937903 兒明: 【發明所屬之技術領域】 本發明係有關於一種資料處理技術,更詳而言之,係 有關於一種應用於通訊網路中之遠端視訊監控管理系統。 【先前技術】 冑著個人對於生活隱私及對安全的重視,以及如遠端 網際網路或區域網路等網路通訊系統,與如個人電腦、行 動電話等通訊終端裝置軟硬體技術與效能及效能的提 ❹升4吏用者已...工可以透過網路通訊系統執行遠端的環境狀 況的監控’並可進-步透過網路通訊系統傳輸視訊信息, 關懷家人的作息情形。 具體β之,使用者可以在家中裝設網路監視裝置,如 網路攝像鏡頭(network camera),該網路攝像鏡頭可以 直?連接至網路通訊系統,或先連接至家中的個人電腦, 再藉由該個人電腦連接至網路通訊系統。由於網路攝像鏡 頭或個人電腦本身具有特定的Ip位址。故不在家中的使 ❿用者可以透過另外一台具有網路通訊功能的個人電腦、筆 2 3L电腦或行動電話,先與網路通訊系統取得連結,再連 至則述特疋之I p位址,即可從遠端取得網路攝像鏡頭 所擷取到的影像或聲音訊息。 上述習知之安全監控技術固然可以讓使用者從遠端 ^得即時的環境狀況、甚至家人之作息情形 ,提供使用者 •^控的便利性’惟習知之安全監控技術仍具有以下的 缺點需要改進。 5 110707 200937903 -針對網路安全而言,遠端視訊監控管理系統係 用以監視被特定區域的環境狀態,通常會涉及被監視區域 2用者之隱私。習知的遠端視訊監控管理系統僅以帳號與 密碼作為使用者權限認定機制。請參閲第丨圖所示,因為 _ $經授權的使用者會通過網際網路利用網際網路通訊協 •定(Internet Protoco1,IP)掃描及埠(Port)掃描的方 式找出可例如為1P攝影機(IP Camera; IP cam)之網 路血視裝置的ip與p〇rt,再使用帳號與密碼產生器登入 ❹,,罔路監視裝置’進而取得應僅有被授權之用戶端所能取得 之錄影監視資料。 八人針對頻見使用而言,習知的遠端視訊監控管理 =所使用之網路錄影監控,僅會使用現有連線網路的頻937903 CHILDREN: TECHNICAL FIELD OF THE INVENTION The present invention relates to a data processing technique and, more particularly, to a remote video surveillance management system for use in a communication network. [Prior technology] Focus on personal privacy and security, as well as network communication systems such as remote Internet or regional networks, and hardware and software technologies and performances such as personal computers and mobile phones. And the improvement of performance 4 users have been able to perform remote environmental monitoring through the network communication system' and can further transmit video information through the network communication system to care for the family's work schedule. Specifically, users can install a network monitoring device at home, such as a network camera. Can the network camera lens be straight? Connect to a network communication system, or connect to a personal computer at home, and connect to the network communication system through the personal computer. Since the webcam or PC itself has a specific IP address. Therefore, users who are not at home can use the personal computer with network communication function, pen 2 3L computer or mobile phone to connect with the network communication system first, and then connect to the I p bit. Address, you can get the image or sound message captured by the webcam from the far end. The above-mentioned conventional security monitoring technology can enable the user to obtain the convenience of the user from the remote environment, and even the family's work situation. However, the security monitoring technology of the prior art still has the following disadvantages and needs to be improved. . 5 110707 200937903 - For network security, the far-end video surveillance management system is used to monitor the state of the environment in a particular area, usually involving the privacy of the user in the monitored area. The known far-end video surveillance management system only uses the account number and password as the user authority identification mechanism. Please refer to the figure below, because _ $ authorized users will use the Internet Protocol (Internet Protoco1, IP) scanning and port scanning to find out through the Internet. 1P camera (IP Camera; IP cam) ip and p〇rt of the network blood device, and then use the account and password generator to log in, the network monitoring device' and then only the authorized user can Video surveillance data obtained. Eight people for the frequency of use, the known remote video surveillance management = network video surveillance used, only the frequency of the existing connection network
St成ί所,加的網路功能,而不加以考量用戶端的網 仃…右連線網路之頻寬是網路錄影監控專用,則 ,端:顧!網路頻寬問題,若網路頻寬是共用的,則當用 二控時,即會與位於遠端之用戶端及/或網 ❾、甬二替 端的如檔案傳輸協定之網路應用、點對點 通δ孔傳輸工具(peer_t〇 搶佔頻寬。此外m土山’ ㈠夺通訊軟體相互 8個以田 i知的逖鳊視訊監控管理系統大都支援 1:=/端執行遠端監控,但若遠端視訊監控管理 =使用較低的網路頻寬’則上述頻寬不足的問題會更加 再者’就設備定址而論’習知 統的網路監視褒置係採用浮動式IP,並利= 110707 6 200937903 ^ ^ ------訊協議(P〇int-to-P〇int Protocol overSt into the ί, add the network function, without considering the network of the client... The bandwidth of the right-connection network is dedicated for network video surveillance, then, end: Gu! Network bandwidth problem, if the network bandwidth is shared, when the second control is used, it will be applied to the network application such as the file transfer protocol of the remote user and/or the network and the second end. Point-to-point δ hole transmission tool (peer_t〇 preemption bandwidth. In addition, m Tushan' (1) wins communication software. 8 以 i 知 知 知 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 大 执行 执行 执行 执行 执行 执行End-Video Monitoring Management = Use Lower Network Bandwidth' The above-mentioned problem of insufficient bandwidth will be even more "in terms of device addressing", the network monitoring system of the system is based on floating IP, and 110707 6 200937903 ^ ^ ------ Protocol (P〇int-to-P〇int Protocol over
