least one hardware information and at least one hardware information of the other home appliance device 103. For example, the wall pad 101 has the SN of its processor, the SN of its memory, the SN of its communication device, the SN of the processor of the home appliance device 103, the SN of the memory of the home appliance device 103, Any one of the SNs of the communication device of the home appliance device 103 may be selected.

Figure 15 is a flowchart explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 15 assumes that this is performed by the wall pad 101, for example. Meanwhile, as described above, those skilled in the art will understand that the embodiment of FIG. 15 may also be performed by the home appliance device 103 exchanging data with the wall pad 101. In addition, since there is no limitation on the type of entity, those skilled in the art will understand that the embodiment of FIG. 15 may be performed only by the server 110, the third-party server 117, and/or the administrator device 115. .

According to one embodiment, the wall pad 101 may obtain information associated with at least one hardware in operation 1501. For example, the wall pad 101 assumes that information related to at least one hardware of the home appliance device 103 has been acquired. The wall pad 101 may select a plurality of hardware from at least one hardware in operation 1503. For example, the wall pad 101 may select a plurality of processors, memory, and/or communication modules of the home appliance device 103. For example, the selection method may be implemented by selecting specific hardware. For example, the selection scheme may be implemented dynamically, in which case the selected hardware may change. The wall pad 101 may generate a seed based on information about the selected hardware in operation 1505. For example, the wall pad 101 may select the SN of the memory of the home appliance device 103 and the SN of the communication device, and may generate a seed based on the SN of the selected memory and the SN of the communication device. In one example, the wall pad 101 may use the SN of the selected memory and the SN of the communication device as the seed. In one example, the wall pad 101 may select at least some of the SN of the selected memory and the SN of the communication device and use them as seeds. In one example, the wall pad 101 may obtain the seed by applying a change algorithm (e.g., a hash function, etc.) to the SN of the selected memory and the SN of the communication device. There are no restrictions on how to generate a seed based on information associated with the selected hardware.

Meanwhile, in the above description, a method in which the wall pad 101 generates a seed using a plurality of pieces of hardware information of the other home appliance device 103 has been described, but this is an example. The wall pad 101 may generate a seed using at least one piece of hardware information, and in this case, it may transmit the at least one piece of hardware information to the home appliance device 103. In another example, the wall pad 101 may initially refer to both its own at least one hardware information and at least one hardware information of the other home appliance device 103. For example, the wall pad 101 has the SN of its processor, the SN of its memory, the SN of its communication device, the SN of the processor of the home appliance device 103, the SN of the memory of the home appliance device 103, A plurality of SNs of communication devices of the home appliance device 103 may be selected.

Figure 16 is a flowchart explaining a method of operating a security system according to an embodiment. The embodiment of FIG. 16 assumes that this is performed by the wall pad 101, for example. Meanwhile, as described above, those skilled in the art will understand that the embodiment of FIG. 16 may also be performed by the home appliance device 103 exchanging data with the wall pad 101. In addition, since there is no limitation on the type of entity, those skilled in the art will understand that the embodiment of FIG. 16 may be performed only by the server 110, the third-party server 117, and/or the administrator device 115. .

According to one embodiment, the wall pad 101 may obtain information associated with at least one hardware in operation 1601. In operation 1603, the wall pad 101 may confirm a seed generation rule that generates a seed from information associated with at least one hardware. In one example, the seed generation rule may be selected from a plurality of seed generation rules. In one example, seed generation rules may be determined according to dynamic parameters (e.g., current time), for example. For example, the seed generation rule is the “n”th, “n+1”th, … in the information associated with at least one hardware. , may be selecting a combination of “n+k”th characters, and n may be a dynamic parameter that can be generated based on the current time, and various dynamic seed generation rules may be possible in addition to this example. In operation 1605, the wall pad 101 may generate a seed based on information associated with at least one hardware, based on a confirmed seed generation rule.

17A to 17D are diagrams for explaining a security system according to an embodiment.

