WO2010116642A1 - Monitoring system and communication management device - Google Patents
Monitoring system and communication management device Download PDFInfo
- Publication number
- WO2010116642A1 WO2010116642A1 PCT/JP2010/002119 JP2010002119W WO2010116642A1 WO 2010116642 A1 WO2010116642 A1 WO 2010116642A1 JP 2010002119 W JP2010002119 W JP 2010002119W WO 2010116642 A1 WO2010116642 A1 WO 2010116642A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- connection
- terminals
- terminal
- monitoring
- sip
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/18—Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
Definitions
- the present invention relates to a monitoring system in which a terminal to be monitored that acquires monitoring information and a terminal on the user side that acquires and uses the monitoring information are communicably connected.
- a monitoring system has been put into practical use, in which a monitoring camera is installed at a monitoring target such as a store or a factory, and a monitoring image is remotely monitored.
- the surveillance video is sent to the remote surveillance center and to the office of the owner to be monitored.
- a general public line such as ISDN is used for transmission of surveillance video (for example, Patent Document 1).
- SIP Session Initiation Protocol
- SIP Session Initiation Protocol
- the monitoring target is a store and terminals of a plurality of stores are connected to the monitoring center.
- the monitoring center is also connected to the terminal of the owner of each store.
- the terminals of each store should be able to connect only to the terminals of the corresponding owner.
- connection is possible between any terminals whose address is registered in the SIP server.
- the SIP server can perform password and ID authentication as a basic authentication function. However, this is limited to authentication between the terminal and the SIP server.
- the combination of the terminals via the SIP server can not be restricted. Therefore, the connection between the shop terminal and the owner terminal can not be restricted. Therefore, there is a possibility that the owner can obtain monitoring information of other stores.
- An object of the present invention is to provide a monitoring system that can improve the security when applying SIP to the monitoring system.
- One aspect of the present invention is a monitoring system, which has a plurality of terminals communicating monitoring information, and a communication management device managing communication of a plurality of terminals, each of the plurality of terminals Is a monitoring system provided on the monitoring target side or on the user side using monitoring information received from the monitoring target, and when one of a plurality of terminals requests connection to another terminal, the terminal of the connection source Is configured to send an invitation message of SIP including identification information of a terminal of connection destination to the communication management apparatus, and the communication management apparatus is a connection authorization information indicating a combination of a SIP server and a terminal whose connection should be authorized.
- the authorization server stores the authorization information, and the authorization processing unit which determines whether to authorize the connection between the terminals by referring to the connection authorization information, and the SIP server receives the invitation message from the terminal of the connection source.
- the SIP server transmits the invitation message from the connection source terminal to the connection destination terminal Supply to.
- the SIP server includes an authorization information storage unit storing connection authorization information representing a combination of terminals, and an authorization processing unit that determines whether to authorize connection between the terminals by referring to the connection authorization information.
- the authorization processing unit determines, based on the identification information of the connection destination terminal included in the invitation message, between the terminals. If the authorization processing unit authorizes the connection, the SIP server supplies an invitation message from the terminal of the connection source to the terminal of the connection destination.
- FIG. 1 is a diagram showing the overall configuration of the monitoring system of the present invention.
- FIG. 2 is a block diagram more specifically showing the configuration of the monitoring system.
- FIG. 3 is a block diagram showing the main configuration of the monitoring system of the present invention.
- FIG. 4 is a diagram showing an example of a table of connection authorization information stored in the authorization information storage unit.
- FIG. 5 is a diagram showing an operation when performing communication between terminals in the monitoring system.
- FIG. 6 is a diagram showing an operation in which the monitoring apparatus serves as a connection source and performs communication between terminals.
- FIG. 7 is a diagram showing an operation in which the user apparatus is a connection source and performs communication between terminals.
- the present invention has a plurality of terminals for communicating monitoring information and a communication management device for managing communication of the plurality of terminals, and each of the plurality of terminals utilizes the monitoring information received from the monitoring target side or the monitoring target
- the terminal of the connection source transmits an SIP invitation message including identification information of the terminal of the connection destination.
- the communication management apparatus is configured to transmit data to the communication management apparatus, and the communication management apparatus refers to the authorization information storage unit storing connection authorization information representing the combination of the SIP server and the terminal to which connection should be authorized, and the connection authorization information.
- an authorization processing unit that determines whether to authorize the connection between the terminals, and the SIP server acquires identification information of the connection destination terminal included in the invitation message when the SIP server acquires the invitation message from the connection source terminal. Authority It is supplied to the parts, if the authorization unit is authorized to connect between terminals and supplies SIP server the invitation message from the connection source terminal to the destination terminal.
- a plurality of terminals of a monitoring system are connected to a communication management apparatus provided with a SIP server.
- the communication management apparatus authorizes the connection between the terminals with reference to the connection authorization information and an authorization information storage unit storing connection authorization information representing a combination of terminals to be authorized for connection in addition to the SIP server
- an authorization processing unit for determining In SIP signaling, an invitation message is sent from the terminal of the connection source to the SIP server.
- the authorization processing unit determines whether to authorize the connection.
- the SIP server sends an invitation message from the connection source terminal to the connection destination terminal, and SIP signaling succeeds.
- information on a combination of terminals to which connection should be authorized is stored in advance, and authorization of connection between terminals is performed at the time of SIP signaling.
- authorization between terminals via the SIP server, that is, P2P can be performed, and users of the monitoring information can be suitably restricted.
- the security in applying SIP to the monitoring system can be improved.
- the connection destination terminal may transmit a SIP OK message to the communication management device when receiving the invitation message from the communication management device, and the invitation message and the OK message indicate the connection source and connection destination terminals after establishing the SIP session.
- Connection establishment information used to establish an end-to-end connection not via the communication management device may be added.
- monitoring information can be communicated between the terminals without passing through the communication management device.
- the first stage communication is SIP and is performed via the communication management device.
- the second stage communication is an inter-terminal connection not via the communication management device.
- Signaling is performed during SIP connection, and an invitation message and an OK message are exchanged in the signaling.
- the present invention uses SIP signaling messages to exchange connection establishment information for establishing an end-to-end connection.
- terminal-to-terminal connection can be performed using SIP well. Then, the amount of communication between the communication management device and the terminal can be reduced, and the load on the communication management device can be reduced.
- the end-to-end connection not via the communication management apparatus may be an end-to-end VPN that establishes and connects a VPN between the ends.
