CN108989034B - Audio and video monitoring method and system, monitoring server and computer medium - Google Patents
Audio and video monitoring method and system, monitoring server and computer medium Download PDFInfo
- Publication number
- CN108989034B CN108989034B CN201810878561.XA CN201810878561A CN108989034B CN 108989034 B CN108989034 B CN 108989034B CN 201810878561 A CN201810878561 A CN 201810878561A CN 108989034 B CN108989034 B CN 108989034B
- Authority
- CN
- China
- Prior art keywords
- target
- camera
- monitoring client
- certificate
- audio
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/18—Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Closed-Circuit Television Systems (AREA)
- Alarm Systems (AREA)
Abstract
The application discloses an audio and video monitoring method, a system, a server and a computer medium, which are applied to a monitoring server, wherein the method comprises the following steps: according to respective CA certificates logged in to a camera of the target monitoring client and a CA certificate of the monitoring client, determining that the CA certificate and the CA certificate of the target monitoring client belong to a camera of the same family CA authentication center and are target cameras of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target cameras; the CA certificates of the camera and the monitoring client are issued by the home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different. In the audio and video monitoring method disclosed by the application, the CA authentication center masters the home, so that the safety can be improved to a certain extent. The audio and video monitoring system, the server and the computer readable storage medium disclosed by the application also solve the corresponding technical problems.
Description
Technical Field
The present application relates to the field of security video monitoring technologies, and in particular, to an audio/video monitoring method, system, monitoring server, and computer medium.
Background
With the continuous development of network cameras, more and more household video monitoring systems are accepted and used by users, and the users can receive audio and video data acquired by the cameras through monitoring clients, so that the household environment can be monitored according to the audio and video data, namely, a video monitoring method. In the audio/video monitoring method, in order to ensure the safety of the home environment, the safety of the audio/video monitoring method needs to be ensured.
The existing method for ensuring the safety of the audio and video monitoring method comprises the following steps: and the monitoring server realizes matching between the camera and the monitoring client according to the CA certificate issued by the third party organization or the operator.
However, in an existing method for ensuring the security of the audio/video monitoring method, a CA certificate is issued by a third party organization or an operator, and the third party organization or the operator generally stores an encryption key pair, which enables the security of the home environment to be mastered in the third party organization or the operator, and after an attacker obtains the encryption key pair stored by the third party organization or the operator, the home can only perform passive defense, and the security of the home environment is low.
In summary, how to improve the security of the existing audio/video monitoring method is a problem to be solved urgently by those skilled in the art.
Disclosure of Invention
The application aims to provide an audio and video monitoring method, which can solve the technical problem of improving the safety of the existing audio and video monitoring method to a certain extent. The application also provides an audio and video monitoring system, a monitoring server and a computer readable storage medium.
In order to achieve the above purpose, the present application provides the following technical solutions:
an audio and video monitoring method is applied to a monitoring server and comprises the following steps:
determining that a CA certificate and a CA certificate of a target monitoring client belong to a camera of the same family CA authentication center according to respective CA certificates of a camera and the monitoring client logged in to the target monitoring client, wherein the CA certificate and the CA certificate of the target monitoring client are the target camera of the target monitoring client, so that the target monitoring client acquires audio and video data acquired by the target camera;
the CA certificates of the camera and the monitoring client are issued by home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different.
Preferably, before the respective CA certificates of the camera and the monitoring client that log in to themselves, the method further includes:
issuing a CA certificate for a target object through the home CA authentication center; the target object comprises the camera and the monitoring client;
the process that the home CA authentication center issues a CA certificate for the target object comprises the following steps:
receiving a signature certificate request sent by the target object;
signing and issuing a signature certificate and sending the signature certificate to the target object;
receiving a first confirmation message sent by the target object after the target object receives and writes the signature certificate into the target object;
generating an encryption key pair and issuing an encryption certificate;
sending the encryption key pair and the encryption certificate to the target object;
receiving a second confirmation message sent by the target object after the target object imports the encryption key pair and writes the encryption certificate into the target object;
sending a CA certificate to the target object;
and receiving a third confirmation message sent by the target object after the target object writes the CA certificate into the target object.
