TWI385999B - And a method of accessing the connection between the user side and the network device in the network system - Google Patents

And a method of accessing the connection between the user side and the network device in the network system Download PDF

Info

Publication number
TWI385999B
TWI385999B TW97129717A TW97129717A TWI385999B TW I385999 B TWI385999 B TW I385999B TW 97129717 A TW97129717 A TW 97129717A TW 97129717 A TW97129717 A TW 97129717A TW I385999 B TWI385999 B TW I385999B
Authority
TW
Taiwan
Prior art keywords
network device
server
message
user
target network
Prior art date
Application number
TW97129717A
Other languages
Chinese (zh)
Other versions
TW201008199A (en
Inventor
Shih Yi Chiu
Original Assignee
Davicom Semiconductor Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Davicom Semiconductor Inc filed Critical Davicom Semiconductor Inc
Priority to TW97129717A priority Critical patent/TWI385999B/en
Publication of TW201008199A publication Critical patent/TW201008199A/en
Application granted granted Critical
Publication of TWI385999B publication Critical patent/TWI385999B/en

Links

Description

網路系統中使用者端與網路裝置間之連線存取之方法Method for connecting access between user terminal and network device in network system

本發明係關於一種網路系統資料存取之方法,特別是關於一種包括有防火牆、網路位址轉換器或路由器等網路互連設備之網路系統中使用者端與網路裝置間之連線存取之方法。The present invention relates to a method for accessing data in a network system, and more particularly to a network system between a network system including a firewall, a network address converter or a router, and a network device. The method of connecting access.

在網際網路系統中,通常都裝設有例如防火牆(Firewall)、網路位址轉換器(Network Address Translation,NAT)或路由器(router)等網路互連設備(Network Interconnection Apparatus)。其中,網路位址轉換是一種在IP數據包通過路由器或防火牆時重寫原始IP位址、目的IP位址的技術。這種技術被普遍使用有多台主機但只通過一個公用IP位址來連結網際網路的私有網路(例如:區域網路)中。網路位址轉換是作為一種解決IPv4位址短缺以避免保留IP位址困難的方案,因此在很多國家都被廣泛的使用,並成為了家庭和小型辦公室網路中,連接上的路由器的一個標準特徵。In an internet system, a network interconnection device such as a firewall, a network address translation (NAT), or a router is usually installed. Among them, network address translation is a technology that rewrites the original IP address and destination IP address when the IP packet passes through the router or firewall. This technology is commonly used with multiple hosts but only through a public IP address to connect to the Internet's private network (for example, regional network). Network address translation is a solution to the shortage of IPv4 addresses to avoid the difficulty of preserving IP addresses. Therefore, it is widely used in many countries and becomes a router in the home and small office networks. Standard features.

然而,雖然利用網路位址轉換所建構之網路環境能彌補 IPv4之IP不足之情況,但使用網路位址轉換卻會造成網路位址轉換外部無法直接存取內部的網路設備。過去的解決辦法是在網路位址轉換的路由器上設定埠的對應,但若無網路位址轉換的管理權限,即無法進行這項動作,網際網路中的使用者便無法連接到網路位址轉換下的裝置。However, although the network environment constructed by using network address translation can make up for The IP of IPv4 is insufficient, but the use of network address translation will cause the network address translation outside to directly access internal network devices. The solution in the past was to set the 埠 correspondence on the router for network address translation, but if there is no management right for network address translation, this action cannot be performed, and users in the Internet cannot connect to the network. A device under the conversion of a road address.

緣此,本發明之一目的即是提供一種網路系統中使用者端與網路裝置間之連線存取之方法,不論標的網路裝置處於防火牆或是網路位址轉換下,使用者端皆能存取到標的網路裝置。Accordingly, it is an object of the present invention to provide a method for connecting access between a user terminal and a network device in a network system, regardless of whether the target network device is under firewall or network address translation. Both sides can access the target network device.

本發明為解決已知技術之問題所採用之技術手段係為一種網路系統中使用者端與網路裝置間之連線存取之方法,係在一網路系統中,由一標的網路裝置透過一防火牆及一網際網路發送一網路裝置註冊資料予一伺服器之一資料庫中儲存,並保持連線。The technical means adopted by the present invention to solve the problems of the known technology is a method for connecting and connecting a user terminal and a network device in a network system, and is a network system in a network system. The device sends a network device registration data to a database of a server through a firewall and an internet network, and keeps the connection.

當一使用者端欲與標的網路裝置進行連線及標的資料存取時,即發送一存取訊息予伺服器,確認標的網路裝置是否已在伺服器註冊。標的網路裝置便透過防火牆及網際網路與使用者端連線,或是透過伺服器之轉送,傳送標的資料至使用者端。When a user wants to connect to the target network device and access the data, an access message is sent to the server to confirm whether the target network device is registered with the server. The target network device is connected to the client through the firewall and the Internet, or transmitted through the server to transmit the target data to the user.