- security can be enhanced by applying VPN (Virtual Private Network) to communication between terminals (second communication after the above-described SIP connection).
- VPN Virtual Private Network
- Two-way message exchange in SIP signaling is suitably used for exchanging information necessary for establishing a VPN connection.
- the invitation message may include the IP address of the connection source terminal and the electronic certificate as connection establishment information
- the OK message may include the IP address of the connection destination terminal and the electronic certificate as connection establishment information.
- the communication management device may be provided in a monitoring center that monitors a monitoring target using communication with a plurality of terminals. Thereby, communication between the monitoring center and the terminal and communication between the terminals can be suitably performed using the communication management device.
- the connection between the communication management device and the plurality of terminals may be made by the VPN between center terminals establishing a VPN between the communication management device and the plurality of terminals, and the SIP server communicates with the plurality of terminals via the VPN between center terminals. SIP messages may be communicated. Thereby, SIP communication is performed on the VPN between center terminals.
- the center-to-center terminal VPN here is a VPN between the center and each terminal.
- the monitoring information may include at least one of an image captured by the monitoring target, a monitoring signal detected by the monitoring target, and control information generated by the user. This enables communication of useful monitoring information between terminals.
- Another aspect of the present invention is a communication management device that manages communication of a plurality of terminals that communicate monitoring information.
- This communication management apparatus determines whether or not to authorize connection between terminals with reference to the connection authorization information, and an authorization information storage unit storing connection authorization information representing a combination of a SIP server and terminals to be authorized for connection.
- the authorization processing unit has an authorization processing unit that determines the invitation message, and the SIP processing unit acquires an invitation message of SIP including identification information to another terminal from one of the plurality of terminals. Based on the identification information of the connection destination terminal included in, it is determined whether or not the connection between the terminals is authorized, and when the authorization processing unit authorizes the connection, the SIP server receives an invitation message from the terminal of the connection source. To the connected terminal.
- the various configurations described above may be applied to this aspect as well.
- the present invention is not limited to the aspects of the monitoring system and the communication management device. Another aspect of the present invention is, for example, a terminal device. Furthermore, the present invention may be embodied in the form of a method, a program, or a computer readable recording medium having the program recorded thereon.
- the present invention can improve security when applying SIP to a monitoring system.
- FIG. 1 shows the overall configuration of the monitoring system of the present invention.
- the monitoring system 1 communication is performed among the monitoring center 3, the monitoring target 5, and the user base 7.
- the user means a user of the monitoring service of the monitoring target 5 by the monitoring system 1.
- the monitoring target 5 is a store
- the user base 7 is an office of a store owner.
- the monitoring center 3 is provided with a communication management device 11 and a plurality of center devices 13, which are communicably connected.
- the communication management device 11 and the plurality of center devices 13 may be geographically separated.
- the plurality of center devices 13 may be respectively disposed in a plurality of responsible areas.
- the plurality of center devices 13 may share functions.
- one center device 13 may function as a control center device that processes signals related to security, and another center device 13 may function as an image center device that mainly processes surveillance video.
- the number of the center device 13 may be one within the scope of the present invention.
- a monitoring device 15 and a user device 17 are provided in the monitoring target 5 and the user base 7, respectively.
- the monitoring device 15 and the user device 17 correspond to the terminal of the present invention.
- the monitoring device 15 sends monitoring information to the center device 13 and the user device 17.
- the monitoring information is, for example, an image of the monitoring camera, and is a monitoring signal detected by the monitoring target 5.
- the monitoring signal is, for example, a security signal indicating occurrence of abnormality, and the security signal is generated based on a detection signal from a sensor installed in the monitoring target 5, or generated when the alarm button (switch) is operated. Be done.
- the user device 17 sends a control signal or an audio signal to the monitoring device 15. Such a signal from the user device 17 to the monitoring device 15 is also included in the monitoring information.
- FIG. 1 one monitoring target 5 and one user site 7 are shown.
- the monitoring center 3 communicates with the plurality of monitoring targets 5 and the plurality of user bases 7. Therefore, the communication management device 11 also communicates with the plurality of monitoring devices 15 and the plurality of user devices 17. Each monitoring device 15 communicates with the associated user device 17 (the terminal of the store owner).
- the monitoring device 15 detects an abnormality based on a sensor signal or the like.
- a security signal as monitoring information is transmitted to the monitoring center 3 together with the video of the monitoring target 5.
- the operator confirms the guard signal and the image on the monitor of the center apparatus 13, and issues a necessary instruction to the guard.
- the guard who received the instruction rushes to the monitoring target 5 to deal with the abnormality.
- the monitoring device 15 sends the video or the like of the monitoring target 5 to the user device 17 periodically or according to other settings. For example, when a visitor is detected by the sensor, an image or the like is sent to the user device 17. In addition, transmission of a video or the like may be requested from the user device 17.
- the owner can grasp the situation of the store by the image etc. In addition, the owner can send a voice or the like from the user device 17 to the monitoring device 15, and can instruct the store clerk with necessary items.
- the communication management device 11, the monitoring device 15, and the user device 17 are connected to the Internet.
- the communication management device 11 is connected to the monitoring device 15 and the user device 17 by an inter-center terminal VPN (Virtual Private Network) 21 over the Internet.
- VPN Virtual Private Network
- the communication management apparatus 11 is provided with a VPN server function, and the monitoring apparatus 15 and the user apparatus 17 are provided with a VPN client function.
- VPN a VPN tunnel is constructed, encrypted communication is performed, and high security is realized.
- the monitoring device 15 and the user device 17 perform SIP communication 23 via the communication management device 11.
- the SIP communication 23 is performed via the above-described center-to-center VPN 21.
- the communication management apparatus 11 is provided with a SIP server function.
- the monitoring device 15 and the user device 17 are directly connected by the inter-terminal VPN 25 without passing through the communication management device 11.
- the user apparatus 17 is provided with a VPN server function
- the monitoring apparatus 15 is provided with a VPN client function.
- the center-to-center terminal VPN 21 is always connected to construct a VPN tunnel, and is used for communication between the center device 13 and the monitoring device 15 and the user device 17.
- the end-to-end VPN 25 is constructed only when necessary.
- the surveillance system 1 communicates large-volume data such as video.
- the load on the communication management apparatus 11 becomes enormous. Therefore, by performing communication between the monitoring device 15 and the user device 17 by the inter-terminal VPN 25, the load on the communication management device 11 is reduced while securing security.
