201004264 九、發明說明: 【發明所屬之技術領域】 、本發明係-種資料傳輸方法,特別是—種保全資料的安全傳輸方 法。 【先前技術】 保全系統已被廣泛的使用在住宅或商業大樓等不同的場合,早期 的保全系統僅僅是為了防止f小入侵,然而由於科技的進步,現在的 (': 保全系統已經開發出許許多多的附加功能,例如火災警告、瓦斯漏氣 以及居家照護(ho臟are)等,使得保全功能且安全性也日益提升。 常見的保全系統,係在客戶端安裝—台保全機器,然後透過網路 連線到保全公司的保全主機,當意外狀況發生時,保全公司將立刻得 知,並且可以在第一時間内做出妥善的處理。 然而’駭客人侵是目前網路使用者最大醉靨,對於保全業者更 是如此,因為-旦保全端和客戶端之間的網路斷訊,保全機器形同虛 設。甚至财可减-步傳遞假請,使保全#者疲於奔命,如此一 U 來,將造絲全業者嚴重的貞擔,甚至可制此讓不宵之徒得以趁機 入侵。 此外,目前最普遍的連線方式為紐,但是佩數據機常常 會有熱當的料料’ 1 ADSL雜機齡,聽讀者與客戶端 之間的連線將會因此中斷,此時便會產生保全上的漏洞。” 因此,習知的資料傳輪方法,具有容鎌财人細及網路連線 容易中斷的問題。 【發明内容】 201004264 有馨於此,本發明提出一種保全資料的安全傳輸方法,適用於保 全管制端與至少-客户端彼此之__路通職定進行雙向資料傳 輸,包含下列步驟:由保全管制端接收來自客戶端之客戶資料·由保 =制端辨識客戶資料是否來自客戶端;由保全管制端發送上層物 客戶端;由客戶端接收來自保全管制端之管制端資料;客戶端 辨識管制端資料是否來自保全管制端;由客户端發送下層確認訊號至 保全官制端;由客戶端每隔回報時間,發送回報信號 :當保_端超過容許時間未侧到來自客户端之回報信號:發 重置#日令至客戶端以重新開啟客戶端之連線裝置。 其t,客戶細嫩含客續、機_遞、資料序列號、 二客=及客戶位址,保全管制端藉由客戶編號以及機器識別號來辨 識客戶-貝料是否來自客戶端,可避免骇客入侵所傳遞的假訊息。 Ο 管制端資料的内容則包含客戶編號、機器識別號、資料形式及管 制端位址’客戶猶由客戶編號以__猶__資料是 否來自保全管制端,可避免骇客入侵所傳遞的假訊息。 此外,透過上層確認訊號,使得客戶端得以知道其客戶資料已破 送至保全管制端;透過下層確認訊號,保全管制端可藉以得知其^ 客戶端,因祕全_與客戶端之_料傳遞將 +會失。 時,容許時間未铜到來自客戶端之回報信號 ^至客戶端以重新開啟客戶端之連線裝置,此舉 發! ΐ:二客戶端的連線裝置品質不-定很好’很有可能因過熱而 發生备機的情況,透過重觸啟客户端之連線裝置,可解決因為客戶 6 201004264 端的連線裝置當機所造成的斷訊問題,避免出現保安上的空窗期,也 減少了保全設備維護人員的出勤頻率。 因此,本發明解決了習知技術所具有之容易遭受骇客入侵以及容 易斷線的問題。 【實施方式】 • it參鮮丨,為本個帛—實關之方紐糊。本發明提供 -種保全資_安全傳輸方法,翻於—保全㈣端及—客戶端之間 〇 彻—鹏軌龄断保全資制如資料傳輸。 如前所述,本方法係應用於保全管制端及客戶端之間,其步驟首先係 由保全管制端接收來自客戶端之客戶龍⑽),其中,客戶資料具 有客戶端狀態訊息、客戶編號、機器朗號、龍序列號、資料形式 標藏及客戶位址。客戶端狀態訊息為客戶端之保全機器所侧到的保 全狀態,用以供保全管制端得知客戶端的即時保全情況,以決定適當 的反應措施。酶-客戶端建置於保全純之後,都倾賦予客戶編 號及識職,客戶魏及機ϋ識職是互桃合的,且每一客戶 有專屬的客戶編號,此外架設於客戶端之保全機H具有專屬的 識別號因而透過客戶資料所具有之客戶編號以及機器識別號即 β辨識客戶資料疋否來自客戶端。客戶位址可能會隨著客戶端採用的 Α路連線而有所改變’但—般而言客戶端仍會由固定位址或是固定網 β與保王s制端連線,因此保全管制端可預先由客戶位址的有無,或 客戶位址疋否落在1U定網段之間,決定是否接受來自遠端的請求。 y序列號為每封包的流水編號,用以供保全管制端嫁認是否有遺 、…ίο未触貝料形式標籤主要是用以確認每一筆資料的編碼格 7 201004264 式,以進行資料解碼。 保全管制端接收客戶資料後,會比對客戶編號及機器識別號,以 辨識客戶編號是否來自客戶端(S02>如果此一客戶資料確實來自客 戶端,隨即發送上層確認訊號至客戶端(s〇3),以供客戶端確認客戶 資料碎實已經送達保全管制端》同樣的上層確認訊號具有資料序列 號、資料形式標籤及客戶位址,這些訊息擷取自客戶端所發送的客戶 資料’以供客戶端與保全管制端交又比對,客戶端透過比對上層確認 ί;· 城及客戶資料所具有之資料序列號、資料形式標籤及客戶位址是否 一致,即可得知其所發送之客戶資料是否已經送達保全管制端。確保 每-筆被保全管制端接收並使用的資料都是由客戶端所發送。避免因 資料傳輸網路受到人侵後,造成保全管制端將惡意訊息誤認為客戶端 訊息的情況發生。 承上,若是比對後的結果為一致,當客戶端還有下一筆客戶資料 要發运至保全管制端時’則下—筆客戶資料之資料相號將以上一筆 成功«的客戶调之序贱為基準加i,紐_。當保全管制 " 祕收_客戶資料之資料序列號出現跳號時,就可以迅速發現是否 有資料封包遺失未收到,若有資料封包遺失,射依據遺失封包的資 料序列號’發出管制命令要求客戶端重新發送具有該遣失資料序列號 之資料封包。 ~ 步驟S01至步驟S03描述了保全管制端接收來自客戶端之客戶端 資料的處理方法,同樣的,客戶端亦可接收來自保全管制端之管制端 資料⑽),其中’管制端資料具有客戶編號、機器識別號、資料形 式標籤及管制端紐。客戶編號、機器識舰及形讀籤所代表 201004264 之意義如上述’概不再贅述。㈣端位址即為保全管制端之位址, 一般而言管制端位址《定而轉_。由於保全侧端在其所發送 之管制端資料附上所欲送達之客戶端之客戶編號及機器識別號,使得 客戶端可藉此確認職收到之管制端資料是否來自保全管制端。 客戶端接收到管制端資料後’會比對客戶編號和機器識別號,以 辨識管制端資料是絲自保全#_⑽)。如果此制端資料確 實來自保全管制端’隨即發送下層物訊號至保全管制端(),以 Γ 供保全管制端確認管_資料確實已經猶客戶端。的下層確認 訊號具有諸形式賴及管制雜址,這些訊息触自保全管制端所 發送的管制端龍,保全管制端透·對下層確認訊號及管制端資料 所具有之資料形式標籤及管制端位址是否一致,即可得知其所發送之 管制端資料是否已經確實送達客戶端。 *步驟s〇4至步驟S06描述了客戶端接收來自保全管制端之管制端 資料的處理綠,細為了更確絲全管繼與客戶端之間的連線不 會發生帽,抑錢在最短料__得知客戶端與保全管制端之 ㈤的連線發生情的情況,可由客戶端每隔一定的回報時間發送-個 回報訊號至保全管制端⑽)。由保全管制端是否伽到來自客戶端 =回報訊號⑽),來判斷保全f制端與客戶端之間的連線有無情, 若保全管制端於預設的容許時間中勤例來自客戶端之喃訊號,則 表不保全管制端與客戶端之間的連線正常,若保全管制端於預設的容 料間内,未伽j到來自客戶端之喃訊號,則發出重置指令至客戶 端,重新開啟客戶端之連線裝置(s〇9)。 此舉的目的乃由於目前最普遍的連線方式仍舊為ADSL,但是 9 201004264 ADSL數據機在長期連續開機一段時間後,常常會發生過熱當機的情 況’一旦ADSL數據機過熱當機,則保全業者與客戶端之間的連線將 會因此中斷,此時便會產生保全上的漏洞。此外,保全管制端與客戶 端之間的連線中斷多數僅單純因為細[數據機過熱當機所造成,當 客戶通知保全業者前往排除連線中斷情況時,維修人員所作的動作往 往僅是重新開啟ADSL數據機而已,因此透過保全管制端發出重置指 令來重新麟客戶端之連職置,補可避免因娜L數據機過熱當 ( ' 機所產生之保全漏洞,也減少保全業者人員的出勤頻率。 除此之外,本實補更可記騎續_具有同料序列號之客 戶資料的累積次數。由於在正常情況下只有第—筆客戶f料成功發送 至保全管制端,且收到保全管制端所發送之上層確認訊號時,第二筆 客戶資料才會接著發送出去,因此,#第—筆客戶龍發送出去卻沒 有收到來自保全管觀之上層確認訊號時,客戶端將認為發送失敗而 不斷重紐送第-筆客戶資料,直職到來自保全管制端之上層確認 訊號為止,因此保全管制端會__具有同-資解舰之客戶資 J ^。所以保全管制端連續收到具有同-資料序列號之客戶資料的累積 次數越高’代表保全管制端與客戶端間之連線品f越差;此外,當累 積次數超過預設的容許值時,保全管制端將收到通訊異常警告^保 全業者得知保全管_與客戶端之_連、㈣顯常,並適時予以排 :者’本實施例更可提供保全管制端與客戶端之間一條 保全管制端和客戶端之嶋在單-連線,一旦原先的 '' -常’將使祕全管觀和客戶端之卩bU_安上的空窗 201004264 徑將右祕保3^ &制端和客戶端之間’額外提供—條_資料傳輸路 低因為保全管制端和客戶端之間而 期的機率。 