經由本發明所採用之技術手段,不論標的網路裝置處於 防火牆或是網路位址轉換下,只要標的網路裝置有在伺服器註冊,使用者端便能藉由伺服器,而從標的網路裝置存取到標的資料。如此一來,就不用特地在網路位址轉換的路由器上設定埠的對應,亦不用擔心是否有網路位址轉換的管理權限問題。此外,使用者端與網路裝置的資料皆會儲存在伺服器中,使用者能夠透過使用者介面(網頁)方便地查詢所有連線的網路裝置,再從中選擇適合且需要的網路裝置進行連線。By means of the technical means adopted by the present invention, regardless of the target network device Under the firewall or network address translation, as long as the target network device is registered with the server, the user can access the target data from the target network device through the server. In this way, there is no need to specifically set the corresponding correspondence on the router of the network address conversion, and there is no need to worry about whether there is a management authority problem of the network address conversion. In addition, the data of the user terminal and the network device are stored in the server, and the user can conveniently query all connected network devices through the user interface (webpage), and then select a suitable and required network device. Connect.

本發明所採用的具體實施例,將藉由以下之實施例及附呈圖式作進一步之說明。The specific embodiments of the present invention will be further described by the following examples and the accompanying drawings.

參閱第1圖所示,其係顯示本發明網路系統中使用者端與網路裝置間之連線存取之方法之系統架構圖。在網路系統100中有一使用者端1,使用者端1透過一網際網路2及一防火牆3與標的網路裝置4相連接,標的網路裝置4包括有二網路攝影機41、42及一電腦裝置43。網際網路2還連接有一伺服器5。在此,防火牆3為一種廣義的稱呼,所指的是一種網路位址轉換的路由器,並且內建有防火牆的功能。Referring to Fig. 1, there is shown a system architecture diagram showing a method for connection access between a user terminal and a network device in the network system of the present invention. In the network system 100, there is a user terminal 1 connected to the target network device 4 through an internet 2 and a firewall 3. The target network device 4 includes two network cameras 41 and 42 and A computer device 43. Internet 2 is also connected to a server 5. Here, the firewall 3 is a generalized name, which refers to a router for network address translation, and has a built-in firewall function.

參閱第2圖所示,其係顯示本發明第一實施例之伺服器之電路方塊圖。伺服器5中包括有一處理單元51,其分別連接有一作業系統52、一資料庫53及一網路界面54。Referring to Fig. 2, there is shown a block diagram of a circuit of a server in accordance with a first embodiment of the present invention. The server 5 includes a processing unit 51 connected to an operating system 52, a database 53 and a network interface 54 respectively.

處理單元51中建置有一存取控制模組6,用以負責使 用者端1與網路攝影機41、42間的存取控制。資料庫53中有一網路裝置資料表531、一使用者端資料表532及一關聯資料表533。網路界面54用以供伺服器5透過網路界面54連接至網際網路2。在本實施例中,作業系統52是Linux系統,資料庫53則是MySQL資料庫,當然也可以採用其他的作業系統、資料庫,端視各種情況及需求而定。An access control module 6 is built in the processing unit 51 for being responsible for making Access control between the user terminal 1 and the network cameras 41, 42. The database 53 has a network device data table 531, a user terminal data table 532, and an associated data table 533. The web interface 54 is used by the server 5 to connect to the Internet 2 via the web interface 54. In this embodiment, the operating system 52 is a Linux system, and the database 53 is a MySQL database. Of course, other operating systems and databases can be used, depending on various situations and needs.

參閱第3圖所示,其係顯示本發明第一實施例之存取控制模組之架構圖。存取控制模組6中包括有一網路資料傳輸模組61,其分別連接一多用途網路郵件擴充(Multipurpose Internet Mail Extension,MIME)模組62、一裝置控制模組63、一轉送模組64及一訊息處理模組65。Referring to FIG. 3, it is a block diagram showing the access control module of the first embodiment of the present invention. The access control module 6 includes a network data transmission module 61 connected to a multipurpose Internet Mail Extension (MIME) module 62, a device control module 63, and a forwarding module. 64 and a message processing module 65.

網路資料傳輸模組61與應用程式A連接,用以接收由網路送來的訊息,並在解析過後分配給相對應的模組,若解析後發現無相對應之模組,則將此訊息丟棄。多用途網路郵件擴充模組62則是當網路資料傳輸模組61判定網路送來的訊息是標準的超文件傳輸協定(hypertext transmission protocol,HTTP)訊息時,則會由多用途網路郵件擴充模組62來負責回覆。裝置控制模組63透過一資料庫存取模組66與資料庫53相連接,負責處理網路攝影機41、42所傳來的訊息。The network data transmission module 61 is connected to the application program A for receiving the message sent by the network, and after being parsed, the message is allocated to the corresponding module. If the module is found to be uncorrelated, the message is sent. throw away. The multi-purpose network mail expansion module 62 is a multi-purpose network when the network data transmission module 61 determines that the message sent by the network is a standard hypertext transmission protocol (HTTP) message. The mail extension module 62 is responsible for replying. The device control module 63 is connected to the database 53 via a data inventory module 66 and is responsible for processing the messages transmitted by the network cameras 41 and 42.

