TWI308451B - Method and apparatus to provide secured surveillance data to authorized entities - Google Patents

Description

1308451 IX. Description of the invention: The invention is closed; More specifically, the present invention relates to a method for "avoiding and pushing the crane model money supervision device and miniaturization of the prior art so that devices suitable for optical and sound can exist in the f method to accommodate many of these devices. Inside the article. Examples include cameras, microphones, and amplifiers that are now being lost in the line = phones, PDAs, and watches. This development = causing and unspacing regional Wei or turning the sound and / or image to his exhibition In addition, the embedded product of these devices has been a product of mobile phones' making it a mere communication worker in the past; = becoming a potential prying body that may violate human rights, dignity and freedom. For these activities, these activities are relevant. The device has been published in a specific zone, or a search for the device is unfortunately. Unfortunately, the continued reduction of the scale and the integration of the image and sound detection (4) and its affairs have made it necessary to prohibit the soft specific area. Install another - select 'use the system of the radio shooting age to suspend its camera function. ',,, phase mobile phone and other signals sent to the phone antenna such as the phone, this may block Not -RF communication device of two :::: there, some camera phone camera ❹ material strike "set in (such as infrared data transmission (IrDA)). : This, _ will not have any wireless communication capabilities. Furthermore, it is often not limited to the specified d-domain, which may be the device in its zone. ~曰不管 1308451 ... Whether a cooperative system is feasible is questionable. Even if it is led by the government, it is still possible to produce equipment that does not contain cooperative functions, and even if it is included in the equipment process, there are still ways to crack these protective measures. • Therefore, it is desirable to have an organization and method that controls the use of images, sounds, and other sensing devices/functions based on location, situation, and/or other licensing standards without the need for cooperative functions. If such sensory devices are later placed in a mobile phone, it is expected that these actions will be controlled using hardware technologies that are consistent with their specifications and software.

‘,..., private—Qiu/Knife,’ images from Yang Hui can be modified or eliminated. The protection of privacy issues - #代方案 is to avoid capturing images. There is privacy considerations in the end ‘but there may be no desire for a command device from the object that you want to be recorded. For example, the Supervisor: This, in a lyrical, brother who does not want to be recorded. Because of the shadow of the Mei = two: ^ side: disable or deal with the camera - such as the sound perception device can be :::: = other types of perception function ==: === for the privacy of the perception device in the privacy protected image However, these techniques have not been used to deactivate - the device and method that the sensing device expects to have, and at the same time, protect the images of the objects that are not recorded, and at the same time, protect the object 1308451. A method and apparatus for deactivating the privacy features of a supervisory device for reasons of authorization. The digital information is captured and recorded by a supervisory device, which is processed according to a normal privacy mode and an avoidance mode. The privacy mode processing includes features that disable the sensing function of the supervisory device. Used in conjunction with this process is an evasive mode process that includes encryption jobs and authorizations for trusted entities that may access the captured information. A temporary storage device retains a capture of information. A processor analyzes the stored information to determine the presence of _ intense activity that may be detected as representative of suspicious activity. A filter controls the capture of information streams to an encryption device