Preferably, before the respective CA certificates of the camera and the monitoring client that log in to themselves, the method further includes:
receiving a login request sent by a target object, wherein the target object comprises the camera or the monitoring client;
returning the challenge corresponding to the login request to the target object;
receiving an identity certificate which is sent by the target object and generated after the challenge is signed;
and verifying whether the identity certificate exists or not, and if so, allowing the target object to log in.
Preferably, before the respective CA certificates of the camera and the monitoring client that log in to themselves, the method further includes:
receiving authority management information sent by an administrator client, wherein the authority management information is used for representing the camera information which is allowed to be connected by the monitoring client and belongs to the same family;
according to respective CA certificates of a camera and a monitoring client which log in to the camera, the camera which determines that the CA certificate and the CA certificate of a target monitoring client belong to the same family CA authentication center is a target camera of the target monitoring client, and the method comprises the following steps:
and determining that the CA certificate and the CA certificate of the target monitoring client belong to the same family CA authentication center and the camera meeting the authority management information is the target camera of the target monitoring client according to the respective CA certificates of the camera and the monitoring client logged in to the camera.
Preferably, the determining that the CA certificate and the CA certificate of the target monitoring client belong to a camera of the same home CA certificate authority, and after the determination that the CA certificate and the CA certificate of the target monitoring client are the target camera of the target monitoring client, further includes:
sending the information of the target camera to the target monitoring client;
transmitting a connection request sent by the target monitoring client to the target camera;
transmitting a first identity authentication request and a first key agreement request sent by the target camera to the target monitoring client;
transmitting a second identity authentication request and a second key negotiation request sent by the target monitoring client to the target camera;
after the target camera and the target monitoring client verify that the identity of the other party is correct by means of the first identity authentication request and the second identity authentication request and determine a negotiation key by means of the first key negotiation request and the second key negotiation request, forwarding a request for acquiring audio and video data, which is sent by the target monitoring client, to the target camera;
and judging whether encrypted audio and video data which is generated after the acquired original audio and video data is encrypted by means of the negotiation key and is sent by the target camera is received, if so, forwarding the encrypted audio and video data to the target monitoring client.
Preferably, after transmitting the second identity authentication request and the second key agreement request sent by the target monitoring client to the target camera, and before forwarding the request for acquiring the audio and video data sent by the target monitoring client to the target camera, the method further includes:
receiving a request for acquiring P2P hole punching parameters sent by the target camera and the target monitoring client;
sending the P2P hole punching parameters to the target camera and the target monitoring client;
judging whether a notice of using a transfer mode sent by the target monitoring client is received or not, if so, forwarding the notice of using the transfer mode to the target camera, and executing the step of forwarding the request of acquiring audio and video data sent by the target monitoring client to the target camera; if not, directly executing the step of forwarding the request for acquiring the audio and video data sent by the target monitoring client to the target camera.
Preferably, after forwarding the encrypted audio/video data to the target monitoring client, the method further includes:
forwarding a disconnection request sent by the target monitoring client to the target camera;
and forwarding a fourth confirmation message which is sent by the target camera and corresponds to the disconnection request to the target monitoring client.
An audio and video monitoring system is applied to a monitoring server and comprises:
the determining module is used for determining that the CA certificate and the CA certificate of the target monitoring client belong to the same camera of a family CA authentication center according to respective CA certificates logged in to the camera and the monitoring client, and the CA certificate of the target monitoring client are the target camera of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target camera;
the CA certificates of the camera and the monitoring client are issued by home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different.
An audio and video monitoring server comprising:
a memory for storing a computer program;
and the processor is used for realizing the steps of the audio and video monitoring method when the computer program is executed.