- the role of the SIP communication 23 in the present embodiment is special, which is different from ordinary IP telephones and the like. That is, in the present embodiment, SIP signaling is regarded as processing for preparation before VPN connection. More specifically, signaling is performed when establishing a SIP 23 session. Two-way communication is performed by this signaling, and an invitation message and an OK message are exchanged. On the other hand, in order to establish a VPN connection, it is necessary to exchange information. In the present embodiment, the IP address and the electronic certificate are exchanged. The electronic certificate is used when verifying the legitimacy of the electronic signature or the like, and is issued by a trusted third party. Therefore, the signaling of the SIP communication 23 is used as a means of information exchange for establishing a VPN connection.
- the overall configuration of the monitoring system 1 has been described above.
- two types of VPNs are used.
- the communication management apparatus 11 includes a firewall 31, an HTTP server 33, a VPN server 35, a SIP server 37, a STUN server 39, an account management server 41, a database 43, and a log server 45.
- the firewall 31 is a device that blocks data other than communication data used between the communication management device 11 and the monitoring device 15 and the user device 17.
- the HTTP server 33 is a configuration for Internet connection.
- the VPN server 35 is a server that performs authentication and encryption for establishing a VPN tunnel.
- the VPN server 35 is configured to realize the inter-center terminal VPN 21, constructs a VPN between the communication management device 11 and the monitoring device 15, and constructs a VPN between the communication management device 11 and the user device 17. .
- the signal from the monitoring device 15 is decoded by the VPN server 35 and transmitted to the center device 13.
- the signal from the center device 13 is encrypted by the VPN server 35 and transmitted to the monitoring device 15.
- encryption is performed by the VPN server 35.
- the VPN server 35 similarly performs encryption and decryption.
- the SIP server 37 processes signaling according to the SIP protocol, and connects the monitoring device 15 and the user device 17.
- the SIP server 37 performs the function of SIP connection control when the user device 17 requests a connection from the monitoring device 15 or when the monitoring device 15 requests a connection from the user device 17.
- the STUN server 39 provides a STUN function to support the NAT function of the monitoring device 15 and the router of the user device 17.
- the account management server 41 is a server that manages various types of information such as authentication.
- Information to be managed is stored in the database 43.
- the information to be managed includes IP line accounts, electronic certificates for VPN connection (tunnel construction), and information on key pairs.
- authentication and authorization are performed for connection between terminals in the process of signaling of SIP. Information for this process is also held in the database 43 and used by the account management server 41.
- the authentication and authorization for the connection between the terminals may be performed by the SIP server itself.
- the authorization processing unit and the authorization information storage unit of the present invention are provided in the SIP server.
- the log server 45 is a server for storing the log generated by the monitoring device 15.
- the center device 13 includes a monitoring console 51 and a line connection device 53.
- the monitoring console 51 is connected to the communication management unit 11 via the line connection unit 53.
- a monitoring video is supplied to the monitoring console 51 and managed by the monitoring console 51.
- security-related information is supplied to the monitoring console 51.
- the surveillance video is also suitably displayed on the monitor of the control center.
- the monitoring video or the like may be communicated between the center devices.
- the monitoring device 15 includes a controller 61, an IP line unit 63, a router 65, peripheral devices 67, a multi-line adapter 69, and a PC (personal computer) 71 to be monitored.
- the controller 61 is configured by a computer, and cooperates with the peripheral device 67 to realize a monitoring function.
- the controller 61 is connected to the monitoring center 3 via the IP line unit 63.
- the controller 61 is also connected to the user device 17 via the IP line unit 63.
- a surveillance camera 73, a sensor 75 and an alarm button 77 are illustrated as the peripheral device 67.
- the controller 61 performs image recognition processing on the monitoring video to detect an abnormality. Further, the controller 61 detects an abnormality based on a detection signal input from the sensor 75. An abnormality is also detected when the alarm button 77 is pressed. Other peripherals may be used for anomaly detection. When an abnormality occurs, the controller 61 communicates with the center device 13 to transmit a guard signal and an image signal. A microphone is provided together with the surveillance camera 73, and an audio signal is also transmitted. Thus, the controller 61 implements the security function of the monitoring target 5.
- the monitoring video and audio are also transmitted when requested by the center device 13. Furthermore, surveillance video and audio are also sent to the user device 17.
- the transmission to the user device 17 is performed, for example, periodically, and is performed according to other settings. For example, when a visitor is detected by the sensor 75, an image or the like is sent to the user device 17. Also, when requested by the user device 17, the monitoring device 15 transmits a video or the like.
- the IP line unit 63 constructs a VPN tunnel for the controller 61 to communicate with the communication management apparatus 11.
- the controller 61 constructs a VPN tunnel for communicating with the user device 17.
- the former corresponds to the VPN between center terminals, and the latter corresponds to the VPN 25 between terminals.
- the IP line unit 63 implements the function of the VPN client.
- the IP line unit 63 is shown as an internal configuration of the controller 61. This represents the physical arrangement. As a communication configuration, the IP line unit 63 is disposed between the controller 61 and the router 65. The IP line unit 63 is LAN-connected to the controller 61 by Ethernet (registered trademark). The router 65 is a router for a broadband line.
- the multi-line adapter 69 is connected to the center device 13 via a mobile phone network.
- the multi-line adapter 69 is used to transmit a guard signal when the broadband line is disconnected.
- a security signal is sent from the controller 61 to the multi-line adapter 69 via the IP line unit 63 and is sent from the multi-line adapter 69 to the center device 13.
- the monitoring target PC 71 is a PC installed in the monitoring target 5.
- the monitoring target 5 is a store. Therefore, the monitoring target PC 71 may be a shop PC.
- the user device 17 includes a VPN termination device (hereinafter, VTE) 81, a router 83, and a user PC (personal computer) 85.
- VTE VPN termination device
- router 83 a router 83
- user PC personal computer
- the VTE 81 is a line termination device for broadband connection. Then, the VTE 81 constructs a VPN tunnel with the VPN server 35 of the communication management apparatus 11, and constructs a VPN tunnel with the IP line unit 63 of the monitoring apparatus 15. In the former, VTE 81 functions as a VPN client, and in the latter, VTE 81 functions as a VPN server.
- the router 83 is a router for a broadband line.
- the VTE 81 is connected to the user PC 85.
- the VTE 81 transfers the video, audio and control signal received from the controller 61 of the monitoring device 15 to the user PC 85.