The W flow causes the capture information associated with the suspicious activity to be encrypted for subsequent access by an authorized entity. The filter can also be used to filter out measured information that is determined by the processor to be a private move. The encryption device encrypts the recorded information to prevent unauthorized access, and a storage device stores the encrypted information in an encryption library for future access by an author. A decryption device located in a secure location decrypts the encrypted information and a monitor located in a secure location is used to authorize viewing of the decrypted message. In another embodiment, a supervisory device can be deactivated. A perceptual function senses one of the surrounding environments to generate capture information, which is recorded. An authorized fixed position is established for the supervisory device. A detector determines if the supervisory device has been removed from the authorized fixed location installation. As a privacy feature, if it has been detected that the supervisory device has moved away from its authorized fixed location, the sensing function of the device may be disabled or the captured information may be modified. 1308451 Embodiments Fig. 1 illustrates the use of sound and image perception by a supervised device to monitor an object that is not intended to be recorded. At a public place 100, one of the objects 101, image 110, is taken by a supervised camera 102. A sound 111 is recorded by a recorder 112 or an equivalent sound sensing device. In accordance with the present invention, supervisory devices 譬 * such as camera 102 and recorder 112 can be placed in public spaces such as street corners, subway stations, and subways and buses to capture and record illegal activities. As part of this monitoring function, the supervisory devices 102, 112 continue to capture the sound and images of their surroundings. Although the following is a description of capturing visible images and audible signals, the present invention is also applicable to any sensing device for supervision, wherein non-limiting features include a chemical sensing device. In a preferred embodiment, all sounds and images are retained as capture information, but are used unless they are guilty of a crime in a particular area or suspected of having committed a crime. In an alternate embodiment, the image, sound, or portion thereof may be eliminated while in a format that is accessible to unauthorized persons, but the eliminated information may also be retained in a modified format as a security parallel. Part of the route. Restricting access to this captured information preserves the legal privacy of objects that do not want to be recorded. The captured information can be left in the supervisory device itself or offloaded to a location that is far from the location where the supervisory device is installed and has communication capabilities. As shown in Figure 1, a server 122 receives the captured information via a wireless communication from supervisory devices 102 and 112 and stores and processes the information therein for future access by the licensor. Alternatively, the capture information can be transmitted along a secure wired network. Figure 2 is a flow chart of one of the mode selection methods for unrestricted capture of supervisory information 1308451. In step 201, a first decision is made as to whether the supervisory device 102, a ^ A* U, ^ Ί i 2 会 will be used by the stalker for supervision. If not, then a normal implicit mode (step 202) is selected to cause any privacy in the supervising device 102, 212: ^ Hold the entire image to limit the privacy of the image or sound (4) 5 objects that do not want to be recorded. If the supervision of the device 1G2, m is authorized, then the next decision is whether the capture of the Bayesian is completely unrestricted (step 203). 4 a, then select a priority mode (step 205), in which the supervisory device ι〇2°, Τ2 can override any privacy function. For example, image capture. i # is overridden from one of the deactivated states. Again, the location of this - supervisory device will be checked by the -authorized program to ensure that only images and sounds at the authorized location are captured. This collision is detailed. In the following, if it is not to supervise the information capture that is completely unrestricted, then, in step 204, an avoidance mode is selected, in which the device 102, il7 & Version ^ 兀 回 回 限 丨 丨 丨 像 像 像 像 像 像 像 隐私 隐私 隐私In the evasive mode, the door is encrypted, and then followed by the -authorized program to access any unsuccessful captures of the body. Figure 3 is a block diagram of the supervised data processing for the privacy function of a supervisory device. The captured data is also evaded by the authorized entity for immediate viewing, or after a delay of some time. Right _ Beijing does not care when storing tribute. The operation of storing the supervisory data is carried out by a digital recorder 3〇3, a ～2, a, a zipper 304, a 〆 encrypting device 305, and a temporary storage device 3〇6, which are better accommodated. Within the supervision device 102, 112. Another - choice = some of the farms are set some or all of them in the distance, such as in the distance, 122 (figure i). The encrypted storage device f 326 is preferably located outside of the supervisory affairs 10 1308451 102, 112. Supervised data such as an image 110 and a sound i n are received by a digital recorder 3〇3 controlled by the processor 304. In a preferred embodiment, the processing person 304 controls whether the recorded data is transmitted along one of the two parallel signal paths 32. The two parallel signal paths are established to maintain privacy while allowing supervision of the security of the camera 102. The function continues to run. Signal 32