同時參閱第4圖及第5圖所示,並配合前述第1圖至第3圖。第4圖係顯示本發明第一實施例之系統動作圖;第5圖係顯示本發明第一實施例之控制流程圖。本發明第一實施例係以一定之程序流向F1執行。See also Figures 4 and 5, and in conjunction with Figures 1 through 3 above. Fig. 4 is a view showing the operation of the system of the first embodiment of the present invention; and Fig. 5 is a flow chart showing the control of the first embodiment of the present invention. The first embodiment of the present invention is executed in a certain program flow to F1.

首先,網路攝影機41發送一註冊請求訊息予伺服器5(步驟101)。伺服器5接收註冊請求訊息後,會回傳一認證訊息予網路攝影機41(步驟102),認證訊息在本實施例中是一種系統所產生的亂數。當網路攝影機41接收到認證訊息後,便依據這個亂數再回傳一回覆認證訊息予伺服器(步驟103),而回覆認證訊息同樣也是亂數,這種利用亂數所進行的確認動作,可增加傳輸上的安全性。First, the webcam 41 sends a registration request message to the server 5 (step 101). After receiving the registration request message, the server 5 returns an authentication message to the network camera 41 (step 102). In this embodiment, the authentication message is a random number generated by the system. When the network camera 41 receives the authentication message, it returns a reply authentication message to the server according to the random number (step 103), and the reply authentication message is also a random number, and the confirmation action by using the random number is performed. Can increase the security on the transmission.

當伺服器5接收到回覆認證訊息後,便回傳一確認回覆訊息予網路攝影機41(步驟104),確認回覆訊息包括有連線用的IP位置、連接埠等資訊在內。接著,網路攝影機41便透過防火牆3及網際網路2發送一網路裝置註冊資料S1予伺服器(步驟105)。When the server 5 receives the reply authentication message, it returns a confirmation reply message to the network camera 41 (step 104), and confirms that the reply message includes the IP address, connection port and the like for connection. Next, the network camera 41 sends a network device registration data S1 to the server through the firewall 3 and the Internet 2 (step 105).

雖然在本實施例中,網路攝影機41只進行了一次的註冊動作。但在實際應用時,也可使網路攝影機41週期性地進行進行註冊,以使伺服器5隨時了解網路攝影機41的最新資訊。Although in the present embodiment, the network camera 41 performs only one registration operation. However, in actual application, the network camera 41 can also be periodically registered to enable the server 5 to keep abreast of the latest information of the network camera 41.

在存取控制模組6方面,網路裝置註冊資料S1自應用程式A於網路資料傳輸協定P之下傳輸到存取控制模組6之網路資料傳輸模組61。網路資料傳輸模組61解析後判斷網路裝置註冊資料S1是屬於由網路攝影機41所傳來的,便將網路裝置註冊資料S1分配給裝置控制模組63。In the access control module 6, the network device registration data S1 is transmitted from the application program A to the network data transmission module 61 of the access control module 6 under the network data transmission protocol P. After the network data transmission module 61 analyzes and determines that the network device registration data S1 belongs to the network camera 41, the network device registration data S1 is assigned to the device control module 63.

裝置控制模組63會依據網路裝置註冊資料S1處理網路攝影機41的註冊動作,將網路裝置註冊資料S1透過資料庫存取模組66儲存到資料庫53之網路裝置資料表531中, 完成註冊之動作(步驟106)。網路裝置資料表531中所儲存的資訊包括有網路裝置識別碼、註冊時間、IP位置、連接埠、實體IP位置、實體連接埠、網路裝置的別名、網路裝置特徵描述等資料。The device control module 63 processes the registration operation of the network camera 41 according to the network device registration data S1, and stores the network device registration data S1 in the network device data table 531 of the database 53 through the data inventory retrieval module 66. The registration action is completed (step 106). The information stored in the network device data table 531 includes network device identification code, registration time, IP location, port, physical IP location, physical port, alias of the network device, network device feature description and the like.

當使用者端1欲與網路攝影機41進行連線之前,會先發送一使用者端註冊資料予伺服器5,進行註冊的動作(步驟107)。伺服器5則會將使用者端註冊資料儲存至伺服器5之資料庫53之使用者端資料表531中(步驟108)。使用者端資料表531所儲存的內容包括有使用者識別碼、使用者的名字、使用者的密碼、使用者的信箱、使用者的電話、以及使用者所居住的地址等資料。Before the user terminal 1 wants to connect to the network camera 41, a user terminal registration data is sent to the server 5 to perform registration (step 107). The server 5 stores the client registration data in the client data table 531 of the database 53 of the server 5 (step 108). The content stored in the user data table 531 includes the user identification code, the user's name, the user's password, the user's mailbox, the user's phone number, and the address where the user lives.