- the VTE 81 also transfers the voice and control signal received from the user PC 85 to the controller 61.
- the user base 7 is an office or the like of the shop owner. Therefore, the user PC 85 may be a shop owner's PC.
- the user PC 85 is used by the owner to watch the surveillance video of the surveillance target 5.
- application software capable of displaying and switching the monitoring image of the monitoring target 5 by communicating with the controller 61 is installed in the user PC 85.
- the user device 17 is fixed.
- the function of the user device 17 may be incorporated in a portable terminal or the like to be movable.
- FIG. 3 is a part of the monitoring system 1 shown in FIGS. 1 and 2 and shows the main part of the present invention.
- the elements described in FIG. 1 and FIG. 2 are given the same reference numerals.
- the communication management apparatus 11 includes an authorization information storage unit 101 and an authorization processing unit 103 in addition to the VPN server 35 and the SIP server 37.
- the authorization information storage unit 101 stores connection authorization information representing a combination of terminals (the monitoring device 15 and the user device 17) whose connection should be authorized. Then, the authorization processing unit 103 refers to the connection authorization information to determine whether to authorize the connection between the terminals.
- the authorization information storage unit 101 and the authorization processing unit 103 are realized by the database 43 and the account management server 41 of FIG.
- FIG. 4 shows an example of connection authorization information to be stored in the authorization information storage unit 101.
- the connection authorization information is a table representing a combination of terminal IDs.
- each user store owner
- monitoring device ID ID of monitoring device 15
- user device ID ID of user device 17
- the monitoring device ID and the user device ID may be any information that can identify the monitoring device 15 and the user device 17.
- the monitoring device ID is the ID of the IP line unit 63
- the user device ID is the ID of the VTE 81.
- One owner may have multiple stores.
- one monitoring device 15 is combined with a plurality of user devices 17.
- the user C has two stores, and two monitoring devices 15 (C01, C02) are associated with the user device 17 (C11).
- one monitoring device 15 may be associated with a plurality of user devices 17.
- the IP line unit 63 has a SIP processing unit 111, a VPN processing unit 113, and a storage unit 115.
- the SIP processing unit 111 and the VPN processing unit 113 perform processing related to SIP and VPN, respectively.
- the storage unit 115 stores various types of information processed by the IP line unit 63. In particular, in relation to the present invention, the storage unit 115 stores the IP address of the IP line unit 63 and the electronic certificate. These pieces of information correspond to the connection establishment information of the present invention, and are provided to the connection partner for VPN connection. Further, the storage unit 115 stores an IP line unit ID (ID of the IP line unit 63), and this IP line unit ID is used as the ID of the monitoring target 5.
- ID IP line unit ID
- the VTE 81 of the user device 17 also has a SIP processing unit 121, a VPN processing unit 123, and a storage unit 125.
- the storage unit 125 stores the IP address of the VTE 81 and the electronic certificate.
- the storage unit 125 stores VTE-ID (ID of VTE 81).
- the inter-center terminal VPN 21 is always established between the communication management device 11 and the monitoring device 15. Between the communication management device 11 and the user device 17 also, an inter-center terminal VPN 21 is constantly established.
- the inter-terminal VPN 25 is constructed directly between the monitoring device 15 and the user device 17 by the following operation separately from the inter-center-terminal VPN 21.
- SIP connection is established between arbitrary addresses registered in the SIP server 37.
- the monitoring device 15 may be connected to the unrelated user device 17, which is not desirable in terms of security.
- signaling is performed as follows. In the following, one of the monitoring device 15 and the user device 17 is used as a SIP connection source terminal, and the other is used as a SIP connection destination terminal. Further, the SIP message is transmitted on the inter-center terminal VPN 21.
- connection source terminal sends an INVITE message (specifically, a SIP INVITE message, hereinafter the same) to the SIP server 37 (S1).
- INVITE message specifically, a SIP INVITE message, hereinafter the same
- SIP server 37 S1
- the ID of the connection source terminal and the ID of the connection destination terminal, and the IP address and the electronic certificate of the connection source terminal are added.
- the SIP server 37 When the SIP server 37 receives the INVITE message, the SIP server 37 supplies the ID of the connection source terminal and the ID of the connection destination terminal to the authorization processing unit 103, and inquires the authorization processing unit 103 whether the connection source terminal and connection destination terminal can be connected. (S3).
- the authorization processing unit 103 refers to the connection authorization information of the authorization information storage unit 101, and determines whether or not to authorize the connection (S5). If the combination of the connection source terminal and the connection destination terminal is registered in the authorization information storage unit 101, the connection is authorized.
- the SIP server 37 receives the authorization result from the authorization processing unit 103 (S7). When the connection is approved by the authorization processing unit 103, the SIP server 37 transmits an INVITE message to the connection destination terminal (S9). This INVITE message includes the IP address of the connection source terminal and the electronic certificate.
- connection destination terminal When the connection destination terminal receives the INVITE message, it sends an OK message (specifically, a SIP 200 OK message, hereinafter the same) to the SIP server 37 (S11).
- OK message (specifically, a SIP 200 OK message, hereinafter the same)
- SIP server 37 S11
- the IP address of the connection destination terminal and the electronic certificate are added to the OK message.
- This OK message is transmitted to the connection source terminal via the SIP server 37 (S13).
- SIP server 37 S13
- the IP address and the electronic certificate are exchanged by SIP signaling.
- authentication is performed using the electronic certificate included in the connection request and the electronic certificate exchanged earlier, and the inter-terminal VPN 25 is constructed (S15).
- the SIP server 37 when the INVITE message is received by the SIP server 37, processing for authorizing the combination of terminals is performed. If the connection is not authorized, the INVITE message is not sent to the destination terminal, and neither the SIP processing nor the VPN processing is performed. Only when the combination of the monitoring device 15 and the user device 17 is correct, the connection is authorized, an INVITE message is sent to the connection destination terminal, the subsequent SIP processing is performed, and the VPN connection is finally possible. .
- FIGS. 6 and 7. Details of the operation of the monitoring system 1 will be described with reference to FIGS. 6 and 7.
- the monitoring device 15 is a connection source terminal
- the case where the user device 17 is a connection source will be described.
- the controller 61 and the IP line unit 63 have the configuration of the monitoring device 15, and the SIP server 37 and the authorization information storage unit 101 (account management server 41) have the configuration of the communication management device 11.