- Filter 325 processing, which is used to filter capture information that is considered suspicious and/or to filter out captured information that is determined to be a privacy act. Alternatively, the capture information is unfiltered, and the protection of the captured information is completely encrypted. The Battle King's temporary storage device 306 is coupled to the filter 325 and the processor 3〇4. The afternoon can process and analyze the captured information to determine its nature and then judge whether it should be, over or filtered out. Preferably, once the captured image or sound is filtered, #3G5 is based on - the filtered Bayer 7 will be encrypted in the preferred method detailed below. Such encrypted and filtered sequences are based on an implementation of temporary storage (4). In addition - selection, 10,000 - implementation requirements (4) _ ^ for riding is fully dependent on processing, the information will be encrypted by the encryption device 305 before being 被4Γ:6 to ensure that the captured assets are protected. Save the device 3, make a collection of encrypted information and use the stored data as a coronation library until it is ready | Authorized entity 34. For example, the authorized 340 access is used to supervise the scene. "Two members or similar monitors in the monitor device contain - or a variety of private data 328. A solution can be accessed by the licensor 340. ϋ 金 金 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Since the decrypted information is in danger of being intercepted, the information is only stored in the memory device for a short period of time and then eliminated. In the case where a plurality of monitors 308 are installed, each monitor 308 should accompany its own decryption device 307, each having its own private key «· key. The supervisory device 102, 112 is authenticated to the supervisory device 102, 112 with a corresponding credential containing the public key and information used to identify the monitor. These private/public keys are also used to protect a symmetric I conversational record that will be used for video data transmission. Preferably, the dialogue is updated periodically so that data protected by a particular key is limited. Fig. 4 is a flow chart showing the method of avoiding the mode of the apparatus shown in Fig. 3, and the encryption feature is more clearly explained. The supervisory device captures the information digitally (step 401) and the information can be processed in a parallel path for the normal privacy mode (step 402) or the avoidance mode. In the avoidance mode, filtering, decision making occurs at step 404 whereby the captured information is unfiltered, filtered, and/or filtered. More details on the filtering in the avoidance mode will be explained below with reference to the 5th φ diagram. In a parallel procedure, a symmetric encryption key is formed in step 403. The symmetric key is encrypted at step 406 using the public key of each monitor 308. The symmetric key is also encrypted using a public key of a first trusted access grantor (step 407), which is then further encrypted using a public key of a second trusted access grantor (step 408) . (Note that there are one or more trusted access licensors, in which case the encryption with the public record will contain the number 1308451 of the trusted access licensor in a serial manner.) The filtered information is encrypted by the symmetric key in step 409. In step 410, the encrypted key is logically or physically associated with the encrypted information. The resulting encrypted information is now protected and can be transferred to the encrypted storage device (step 411) and any connected monitors. Alternatively, more than one symmetric key may be formed in step 403 such that a different symmetric key is used in steps 406 and 410 for information being sent to a monitor instead of being used in steps 407-410. Information used to send to encrypted storage. Also, it is preferable for the symmetric key to have a high rate of change, but _ should consider the result of increasing the processing load.

I At step 412, the symmetric key is decrypted using the private key of the monitor and the information is decrypted using the decrypted symmetric key. Since each monitor has its own private key, different information can be sent to different monitors. At this point, image or sound information can be seen or heard at a display terminal (step 415). In addition, the decrypted information is temporarily stored on the monitor for the authorized entity to replay (step 413) and then eliminated (step 414). Although this specification describes a preferred method of encryption, the present invention may also operate in other ways that maintain information confidentiality when transmitted to a monitor. As shown in Figure 4, the data that can be displayed immediately and the recent received data that can be replayed in a timed memory (shown in a FIFO) have a fixed right. Alternatively, the present invention may utilize DRM technology for the distribution of usage rights, such that the manner in which data is sent to and received by a plurality of monitors is flexible. Figure 5 is a schematic diagram of an avoidance mode filtering function performed by filter 325. As mentioned earlier, a supervisory device can be shipped in a normal privacy mode 501.