使用者端1註冊完畢之後,發送一存取訊息S2予伺服器5,表明欲與網路攝影機41進行連線(步驟109)。存取訊息S2自應用程式A於網路資料傳輸協定P之下傳輸到存取控制模組6之網路資料傳輸模組61。網路資料傳輸模組61解析後判斷存取訊息S2是屬於由使用者端1所傳來的,便將存取訊息S2分配給訊息處理模組65。After the registration of the client 1 is completed, an access message S2 is sent to the server 5 indicating that the network camera 41 is to be connected (step 109). The access message S2 is transmitted from the application program A to the network data transmission module 61 of the access control module 6 under the network data transmission protocol P. After the network data transmission module 61 analyzes and determines that the access message S2 belongs to the user terminal 1, the access message S2 is assigned to the message processing module 65.

訊息處理模組65接收存取訊息S2後,會依據存取訊息S2之請求並透過轉送模組64之轉送,以確認網路攝影機41是否已在伺服器5註冊,也就是查詢資料庫53中是否有資料存在(步驟110)。After receiving the access message S2, the message processing module 65 transmits the request via the access message S2 and transmits it through the transfer module 64 to confirm whether the network camera 41 has been registered in the server 5, that is, in the query database 53. Whether or not there is data exists (step 110).

在實際應用上,伺服器5本身提供了使用者介面(網頁)予使用者端1,因此確認網路攝影機41的步驟可以直接從使用者介面來查詢網路攝影機41。另外,使用者端1與網路攝 影機41間的關聯性動作(也就像是請求連線的動作),會被記錄在資料庫53之關聯資料表533中。關聯資料表533中所儲存的資訊包括有資料筆數、使用者辨識碼、網路裝置辨識碼,用以紀錄不同使用者與其所欲連線之網路裝置之間的關聯資料。In practical applications, the server 5 itself provides a user interface (web page) to the user terminal 1, so the step of confirming the network camera 41 can directly query the network camera 41 from the user interface. In addition, the user terminal 1 and the network camera The association action between the cameras 41 (also like the action of requesting a connection) is recorded in the associated profile 533 of the database 53. The information stored in the associated data table 533 includes a data number, a user identification code, and a network device identification code for recording association data between different users and the network devices to which they are connected.

因為網路攝影機41已經先行在伺服器5中註冊,所以伺服器5在確認過後,便會發送一通知連線訊息至網路攝影機41(步驟111)。如果使用者端1之請求,是欲和尚未註冊的網路攝影機42進行連線時,伺服器5就不會接受這個要求。Since the network camera 41 has been registered in the server 5 first, after the server 5 confirms, a notification connection message is sent to the network camera 41 (step 111). If the request from the user terminal 1 is to be connected to the network camera 42 that has not been registered, the server 5 will not accept this request.

最後,網路攝影機41收到通知連線訊息後,會透過防火牆3及網際網路2與使用者端1連線,於網路資料傳輸協定P之下,傳送標的資料S3至使用者端1(步驟112)。標的資料S3在此實施例中代表的是網路攝影機41的聲音、圖像資料,也就是藉由上述之方法,使用者端1能直接觀看到網路攝影機41所攝取的影像。Finally, after receiving the notification connection message, the network camera 41 connects to the user terminal 1 through the firewall 3 and the Internet 2, and transmits the target data S3 to the user terminal 1 under the network data transmission protocol P. (Step 112). The target data S3 represents the sound and image data of the network camera 41 in this embodiment, that is, by the above method, the user terminal 1 can directly view the image taken by the network camera 41.

參閱第6圖所示,其係顯示本發明第二實施例之存取控制模組之架構圖。由於本發明第二實施例之系統架構與伺服器之電路和第一實施例相同。只在存取控制模組6’之結構設計有所差異,故相同之構件乃標示以相同之元件編號,以資對應。其差異在於第二實施例之存取控制模組6’中多了一使用者資料封包(User Datagram Protocol,UDP)傳輸模組67。使用者資料封包傳輸模組67連接訊息處理模組65,用以在進行UDP傳輸時使用。Referring to Figure 6, there is shown an architectural diagram of an access control module in accordance with a second embodiment of the present invention. Since the system architecture of the second embodiment of the present invention is identical to the circuit of the server and the first embodiment. Only the structural design of the access control module 6' is different, so the same components are labeled with the same component numbers. The difference is that the access control module 6' of the second embodiment has a User Datagram Protocol (UDP) transmission module 67. The user data packet transmission module 67 is connected to the message processing module 65 for use in performing UDP transmission.

同時再參閱第7圖及第8圖所示,其係顯示本發明第二實施例之傳輸時序示意圖及控制流程圖。本發明第二實施例係以一定之程序流向F2執行。Referring to FIG. 7 and FIG. 8 again, it shows a transmission timing diagram and a control flow chart of the second embodiment of the present invention. The second embodiment of the present invention is executed in a certain program flow to F2.