固 、月―第2圖,為本發明第二實施例之方法流程圖,本實施例係 、保王管制端為出發點’其實質内容已包含於帛一實施例之說明中。 、吻參&、第3圖’為本發日謂三實施例之方法流程圖,本實施例係 以客戶端為出發點,其實_容已包含於第—實施例之說明中。 雖然本發_技術内容已經以較佳實酬揭露如上,然其並非用 以限疋本發明,任何熟習此技藝者,在不脫離本發明之精神所作些許 之更動與潤飾,皆應涵蓋於本發明的範,因此本發明之保護範圍 當視後附之申請專利範圍所界定者為準。 【圖式簡單說明】 第1圖為本發明第一實施例之方法流程圖。 第2圖為本發明第二實施例之方法流程圖。 第3圖為本發明第三實施例之方法流程圖。 【主要元件符號說明】 無。 11201004264 IX. Description of the invention: [Technical field to which the invention pertains] The invention relates to a method for data transmission, and in particular to a method for secure transmission of preservation data. [Prior Art] The security system has been widely used in different occasions such as residential or commercial buildings. The early security system was only to prevent small intrusions. However, due to advances in technology, the current (': security system has been developed Many additional features, such as fire warnings, gas leaks, and home care (ho dirty are), make security and security more secure. Common security systems are installed on the client - the machine is fully protected, then through The network is connected to the security company's security host. When an unexpected situation occurs, the security company will know it immediately and can handle it properly in the first time. However, the guest is currently the most drunk of Internet users. Hey, this is especially true for the security industry, because the network disconnection between the security terminal and the client, the security machine is in vain. Even the financial can be reduced - the step to pass the fake, so that the security # people are exhausted, such a U, The serious burden of the whole industry will even allow the innocents to take the opportunity to invade. In addition, the most common connection method is However, the data machine often has a hot material '1 ADSL miscellaneous age, and the connection between the reader and the client will be interrupted. At this time, there will be a loophole in the security." The data transfer method has the problem that the person with the money and the network connection is easily interrupted. [Invention] 201004264 In this case, the present invention proposes a secure transmission method for preserving data, which is suitable for preserving the control terminal and at least - The client's mutual __Lutong job is to perform two-way data transmission, including the following steps: receiving the customer data from the client by the security control terminal, identifying whether the customer data is from the client by the security=system; sending by the security controller The client of the upper layer; the client receives the data of the control terminal from the security control terminal; the client identifies whether the data of the control terminal is from the security control terminal; the client sends the lower layer confirmation signal to the security official terminal; and the client returns the time every time, Send a return signal: When the _ terminal exceeds the allowable time, it does not side to the return signal from the client: send reset #日令 to the client to re-open the guest The connection device of the terminal. The customer's tenderness includes the customer's continuation, machine_delivery, data serial number, two passengers= and the customer's address. The security control terminal uses the customer number and the machine identification number to identify whether the customer-because material comes from The client can avoid the fake message transmitted by the hacker. Ο The content of the policing data includes the customer number, machine identification number, data format and the policing address. The customer still has the customer number __犹__ whether the data is From the security control side, it can avoid the false messages transmitted by the hackers. In addition, through the