13 1308451 H Private = and sound capture is restricted to protect the object that you do not want to be recorded. At the same time, the device can avoid the restrictions such as avoidance and other conditions in the "Ping rod caution", this body is accessed in a safe way ^ ^理路;^由—Group license authorization actual module fine steps 5. 3 ::1:; Wheel replacement tank, room ^ _ There is a better variant, which can be applied alone or combined with money filtering, avoidance mode 5Q4 , filter, over-avoidance mode, and 506. In the dense, 5〇4 'all captured images and sounds are added.::::::=, after the image is decrypted, access the shadow ra, ., . _ again To DRM or conditional access technology protection, and ζL 1 monitoring station for viewing. The decrypted information at the monitoring station is given to the already: dense format record 'but can be entered in the short period of time Temporary storage replay. It may also allow encrypted storage of information under the control of the monitoring station Dingyi RM system. Second mode 5G5 - capture information such as 1 secret storage 3| to several days worth of images stored in secure unencrypted or Added sound processing software m duration depends on 'making wisdom Image/right 8 is sufficient for analysis - video streaming and selection of the stream - between segments: monitoring / ° for longer duration storage, information will be preferably stored in the storage toucher 304 to receive a trigger signal The test is triggered by the sudden movement of the object within the sensing range of the supervisory device, such as the rapid change of the action mode of the monk and the traffic flow, or the squeaking of the sound analysis. This is captured by the melon device. The type of activity that is reached. The capture information can be classified as 14 1308451 _ ^ a normal or an excited category 'the latter represents suspicious activity. In addition _ Bei Xun can be added a time to produce a month / Wu capture mark, and _ type,

The court will help to search, index and channelize. I In the erasure avoidance mode 506, 'storing a predetermined amount of captured HC image/sound processing soft #推许八,七' 曰山, software into the line analysis, so that some activities that may be officially gamma 2 (four) move will be The image/sound stream is red-swapped/or sent to - : The station will be filtered or blurred before it is viewed. A designation is private and should be implemented by the entity. "The implementation in the r code or pseudocode can be issued by the official or the joint. Because of the filtering of the content restriction information, this party is slaughtered with the normal privacy mode 501. Partially overlapping. Wanmu Figure 6 illustrates one of the priority modes of implementation m or recorder 112 is assigned at::: 夕摄-机督. If the camera 102 or recorder 112#^ subscribes to the authorized surveillance capture and Λ is moved From this position, its sensing, :=! privacy function. For example, if the supervisory device 2 is removed from its fixed position, a control port is reduced to η Μ 譬 — — 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影 摄影=Γ , or — The sound sensor of the recorder will be deactivated to prevent privacy for those who do not want to be recorded. Supervised 奘朁m J does not 孜棹 乇 猎 此 此 此 保 保 保 保 保 GPS GPS GPS GPS GPS GPS GPS The change can be judged by the use of the internal mobile 2 _ 6Q1 or by the internal motion sensor 602 of the supervisory device. The brother 7 is the priority mode - the method flow chart. Placement coordinates, this is preferably using coffee or - similar 15 13 08451 _ Institutional reach. In step 702, a request is made for the priority mode job of the supervisory device. The request should include one or more of the following: device location, one of the public keys of the supervisory device, supervised The period (a number of seconds. to years) and why it is necessary to supervise. The request may include a binding statement that the device will be used in a designated location for the protection of life and/or property in accordance with the law. Preferably, the information is presented via the Internet, and the information therein is checked by the appropriate authority to check the property record, follow-up telephone confirmation, and/or mail confirmation. B In order to maintain the confidentiality of the supervision request, it is in the step The public key of the authorized entity in 703 (the root public key for one of the public key vouchers is securely embedded in the device is fully protected) is encrypted. The authorized entity or the authority may include a court, State police or city police, federal law enforcement officer, or any similar government authority or organization. In step 704, submit a supervision to the authorized entity The request is made by using the website of the authorized entity (wherein a TLS connection can provide encryption for confidentiality) or by using a network service for direct communication between the supervisory device and the authorized entity. If approved, then in step φ In 705, the authorized entity forms an accreditation certificate consisting of at least a permitted location and a permitted period. It may also include: a license supervised reason, and a licensed measured location coordinate tolerance. In step 706, the supervisor The authority signs the certificate with its private key and encrypts the certificate with the public key of the supervisory device. This message is signed by a person or organization that is granted a legal authorization to allow the recorder to override the privacy feature on a recording device. The signed message may contain a valid date whereby the authorized person or organization must re-apply for authorization to use the supervisory device. Authorized content is listed in a number with a signature