與第一實施例相似地,網路攝影機41發送一註冊請求訊息予伺服器5(步驟201)。伺服器5接收註冊請求訊息後回傳一認證訊息予網路攝影機41(步驟202)。當網路攝影機41接收到認證訊息後,便依據這個亂數回傳一回覆認證訊息予伺服器5(步驟203)。伺服器5接收到回覆認證訊息後,回傳一確認回覆訊息予網路攝影機41(步驟204)。網路攝影機41再透過防火牆3及網際網路2發送一網路裝置註冊資料S1予伺服器5(步驟205)。Similar to the first embodiment, the webcam 41 transmits a registration request message to the server 5 (step 201). The server 5 receives an authentication request message and returns an authentication message to the network camera 41 (step 202). When the network camera 41 receives the authentication message, it returns a reply authentication message to the server 5 according to the random number (step 203). After receiving the reply authentication message, the server 5 returns a confirmation reply message to the network camera 41 (step 204). The network camera 41 transmits a network device registration data S1 to the server 5 through the firewall 3 and the Internet 2 (step 205).

在存取控制模組6’方面,網路裝置註冊資料S1自應用程式A於網路資料傳輸協定P之下,先後透過網路資料傳輸模組61、裝置控制模組63、資料庫存取模組66儲存到資料庫53之網路裝置資料表531中(步驟205)。In the access control module 6', the network device registration data S1 is sent from the application program A under the network data transmission protocol P, and then through the network data transmission module 61, the device control module 63, and the data inventory modulo The group 66 is stored in the network device data table 531 of the database 53 (step 205).

當使用者端1欲與網路攝影機41進行連線之前,先發送一使用者端註冊資料予伺服器5(步驟206)。伺服器5將使用者端註冊資料儲存至伺服器5之資料庫53之使用者端資料表531(步驟207)。註冊完畢後,使用者端1發送一存取訊息S2予伺服器5((步驟208)。伺服器5接收使用者端1發送之存取訊息S2,並依據存取訊息S2之請求,確認網路攝影機41是否已在伺服器5註冊(步驟209)。伺服器5在確認過網路攝影機41已經註冊後,發送一通知連線訊息至網路攝影機41(步驟210)。Before the user terminal 1 wants to connect to the network camera 41, a user terminal registration data is sent to the server 5 (step 206). The server 5 stores the user side registration data in the user side data table 531 of the database 53 of the server 5 (step 207). After the registration is completed, the client 1 sends an access message S2 to the server 5 (step 208). The server 5 receives the access message S2 sent by the user terminal 1, and confirms the network according to the request of the access message S2. Whether or not the road camera 41 has been registered with the server 5 (step 209). After confirming that the network camera 41 has been registered, the server 5 transmits a notification connection message to the network camera 41 (step 210).

網路攝影機41接收到通知連線訊息後,即透過防火牆3及網際網路2與伺服器5連線,於網路資料傳輸協定P之下,先傳送標的資料S3至伺服器5(步驟211)。標的資料S3於伺服器5中,由存取控制模組6’之轉送模組64及使用者資料封包傳輸模組67轉送,之後被轉送之標的資料S4便從伺服器5送至使用者端1(步驟212)。After receiving the notification connection message, the network camera 41 connects to the server 5 through the firewall 3 and the Internet 2, and under the network data transmission protocol P, first transmits the target data S3 to the server 5 (step 211). ). The target data S3 is forwarded by the transfer control module 64 of the access control module 6' and the user data packet transmission module 67 in the server 5, and then the forwarded data S4 is sent from the server 5 to the user end. 1 (step 212).

雖然上述第一實施例與第二實施例之方法是分開描述的,但實際應用上因為伺服器5本身提供使用者介面予使用者端1,故使用者端1能夠利用使用者介面,自由地選擇利用第一實施例或是第二實施例之方法來實行連線傳輸的動作。Although the first embodiment and the second embodiment are separately described, in practice, since the server 5 itself provides a user interface to the user terminal 1, the user terminal 1 can freely utilize the user interface. The action of the connection transmission using the method of the first embodiment or the second embodiment is selected.

由以上之實施例可知,本發明所提供之網路系統中使用者端與網路裝置間之連線存取之方法確具產業上之利用價值,故本發明業已符合於專利之要件。惟以上之敘述僅為本發明之較佳實施例說明,凡精於此項技藝者當可依據上述之說明而作其它種種之改良,惟這些改變仍屬於本發明之發明精神及以下所界定之專利範圍中。It can be seen from the above embodiments that the method for connecting and accessing the user end and the network device in the network system provided by the present invention has industrial utilization value, and therefore the present invention has met the requirements of the patent. The above description is only for the preferred embodiment of the present invention, and those skilled in the art can make other various improvements according to the above description, but these changes still belong to the inventive spirit of the present invention and the following definitions. In the scope of patents.