Ethernet,PPPoE)等之網路撥號程式連接至網際網路。 但即使網路監視裝置連上網路,遠端的用戶端仍然無法得 知忒網路監視裝置的IP與p〇rt ,致無法從遠端連線取 •得網路監視裝置之錄影監視資料。習知的解決方法就是使 用動態域名名稱伺服器(Dynamic Domain Name Server, DMS)的機制來解決這個問題,但因為DMS無標準,所 以不同廠牌的網路監視裝置所使用的DMS機制可能會有 ❹差異。因此,如果用戶端擁有不同廠牌的網路監視裝置, 將會造成同時使用多個不同的DDNS登入機制而產生管理 不易的問題。另外,當網路監視裝置廠商對於⑽奶不再 提供維護或維護緩慢時,使用者可能必須更換網路監視裝 置。 綜上所論,如何能夠提供一種能兼顧網路安全、頻寬 使用及設備定址之遠端視訊監控管理系統,遂成為目前亟 待解決的課題。 ❹【發明内容】 為解決前述習知技術之種種缺失’本發明之遠端視訊 監控管理系統,透過專用通道連接方式連結資訊處理平台 與網路監視裝置’故能解決網路安全、頻寬使用及設備定 址之問題。 此外本發明之遠端視訊監控管理系統,復結合靜態 與動態之授權驗證機制’提供通過授權驗證之使用者在授 權期間内,能透過通訊終端裝置連結至資訊處理平台,以 110707 7 200937903 …-平台取得或接收監控訊息資料,故能更進一步 地解決網路安全之問題。 本發明之-種遠端視訊監控管理系統,係應用於通訊 中其包括.網路監視裝置,具有第一隧道連結模組, =路監視裝置係用以擷取類比或數位的影像及/或聲音 並將該類比或數位的影像及/或聲音訊號轉換成數 且能接收透過該通訊網路所傳輸之控制訊號,並 :该控制訊號及/或排程執行至少包括開啟及關閉類比 二位的影像及/或聲音擷取、遠近影像擷取焦距的調 正二網路監視裝置本體移動之運作;資訊處理平台,係具 ^貝料庫以及第—隨道連結模組’該資訊處理平台係用以 收及網路監視裝置透過該通訊網路所傳輸之數位訊 4並將该數位訊號予以處理並儲存至該資料庫;以及通 訊終端裝置’係具有網路通訊、資料處理、資料輸入與顯 丁力月b而藉由该通訊網路與該資訊處理平台相互連έ士, 二透過該資訊處理平台存取及/或顯示該資料庫中之^位 :凡號貝料,且能接收所輸入之控制訊號及/或排程資料, 並藉由該通訊網路將該控制訊號資料傳輸至該資訊處理 平台’以令該資訊處理平台依據該控制訊號資料產生該控 制訊號,再藉由該通訊網路控制該網路監視裝置之運7 其中’該第-隨道連結模組係用以與該第二隨道連結模組 透過隨道協定相互連結,用以提供該網路監視裝置與該 訊處理平台間建立資料傳輸的專用通道。 、Λ 於另一種型態中,本發明之遠端視訊監控管理系統之 110707 8 200937903 i ::::: 復包括安全管理模組’係用以認證該網路 監視瓜置及/或通訊終端震置是否具有連結至 平台:權限。較佳者,安全管理模組復包括媒體存取控制 =址减別偷、使用者身分識職組及/或存取期限安全 管理模組.。 於又-種型態中’本發明之遠端視訊監控管理系統, 復包括至少一個環境積測單元 % ’、 路貞測單元係與該網 路監視裝置相互連結’用以將所俄測到之環境事件訊 〇輸至该網路監視裝置,並藉由該網路監視 網路傳輸至該資訊處理平台,再由該資訊處理平 =件訊息轉換成安全通報訊息儲存至該資料庫,並透過 6玄通δί1網路傳輸至該通訊終端裝置。 ▲於再-種型態中,本發明之遠端視訊監控管 戎身訊處理平台復包括用戶資料管 ”、 ^ Λ 模組判斷出該通訊終端裝置具有使用權限 ❹用戶透過該通訊終端裝置進行用戶資料之管理及 於又再一種型態中,本發明之遠端視訊監控 裝置具有監控切換模組,係用以開啟或關閉 /、,祠路監視裂置透過該通訊網路所傳輸數位訊號至該 讯處理平台之功能。 人 =較於習知之視訊遠端管理技術,本發明之遠端視訊 =二理系統’除能透過中央㈣之資訊處理平台處理與 子女全事件訊息,並產生相對應之安全監控訊息資料及 110707 9 200937903 ____________&、,以提供使用者透過資訊處理平台取得或接 收安全監控訊息資料、接收來自資訊處理平台之通報訊息 外,復能透過專用通道連接方式連結資訊處理平台與網路 監視裝置,並於安全監控訊息資料及安全通報訊息傳輸的 過程中進行加密保護,故能解決網路安全、頻寬使用及設 備定址之問題。 〇 此外,本發明之遠端視訊監控管理系統復結合靜態與 動態之授權驗證機制,提供通過授權驗證之使用者在授權 期間内,透過通訊終端裝置連結至資訊處理平台,以由資 訊處理平台取得或接收監控訊息資料,故能更進一步地解 決網路安全之問題。 再者,本發明之遠端視訊監控管理系統亦能提供使用 者選擇性的啟閉網路監控裝置與資訊處理平台間的連 結,並能搭接具有訊號傳輸功能之網路監視裝置,並與門 禁監控機制及/或會影響安全之氣體、煙霧或溫度之偵測 機制相結合,以達到完整安全監控之目的。 Q 【實施方式】 以下係藉由特定的具體實施例說明本發明之實施方 式,熟悉此技藝之人士可由本說明書所揭示之内容輕易地 瞭解本發明之其他優點與功效。本發明亦可藉由其他不同 的具體實施例加以施行或應用,本說明書中的各項細節亦 可基於不同觀點與應用,在不悖離本發明之精神下進行各 種修飾與變更。 第一實施例: 10 110707 200937903 〜 …1弟1圖,其係本發明之遠端視訊監控管理系统 之第一實施例的應用架構示意圖。如圖所示,本發明之遠 端視訊監控管理系統包括網路監視裝置u、資訊處理= 台12以及通訊終端裝置13,於本實施例中,本發明之遠 端視訊監控管理系統係應用於通訊網路2中,通訊網路1 可例如為有線或無線之網際網路或企業間網路,或第二Network dialers such as Ethernet, PPPoE) are connected to the Internet. However, even if the network monitoring device is connected to the network, the remote client cannot know the IP and p〇rt of the network monitoring device, so that the video monitoring data of the network monitoring device cannot be obtained from the remote connection. The conventional solution is to use the Dynamic Domain Name Server (DMS) mechanism to solve this problem, but because the DMS has no standards, the DMS mechanism used by network monitoring devices of different brands may have ❹ Differences. Therefore, if the client has a network monitoring device of a different brand, it will cause a problem that it is not easy to manage by using multiple different DDNS login mechanisms at the same time. In addition, when the network monitoring device manufacturer no longer provides maintenance or maintenance to (10) milk, the user may have to replace the network monitoring device. In summary, how to provide a remote video surveillance management system that can balance network security, bandwidth usage and device addressing has become a problem to be solved.发明 发明 发明 为 为 为 为 为 为 为 为 为 ' ' ' ' ' ' ' ' ' ' 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端 远端And the problem of device addressing. In addition, the remote video monitoring management system of the present invention combines a static and dynamic authorization verification mechanism to provide a user who passes the authorization verification and can connect to the information processing platform through the communication terminal device during the authorization period, to 110707 7 200937903 ...- The platform obtains or receives monitoring information, so it can further solve the problem of network security. The remote video monitoring management system of the present invention is applied to communications, including a network monitoring device, having a first tunnel connection module, and the channel monitoring device is used for capturing analog or digital images and/or The sound converts the analog or digital image and/or audio signal into a number and can receive a control signal transmitted through the communication network, and the control signal and/or scheduling execution includes at least turning on and off the analog two-bit image. And/or sound capture, remote and near image capture focus adjustment, two network monitoring device body movement operation; information processing platform, system ^ bei library and the first-channel connection module 'this information processing platform is used Receiving the digital signal transmitted by the network monitoring device through the communication network and processing and storing the digital signal to the database; and the communication terminal device has network communication, data processing, data input and display b. The communication network and the information processing platform are connected to each other by a gentleman, and the information processing platform accesses and/or displays the information in the database: Receiving the input control signal and/or scheduling data, and transmitting the control signal data to the information processing platform by the communication network to enable the information processing platform to generate the control signal according to the control signal data, and then borrow Controlling the network monitoring device by the communication network, wherein the 'the first-way connection module is used to interconnect with the second-way connection module through the routing agreement to provide the network monitoring device A dedicated channel for establishing data transmission with the processing platform. In another type, the 110707 8 200937903 i ::::: includes a security management module of the remote video surveillance management