(S 16 1308451. A root certificate issued by an official or quasi-official organization is preferably embedded in memory 603 and downloaded to each supervisory device 102, 112 or memory 603. Mechanisms within such a recording device Must have tamper resistance. By enclosing the certificate with the encrypted information, it will be shown that this is obtained through legal means and can be presented when the document is permanently linked to the information. * This method of encapsulation can be achieved by encrypting the captured information along with the voucher. Another method is to use the voucher as a watermark to capture information using known digital watermarking techniques. The integrity of the association, the metadata B and the measured data should be digitally signed using a private key of the supervisory device. Next, the approved certificate is placed in the supervisory device, preferably via a network service response message (step 707). The message will contain the identity of the device, the licensed location, and a unique (single) sequential increase. The single number is stored by the recording device so that it can be detected. No attempt is made to enter a signed message again. In step 708, the supervisory device checks the φ voucher signature with a trusted root public key embedded in its secure processor (and a credential chain that may be sent with the approval). In step 709, the supervisory device determines its location to determine its exact location using an embedded GPS receiver, an independent trusted GPS receiver physically attachable to the device, or any equivalent mechanism. The security processor in the supervisory device determines whether the measured location is within the tolerance tolerance specified for the licensed location. If so, the supervisory device disables its ability to limit the capture of video or sound. The supervisory device is in the priority mode. In step 711, the supervisory device monitors its position continuously or periodically. This can be used with an embedded GPS receiver or its own to filter out normal cameras.

(S 17 1308451 The panning movement of the motion detector is achieved. In step 712, if the supervisory device is moved, the priority mode is disabled and the function of capturing the capture of the image or sound is enabled. Another option is to disable The function of allowing images to be captured. In an accompanying embodiment, 'If the time limit for the supervision of the approval certificate has expired, then the priority mode is stopped. This can be done by using an internal security time clock or