upper layer confirmation signal, the client can know that its customer data has been smashed to the security control terminal; the underlying confirmation signal can be used to secure the control terminal. Know its ^ client, because the secret _ and the client's _ material delivery will lose +. When the allowable time is not copper to the return signal from the client ^ to the client to re-open the client's connection device, this举 ΐ 二: The quality of the connection device of the two clients is not fixed. It is very likely that the standby device will be generated due to overheating. The disconnection caused by the connection device of the 201004264 terminal avoids the window period on the security guard and reduces the attendance frequency of the maintenance equipment maintenance personnel. Accordingly, the present invention solves the problems of the prior art that are susceptible to hacking and easy disconnection. [Embodiment] • It is a fresh-spotted sputum. The invention provides a full-funded security transmission method, which is turned over between the security (four) end and the client, and the full-scale system such as data transmission. As described above, the method is applied between the security control terminal and the client. The first step is to receive the client dragon (10) from the client by the security control terminal, wherein the customer profile has a client status message, a customer number, Machine horn, dragon serial number, data form label and customer address. The client status message is the security status of the client's security machine, which is used to ensure that the security controller knows the client's immediate security status to determine the appropriate response. After the enzyme-client is built in the pure state, it is assigned to the customer number and the job. The customer Wei and the machine are mutually exclusive, and each customer has a unique customer number, in addition to the customer's security. Machine H has a unique identification number and thus identifies the customer data from the client through the customer number and the machine identification number, ie, the customer identification number. The customer address may change with the network connection used by the client. 'But in general, the client will still be connected by a fixed address or fixed network β and Baowang s system, so the security control The terminal can be pre-determined by the presence or absence of the client address, or whether the client address falls between the 1U network segments to determine whether to accept the request from the remote end. The y serial number is the serial number of each packet, which is used to ensure that there is a legacy in the security control end. ίο The untouched tabular form label is mainly used to confirm the code of each piece of data 7 201004264 for data decoding. After receiving the customer data, the security control terminal will compare the customer number and the machine identification number to identify whether the customer number is from the client (S02>; if the customer data is indeed from the client, the upper layer confirmation signal is sent to the client (s〇 3), for the client to confirm that the customer data has been delivered to the security control terminal. The same upper layer confirmation signal has the data serial number, data form label and customer address. These messages are extracted from the customer data sent by the client. For the client and the security control, the client compares and confirms that the client confirms that the data serial number, data form label and customer address of the city and customer data are consistent. Whether the customer data has been delivered to the security control terminal. Ensure that the data received