A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the audio-video monitoring method as set forth in any one of the preceding claims.
The method for monitoring the audio and video is applied to a monitoring server, and according to respective CA certificates logged in to a camera and a monitoring client, the CA certificate and the CA certificate of a target monitoring client belong to the same camera of a family CA authentication center and are used as a target camera of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target camera; the CA certificates of the camera and the monitoring client are issued by the home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different. In the audio and video monitoring method provided by the application, the respective CA certificates of the camera and the monitoring client are issued by the respective home CA certificate centers to which the cameras and the monitoring client belong, and the family CA authentication centers of all families are different, namely, each family has a family CA authentication center, namely, the CA authentication center is mastered in the hands of the family, and CA certificates of the camera to which the monitoring server is applied and the monitoring client are issued by the home CA certificate authority, thereby the control right of the respective certificates of the camera and the monitoring client is controlled in the hands of the family, compared with the prior art that the CA authentication center is held in the hands of a third party organization or an operator, even if the attacker obtains the encryption key pair, the family can completely change the family CA authentication center by himself to generate a new safe CA certificate, and the safety can be improved to a certain extent. The audio and video monitoring system, the server and the computer readable storage medium provided by the application also solve the corresponding technical problems.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of an audio/video monitoring method provided in an embodiment of the present application;
FIG. 2 is a flowchart of a CA certificate issuing from a home CA certification authority to a target object;
FIG. 3 is a flowchart of target object registration, logging on to the monitoring server;
fig. 4 is a real-time flowchart of an audio/video monitoring method provided in an embodiment of the present application;
fig. 5 is a schematic structural diagram of an audio/video monitoring system provided in an embodiment of the present application;
fig. 6 is a schematic structural diagram and a data transmission diagram of an audio/video monitoring device provided in an embodiment of the present application in practical application;
fig. 7 is a schematic structural diagram of an audio/video monitoring server according to an embodiment of the present application;
fig. 8 is another schematic structural diagram of an audio/video monitoring server provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of an audio/video monitoring method according to an embodiment of the present application.
The audio and video monitoring method provided by the embodiment of the application is applied to a monitoring server and can comprise the following steps:
step S101: the CA certificate is issued to the target object through the home CA authentication center, the target object comprises a camera and a monitoring client, the CA certificates of the camera and the monitoring client are issued to the home CA authentication centers to which the cameras and the monitoring client belong, and the home CA authentication centers of different families are different.
It can be understood that the home CA certificate authority may be built in the monitoring server, or may be independent of the monitoring server, and only needs to be able to satisfy that the monitoring server issues the CA certificate for the camera and the monitoring client through the CA certificate authority. The family described in the present application does not specifically refer to a certain family, which is a general name of a region range, that is, the family in the present application may refer to a family, a company, an enterprise, a region, etc., as long as it is a region in which the environment information collected by the camera needs to be checked by the client by monitoring the environment with the aid of the camera.
Referring to fig. 2, fig. 2 is a flowchart illustrating a CA certificate issuing process by a home CA certificate authority to a target object. ACK in the figure denotes an acknowledgement message.