- the user PC 85 is a configuration of the user device 17.
- the controller 61 sends a connection instruction (P2P connection instruction) including the VTE-ID (ID of the VTE 81) to the IP circuit unit 63 (S101).
- a connection instruction P2P connection instruction
- the VTE-ID is used as the connection destination terminal ID.
- the IP line unit 63 reads the IP line unit IP address (the IP address of the IP line unit 63) and the IP line unit individual certificate from the storage unit 115.
- the IP circuit unit individual certificate is an electronic certificate assigned to each IP circuit.
- the IP line unit 63 reads the IP line unit ID (ID of the IP line unit 63) as the connection source terminal ID from the storage unit 115. Then, the IP circuit unit 63 adds these pieces of information to the INVITE message, and sends the INVITE message to the SIP server 37 (S103).
- the INVITE message includes an IP line unit IP address, an IP line unit ID, a VTE-ID, and an IP line unit individual certificate.
- the SIP server 37 receives the INVITE message, transmits the IP circuit unit ID and the VTE-ID to the authorization processing unit 103, and inquires whether to authorize the connection (S105).
- the authorization processing unit 103 refers to the connection authorization information of the authorization information storage unit 101, and determines whether to authorize the connection (S107). Here, the table of FIG. 4 is read out. Then, the authorization processing unit 103 determines whether the combination of the terminal IDs of the inquiry is registered in the table. If the corresponding combination is registered, the authorization processing unit 103 authorizes the connection.
- the authorization result is transmitted from the authorization processing unit 103 to the SIP server 37 (S109).
- the SIP server 37 transmits an INVITE message to the VTE 81 (S111).
- the IP line unit IP address and the IP line unit individual certificate are added to the INVITE message.
- step S107 if the connection is not approved in step S107, the SIP server 37 does not send the INVITE message to the VTE 81. Therefore, subsequent processing of SIP is not performed, and further subsequent VPN connection is not performed.
- the VTE 81 When the VTE 81 receives the INVITE message, the VTE 81 holds the IP circuit unit IP address and the IP circuit unit individual certificate in the storage unit 125, and inquires of the user PC 85 for a connection request (P2P connection request) (S113). An IP line unit IP address is added to this connection request. Then, the user PC 85 sends a connection response to the VTE 81 (S115).
- P2P connection request P2P connection request
- the VTE 81 reads out the VTE-IP address (the IP address of the VTE 81) and the VTE individual certificate (the electronic certificate allocated to the VTE 81) from the storage unit 125. Then, the VTE 81 transmits an OK message to the SIP server 37 (S117). The VTE-IP address and VTE individual certificate are added to this OK message.
- the SIP server 37 transmits an OK message to the IP circuit unit 63 together with the VTE-IP address and the VTE individual certificate (S119).
- the IP line unit 63 receives the OK message, it holds the VTE-IP address and VTE individual certificate in the storage unit 115, sends an ACK message to the SIP server 37 (S121), and the SIP server 37 further sends an ACK message. It is sent to the VTE 81 (S123).
- the IP line unit 63 obtains the IP address and the electronic certificate of the VTE 81. Also, the VTE 81 has acquired the IP address of the IP line unit 63 and the electronic certificate. Therefore, the other party is recognized using these pieces of information, and it becomes possible to establish a VPN connection between the IP circuit unit 63 and the VTE 81. This is the end-to-end VPN 25.
- the IP line unit 63 makes a VPN connection request to the VTE 81 (S125).
- a VPN connection is directly required without going through the SIP server 37.
- the VTE 81 performs authentication using the IP line unit individual certificate included in the VPN connection request and the individual certificate of the IP line unit held in the storage unit 125, and uses incoming information including the IP line unit IP address of the other party. It sends to the person's PC 85 (S127).
- the IP line unit IP address is used by the user PC 85 for VPN communication.
- the VTE 81 notifies the IP circuit unit 63 that it has processed the VPN connection as a VPN server (S129).
- the IP line unit 63 notifies the controller 61 that the connection result is OK, and notifies the controller 61 of the VTE-IP address of the other party (S131).
- the VTE-IP address is used by the controller 61 for VPN communication.
- the VPN connection is established, and the information is communicated via the end-to-end VPN 25.
- Monitoring video and audio are provided from the monitoring device 15 to the user device 17.
- connection instruction P2P connection instruction
- VTE 81 VTE 81
- the VTE 81 reads the VTE-IP address and the VTE individual certificate from the storage unit 125. Further, the VTE 81 reads the VTE-ID as the connection source terminal ID from the storage unit 125. Then, the VTE 81 adds the information to the INVITE message, and sends the INVITE message to the SIP server 37 (S203). Specifically, the INVITE message includes a VTE-IP address, a VTE-ID, an IP circuit unit ID, and a VTE individual certificate.
- the SIP server 37 receives the INVITE message, transmits the VTE-ID and the IP circuit unit ID to the authorization processing unit 103, and inquires whether to authorize the connection (S205).
- the authorization processing unit 103 refers to the connection authorization information of the authorization information storage unit 101 in the same manner as described above, determines whether to authorize the connection (S207), and sends the authorization result to the SIP server 37 (S209). That is, if the combination of VTE-ID and IP line unit ID is registered, the connection is authorized.
- the SIP server 37 transmits an INVITE message to the IP circuit unit 63 (S211).
- the VTE-IP address and the VTE individual certificate are added to this INVITE message.
- step S207 if the connection is not approved in step S207, the SIP server 37 does not send the INVITE message to the IP circuit unit 63. Therefore, subsequent processing of SIP is not performed, and further subsequent VPN connection is not performed.
- the IP line unit 63 When the IP line unit 63 receives the INVITE message, the IP line unit 63 holds the VTE-IP address and the VTE individual certificate in the storage unit 115. Also, the IP line unit 63 inquires the controller 61 of a connection request (P2P connection request) (S213). The VTE-IP address is added to this connection request. Then, the controller 61 sends a connection response to the IP line unit 63 (S215).
- P2P connection request P2P connection request
- the IP line unit 63 reads the IP line unit IP address and the IP line unit individual certificate from the storage unit 115. And. The IP line unit 63 transmits an OK message to the SIP server 37 (S217). The IP line unit IP address and IP line unit individual certificate are added to the OK message.
- the SIP server 37 transmits an OK message to the VTE 81 together with the IP circuit unit IP address and the IP circuit unit individual certificate (S219).