As shown in FIG. 17A, according to one embodiment, the home appliance/control device 103a may be connected by wire to the first terminal 1701 of the wall pad 101. For example, the wired interface may be RS 485, but there is no limitation on the type. The home appliance/control device 103a may be connected by wire to the home appliance/control device 103b, and the home appliance/control device 103b may be connected by wire to the home appliance/control device 103c. /The control device 103c may be connected to the second terminal 1702 of the wall pad 101 by wire. Accordingly, the home appliances/control devices 103a, 103b, and 103c may be connected to the wall pad 101 by forming a loop.

As shown in FIG. 17B, according to one embodiment, the home appliances/control devices 103a, 103b, and 103c may be directly wired to the wall pad 101 in a 1:1 manner, rather than in a loop. For example, home appliances/control devices 103a, 103b, and 103c may be connected to the wall pad 101 through an interface such as RS 485 or another interface.

17A and/or 17B, the wall pad 101 and the home appliances/control devices 103a, 103b, and 103c may communicate by wire. For example, those skilled in the art will understand that a packet for a wire may include a code and/or ciphertext generated based on a seed generated based on the process described above.

As shown in FIG. 17C, according to one embodiment, home appliances/control devices 103a and 103b may communicate wirelessly with the wall pad 101. For example, the home appliances/control devices 103a and 103b may be implemented in various ways, such as the wall pad 101 and Bluetooth (e.g., basic rate/enhanced data rate/low energy, etc., but there is no limitation) ), NFC, Zig-bee, thread, UWB, Wifi-direct, etc. Communication can be performed based on various standards, but there are no restrictions on the method. Accordingly, a wireless home network including the wall pad 101 may be configured, and the controller (or group owner) of the wireless home network may be, for example, the wall pad 101, but is not limited to other home networks. The network controller (or group owner) may include the above home network as a sub-home network.

Alternatively, as shown in FIG. 17D, the wall pad 101 may be replaced with the in-house home appliance/control device 103a as well as the smart phone 1740 (or tablet, wearable electronic device, etc., there is no limitation) ) can also communicate wirelessly. For example, the smart phone 1740 may provide a UI for controlling the wall pad 101 and/or the home appliance/control device 103a. When a control command for the wall pad 101 and/or the home appliance/control device 103a is input through the UI, the smart phone 1740 sends the corresponding control command to the wall pad 101 and/or the home appliance/control device 103a. It can be provided as (103a). For example, the smart phone 1740 may provide a control command to the wall pad 101, and the wall pad 101 may provide the control command to the home appliance/control device 103a. For example, the smart phone 1740 may directly provide a control command to the home appliance/control device 103a.

17C and/or 17D, the wall pad 101, the home appliances/control devices 103a, 103b, and 103c, and/or the smart phone 1740 may communicate wirelessly. For example, those skilled in the art will understand that a packet for wireless may include a code and/or ciphertext generated based on a seed generated based on the process described above.

According to one embodiment, a security system for security of an apartment complex includes a plurality of wall pads included in each of a plurality of households included in the apartment complex, and only a server operatively connected to the plurality of wall pads. , and a module operatively connected to the complex server. A first wall pad among the plurality of wall pads corresponding to a first generation among the plurality of generations may include a first processor and a first communication circuit operatively connected to the first processor. The complex server may include a second processor and a second communications circuit operatively coupled to the second processor. The first processor obtains a first command for at least one of at least one third-party server connected to the complex server, and transmits first information associated with the first command to the complex through the first communication circuit. It can be set to transmit to the server. The second processor receives first information associated with the first command from the wall pad through the second communication circuit and, based on the first information, sends a message to a third-party server associated with the first command. The corresponding module may be identified, and second information associated with the first command may be transmitted to the module. The module may be configured to transmit a designated portion of the second information to the third party server associated with the first command.

According to one embodiment, the designated part of the second information may be a part allocated for the first command.

According to one embodiment, the designated portion of the second information may be identified based on the third server.