Optionally, the process of issuing the CA certificate to the target object by the home CA certificate authority may include the following steps: receiving a signature certificate request sent by a target object; signing and issuing a signature certificate, and sending the signature certificate to a target object; receiving a first confirmation message sent by a target object after the target object receives and writes a signature certificate into the target object; generating an encryption key pair and issuing an encryption certificate; sending the encryption key pair and the encryption certificate to the target object; receiving a second confirmation message sent by the target object after the target object imports the encryption key pair and writes the encryption certificate into the target object; sending the CA certificate to the target object; and receiving a third confirmation message sent by the target object after the target object writes the CA certificate into the target object. In practical application, before the home CA certificate authority receives a request for signing a certificate sent by a target object, the target object may also generate a signing key pair for the target object to self-issue the certificate. In a specific application scenario, a home CA authentication center can store a private key of a home CA in a UKEY, wherein the UKEY is a reliable and high-speed small-sized storage device which is directly connected with a computer through a USB (universal serial bus interface), has a password verification function, and correspondingly, the UKEY is required to be used every time the home CA authentication center issues a CA certificate for a target object, at the moment, a PIN code can be set for the UKEY, and a user can normally use the UKEY only under the condition that the user inputs the correct PIN code to a UKRY, so that the security of issuing the CA certificate for the target object by the home CA authentication center by means of the UKEY can be improved to a certain extent; when the UKEY of the home CA certificate authority is lost, a new UKEY is required to be reset, the home CA certificate authority is created again, and the CA certificate is issued to the target object again.
Step S102: according to respective CA certificates logged in to the camera and the monitoring client, the CA certificate and the CA certificate of the target monitoring client belong to the camera of the same family CA authentication center and are the target camera of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target camera.
It is understood that, in step S102, according to the descriptions of the respective CA certificates of the camera and the monitoring client logged in to the monitoring server, in the present application, the camera and the monitoring client need to log in to the monitoring server first, and accordingly, in the login process, the monitoring server can verify the identities of the camera and the monitoring client, so as to further ensure the security of the audio and video monitoring method provided by the present application.
Referring to fig. 3, fig. 3 is a flowchart illustrating registration and logging in of a target object to a monitoring server. ACK in the figure denotes an acknowledgement message.
Optionally, the process of registering and logging in the target object to the monitoring server may include the following steps: the target object sends a login request to the monitoring server; after receiving the login request, the monitoring server returns Challenge to the target object; the target object signs the Challenge to generate an identity certificate, and sends the identity certificate to the monitoring server; the monitoring server verifies whether the identity certificate exists or not, if so, the target object is allowed to log in, and if not, an instruction for requiring registration is sent to the target object; after receiving the instruction requiring registration, the target object generates an identity certificate for the Challenge or the License signature of the target object, and sends the License or the identity certificate to the monitoring server; the monitoring server receives and saves the License or the identity certificate, thereby completing the registration process.
In a specific application scenario, in order to further improve the security of the audio/video monitoring method provided by the present application, a target object may register and log in to a monitoring server in a challenge-response digital signature manner, at this time, a dynamic password card needs to be set on the monitoring server and the target object in advance, and a seed key and an encryption algorithm are built in the dynamic password card. The corresponding login, registration procedure may comprise the steps of: the target object sends a login request to the monitoring server; the monitoring server randomly generates a challenge character string and sends the challenge character string to a target object; the target object calculates the challenge character string based on a seed key and an encryption algorithm stored by the target object to obtain a first response character string, and sends the first response character string to the monitoring client; the monitoring client calculates the challenge character string based on the seed key and the encryption algorithm stored by the monitoring client to obtain a second response character string, judges whether the first response character string and the second response character string are consistent, allows the target object to log in if the first response character string and the second response character string are consistent, and sends a dynamic password card of the monitoring client to the target object to complete registration if the first response character string and the second response character string are not consistent. Optionally, in order to further enhance the security of the audio/video monitoring method provided by the present application, the monitoring server may also issue a PIN code for the target object, and accordingly, after the target object sends the login request, the target object may send its PIN code to the monitoring server first, the monitoring server verifies whether the PIN code is correct, if yes, then performs an operation of randomly generating a challenge character string, and if not, does not allow the target object to log in; it should be noted that the PIN code of the camera can be stored in the camera itself, and the PIN code of the camera itself is automatically sent to the monitoring server after the camera is powered on, so as to complete the login of the camera. In a specific application scene, the monitoring server can also inquire and maintain the state of the camera regularly or in real time. In addition, the target object may also be logged in and registered to the monitoring server by using a Protocol such as a Transmission Control Protocol (TCP), which is not specifically limited herein.