The Trusted Computing Module of the Trusted Computing Group can provide one of the tick counting mechanisms for implementation. Finally, in step 713, the priority mode of the 'supervising device' is re-enabled by placing the device back in the licensed location and utilizing the non-overdue license voucher or requesting a license voucher for a different location. If the supervisory device must be moved to another location, it must be followed by the above procedure. The same technique has been modified somewhat for other sensing devices, such as those described below. One example of the above-mentioned authorization procedure for the priority mode is to provide a technical control over eavesdropping or similar supervision by the enforcement unit. For example, a police officer who has been authorized to install a supervisory device will install a court-authorized certificate of accreditation directly in the device (e.g., a camera or tape recorder) for electronic surveillance. Another example of a supervisory device that is in one privacy mode to one of the last priority modes is as follows. In the normal privacy mode of a supervisory device, its sensing function has been deactivated and it is housed in a law enforcement officer's compartment. Upon request by a priority mode, a court order is granted and an authorization certificate is granted. This voucher that limits the sensing device to operate at a particular location or operates or limits both during a particular time period is installed in the device specified by the voucher. The sensing device can then enter a priority mode, which in this case means that the j device goes from a perceptually disabled state to a perceptually enabled state. This example can be extended from a law enforcement officer to any group that wants to set up a supervisory device, but 'in this case, the device will enter a priority mode from a perceived state that is subject to certain conditions when entering the priority mode. Restricted or unrestricted status (except for location and/or time limits). The sensing and reporting functions of the supervisory devices 1, 2, 112 described below are examples of functions p that may be enabled or disabled in the event that the devices 102, 1112 are removed from their authorized fixed location: recording function, local or remote notification or Alarm system, data distortion 'downsampling ability, capture data transfer, audit, plus watermark or fingerprint. With regard to data distortion, it is possible to use camera image blurring to solve the problem of unwanted image perception by the camera. For example, an interfering mechanism can operate in contrast to an autofocus mechanism within an image sensing device (e.g., a camera) causing a perceptual image to be blurred. The co-pending application titled, Method and Implementation for Using Infrared Signals and Sonar to Interfere with Camera Autofocus Mechanism, proposes that continuous or intermittent emitters confuse the autofocus mechanism within the camera. These emitters can cause the perceived image to be blurred and unusable. Multiple infrared emission of varying intensity can also result in under-exposed or over-exposed perceptual images. These transmitters are manually controlled to deliberately change the captured surveillance information as a privacy feature. By manually entering the password, only the device with a secure decoding component performs the restriction operation and/or uses the appropriate authentication identity and access. The code is logged into a network or access point to gain access to enabled information. This manual 19 1308451 control may be overturned when the camera is moved away from its authorized position. Supervising devices 102, 112 and a wireless device - used to send power to (5) ... fruit Tongxin sword Fang Shibai #Λ phase 1, at the center or a specific telephone number ° (f) the mechanism of attention to the event. For example, the mobile phone can detect the information sent by the pirate 604 when the supervisory device 102, 112 detects an automatic event in the supervisory device. Supervised installation 2) 2 1彳i Γ will also be transmitted (4) to help rapid response. Supervisory device

Communication between mobile phones can be done via infrared (five), blue^2 or wired interface. - The perceptron's report can be entered on a regular basis. If the supervisory authority 1 μ m ^ ^ communication function is disabled, the chain is removed from its authorized fixed position, such as the transmitter 404 is deactivated. f is in the following: an alternative embodiment in which a target interrogator 801 is used to monitor the target of the electronic tag, and the recorder is used in a perceptive device with privacy function.

To give specific consideration to the specific situation: the weekly specials in the scope of the inquiry ~ ^ : the monthly position includes the location, the specific time of the day, the seven... ten, the 疋4, the % condition, and any other influences; p The status can be determined. The monitored targets are used; these tags can be protected for small or non-bridgeable target interrogators and/or exchange = PDAs, squeaky calls, smart cards, or similar, protected with hidden objects Can include - agency to not allow this (§: 20

1308451 Reservation area. For example, the number one, because the tagged object moves ~2^ the object may be because of the inquiry (5) device lost its message beyond the side of the predetermined area, or because of the tagged object carrier, and / or others Red, one of the entrances and exits was detected. Processor, action. $Men's experience is told that this happened and can be taken as appropriate in Figure 8, + η Μ 目 目 目 目 目 目 目 目 目 目 目 目 目 目 805 805 805 805 805 805 805 805 805 805 805 805 805 805 805 Although the more the coffee field. Although each of the above-described sensing devices is described as being the same (4), it is also possible that a single component can execute the tag or the (four) function. For example, a telephone can be used as a target to ask the target to ask for the 11-label. Any of the above-described portals are applied to the fixed location procedure previously described for the supervisory devices 102, 112, whereby the interrogator is pre-authorized for use in its location and removed from it for deactivation. Although the features and elements of the present embodiments are described above in terms of specific combinations, each feature or element may be used alone (without other features and elements of the preferred embodiments) or with or without other features and elements of the present invention. Group people use. 5 21 1308451 Schematic description of the diagram Figure 1 is an object that is not intended to be recorded under supervision; Figure 2 is a flow chart of unrestricted capture of supervision information; Block diagram of the device that monitors the monitoring information during the avoidance mode; Figure 4 of the μ body k is used to record the avoidance mode of the supervisory information, and the figure 5 is a summary of the transition feature of the avoidance mode; The figure is an example of a device that can be supervised for privacy reasons. Figure 7 of the low-level perception function is an example of the priority mode of supervision information. Component Symbol Description 100 Public Site 101 Object 102 Supervisor Camera 110 Image 111 Sound 112 Recorder 122 Server 320, 330 Parallel Signal Path Figure 8 is a diagram of the target message for the privacy reasons. 22 1308451 326 Storage device 338 Timed temporary memory device 308 Monitor 318 Image data 328 Sound data 340 Authorizer 601 Global Positioning System (GPS) signal processor 602 Internal motion sensor 603 Memory 604 Transmitter 605 Stimulus sensor 801 Target query 802, 803 target 805 doorway