100‧‧‧網路系統100‧‧‧Network System

1‧‧‧使用者端1‧‧‧User side

2‧‧‧網際網路2‧‧‧Internet

3‧‧‧防火牆3‧‧‧Firewall

4‧‧‧標的網路裝置4‧‧‧Target network device

41、42‧‧‧網路攝影機41, 42‧‧‧ webcams

43‧‧‧電腦裝置43‧‧‧Computer equipment

5‧‧‧伺服器5‧‧‧Server

51‧‧‧處理單元51‧‧‧Processing unit

52‧‧‧作業系統52‧‧‧Operating system

53‧‧‧資料庫53‧‧‧Database

531‧‧‧網路裝置資料表531‧‧‧Network Device Data Sheet

532‧‧‧使用者端資料表532‧‧‧User Data Sheet

533‧‧‧關聯資料表533‧‧‧Related Information Sheet

54‧‧‧網路界面54‧‧‧Web interface

6、6’‧‧‧存取控制模組6, 6'‧‧‧ access control module

61‧‧‧網路資料傳輸模組61‧‧‧Network Data Transmission Module

62‧‧‧多用途網路郵件擴充模組62‧‧‧Multipurpose Internet Mail Expansion Module

63‧‧‧裝置控制模組63‧‧‧Device Control Module

64‧‧‧轉送模組64‧‧‧Transfer module

65‧‧‧訊息處理模組65‧‧‧Message Processing Module

66‧‧‧資料庫存取模組66‧‧‧Data Inventory Module

67‧‧‧使用者資料封包傳輸模組67‧‧‧User Data Packet Transmission Module

A‧‧‧應用程式A‧‧‧App

F1、F2‧‧‧時序流向F1, F2‧‧‧ timing flow

P‧‧‧網路資料傳輸協定P‧‧‧Network Data Transfer Protocol

S1‧‧‧網路裝置註冊資料S1‧‧‧Network Device Registration Information

S2‧‧‧存取訊息S2‧‧‧Access message

S3‧‧‧標的資料S3‧‧‧ Subject information

S4‧‧‧被轉送之標的資料S4‧‧‧Subscribed information

第1圖係顯示本發明網路系統中使用者端與網路裝置間之連線存取之方法之系統架構圖;第2圖係顯示本發明第一實施例之伺服器之電路方塊圖;第3圖係顯示本發明第一實施例之存取控制模組之架構圖; 第4圖係顯示本發明第一實施例之傳輸時序示意圖;第5圖係顯示本發明第一實施例之控制流程圖;第6圖係顯示本發明第二實施例之存取控制模組之架構圖;第7圖係顯示本發明第二實施例之傳輸時序示意圖;第8圖係顯示本發明第二實施例之控制流程圖。1 is a system architecture diagram showing a method for connection access between a user terminal and a network device in the network system of the present invention; and FIG. 2 is a circuit block diagram showing a server according to the first embodiment of the present invention; Figure 3 is a block diagram showing an access control module of the first embodiment of the present invention; 4 is a schematic diagram showing the transmission timing of the first embodiment of the present invention; FIG. 5 is a flowchart showing the control of the first embodiment of the present invention; and FIG. 6 is a diagram showing the access control module of the second embodiment of the present invention; FIG. 7 is a schematic diagram showing the transmission timing of the second embodiment of the present invention; and FIG. 8 is a flowchart showing the control of the second embodiment of the present invention.

Claims (10)