system of the present invention is used to authenticate the network monitoring and/or communication terminal. Whether the shock has a link to the platform: permissions. Preferably, the security management module includes media access control = address reduction, user identity group and/or access period security management module. In the further type, the remote video monitoring management system of the present invention includes at least one environmental integration unit % ', and the road detection unit is interconnected with the network monitoring device' to detect the Russian The environmental event message is transmitted to the network monitoring device, and transmitted to the information processing platform by the network monitoring network, and then the information processing flat message is converted into a safety notification message and stored in the database, and It is transmitted to the communication terminal device through the 6 Xuantong δί1 network. ▲ In the re-type, the remote video monitoring tube of the present invention includes a user data tube, and the 模组 module determines that the communication terminal device has the use authority, and the user performs the communication terminal device. Management of user data and in yet another form, the remote video monitoring device of the present invention has a monitoring switching module for turning on or off/, and the circuit monitoring transmits a digital signal transmitted through the communication network to The function of the processing platform is as follows: Compared with the remote video management technology of the prior art, the far-end video=secondary system of the present invention can handle the event information of the child through the central (4) information processing platform, and correspondingly The security monitoring information and 110707 9 200937903 ____________&, to provide users with access to or receiving security monitoring information through the information processing platform, receiving notification messages from the information processing platform, and re-connecting the information processing platform through dedicated channel connection With the network monitoring device, and the security monitoring message data and security notification message transmission The encryption protection is used to solve the problems of network security, bandwidth usage and device addressing. In addition, the remote video monitoring management system of the present invention combines a static and dynamic authorization verification mechanism to provide users who pass the authorization verification. During the authorization period, the communication terminal device is connected to the information processing platform to obtain or receive the monitoring message data by the information processing platform, so that the problem of network security can be further solved. Furthermore, the remote video monitoring management of the present invention The system can also provide users with a selective connection between the network monitoring device and the information processing platform, and can connect the network monitoring device with signal transmission function, and the access control mechanism and/or the gas that will affect safety. , smoke or temperature detection mechanism is combined to achieve the purpose of complete safety monitoring. Q [Embodiment] Hereinafter, embodiments of the present invention will be described by way of specific embodiments, and those skilled in the art can be disclosed by the present specification. Other advantages and effects of the present invention are readily understood by the present disclosure. Various modifications and changes can be made without departing from the spirit and scope of the invention, and various modifications and changes can be made without departing from the spirit and scope of the invention. The first embodiment: 10 110707 200937903 〜 1D1, which is a schematic diagram of an application architecture of a first embodiment of the remote video monitoring management system of the present invention. As shown, the remote video monitoring management system of the present invention includes a network monitoring device, and information processing. = the station 12 and the communication terminal device 13. In the embodiment, the remote video monitoring management system of the present invention is applied to the communication network 2, and the communication network 1 can be, for example, a wired or wireless internet or an inter-enterprise network. Or second
(2G)、GPRS、第三代(3G)、Max、CDMA、WCDMA 或 PHS ο 系統之無線電話通訊網路。本實施例係以網際網路為 以說明。 ^網路監視裝置u具有第—隨道連結模组ιη,網路 監視裝置11係用以操取類比影像及/或聲音訊號,並將類 比影像及/或聲音訊號轉換成數位訊號,且能接收透過通 賴路2所傳輸之控制訊號,並依據控制訊號及/或排程 執灯至少包括開啟或關閉類比影像及/或聲音擷取之運 作。 ο 更具體言之,網路監視裝置11係具有網路連結功能 且具有特定網路位址之影像及/或聲音掘取裝置,更且體 言之’係透過如CCD或CMOS等具有鏡頭之影像擷取單元 擷取影像,並透過麥克風等聲音截取單元接收聲音。 其次,網路監視裝置U包括有類比—數位影像及/或 二就轉換處理單元,用以將所擷取到之類比影像及/ 或聲θ轉換成數位訊號之袼式。 再者,網路監視裝置U能接收資訊處理平么12及/ 或通訊終«置13透過通訊網路2所傳輸之控;;訊號, 110707 1] 200937903 从—」訊號控制影像擷取單元及聲音截取單元之運 作’如開啟或關閉類比影像及/或聲音擷取之運作,且: 2-步的包括影像擷取單元之鏡頭的遠近焦距的調整 ϋ象操取單元或聲音截取單元在内之網路監 本體之移動。 1 .右二卜二於本實施例中’網路監視裝置11具有無線或 ::、中^種通信介面。較佳者,該有線通信介面可例如 ( Power Line Communication, PL〇 〇 ❹ f訊處理平台12係具有資料庫121以及第二隨道連 結模組122,資訊處理平台12係用以接收網路監視裝置 11透過通朗路2所傳輸之數位减,絲數位訊號予 以處理並儲存至該資料庫121。 於本實施例中,資訊處理平台12可例如為由網際網 路服務提供者(ISP)所提供之資訊處理平台12,並建構 於虛擬專用網路⑽)3巾。承前所述,且用以經由通 訊網路2接收來自網路監視裝置n透過其類比_數位影像 ©及/或聲音訊號轉換處理單元,所轉換之數位影像及/或聲 曰訊號此外,資料庫121則可例如為網際網路服務提供 者所提供之資料庫伺服器等具有網路連結功能之資料儲 存裝置。 ' 於本實施例中,數位訊號之處理包括將該數位訊號轉 換成 3GP (3rd Generation Partnership project)、 MPEG-1、MPEG-2、MPEG-4、MP3 ' WAV 或 AVI 其中之一種 格式’並透過RTP及/或RTSP的方式來載送。 12 110707 200937903 、 、 + ,.,述’第一隨道連結模組111係用以與第二隨道 連結模組122透過隧道協定(Tunneling Protocol )相互 連結,俾於網路監視裝置11與資訊處理平台12間建立資 料’特別是包含影像及/或聲音訊號之資料傳輸的專用通 道 2il。 較佳者’於本實施例中’第一隧道連結模組1丨丨係具 有隨道開通模組1111以及第一加解密模組丨112 ^第二隨 道連結模組12 2係具有隨道終止模組12 21以及第二加解 @密模組1222。 隧道開通模組1111係用以在通訊網路2中開出一條 專用通道21,俾供網路監視裝置u所傳送之包含影像及 /或聲音sfl號之資料可以在專用通道21中以點到點的傳 輸方式傳送到位於虛擬專用網路3中之資訊處理平台12。 随道止模組12 21係用以令專用通道21於虛擬專用 、周路3終止,而不再繼續向前延伸,亦即確定專用通道 21之終點。 Ο 需補充說明者,於其他實施例中’隧道開通模組可以 設置於資訊處理平台12,相對的,隨道終止模組則係設 置於網路監視裝置u。此外,隧道開通模組lln及隧道 終止模組1221可由硬體設備來完成,也可以由軟體程式 予以提供。 第一加解密模組1112係用以將網路監視裝置η透過 專用通道21傳送到位於虛擬專用網路3中之資訊處理平 台12的資料’特別是包含影像及/或聲音訊號之資料予以 110707 13 200937903 ^ --患用例如為安全套技爲广。 SSL)或傳輸層安全(Tr :妾層咖啊。咖一-, 加密協議予以加密,相對 L:7 “吻,TLS) 應用相應於第-加解穷模也^解密模組1222則係 解密,俾資訊:採用之解密機制予以 當資訊處理平台‘;處理。同理, .視裝置Η時,即可令第一力二逼21傳送貧料至網路監 TLS ^ 弟一加解岔模組1222應用SSL或 TLS加欲協礒予以加密,相對的,第一加解密模(2G), GPRS, third generation (3G), Max, CDMA, WCDMA or PHS ο system radiotelephone communication network. This embodiment is based on the Internet. ^ The network monitoring device u has a first-channel connection module ιη, and the network monitoring device 11 is used for taking analog images and/or audio signals, and converting analog images and/or audio signals into digital signals, and can Receiving the control signal transmitted through the channel 2 and including at least the opening and closing of the analog image and/or sound capture operation according to the control signal and/or the schedule light. ο More specifically, the network monitoring device 11 is an image and/or sound boring device having a network connection function and having a specific network address, and more specifically, a lens having a lens such as a CCD or a CMOS. The image capturing unit captures the image and receives the sound through a sound intercepting unit such as a microphone. Secondly, the network monitoring device U includes an analog-digital image and/or a binary conversion processing unit for converting the captured analog image and/or sound θ into a digital signal. Furthermore, the network monitoring device U can receive the information processing device 12 and/or the communication terminal 13 transmitted through the communication network 2;; signal, 110707 1] 200937903 from the "" signal control image capturing unit and sound The operation of the intercepting unit 'such as turning on or off the analog image and/or sound capture operation, and: 2-step adjustment of the near and far focal length of the lens of the image capturing unit, such as the operation unit or the sound intercepting unit The network monitors the movement of the ontology. 1. Right 2b In the present embodiment, the network monitoring device 11 has a wireless or ::, medium communication interface. Preferably, the wired communication interface can be, for example, (Power Line Communication, the PL processing device 12 has a database 121 and a second satellite connection module 122, and the information processing platform 12 is configured to receive network monitoring. The device 11 processes and stores the digital signal transmitted by the channel 2 to the database 121. In this embodiment, the information processing platform 12 can be, for example, an Internet Service Provider (ISP). The information processing platform 12 is provided and constructed on the virtual private network (10). As described above, the digital image and/or sonar signal converted from the network monitoring device n through the analog_digital image © and/or the audio signal conversion processing unit is received via the communication network 2. Further, the database 121 For example, it may be a data storage device with a network connection function, such as a database server provided by an internet service provider. In the present embodiment, the processing of the digital signal includes converting the digital signal into a 3GP (3rd Generation Partnership Project), MPEG-1, MPEG-2, MPEG-4, MP3 'WAV or AVI format RTP and / or RTSP way to carry. 12 110707 200937903 , , + , . , 'The first-way connection module 111 is used to interconnect with the second-way connection module 122 through a tunneling protocol, and is connected to the network monitoring device 11 and the information. The processing platform 12 establishes a 'specific channel 2il for the transmission of data including image and/or audio signals. Preferably, in the present embodiment, the first tunnel connection module 1 has a channel opening module 1111 and a first encryption and decryption module 112. The second channel connection module 12 2 has a channel. The module 12 21 and the second add-on @密 module 1222 are terminated. The tunneling module 1111 is configured to open a dedicated channel 21 in the communication network 2, and the information including the image and/or sound sfl number transmitted by the network monitoring device u can be point-to-point in the dedicated channel 21. The transmission mode is transmitted to the information processing platform 12 located in the virtual private network 3. The on-going module 12 21 is used to terminate the dedicated channel 21 on the virtual dedicated, peripheral 3, and no longer continues to extend forward, i.e., the end of the dedicated channel 21 is determined.