According to one embodiment, the module includes a plurality of sub-modules, each corresponding to a plurality of third-party servers, and one of the plurality of sub-modules corresponds to the third-party server associated with the first command. A first sub-module may be configured to transmit a designated portion of the second information to the third-party server associated with the first command.

According to one embodiment, the module may be further configured to identify the third-party server associated with the first command.

According to one embodiment, the module may be further configured to receive third-party information from the third-party server and transmit a designated portion of the third-party information to the complex server. The second processor may be further configured to obtain a designated portion of the third information and transmit fourth information corresponding to the designated portion of the third information to the wall pad through the second communication circuit. .

According to one embodiment, a security system for security of an apartment complex includes a plurality of wall pads included in each of a plurality of households included in the apartment complex, and only a server operatively connected to the plurality of wall pads. , and a module operatively connected to the complex server. A first wall pad among the plurality of wall pads corresponding to a first generation among the plurality of generations may include a first processor and a first communication circuit operatively connected to the first processor. The complex server may include a second processor and a second communications circuit operatively coupled to the second processor. The first processor obtains a first command for at least one of at least one third-party server connected to the complex server, and transmits first information associated with the first command to the complex through the first communication circuit. It can be set to transmit to the server. The second processor receives first information associated with the first command from the wall pad through the second communication circuit and, based on the first information, sends a message to a third-party server associated with the first command. It may be configured to identify the corresponding module and transmit second information associated with the first command to the module. The module determines whether to transmit the second information to the server, and, based on confirmation that the second information will be transmitted to the server, sends at least some of the second information to the first command and It can be set to transmit to an associated third party server.

According to one embodiment, the module, at least as part of the operation of checking whether to transmit the second information to the third-party server associated with the first command, supports a third-party server associated with the first command. It may be set to check whether at least part of the second information is included in at least one command.

According to one embodiment, the module, based on at least one command supported by a third-party server associated with the first command does not include at least a portion of the second information, at least a portion of the second information may be further configured to refrain from transmitting to a third party server associated with the first command.

According to one embodiment, the module may be further configured to identify at least one command supported by a third-party server associated with the first command among a plurality of commands supported by a plurality of third-party servers. You can.

According to one embodiment, the module includes a plurality of sub-modules, each corresponding to a plurality of third-party servers, and one of the plurality of sub-modules corresponds to the third-party server associated with the first command. The first sub-module may be configured to check whether to transmit the second information to the complex server.

According to one embodiment, the module is configured to receive third information from the third-party server, determine whether to transmit the third information to the terminal server, and transmit the third information to the terminal server. Based on confirmation that it is, at least some of the third information may be set to be transmitted to the server.

According to one embodiment, between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex The operating method of the connected module includes receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads, among the at least one third-party server, the An operation of confirming a third-party server corresponding to a first command, an operation of confirming some of the first information based on a third-party server corresponding to the first command, and some of the first information, It may include transmitting to a third-party server corresponding to the first command.

According to one embodiment, between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex The operating method of the connected module includes receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads, among the at least one third-party server, the An operation of checking a third-party server corresponding to a first command, based on the first information, whether the first command is included in at least one command supported by the third-party server corresponding to the first command. An operation of confirming, and based on the first command being included in the at least one command supported by a third-party server corresponding to the first command, matching some of the first information to the first command. It may include transmitting to a third party server.

Claims (14)