and used by the security control terminal is sent by the client. Avoiding the malicious transmission of the malicious information by the security control terminal after the data transmission network is invaded. The situation occurs for the client message. If the result is the same after the comparison, when the client has the next one When the household data is to be shipped to the security control terminal, then the information of the customer information is the same as the success of the customer's order. Adding i, New_. When the security control " Secrets_Customer Information When the data serial number has a hop number, it can quickly find out whether the data packet has been lost or not. If the data packet is lost, the data serial number of the lost packet is sent to the client to resend the data. The data packet of the serial number. ~ Step S01 to step S03 describe the processing method for the security control terminal to receive the client data from the client. Similarly, the client can also receive the control terminal data (10) from the security control terminal, where ' The control side data has a customer number, a machine identification number, a data form label, and a control terminal. The customer number, the machine identification ship and the shape reading sign representative 201004264 have the meanings as described above. (4) The end address is the address of the security control end. Generally, the control end address is fixed. Since the security side attaches the customer number and machine identification number of the client to be delivered to the control terminal data sent by the security side, the client can confirm whether the data of the control terminal received by the job is from the security control terminal. After the client receives the data from the control terminal, it will compare the customer number and the machine identification number to identify the data of the control terminal is the self-protection #_(10). If the data of this system is indeed from the security control terminal, then the lower layer signal is sent to the security control terminal (), so that the data is confirmed by the full control terminal. The lower-level confirmation signals have various forms of control and control of miscellaneous information. These messages come from the control terminal sent by the security control terminal. The security control terminal transmits the data label and the control terminal of the lower layer confirmation signal and the control terminal data. If the addresses are the same, you can know whether the data of the controllers sent by them has been delivered to the client. * Steps s〇4 to S06 describe the processing green of the client receiving the data from the control terminal of the security control terminal, and in order to make sure that the connection between the client and the client does not occur, the money is minimized. __ knowing the connection between the client and the security control terminal (5), the client can send a return signal to the security control terminal (10) at a certain return time. It is judged whether the connection between the security f system and the client is ruthless by whether the security control terminal is garried from the client=return signal (10). If the security control terminal is in the preset allowable time, the service instance comes from the client. If the signal is not normal, the connection between the control terminal and the client is normal. If the security control terminal is within the preset capacity, the controller sends a reset command to the client. End, re-open the client's connection device (s〇9). The purpose of this move is that the most common connection method is still ADSL, but 9 201004264 ADSL data machine often has a