需 In addition, in other embodiments, the tunnel opening module may be disposed on the information processing platform 12, and the parallel channel termination module is disposed in the network monitoring device u. In addition, the tunneling module 11n and the tunneling module 1221 may be implemented by a hardware device or by a software program. The first encryption and decryption module 1112 is configured to transmit the network monitoring device η to the information processing platform 12 located in the virtual private network 3 through the dedicated channel 21, in particular, the information including the image and/or audio signal is 110707. 13 200937903 ^ -- For example, the use of condoms is wide. SSL) or transport layer security (Tr: 妾 咖 咖. 咖一-, encryption protocol to encrypt, relative L: 7 "kiss, TLS" application corresponding to the first-plus solution poor mode ^ decryption module 1222 is decrypted , 俾 information: the use of the decryption mechanism to be used as an information processing platform'; processing. Similarly, when the device is Η, you can make the first force to force 21 to send poor materials to the network monitoring TLS ^ brother one plus solution Group 1222 uses SSL or TLS add-on protocol to encrypt, relative, first encryption and decryption mode
則應用相應於第二加解穷楹 L © ^ 解在桓組1222所採用之解密機制予 以解您,俾網路監視裝置u執行後續之資料處理。予 通訊終端裝置13係具有網路通訊、資料處理、資料 輸入與顯示功能,而藉由通訊網路2與資訊處理平台 才目互連結’以透過資訊處理平台12存取及/或顯示其資料 121中之數位机號資料。於本實施例中,㉟訊終端裝置 13可例如為個人電腦、筆記型電腦、行動電話、個人數 位助理、掌上型電腦等具有網路通訊、資料處理、資 ©入與顯示功能之裝置。 其次’通祕㈣置13能接收輸人之控制訊號及/ 或排程資料’並藉由通訊網路2將控制訊號資料傳輸至資 訊處理平台12,以令資訊處理平台12依據控制訊號資料 產生控制訊號,再藉由通訊網路2控制網路監視裝置^ 之運作承刖所述’使用者能透過通訊終端装置13輸入 用以控制影像擷取單it之鏡頭的遠近焦距的調整、包含影 像擷取單兀或聲音截取單元在内之網路監視裝置η本體 110707 14 200937903 4“, 平並藉由通訊網路2傳送至資訊處理 第:實施例、:貝5处理平台12據之控制網路監視裝置π。 請,閱第2圖,其係本發明之遠端視訊監控管理系統 2實:Π1的應用架構示意圖。第二實施例可與前述第 欠貫也例之應用架構相結合。如圖所示,於本實施例中, 貝机處理平台12復包括安全管理模組123, ο 證網路監視裝置nu或通訊終端是否且Z 至資訊處理平台12之權限。 、° 安全管理模組123包括媒體存取控制位址識別模组 1231、使用者身分識別模組1232以及存取期限安全 模組12 3 3。 承則所述,於本實施例中,資訊處理平台12之資料 庫121中預先儲存有對應不同之網路監視裝置11的識別 資料,且媒體存取控制位址識別模組1231係透過網路監 視裝置11之媒體存取控制(Media Access c〇ntr〇i,鼷^) 〇位址判斷出不同之網路監視裝置u及其對應之識別次 料。 °貝 此外’資料庫1 21復預先儲存有對應不同之使用者之 身义硪別資料的使用權限資料與數位訊號資料存取期限 認證資料,使用者身分識別模組1232係用以判斷使用者 透過通訊終端裝置13經由通訊網路2所傳輪之身分識別 資料是否具有使用權限以及該使用權限之内容。 較佳者,當遠端的通訊終端裝置13使用者要經由通 110707 15 200937903 & ' 〃取貧讯處理平台12中所儲存之影像及/或聲音 監控資料時,須以帳號及/或密碼登入資訊處理平台12, 亚透過使用者身分識別模組1 232判斷使用者之權限。 更佳者,為確保登入的安全性,使用者身分識別模組 1232可於遠端的通訊終端裝置13使甩者登入時提供如— 次性密碼(〇ne Time Password,〇τρ)之動態密碼,於帳 號及/或密碼登入確認完成後,要求使用者透過通訊終端 裝置13幸別人組動悲岔竭作為確認碼。動態密碼可例如 G但不限定於每-分鐘更動—次,據此,可進__步地增 訊處理平台12的登入安全。 接著,遠端的通訊終端裝置13使用者登入後,資訊 處理平σ 12即會依其帳號決定該帳號的使用群組範圍及 對應的操作權限,群組的範圍及操作的權限由使用者自行 ::二中群組的範圍包含使用者用以監視目標地點的監 Γ =具有權限監看該設備的使用者,而操作的權限則 匕各新g、删除、修改、即時龄 ❿聲音及歷史影像及/或聲音下載 1。看调閱歷史影像及/或 2取期限安全管理模組1 233則係用以於使用者身分 識別模組12 3 2判斷出通訊终端f胃 權限後,存取期限安全管理模具有使用 ==與時間相關的動態的影像存取控制碼,影像存 取匕制碼包含授權使用者監看的 影像授權使用範圍資料'逾期广又備的-視 貧科4’右使用者未經授權取得影像存取控制碼,並使 110707 16 200937903 七 -.....存取控制碼的方式取得影像存取控制碼,亦盔 法取得監視的影像資料,據此,以更進一步地強化資訊= 理平台12影像及/或聲音監控資料存取的安全控管。 更佳者,於本實施例中,資訊處理平台12可選擇性 地包括用戶資料管理模組124係用以於使用者身分識別 核組1232與存取期限安全管理模組1233判斷出遠端的通 訊終端裝置13使用者具有使用權限後並於有效的授權存 取期限時,提供使用者透過通訊終端裝置13進行用戶資 ❹料之管理及/或維護。具體言之,資訊處理平台12可提供 使用者操作介面或視窗環境,而使用者能透過通訊終端裝 置13進行如增、刪、修改等用戶資料之遠端管理及/或維 護。 第三實施例: 印參閱第3圖’其係本發明之遠端視訊監控管理系統 之第二實施例的應用架構示意圖。第三實施例可與前述第 實施例及/或第二實施例之應用架構相結合。於本實施 ®例中’網路監視裝置11與資料處理平台12間係透過Port 80傳輸協定傳輸包括影像及/或聲音訊號之資料,因此在 j多數的通信網路中皆可傳輸而不受到安全限制,更具體 三之,網路監視裝置11係採用實體位址、浮動位址、真 實位址或虛擬位址’故能穿透防火牆4及/或網路路由裝 置5的限制’與資料處理平台12通信’並拒絕非來自資 料處理平台12的通信請求。 承前所述’當網路監視裝置11主動連結視訊遠端管 17 110707 200937903 王宇卞—y.、 通道21。一曰铜敗二2 ’進行報到註冊程序,並建立專用 到註冊程序===透料用通道Μ完成報 資料處理平台12即知、11的疋址已無完成’然後 利用專用通道21進二’、·,視裝置11的1?位址’並 12間資料及控制气自視裝置11與資料處理平台 .DDNS機制。 °心的溝通,因此無須使用非標準的 於本實施例中,網路ε ο 浮動位址、真實位址上視襄置11係採用實體位址、 ' '止或虛擬位址其中之一者,且能穿透防 火尨4及/或網路路由裝 由裝置5的限制,與資料處理平台12 拒絕㈣自資料處理平台12料 第四貫施例: /。月 > 閱第4圖’其係、本發明之居家安全監控暨通報管 理糸統之第四實施例的應用架構示意圖。如圖所示 ❹ 實施例與上述第一實施例、第二實施例及/或第三實施例 之應用,構大致上相同。惟更進一步可包括—個以上之環 境偵測早7L 14,環境偵測單元14係與網路監視裝置u 相互連結,用以將所偵測到之安全事件訊息傳輪至網路監 視裝置11’並藉由網路監視裝置u所傳送之包含影像及 /或聲音訊號之資料可以在專用通道21 +以點到點的傳 輸方式傳送到位於虛擬專用網路3中之資訊處理平台 12,再由資訊處理平台12將安全事件訊息轉換1安全二 報訊息儲存至資料庫121,並透過通訊網路2傳輸至通訊 終端裝置13。 110707 18 200937903 二…、施例中,環境偵測單元14可係選自由 1兀、141/瓦斯外㈣測單元142、火災偵測單元143 : 煙務偵測早tl 144、一氧化碳濃度偵測單元145及二 及/辰度谓測單凡146所組成之群組。而環 一 係透過有線或無線方式與網路監視裝置u相互=凡14 、較佳者,於本實施例中,當環境偵測單元14 測到之安全事件訊息傳輸至網路監視裝置u Ο 掏取傳輸安全事件訊息之環境侦測 ς之類比影像及/或聲音訊號。舉例言之,若 息係由門禁偵測單元141所傳輸者, 二 】η隨㈣取傳輪安全事件訊息之門禁_單元;^ 卷^兄之類比影像及/或聲音訊號,以擷取發生安全事件 = t類比影像及/或聲音訊號’俾使用者即時 題的實況。女全監控訊息資料時’能更清楚的掌握發生問 〇 推播全事件訊息可以簡訊、電子郵件、即時告警 2 其中—種方式透過通訊網路2傳送至通 成終端震置13。亦即’由資訊處理平台12 、 ^安全通報訊息儲存至資料庫121,=:= 間讯、電子郵件、即時告警推播或語音傳送其中— 種方式,傳輸至通訊終端裝置13。 、 第五實施例: 理=参閱第5圖’其係本發明之居家安全監控暨通報管 糸、'先之第五實施例的應用架構示意圖。第五實施例可與 110707 19 200937903 — 施例、第二實施例、第三實施例及/或第四實 施例之應用架構相結合。如圖所示,於本實施例中,網路 監視裝置u具有監控切換模組112,係用以開啟或關閉 Γ監視裝置11透過通訊網路2所傳輸數位訊號至資訊 處理平台12之功能。 於本實施例中,本發明之0 , , 令知居豕安全監控暨通報管理系 j復包括與網路監視裝置U相互連結之本地通訊終端襄 軍…當監控切換模組112關閉網路監視裳置u傳輸數 ❹ 】=貧訊處理平台12之功能後’網路監視裝置11 =輸该數位訊號至本地通訊終端裝置15。據此’當使用 豕或是其他不願㈣環境m息料出去讓第 只需利用監控切換模組112關閉網路監視裝 述㈣^ 號至資訊處理平台12之功能即可實現前 J明的功能。相對的,當使用者欲重新啟動前述本 安全監控暨通報管理系統,僅需開啟網路監視 ο 裝9置11透過通訊網路2所傳輪數位訊號至資訊處 12之功能即可實現。 能透^ Ϊ Ϊ ’本發明之一種遠端視訊監控管理系統,除 ·'、, 、官理^資訊處理平台處理與儲存安全事件訊 ^ ' 相對應之安全監控訊息資料及安全通報訊自, 以提供使用者透過資訊處理 心 烏資料、接收來自杳却步 女全監控訊 專用、i 1& 、…处理平台之通報訊息外。復能透過 私—方式連結資訊處理平台與網路監視裝置,並 於女全監控訊自咨— λ 心貝枓及女全通報訊息傳輸的過程中進行 110707 20 200937903 „ „ .... _ 故能解決網路安全、頻寬使用及設備定址之問 ο 題。此外,復結合靜態與動態之授權驗證機制,提供通過 授權驗證之使用者在授權期間内,透過通訊終端裝置連結 至資訊處理平台,以由資訊處理平台取得或接收監控訊息 資料,故能更進一步地解決網路安全之問題。再者,亦能 提供使用者選擇性的啟閉網路監控裝置與資訊處理平台 間的連結,並能搭接具有訊號傳輸功能之網路監視裝置, 並與門禁監控機制及/或會影響安全之氣體、煙霧或溫度 之偵測機制相結合,以達到完整安全監控之目的。 上述實施例僅為例示性說明本發明之原理及其功 效,而非用於限制本發明。任何熟習此項技藝之人士均可 在不違背本發明之精神及範疇下,對上述實施例進行修飾 與變化。因此,本發明之權利保護範圍,應如後述之申請 專利範圍所列。 【圖式簡單說明】 〇 第1圖係本發明之遠端視訊監控管理系統之第一實 施例的應用架構示意圖; 第2圖係本發明之遠端視訊監控管理系統之第二實 施例的應用架構示意圖; 第3圖係本發明之遠端視訊監控管理系統之第三實 施例的應用架構示意圖; 第4圖係本發明之遠端視訊監控管理系統之第四實 施例的應用架構示意圖;以及 第5圖係本發明之遠端視訊監控管理系統之第五實 21 110707 9379()3.㈣示意圖。 