- the VTE 81 receives the OK message
- the VTE 81 holds the IP line unit IP address and the IP line unit individual certificate in the storage unit 125, and sends an ACK message to the SIP server 37 (S221).
- the establishment of the connection is notified (S223).
- the SIP server 37 transmits an ACK message to the IP circuit unit 63 (S225).
- the IP address and the electronic certificate are exchanged between the IP line unit 63 and the VTE 81.
- the IP line unit 63 receives the ACK message, it makes a VPN connection request to the VTE 81 (S227).
- the VPN connection is performed without the SIP server 37.
- the VTE 81 sends incoming information including the VTE-IP address of the other party to the user PC 85 (S229).
- the VTE 81 notifies the IP circuit unit 63 that it has processed the VPN connection as a VPN server (S231).
- the IP line unit 63 sends the incoming call information including the VTE-IP address of the other party to the controller 61 (S233).
- the VPN connection is established, and the information is communicated via the end-to-end VPN 25.
- the VPN connection request is sent from the IP circuit unit 63 to the VTE 81.
- the reason is as follows.
- a connection request needs to be sent from the client to the server.
- the function of the VPN server is provided only in the VTE 81. Therefore, a VPN connection request is sent from the IP circuit unit 63 to the VTE 81 in both of FIG. 6 and FIG.
- a plurality of terminals are connected to the communication management device 11 provided with the SIP server 37.
- the communication management apparatus 11 has an authorization information storage unit 101 and an authorization processing unit 103 in addition to the SIP server 37.
- an INVITE (invited) message is sent from the terminal of the connection source to the SIP server.
- the authorization processing unit 103 determines whether to authorize the connection. Only when the authorization processing unit 103 authorizes the connection, the SIP server 37 sends an INVITE message from the connection source terminal to the connection destination terminal, and SIP signaling succeeds.
- information on a combination of terminals to which connection should be authorized is stored in advance, and authorization of connection between terminals is performed at the time of SIP signaling.
- authorization between terminals via the SIP server 37, that is, P2P can be performed, and users of the monitoring information can be suitably restricted.
- the security in the case of applying the SIP to the monitoring system 1 can be improved.
- connection establishment information used for establishing an end-to-end connection not via the communication management apparatus 11 may be added to the exchange of the INVITE message and the OK message in the signaling of SIP.
- connection establishment information can be exchanged between terminals, and an inter-terminal connection can be established.
- terminal-to-terminal connection can be made by using SIP well. Then, the amount of communication between the communication management apparatus 11 and the terminal can be reduced, and the load on the communication management apparatus 11 can be reduced.
- the IP address and the electronic certificate are described as the connection establishment information as an example, but the other party may be authenticated using other information instead of the electronic certificate.
- a common name included in the electronic certificate may be used as connection establishment information.
- the inter-terminal connection not via the communication management apparatus 11 may be the inter-terminal VPN 25 which establishes and connects a VPN between the terminals.
- Bidirectional message exchange in SIP signaling can be suitably used for exchanging information necessary for establishing a VPN connection, and application of VPN can increase security.
- the invitation message includes the IP address of the connection source terminal and the electronic certificate as connection establishment information
- the OK message includes the IP address of the connection destination terminal and the electronic certificate as connection establishment information. Good.
- SIP can be suitably used to exchange information used for VPN connection and secure communication can be performed between terminals.
- the communication management device 11 may be provided in the monitoring center 3. Thereby, communication between the monitoring center 3 and the terminal and communication between the terminals can be suitably performed by using the communication management apparatus 11.
- connection between the communication management apparatus 11 and the plurality of terminals may be connected between the communication management apparatus 11 and the plurality of terminals by the inter-center terminal VPN 21 establishing a VPN, and the SIP server 37 SIP messages may be communicated with a plurality of terminals via the VPN between center terminals.
- SIP communication is performed on the inter-center terminal VPN 21.
- the end-to-end VPN 25 established after the SIP session is the end-to-end VPN
- the inter-center end VPN 21 is a VPN between the communication management apparatus 11 and the end.
- the monitoring information may include at least one of an image captured by the monitoring target 5, a monitoring signal detected by the monitoring target 5, and control information generated by the user. This enables communication of useful monitoring information between terminals.
- the monitoring system according to the present invention is useful for monitoring a store or the like from a remote place using communication.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Closed-Circuit Television Systems (AREA)
- Alarm Systems (AREA)
Abstract
Description
3 監視センタ
5 監視対象
7 利用者拠点
11 通信管理装置
13 センタ装置
15 監視装置
17 利用者装置
21 センタ端末間VPN
23 SIP通信
25 端末間VPN
33 HTTPサーバ
35 VPNサーバ
37 SIPサーバ
41 アカウント管理サーバ
43 データベース
61 コントローラ
63 IP回線ユニット
65、83 ルータ
69 マルチ回線アダプタ
73 監視カメラ
81 VPN終端装置(VTE)
85 利用者PC
101 認可情報記憶部
103 認可処理部 Reference Signs List 1
23 SIP communication 25 End-to-end VPN
33
85 User PC
101 Authorization
Claims (7)
- 監視情報を通信する複数の端末と、前記複数の端末の通信を管理する通信管理装置と、を有し、前記複数の端末の各々が、監視対象側又は前記監視対象から受信した前記監視情報を利用する利用者側に設けられた監視システムであって、
前記複数の端末の一つが他の端末に接続を要求するとき、該接続元の端末は、接続先の端末の識別情報を含むSIPの招待メッセージを前記通信管理装置に送信するように構成され、
前記通信管理装置は、
SIPサーバと、
接続が認可されるべき端末の組合せを表す接続認可情報を記憶した認可情報記憶部と、
前記接続認可情報を参照して端末間の接続を認可するか否かを判定する認可処理部と、
を有し、
前記SIPサーバは、
前記接続元の端末から前記招待メッセージを取得したとき、前記招待メッセージに含まれる前記接続先の端末の識別情報を前記認可処理部に供給し、前記認可処理部が前記端末間の接続を認可した場合に、前記SIPサーバが前記接続元の端末からの招待メッセージを前記接続先の端末へ供給することを特徴とする監視システム。 A plurality of terminals for communicating monitoring information, and a communication management device for managing communication of the plurality of terminals, each of the plurality of terminals receiving the monitoring information received from the monitoring target side or the monitoring target It is a monitoring system provided on the user side to use,
When one of the plurality of terminals requests connection to another terminal, the connection source terminal is configured to transmit a SIP invitation message including identification information of a connection destination terminal to the communication management apparatus.