situation of overheating after a long period of continuous booting. Once the ADSL data machine overheats, the security is guaranteed. The connection between the operator and the client will be interrupted, and a security breach will occur. In addition, most of the connection interruption between the security control terminal and the client is only because of the fine [data machine overheating, when the customer informs the security operator to remove the connection interruption, the maintenance personnel often only take action again. Open the ADSL modem, so the reset command is issued by the security control terminal to re-elect the client's re-deployment. This can prevent the Inna L data machine from overheating (the security hole generated by the machine is also reduced, and the maintenance personnel are also reduced. Attendance frequency. In addition, this actual supplement can record the cumulative number of customer data with the same serial number. Since under normal circumstances, only the first customer f material is successfully sent to the security control terminal, and received When the upper-level confirmation signal is sent to the security control terminal, the second customer data will be sent out. Therefore, when the #第一-customer dragon sends out but does not receive the confirmation signal from the security layer, the client will I think that the transmission fails and the new customer information is sent continuously, and the direct service is up to the upper level confirmation signal from the security control end, so the security control will be __ The customer with the same-capital ship is J ^. Therefore, the higher the cumulative number of consecutively received customer data with the same-data serial number, the lower the connection f between the security control terminal and the client; In addition, when the cumulative number exceeds the preset allowable value, the security control terminal will receive a communication abnormality warning. The security practitioner will learn that the security management system is connected to the client, and (4) is displayed frequently, and is timely arranged: In addition, it can provide a security control terminal and a client between the security control terminal and the client. In the single-connection, once the original ''-often' will make the secret view and the client 卩bU_ The empty window 201004264 will be between the right secret security 3^ & between the terminal and the client's extra - strip data transmission path is low because of the probability of preserving between the control terminal and the client. Solid, month - 2 The figure is a flow chart of the method according to the second embodiment of the present invention. The present embodiment is the starting point of the king control terminal. The substance of the present invention is included in the description of the first embodiment. The kiss ginseng & This is a flowchart of the method of the third embodiment. This embodiment is Taking the client as a starting point, in fact, it has been included in the description of the first embodiment. Although the present invention has been disclosed above with better remuneration, it is not intended to limit the present invention, and anyone skilled in the art is familiar with the art. The modifications and adaptations of the present invention are intended to be included in the scope of the present invention. The scope of the present invention is defined by the scope of the appended claims. 1 is a flow chart of a method according to a first embodiment of the present invention. Fig. 2 is a flow chart of a method according to a second embodiment of the present invention. Fig. 3 is a flow chart of a method according to a third embodiment of the present invention. 】 No. 11