twenty three

Claims (1)

13.08451 m: ^ ί ο- Year Month Day Correction Replacement Page 10, Patent Application Range: 1. A method for safely processing digital information captured by a supervisory device for authorized purposes, including: Recording is captured by a supervisory device The digital information obtained, wherein the digital information is a visual image or an audio signal; processing the recorded information according to a privacy mode, the mode prohibiting access to the information or changing the information to protect privacy; And processing the record information according to an avoidance mode parallel to the privacy mode, wherein the avoidance mode processing step bypasses processing according to the privacy mode, the avoidance mode includes encrypting the record information and authorizing an authorized entity to have a decrypted format Access to encrypted information. 2. The method of claim 1, wherein the processing step according to the avoidance mode further comprises: storing the encrypted information in an encrypted storage device. 3. The method of claim 2, further comprising: decrypting the digital information by a decryption device; and displaying the decrypted information on a security monitor accessible only by the authorized entity. 4. The method of claim 3, wherein the encrypting step comprises embedding a public key in the supervisory device, and the decrypting step comprises using at least one private key at the decrypting device. 5. The method of claim 4, wherein the private key comprises a plurality of gold records. 6. The method of claim 5, wherein the plurality of keys are applied in a serial manner such that a first encryption is performed by a first record and the first encryption is subsequently performed by A second transcript is encrypted to generate a second cryptographic effect of the 24 1308451 modified replacement page. ~~----- 7_ Μ 专利 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 9. The method of claim 3, wherein the display of the bullish a ❺ ' and the decrypted information is from the encrypted storage; the delay # 1G · the method of the patent scope i, Get it privately. Store the information recorded in the temporary storage device in a temporary storage device; analyze the storage information of the temporary storage device to capture the provoked "signs"; and 4 to monitor the 11 w select the information indicating the intense activity for encryption. For example, the method of applying for the first item of the patent scope, i; is based on the detection of the sudden presence of the supervision. Or 曰 12. If you apply for the patent scope item, it also includes a time stamp and a + 兮 捭 + ~ digital information. The position of the m record indicates the record. 13. The method of claim </ RTI> </ RTI> further includes: judging the supervisory device by an automatic program: the dynamic type, the automatic program analyzes the number to find: =; = at least r Distinguishable features: - subject to observed mode changes, a movement, a loud sound and a scream.疋大... 14.=专用为=第=方法' where the security process is handled by the read-activity ^ is fierce _ positive judgment lead 1308451 9B; ~^7-1^- ' year-month 2 Correct the replacement page, otherwise the digital information will be eliminated. 15. A method for processing information captured by an authorized supervisory device, comprising: capturing image or sound information from a supervisory device; establishing at least one privacy protection feature within the supervisory device, including deactivating one of the supervisory devices Perceptual function; select a privacy protection mode for the capture information, so that for a completely unrestricted capture, select a priority mode that will disable the privacy protection mode, and for limited capture, select one to take another capture information Protection mode, avoidance mode including information encryption. 16. The method of claim 15, wherein the priority mode comprises an authorization program for installing the supervisory device at a particular location. 17. The method of claim 16, wherein the authorization procedure comprises: using a GPS to determine a physical coordinate of the installation location of the supervisory device; requesting one of the supervisory devices to operate in a priority mode, comprising at least one of the following: The location of the supervisory device, a voucher for the public key of the supervisory device, a period of supervision, and a reason why supervision is required. 