The communication management device is
SIP server,
An authorization information storage unit storing connection authorization information representing a combination of terminals to which connection is to be authorized;
An authorization processing unit that determines whether to authorize the connection between terminals by referring to the connection authorization information;
Have
The SIP server is
When the invitation message is acquired from the connection source terminal, the identification information of the connection destination terminal included in the invitation message is supplied to the authorization processing unit, and the authorization processing unit authorizes the connection between the terminals. In this case, the SIP server supplies an invitation message from the terminal of the connection source to the terminal of the connection destination. - 前記接続先の端末は、前記招待メッセージを前記通信管理装置から受信したときにSIPのOKメッセージを前記通信管理装置に送信し、
前記招待メッセージ及び前記OKメッセージには、SIPセッション確立後に前記接続元及び接続先の端末間で前記通信管理装置を介さない端末間接続を確立するために使われる接続確立情報が付加されることを特徴とする請求項1に記載の監視システム。 When the terminal of the connection destination receives the invitation message from the communication management apparatus, the terminal transmits a SIP OK message to the communication management apparatus.
Connection establishment information used to establish an inter-terminal connection not via the communication management apparatus between the connection source and the connection destination after the establishment of the SIP session is added to the invitation message and the OK message. The monitoring system according to claim 1, characterized in that: - 前記通信管理装置を介さない端末間接続は、端末間にVPNを構築して接続する端末間VPNであることを特徴とする請求項2に記載の監視システム。 3. The monitoring system according to claim 2, wherein the end-to-end connection not via the communication management device is an end-to-end VPN that establishes and connects a VPN between the ends.
- 前記招待メッセージは、前記接続元の端末のIPアドレスと電子証明書を前記接続確立情報として含み、前記OKメッセージは、前記接続先の端末のIPアドレスと電子証明書を前記接続確立情報として含むことを特徴とする請求項3に記載の監視システム。 The invitation message includes the IP address of the connection source terminal and an electronic certificate as the connection establishment information, and the OK message includes the IP address of the connection destination terminal and an electronic certificate as the connection establishment information. The monitoring system according to claim 3, characterized in that
- 前記通信管理装置と前記複数の端末との接続は、前記通信管理装置と前記複数の端末間にVPNを構築したセンタ端末間VPNにより接続されており、
前記SIPサーバは、前記センタ端末間VPNを介して前記複数の端末とSIPメッセージを通信することを特徴とする請求項1に記載の監視システム。 The connection between the communication management device and the plurality of terminals is connected between the communication management device and the plurality of terminals by a VPN between center terminals that establishes a VPN,
The monitoring system according to claim 1, wherein the SIP server communicates SIP messages with the plurality of terminals via the center-to-center VPN. - 前記監視情報は、前記監視対象で撮影された画像、前記監視対象で検出された監視信号、前記利用者側にて生成された制御情報の少なくとも1つを含むことを特徴とする請求項1~5のいずれかに記載の監視システム。 The monitoring information includes at least one of an image captured by the monitoring target, a monitoring signal detected by the monitoring target, and control information generated by the user. The monitoring system according to any one of 5.
- 監視情報を通信する複数の端末の通信を管理する通信管理装置であって、
前記通信管理装置は、
SIPサーバと、
接続が認可されるべき端末の組合せを表す接続認可情報を記憶した認可情報記憶部と、
前記接続認可情報を参照して端末間の接続を認可するか否かを判定する認可処理部と、を有し、
前記SIPサーバが、前記複数の端末のうちの一つから、他の端末への識別情報を含むSIPの招待メッセージを取得したとき、前記認可処理部が、前記招待メッセージに含まれる前記接続先の端末の識別情報に基づき、前記端末間の接続を認可するか否かを判定し、
前記認可処理部が接続を認可した場合に、前記SIPサーバが、前記接続元の端末からの招待メッセージを前記接続先の端末へ供給することを特徴とする通信管理装置。 A communication management apparatus that manages communication of a plurality of terminals that communicate monitoring information, comprising:
The communication management device is
SIP server,
An authorization information storage unit storing connection authorization information representing a combination of terminals to which connection is to be authorized;
An authorization processing unit that determines whether to authorize the connection between terminals by referring to the connection authorization information;
When the SIP server acquires a SIP invitation message including identification information to another terminal from one of the plurality of terminals, the authorization processing unit determines that the connection destination is included in the invitation message. Based on the identification information of the terminal, it is determined whether to authorize the connection between the terminals,
The communication management apparatus, wherein the SIP server supplies an invitation message from the terminal of the connection source to the terminal of the connection destination when the authorization processing unit approves the connection.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201080014851.1A CN102378982B (en) | 2009-03-30 | 2010-03-25 | Monitoring system and communication management device |
KR1020117024357A KR101516708B1 (en) | 2009-03-30 | 2010-03-25 | Monitoring system and communication management device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2009081307A JP4781447B2 (en) | 2009-03-30 | 2009-03-30 | Monitoring system |
JP2009-081307 | 2009-03-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010116642A1 true WO2010116642A1 (en) | 2010-10-14 |
Family
ID=42935943
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2010/002119 WO2010116642A1 (en) | 2009-03-30 | 2010-03-25 | Monitoring system and communication management device |
Country Status (4)
Country | Link |
---|---|
JP (1) | JP4781447B2 (en) |
KR (1) | KR101516708B1 (en) |
CN (1) | CN102378982B (en) |
WO (1) | WO2010116642A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2012141896A (en) * | 2011-01-05 | 2012-07-26 | Ricoh Co Ltd | Device management system, device, device management method and program |
JP2013038684A (en) * | 2011-08-10 | 2013-02-21 | Refiner Inc | Vpn connection management system |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10834094B2 (en) | 2013-08-06 | 2020-11-10 | Bedrock Automation Platforms Inc. | Operator action authentication in an industrial control system |
US9191203B2 (en) | 2013-08-06 | 2015-11-17 | Bedrock Automation Platforms Inc. | Secure industrial control system |
US9727511B2 (en) | 2011-12-30 | 2017-08-08 | Bedrock Automation Platforms Inc. | Input/output module with multi-channel switching capability |
US11967839B2 (en) | 2011-12-30 | 2024-04-23 | Analog Devices, Inc. | Electromagnetic connector for an industrial control system |