【主要元件符號說明】 11 網路監視裝置 111 第一隧道連結模組 1111 隧道開通模組 1112 第一加解密模組 112 監控切換模組 12 資訊處理平台 121 資料庫 122 第二隧道連結模組 1221 隧道終止模組 1222 第二加解密模組 123 安全管理模組 1231 媒體存取控制位址識別模組 1232 使用者身分識別模組 1233 存取期限安全管理模組 Q 124 用戶資料管理模組 13 通訊終端裝置 14 環境偵測單元 141 門禁偵測單元 142 瓦斯外洩偵測單元 143 火災偵測單元 144 煙霧偵測單元 145 一氧化碳_濃度偵測單元 22 110707 200937903 化碳濃度偵測單元 15 本地通訊終端裝置 2 通訊網路 21 專用通道 3 虛擬專用網路 4 防火牆 5 網路路由裝置Then, the application corresponding to the second additive solution L © ^ solves the decryption mechanism used in the group 1222 to solve the problem, and the network monitoring device u performs subsequent data processing. The communication terminal device 13 has network communication, data processing, data input and display functions, and the communication network 2 and the information processing platform are interconnected to access and/or display the data through the information processing platform 12. Digital number information in the machine. In this embodiment, the terminal device 13 can be, for example, a personal computer, a notebook computer, a mobile phone, a personal digital assistant, a palmtop computer, or the like having network communication, data processing, input and display functions. Secondly, the 'passive (four) set 13 can receive the control signal and/or schedule data of the input person' and transmit the control signal data to the information processing platform 12 through the communication network 2, so that the information processing platform 12 generates control according to the control signal data. The signal is controlled by the communication network 2 to control the operation of the network monitoring device. The user can input the adjustment of the near and far focal length of the lens for controlling the image capturing unit through the communication terminal device 13, including image capturing. The network monitoring device η body 110707 14 200937903 4" of the single 兀 or the sound intercepting unit is transmitted to the information processing by the communication network 2: Embodiment: the Bay 5 processing platform 12 according to the control network monitoring device π. Please refer to Fig. 2, which is a schematic diagram of the application architecture of the remote video monitoring management system 2 of the present invention. The second embodiment can be combined with the application architecture of the foregoing first example. In this embodiment, the bay machine processing platform 12 includes the security management module 123, the network monitoring device nu or the communication terminal and the authority of the Z to the information processing platform 12. The module 123 includes a media access control address identification module 1231, a user identity identification module 1232, and an access period security module 12 3 3. As described in the above, in the embodiment, the information processing platform 12 The identification data corresponding to the different network monitoring devices 11 is pre-stored in the library 121, and the media access control address identification module 1231 is transmitted through the media access control of the network monitoring device 11 (Media Access c〇ntr〇i,鼷^) 〇 address to determine the different network monitoring devices u and their corresponding identification data. °Bei's 'repository 1 21' pre-stored the usage rights data corresponding to the different user's personal identification data And the digital identity data access period authentication data, the user identity recognition module 1232 is used to determine whether the identity of the user via the communication network device 13 via the communication network device 2 has the right to use and the content of the usage authority. Preferably, when the remote communication terminal device 13 user wants to capture the image and/or sound monitoring stored in the poor processing platform 12 via the 110707 15 200937903 & The user must log in to the information processing platform 12 by using the account number and/or password, and determine the user's authority through the user identity recognition module 1 232. Further, to ensure the security of the login, the user identity recognition module 1232 The remote communication terminal device 13 can provide a dynamic password such as a secondary password (〇τρ) when the user logs in. After the account and/or password login confirmation is completed, the user is required to pass through the communication terminal. The device 13 is fortunate to use the sorrow as a confirmation code. The dynamic password can be, for example, G but not limited to every minute, and accordingly, the login security of the processing platform 12 can be enhanced. Then, after the user of the remote communication terminal device 13 logs in, the information processing level σ 12 determines the usage group range and the corresponding operation authority of the account according to the account number thereof, and the scope of the group and the operation authority are determined by the user. :: The scope of the second group includes the monitoring of the user to monitor the target location = the user who has the authority to monitor the device, and the permissions of the operation are new g, delete, modify, instant voice and history Image and / or sound download 1. The viewing history image and/or the 2-term security management module 1 233 is used for the user identity recognition module 12 3 2 to determine the communication terminal f stomach authority, the access period security management mold is used == Time-dependent dynamic image access control code, image access code contains authorized image viewing area for authorized users to monitor the data. 