In a security system for security of an apartment complex,
a plurality of wall pads included in each of a plurality of households included in the apartment complex;
a complex server operatively connected to the plurality of wall pads; and
A module operatively connected to the complex server
Including,
A first wall pad among the plurality of wall pads corresponding to the first generation among the plurality of generations,
first processor; and
a first communications circuit operably coupled to the first processor;
The above complex server,
second processor; and
a second communications circuit operably coupled to the second processor;
The first processor:
Obtain a first command for at least one of at least one third party server connected to the complex server, and
configured to transmit first information associated with the first command to the complex server through the first communication circuit,
The second processor:
Receiving first information associated with the first command from the wall pad through the second communication circuit,
Based on the first information, identify the module corresponding to a third-party server associated with the first command,
transmit second information associated with the first command to the module;
The above modules:
A security system configured to transmit a designated portion of the second information to the third party server associated with the first command. According to claim 1,
A security system wherein the designated portion of the second information is a portion allocated for the first command. According to claim 1,
A security system wherein the designated portion of the second information is identified based on the third server. According to claim 1,
The module includes a plurality of sub-modules corresponding to each of a plurality of third-party servers,
A first sub-module corresponding to the third-party server associated with the first command among the plurality of sub-modules is configured to transmit a designated portion of the second information to the third-party server associated with the first command. Security system. According to claim 1,
The module is,
The security system further configured to identify the third party server associated with the first command. According to claim 1,
The above modules:
Receiving third party information from said third party server,
further configured to transmit a designated portion of the third information to the complex server,
The second processor:
Obtaining a designated portion of the third information,
The security system is further configured to transmit fourth information corresponding to a designated portion of the third information to the wall pad through the second communication circuit. In a security system for security of an apartment complex,
a plurality of wall pads included in each of a plurality of households included in the apartment complex;
a complex server operatively connected to the plurality of wall pads; and
A module operatively connected to the complex server
Including,
A first wall pad among the plurality of wall pads corresponding to the first generation among the plurality of generations,
first processor; and
a first communications circuit operably coupled to the first processor;
The above complex server,
second processor; and
a second communications circuit operably coupled to the second processor;
The first processor:
Obtain a first command for at least one of at least one third party server connected to the complex server, and
configured to transmit first information associated with the first command to the complex server through the first communication circuit,
The second processor:
Receiving first information associated with the first command from the wall pad through the second communication circuit,
Based on the first information, identify the module corresponding to a third-party server associated with the first command,
transmit second information associated with the first command to the module;
The above modules:
Confirm whether to transmit the second information to the complex server,
A security system configured to transmit at least some of the second information to a third party server associated with the first command based on confirmation that the second information will be transmitted to the server. According to claim 7,
The module, at least as part of the operation of confirming whether to transmit the second information to a third party server associated with the first command,
A security system configured to check whether at least a portion of the second information is included in at least one command supported by a third party server associated with the first command. According to claim 8,
The above modules:
Based on at least one command supported by a third-party server associated with the first command not including at least a portion of the second information, a third party associated with the first command of at least a portion of the second information A security system further configured to refrain from transmitting to the server. According to claim 8,
The above modules:
A security system further configured to identify at least one command supported by a third-party server associated with the first command among a plurality of commands supported by a plurality of third-party servers. According to claim 7,
The module includes a plurality of sub-modules corresponding to each of a plurality of third-party servers,
A security system wherein a first sub-module corresponding to the third-party server associated with the first command among the plurality of sub-modules is configured to check whether to transmit the second information to the server. According to claim 7,
The above modules:
Receiving third party information from said third party server,
Confirm whether to transmit the third information to the complex server,
A security system configured to transmit at least some of the third information to the server, based on confirmation that the third information will be transmitted to the server. A method of operating a module connected between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex In
Receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads;
identifying a third-party server corresponding to the first command among the at least one third-party server;
Confirming some of the first information based on a third-party server corresponding to the first command; and
An operation of transmitting some of the first information to a third-party server corresponding to the first command
An operation method comprising: A method of operating a module connected between a complex server configured to manage a plurality of wall pads included in each of a plurality of households included in an apartment complex, and at least one third-party server for at least one service of the apartment complex In
Receiving first information associated with a first command provided through the server from a first wall pad among the plurality of wall pads;
identifying a third-party server corresponding to the first command among the at least one third-party server;
Based on the first information, determining whether the first command is included in at least one command supported by a third party server corresponding to the first command; and
Based on the first command being included in the at least one command supported by the third-party server corresponding to the first command, some of the first information is sent to the third-party server corresponding to the first command. the action of sending
An operation method comprising:

Images