18. The method of claim 17, wherein the request further comprises the use of the supervisory device in accordance with the law and used to protect one of life or property. 19. The method of claim 17, wherein the request is presented to an authorized entity via the Internet. 20. The method of claim 19, wherein the authorization procedure further comprises: encrypting the request with a public key of the authorized entity. 26 1308451, ci 1 year &gt; 曰Revised replacement page 21. The method of claim 20, further comprising: presenting the request to the authorized entity using one of the authorized entities' websites. 22. The method of claim 16, wherein the authorization process further comprises: forming a digital identification certificate comprising one of the supervisory installation locations and the one of the supervisory devices in the priority mode. 23. The method of claim 22, further comprising: signing the endorsement voucher with a private key of one of the authorized entities; and encrypting the accreditation voucher with a public key of the one of the supervising devices. 24. The method of claim 23, wherein the approval voucher is encrypted with the capture information such that the voucher is permanently linked to the capture information. 25. The method of claim 23, wherein the approval voucher is linked to the capture information by applying a digital watermark to the capture information, such that the proof of the voucher and the capture information are permanently linked. . 26. The method of claim 23, further comprising: placing the approved voucher into the supervisory device via a network service response message containing a unique sequential number increase to prevent an attempt to re-enter a signed message . 27. The method of claim 22, further comprising: confirming the license installation location by using an embedded detector in the supervisory device; periodically monitoring the license installation location; and determining, in the monitoring step, that the supervisory device has been Moved away from the license An 27 1308451 The priority mode is deactivated when the location is „ 28. If the scope of the patent application is 27, the party that has been cut n-version* is selected, in which a long period of time has passed; patent = modulo 27 ==: use the priority mode Yes - (4) Receiver., H of the New Zealand type (4) Method 27 of the 'where the embedding device 31.; ===r is in the supervision device is placed - the type of supervision equipment ^ set" Priority mode. - a supervisory device 'when it is constructed_information, in the form of an image, a chemical or a chemical; a D recorder, which is constructed to digitally record measured information; a filtering mechanism that is constructed to filter Determining the recorded information related to the suspicious activity or filtering out the combination of the judgement and privacy activities, or the combination of the two, the axis mechanism includes a processor, and a storage device; and an encryption device that encrypts the filtered information And a twisted storage device for storing encrypted information. 33. ^Applicant of claim 32, wherein the filtering mechanism utilizes an inline algorithm, encoding, or pseudocode to determine the privacy to be filtered out, and the device of claim 32, such as the device of claim 32, The care organization utilizes a software component or application to determine the privacy activities to be filtered out. 35. The device of claim 32, further comprising: a decryption device positioned at a secure location, configured to encrypt the encrypted information; and solution 28 1308451 [*98r~ The 'Monthly Correction Replacement I' monitor is located in a secure location for viewing the decrypted information. 36. The device of claim 35, wherein the decryption device decrypts the information in real time. 37. The device of claim 35, wherein the decryption device decrypts the encrypted information stored in the storage device. 38. A system comprising the apparatus of claim 32, further comprising: a transmitter for transmitting the encrypted information to a remote location; and a remote server for receiving The encrypted information, wherein the remote server includes a remote storage device for storing the encrypted information. 39. The device of claim 32, wherein the supervisory device is a camera. 40. The device of claim 32, wherein the monitoring device is a tape recorder. 41. The device of claim 32, wherein the supervisory device is an entry identifier type target interrogator. 42. The device of claim 32, wherein the monitoring device is a chemical detecting device. 29