'Overdue and wide--------------------------- Access control code, and make 110707 16 200937903 VII-..... access control code to obtain image access control code, and also to obtain surveillance image data, according to which to further strengthen information = Security control of platform 12 image and / or sound monitoring data access. More preferably, in this embodiment, the information processing platform 12 can optionally include a user profile management module 124 for determining the remote end of the user identity identification core group 1232 and the access period security management module 1233. After the user of the communication terminal device 13 has the right to use and provides a valid authorized access period, the user is provided with the management and/or maintenance of the user's materials through the communication terminal device 13. Specifically, the information processing platform 12 can provide a user operation interface or a window environment, and the user can perform remote management and/or maintenance of user data such as addition, deletion, and modification through the communication terminal device 13. THIRD EMBODIMENT: Referring to Figure 3, a schematic diagram of an application architecture of a second embodiment of the remote video surveillance management system of the present invention is shown. The third embodiment can be combined with the application architecture of the foregoing first embodiment and/or second embodiment. In the present embodiment, the network monitoring device 11 and the data processing platform 12 transmit data including video and/or audio signals through the Port 80 transmission protocol, so that they can be transmitted in most communication networks of j. Security restrictions, more specifically, the network monitoring device 11 uses physical address, floating address, real address or virtual address 'so can penetrate the firewall 4 and / or network routing device 5 restrictions ' and data The processing platform 12 communicates 'and rejects communication requests that are not from the data processing platform 12. As mentioned above, when the network monitoring device 11 actively connects the video remote tube 17 110707 200937903 Wang Yuxi-y., channel 21. A 曰 败 2 2 2 ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ' ', ·, depending on the address 1 of the device 11 and 12 data and control gas self-view device 11 and data processing platform. DDNS mechanism. ° Heart communication, so there is no need to use non-standard in this embodiment, the network ε ο floating address, the real address on the device 11 is the physical address, ''stop or virtual address one of them And can penetrate the firewall 4 and/or the network routing is limited by the device 5, and the data processing platform 12 rejects (4) the fourth embodiment of the data processing platform 12: /. </ RTI> <RTIgt; </ RTI> <RTIgt; </ RTI> Fig. 4 is a schematic diagram showing the application architecture of the fourth embodiment of the home security monitoring and notification management system of the present invention. As shown in the drawings, the embodiment is substantially identical to the application of the first embodiment, the second embodiment, and/or the third embodiment described above. Further, the environment detection unit 14 and the network monitoring device u are connected to each other for transmitting the detected security event information to the network monitoring device 11 . 'The data containing the video and/or audio signals transmitted by the network monitoring device u can be transmitted to the information processing platform 12 located in the virtual private network 3 in the dedicated channel 21 + in a point-to-point transmission manner, and then The security event message conversion 1 security message is stored in the database 121 by the information processing platform 12 and transmitted to the communication terminal device 13 via the communication network 2. 110707 18 200937903 2. In the embodiment, the environment detecting unit 14 can be selected from the group 1, 141 / watt (four) measuring unit 142, fire detecting unit 143: smoke detecting early t1 144, carbon monoxide concentration detecting unit 145 and 2 and / Chen degree are the group of 146. In the present embodiment, the security event message detected by the environment detecting unit 14 is transmitted to the network monitoring device u. In the present embodiment, the security event information detected by the environment detecting unit 14 is transmitted to the network monitoring device. Capture analog video and/or audio signals that transmit security event messages. For example, if the information is transmitted by the access control unit 141, the second is η with (4) the gate access security event message access control unit _ unit; ^ volume ^ brother analog image and / or audio signal, in order to take place Security event = t analog image and / or audio signal '俾 user instant question live. When the woman monitors the message data, she can know more clearly. 推 The full event message can be sent to the newsletter, email, and instant alarm. 