一種網路系統中使用者端與網路裝置間之連線存取之方法,係在一網路系統中包括有至少一使用者端及至少一標的網路裝置,且該使用者端係透過一網際網路及一防火牆連接於該標的網路裝置,且該網際網路連接有一伺服器,該方法包括下列步驟:(a)該標的網路裝置透過該防火牆及該網際網路發送一網路裝置註冊資料予該伺服器;(b)該伺服器接收該網路裝置註冊資料後,將該網路裝置註冊資料儲存至該伺服器之一資料庫中,並保持連線;(c)該使用者端欲與該標的網路裝置進行連線及標的資料存取時,發送一存取訊息予該伺服器;(d)該伺服器接收該使用者端發送之存取訊息,並依據該存取訊息之請求,確認該標的網路裝置是否已在該伺服器註冊;(e)該標的網路裝置透過該防火牆及該網際網路與該使用者端連線,在一預定之網路資料傳輸協定下,傳送該標的資料至該使用者端。A method for connecting between a user end and a network device in a network system includes: at least one user end and at least one target network device in a network system, and the user end is transmitted through An Internet and a firewall are connected to the target network device, and the Internet connection has a server. The method includes the following steps: (a) the target network device sends a network through the firewall and the Internet. (b) after receiving the registration information of the network device, the server stores the network device registration data in a database of the server and keeps the connection; (c) The user terminal sends an access message to the server when the user wants to connect to the target network device and accesses the data; (d) the server receives the access message sent by the user terminal, and according to The request for accessing the message confirms whether the target network device is registered with the server; (e) the target network device is connected to the user terminal through the firewall and the Internet, in a predetermined network Under the data transmission agreement The underlying data to the end user. 如申請專利範圍第1項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(a)之前更包括下列步驟: (a1)該標的網路裝置發送一註冊請求訊息予該伺服器;(a2)該伺服器接收該註冊請求訊息後,回傳一認證訊息予該標的網路裝置;(a3)該標的網路裝置接收該確認訊息後,回傳一回覆認證訊息予該伺服器;(a4)該伺服器接收該認證訊息後,回傳一確認回覆訊息予該標的網路裝置“The method for accessing a connection between a user end and a network device in the network system according to the first aspect of the patent application, wherein the step (a) further comprises the following steps: (a1) the target network device sends a registration request message to the server; (a2) the server receives the registration request message, and returns an authentication message to the target network device; (a3) the target network After receiving the confirmation message, the device returns a reply authentication message to the server; (a4) after receiving the authentication message, the server returns a confirmation reply message to the target network device. 如申請專利範圍第1項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(c)之前更包括下列步驟:(b1)該使用者端發送一使用者端註冊資料予該伺服器;(b2)該伺服器將該接收之使用者端註冊資料儲存至該伺服器之資料庫中。The method for accessing a connection between a user end and a network device in the network system described in claim 1, wherein the step (c) further comprises the following steps: (b1) the user end sends a user registration information is sent to the server; (b2) the server stores the received user registration data in the database of the server. 如申請專利範圍第1項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(e)之前更包括該伺服器發送一通知連線訊息至該標的網路裝置之步驟。The method for accessing a connection between a user end and a network device in the network system according to claim 1, wherein the step (e) further comprises the server sending a notification connection message to the The steps of the target network device. 如申請專利範圍第1項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(a)中之標的網路裝置係週期性地發送該網路裝置註冊資料予該伺服器。The method for accessing a connection between a user end and a network device in a network system according to claim 1, wherein the target network device in the step (a) periodically transmits the network Device registration information to the server. 一種網路系統中使用者端與網路裝置間之連線存取之方法,係在一網路系統中包括有至少一使用者端及至少一標的網路裝置,且該使用者端係透過一網際網路及一防火牆連接於該標的網路裝置,且該網際網路連接有一伺服器,該方法包括下列步驟:(a)該標的網路裝置透過該防火牆及該網際網路發送一網路裝置註冊資料予該伺服器;(b)該伺服器接收該網路裝置註冊資料後,將該網路裝置註冊資料儲存至該伺服器之一資料庫中;(c)該使用者端欲與該標的網路裝置進行連線及標的資料存取時,發送一存取訊息予該伺服器;(d)該伺服器接收該使用者端發送之存取訊息,並依據該存取訊息之請求,確認該標的網路裝置是否已在該伺服器註冊;(e)該標的網路裝置透過該防火牆及該網際網路與該伺服器,在一預定之網路資料傳輸協定下,傳送該標的資料至該伺服器;(f)該伺服器將該接收之標的資料轉送至該使用者端。A method for connecting between a user end and a network device in a network system includes: at least one user end and at least one target network device in a network system, and the user end is transmitted through An Internet and a firewall are connected to the target network device, and the Internet connection has a server. The method includes the following steps: (a) the target network device sends a network through the firewall and the Internet. (b) after receiving the registration information of the network device, the server stores the network device registration data in a database of the server; (c) the user desires Sending an access message to the server when the target network device is connected and the data access is performed; (d) the server receives the access message sent by the user terminal, and according to the access message Requesting to confirm whether the target network device is registered with the server; (e) transmitting, by the target network device, the firewall and the Internet and the server under a predetermined network data transfer protocol Target data to the servo ; (F) receiving the subject of the server data forwarded to the end user. 如申請專利範圍第6項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(a)之前更包括下列步驟:(a1)該標的網路裝置發送一註冊請求訊息予該伺服器; (a2)該伺服器接收該註冊請求訊息後,回傳一認證訊息予該標的網路裝置;(a3)該標的網路裝置接收該確認訊息後,回傳一回覆認證訊息予該伺服器;(a4)該伺服器接收該認證訊息後,回傳一確認回覆訊息予該標的網路裝置。The method for accessing a connection between a user end and a network device in a network system according to claim 6, wherein the step (a) further comprises the following steps: (a1) the target network device Sending a registration request message to the server; (a2) after receiving the registration request message, the server returns an authentication message to the target network device; (a3) the target network device receives the confirmation message and returns a reply authentication message to the server; (a4) After receiving the authentication message, the server returns a confirmation reply message to the target network device. 如申請專利範圍第6項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(c)之前更包括下列步驟:(b1)該使用者端發送一使用者端註冊資料予該伺服器;(b2)該伺服器將該接收之使用者端註冊資料儲存至該伺服器之資料庫中。The method for accessing a connection between a user end and a network device in the network system described in claim 6, wherein the step (c) further comprises the following steps: (b1) the user end sends a user registration information is sent to the server; (b2) the server stores the received user registration data in the database of the server. 如申請專利範圍第6項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(e)之前更包括該伺服器發送一通知連線訊息至該標的網路裝置之步驟“The method for accessing a connection between a user end and a network device in a network system according to claim 6, wherein the step (e) further comprises the server sending a notification connection message to the The steps of the target network device" 如申請專利範圍第6項所述之網路系統中使用者端與網路裝置間之連線存取之方法,其中該步驟(a)中之標的網路裝置係週期性地發送該網路裝置註冊資料予該伺服器。The method for accessing a connection between a user end and a network device in a network system according to claim 6, wherein the target network device in the step (a) periodically transmits the network Device registration information to the server.
TW97129717A 2008-08-05 2008-08-05 And a method of accessing the connection between the user side and the network device in the network system TWI385999B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW97129717A TWI385999B (en) 2008-08-05 2008-08-05 And a method of accessing the connection between the user side and the network device in the network system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW97129717A TWI385999B (en) 2008-08-05 2008-08-05 And a method of accessing the connection between the user side and the network device in the network system