US8971072B2 (en) | 2011-12-30 | 2015-03-03 | Bedrock Automation Platforms Inc. | Electromagnetic connector for an industrial control system |
US9467297B2 (en) | 2013-08-06 | 2016-10-11 | Bedrock Automation Platforms Inc. | Industrial control system redundant communications/control modules authentication |
US9437967B2 (en) | 2011-12-30 | 2016-09-06 | Bedrock Automation Platforms, Inc. | Electromagnetic connector for an industrial control system |
US8862802B2 (en) | 2011-12-30 | 2014-10-14 | Bedrock Automation Platforms Inc. | Switch fabric having a serial communications interface and a parallel communications interface |
US11314854B2 (en) | 2011-12-30 | 2022-04-26 | Bedrock Automation Platforms Inc. | Image capture devices for a secure industrial control system |
US10834820B2 (en) | 2013-08-06 | 2020-11-10 | Bedrock Automation Platforms Inc. | Industrial control system cable |
US10613567B2 (en) | 2013-08-06 | 2020-04-07 | Bedrock Automation Platforms Inc. | Secure power supply for an industrial control system |
CN105635078A (en) * | 2014-11-07 | 2016-06-01 | 中兴通讯股份有限公司 | Method and system of realizing session initiation protocol (SIP) session transmission |
CN105933198B (en) * | 2016-04-21 | 2020-01-14 | 浙江宇视科技有限公司 | Device for establishing direct connection VPN tunnel |
JP7085826B2 (en) * | 2016-12-16 | 2022-06-17 | ベドロック・オートメーション・プラットフォームズ・インコーポレーテッド | Image capture device for secure industrial control systems |
CN110087034B (en) * | 2019-04-25 | 2020-11-10 | 山西潞安金源煤层气开发有限责任公司 | Coal bed gas remote monitoring system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001054102A (en) * | 1999-08-13 | 2001-02-23 | Secom Co Ltd | Image transmitter |
JP2008219239A (en) * | 2007-03-01 | 2008-09-18 | Yamaha Corp | Vpn dynamic setting system |
JP2009027652A (en) * | 2007-07-23 | 2009-02-05 | Nippon Telegr & Teleph Corp <Ntt> | Connection control system, connection control method, connection control program, and relay device |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005073236A (en) * | 2003-08-06 | 2005-03-17 | Matsushita Electric Ind Co Ltd | Relay server, relay server service management method, service providing system, and program |
JP4415311B2 (en) * | 2003-12-25 | 2010-02-17 | 日本ビクター株式会社 | Monitoring system and output control device |
JP4410070B2 (en) * | 2004-09-17 | 2010-02-03 | 富士通株式会社 | Wireless network system and communication method, communication apparatus, wireless terminal, communication control program, and terminal control program |
JP4551866B2 (en) * | 2005-12-07 | 2010-09-29 | 株式会社リコー | COMMUNICATION SYSTEM, CALL CONTROL SERVER DEVICE, AND PROGRAM |
-
2009
- 2009-03-30 JP JP2009081307A patent/JP4781447B2/en active Active
-
2010
- 2010-03-25 WO PCT/JP2010/002119 patent/WO2010116642A1/en active Application Filing
- 2010-03-25 KR KR1020117024357A patent/KR101516708B1/en active IP Right Grant
- 2010-03-25 CN CN201080014851.1A patent/CN102378982B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001054102A (en) * | 1999-08-13 | 2001-02-23 | Secom Co Ltd | Image transmitter |
JP2008219239A (en) * | 2007-03-01 | 2008-09-18 | Yamaha Corp | Vpn dynamic setting system |
JP2009027652A (en) * | 2007-07-23 | 2009-02-05 | Nippon Telegr & Teleph Corp <Ntt> | Connection control system, connection control method, connection control program, and relay device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2012141896A (en) * | 2011-01-05 | 2012-07-26 | Ricoh Co Ltd | Device management system, device, device management method and program |
JP2013038684A (en) * | 2011-08-10 | 2013-02-21 | Refiner Inc | Vpn connection management system |
Also Published As
Publication number | Publication date |
---|---|
CN102378982A (en) | 2012-03-14 |
KR101516708B1 (en) | 2015-05-04 |
JP4781447B2 (en) | 2011-09-28 |
CN102378982B (en) | 2015-05-27 |
KR20120028298A (en) | 2012-03-22 |
JP2010233167A (en) | 2010-10-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2010116642A1 (en) | Monitoring system and communication management device | |
CN103460674B (en) | For supplying/realize the method for sending out notice session and pushing provision entity | |
JP5148540B2 (en) | Monitoring system | |
US20200213250A1 (en) | Apparatus and Method for Subscription to a Service and Use of the Service | |
JP2009536759A (en) | User interface for communication devices | |
JP2009232045A (en) | Ip telephone terminal, server apparatus, authentication apparatus, communication system, communication method and program | |
KR101981812B1 (en) | Network communication systems and methods | |
JP2009111859A (en) | Apparatus, method and program, for registering user address information | |
JP4750869B2 (en) | Communication control device and monitoring device | |
JP5357619B2 (en) | Communication failure detection system | |
JP2017063480A (en) | Authentication system keeping confidentiality of secret data | |
JP4472566B2 (en) | Communication system and call control method | |
KR101210938B1 (en) | Encrypted Communication Method and Encrypted Communication System Using the Same | |
JP2006108768A (en) | Communication connection method and communication system for concealing identification information of user terminal | |
KR101114921B1 (en) | Processing apparatus and method for providing virtual private network service on mobile communication | |
JP2009088670A (en) | Remote location monitoring system and method | |
JP7329437B2 (en) | nurse call system | |
JP2016035621A (en) | Work support system and work support method | |
KR100911364B1 (en) | Method, server and system for monitoring participants in multi-participants conference service based on session initiation protocol | |
JP4061239B2 (en) | Communication apparatus and communication establishment method | |
EP1715690A1 (en) | Method of videophone data transmission | |
JP2006229926A (en) | Communication system, onboard server, information terminal and translation server used therefor | |
JP2008113427A (en) | Network access device, method for establishing network connection, and mobile communication system using the same | |
JP5302076B2 (en) | Communication failure detection system | |
KR20100033698A (en) | Virtual private network service method and its system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201080014851.1 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10761350 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20117024357 Country of ref document: KR Kind code of ref document: A |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 10761350 Country of ref document: EP Kind code of ref document: A1 |