2 The mode is transmitted to the communication terminal through the communication network 2. That is, the information processing platform 12, the security notification message is stored in the database 121, =:= inter-message, e-mail, instant alarm push or voice transmission, to the communication terminal device 13. Fifth Embodiment: Referring to FIG. 5, it is a schematic diagram of an application architecture of the fifth embodiment of the home security monitoring and notification tube of the present invention. The fifth embodiment can be combined with the application architecture of 110707 19 200937903 - the second embodiment, the third embodiment, and/or the fourth embodiment. As shown in the figure, in the present embodiment, the network monitoring device u has a monitoring switching module 112 for turning on or off the function of the digital signal transmitted by the monitoring device 11 through the communication network 2 to the information processing platform 12. In the present embodiment, the security monitoring and notification management system of the present invention includes a local communication terminal interconnected with the network monitoring device U. When the monitoring switching module 112 turns off the network monitoring After the function of the poor processing platform 12, the network monitoring device 11 = the digital signal is transmitted to the local communication terminal device 15. According to this, when using 豕 or other unwilling (4) environment m material, the first step is to use the monitoring switching module 112 to turn off the network monitoring device (4) to the function of the information processing platform 12 to realize the former J Ming Features. In contrast, when the user wants to restart the aforementioned security monitoring and notification management system, it only needs to enable the network monitoring. The function of transmitting the digital signal to the information station 12 through the communication network 2 can be realized. A remote video surveillance management system of the present invention, in addition to the ',,, and the government information processing platform processing and storing security events, the corresponding security monitoring message data and security notifications, In order to provide users with information through the processing of Xinwu information, receiving notification messages from the 杳 女 全 全 全 、 、 、 、 、 、 、 、 、 、 Rehabilitation connects the information processing platform and the network monitoring device through private-to-mode, and performs 110707 20 200937903 „ „ .... _ in the process of female full monitoring and self-consultation - λ heartbeat and female notification message transmission It can solve the problem of network security, bandwidth usage and device addressing. In addition, the combination of the static and dynamic authorization verification mechanism provides users who have passed the authorization verification to connect to the information processing platform through the communication terminal device during the authorization period to obtain or receive the monitoring message data from the information processing platform. Solve the problem of network security. In addition, it can also provide users with a selective connection between the network monitoring device and the information processing platform, and can connect to the network monitoring device with signal transmission function, and the access control mechanism and/or will affect security. The combination of gas, smoke or temperature detection mechanisms for complete safety monitoring purposes. The above embodiments are merely illustrative of the principles and effects of the invention and are not intended to limit the invention. Modifications and variations of the above-described embodiments can be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, the scope of protection of the present invention should be as listed in the scope of the patent application to be described later. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic diagram of an application architecture of a first embodiment of a remote video surveillance management system of the present invention; FIG. 2 is an application of a second embodiment of a remote video surveillance management system of the present invention. 3 is a schematic diagram of an application architecture of a third embodiment of the remote video surveillance management system of the present invention; FIG. 4 is a schematic diagram of an application architecture of a fourth embodiment of the remote video surveillance management system of the present invention; Figure 5 is a schematic diagram of the fifth real 21 110707 9379 () 3. (four) of the far-end video surveillance management system of the present invention. [Main component symbol description] 11 Network monitoring device 111 First tunnel connection module 1111 Tunnel opening module 1112 First encryption and decryption module 112 Monitoring switching module 12 Information processing platform 121 Database 122 Second tunnel connection module 1221 Tunnel termination module 1222 second encryption and decryption module 123 security management module 1231 media access control address recognition module 1232 user identity recognition module 1233 access period security management module Q 124 user data management module 13 communication Terminal device 14 environment detecting unit 141 access detecting unit 142 gas leak detecting unit 143 fire detecting unit 144 smoke detecting unit 145 carbon monoxide _ concentration detecting unit 22 110707 200937903 carbon concentration detecting unit 15 local communication terminal device 2 Communication network 21 Dedicated channel 3 Virtual private network 4 Firewall 5 Network routing device
23 11070723 110707