Publications (2)

Publication Number Publication Date
TW201008199A TW201008199A (en) 2010-02-16
TWI385999B true TWI385999B (en) 2013-02-11

Family

ID=44827356

Family Applications (1)

Application Number Title Priority Date Filing Date
TW97129717A TWI385999B (en) 2008-08-05 2008-08-05 And a method of accessing the connection between the user side and the network device in the network system

Country Status (1)

Country Link
TW (1) TWI385999B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040139227A1 (en) * 2003-01-15 2004-07-15 Yutaka Takeda Relayed network address translator (NAT) traversal
US20050033729A1 (en) * 1999-10-25 2005-02-10 Microsoft Corporation System and method for unified registration information collection
US20050138128A1 (en) * 2003-12-23 2005-06-23 Baniel Uri S. Method and device for grab transferring an instant messaging and presence (IMP) session
US20050267978A1 (en) * 2004-05-17 2005-12-01 Cisco Technology, Inc. Method and apparatus for handling IPv4 DNS PTR queries across IPv4 and IPv6 networks
US20060251088A1 (en) * 2005-05-06 2006-11-09 Pascal Thubert Private network gateways interconnecting private networks via an access network
TW200701683A (en) * 2005-03-11 2007-01-01 Nec Corp User terminal management apparatus, user terminal management program, and user terminal management system
US20070121643A1 (en) * 2001-08-13 2007-05-31 At&T Labs, Inc. Authentication for use of high speed network resources
US20070147421A1 (en) * 2005-12-27 2007-06-28 Kill-Yeon Kim ISATAP router for tunneling packets and method thereof

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050033729A1 (en) * 1999-10-25 2005-02-10 Microsoft Corporation System and method for unified registration information collection
US20070121643A1 (en) * 2001-08-13 2007-05-31 At&T Labs, Inc. Authentication for use of high speed network resources
US20040139227A1 (en) * 2003-01-15 2004-07-15 Yutaka Takeda Relayed network address translator (NAT) traversal
US20050138128A1 (en) * 2003-12-23 2005-06-23 Baniel Uri S. Method and device for grab transferring an instant messaging and presence (IMP) session
US20050267978A1 (en) * 2004-05-17 2005-12-01 Cisco Technology, Inc. Method and apparatus for handling IPv4 DNS PTR queries across IPv4 and IPv6 networks
TW200701683A (en) * 2005-03-11 2007-01-01 Nec Corp User terminal management apparatus, user terminal management program, and user terminal management system
US20060251088A1 (en) * 2005-05-06 2006-11-09 Pascal Thubert Private network gateways interconnecting private networks via an access network
US20070147421A1 (en) * 2005-12-27 2007-06-28 Kill-Yeon Kim ISATAP router for tunneling packets and method thereof

Also Published As

Publication number Publication date
TW201008199A (en) 2010-02-16

Similar Documents

Publication Publication Date Title
US8767737B2 (en) Data center network system and packet forwarding method thereof
EP2266064B1 (en) Request routing
TWI413389B (en) Trans-network roaming and resolution with web services for devices
JP4664143B2 (en) Packet transfer apparatus, communication network, and packet transfer method
US20170034174A1 (en) Method for providing access to a web server
US20100014521A1 (en) Address conversion device and address conversion method
JP2007531166A (en) Method and system for providing WEB browsing through a firewall in a peer-to-peer network
WO2015003566A1 (en) Method, device and system for transmitting packet in multicast domain name system
US7853703B1 (en) Methods and apparatuses for identification of device presence
US10142282B2 (en) Methods and gateways for processing DNS request
KR102270909B1 (en) Multimedia sharing method, registration method, server and proxy server
CN103581361A (en) Domain name resolution proxy method, device and system
JP2004208101A (en) Gateway and communication method therefor
US11070513B2 (en) DNS-based method of transmitting data
US20100023620A1 (en) Access controller
CN108234325B (en) System based on IP anycast and message forwarding method
US20110235641A1 (en) Communication apparatus, method of controlling the communication apparatus,and program
TWI385999B (en) And a method of accessing the connection between the user side and the network device in the network system
CN105812422B (en) File transmission method and device based on Internet of things
TW201519617A (en) Network connection method and system thereof
JP2008206081A (en) Data relaying apparatus and data relaying method used for multi-homing communication system
JP5084716B2 (en) VPN connection apparatus, DNS packet control method, and program
Brzozowski et al. DHCPv6 Leasequery
JP7008451B2 (en) How and system to create multiple profiles to reduce profiling
KR20050002337A (en) Proxy server, and dynamic domain name service system and method using the same