After the camera and the monitoring client log in the monitoring server, the monitoring server can determine that the CA certificate is a camera which belongs to a family CA authentication center with the CA certificate of the target monitoring client and is a target camera corresponding to the target client, so that the target monitoring client can acquire audio and video data acquired by the target camera. Taking home a and home B as an example, since the home CA authentication centers of home a and home B are different, the certificates issued by family a and family B for the same camera and the same monitoring client are different, when determining the target camera of the target monitoring client, the monitoring server may determine, according to the CA certificate of the camera, whether the home CA certificate authority that issues the CA certificate for the camera belongs to the home a or the home B, and accordingly, determine, according to the CA certificate of the monitoring client, whether the home CA certificate authority that issues the CA certificate for the monitoring client belongs to the home a or the home B, if the home CA certificate authorities of the camera and the monitoring server both belong to the same home, such as the home a, the monitoring server may use the camera as a target camera of the monitoring client and allow the monitoring client to connect to the camera.
The method for monitoring the audio and video is applied to a monitoring server, and according to respective CA certificates logged in to a camera and a monitoring client, the CA certificate and the CA certificate of a target monitoring client belong to the same camera of a family CA authentication center and are used as a target camera of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target camera; the CA certificates of the camera and the monitoring client are issued by the home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different. In the audio and video monitoring method provided by the application, the respective CA certificates of the camera and the monitoring client are issued by the respective home CA certificate centers to which the cameras and the monitoring client belong, and the family CA authentication centers of all families are different, namely, each family has a family CA authentication center, namely, the CA authentication center is mastered in the hands of the family, and CA certificates of the camera to which the monitoring server is applied and the monitoring client are issued by the home CA certificate authority, thereby the control right of the respective certificates of the camera and the monitoring client is controlled in the hands of the family, compared with the prior art that the CA authentication center is held in the hands of a third party organization or an operator, even if the attacker obtains the encryption key pair, the family can completely change the family CA authentication center by himself to generate a new safe CA certificate, and the safety can be improved to a certain extent.
Referring to fig. 4, fig. 4 is a real-time flowchart of an audio/video monitoring method according to an embodiment of the present application. The ACK in the figure indicates a corresponding acknowledgement message.
In the audio and video monitoring method provided in the embodiment of the present application, before logging in to the respective CA certificates of the camera and the monitoring client of the audio and video monitoring method, the method may further include:
receiving authority management information sent by an administrator client, wherein the authority management information is used for representing camera information which is allowed to be connected by a monitoring client and belongs to the same family;
according to respective CA certificates logged in to a camera of the client and a monitoring client, determining that the CA certificate and the CA certificate of the target monitoring client belong to a camera of the same family CA authentication center, and the target camera of the target monitoring client is a target camera of the target monitoring client, wherein the method specifically comprises the following steps:
and determining that the CA certificate and the CA certificate of the target monitoring client belong to the same family CA authentication center and meet the authority management information according to the respective CA certificates of the camera and the monitoring client logged in to the camera, and the camera is the target camera of the target monitoring client.
In practical application, in order to further improve the security of the audio and video monitoring method provided by the application, the monitoring server may further determine a target camera that can be connected to the target client according to the authority management information set by the administrator client. Taking a home camera installed in a kitchen, a bedroom, a living room, a toilet and a doorway as an example, if the authority management information set by the administrator client indicates that the monitoring client can only access the cameras installed in the living room and the bedroom, the monitoring server determines that the monitoring client can only be connected with the cameras installed in the kitchen, the bedroom, the living room, the toilet and the doorway of the home according to the cameras and the CA certificate of the monitoring client, and then determines that the target camera of the monitoring client can only be the camera installed in the living room and the bedroom according to the authority management information set by the administrator client. In a specific application scenario, a monitoring client that logs in to a monitoring server first in a family may be used as an administrator client. When there are multiple monitoring clients, the administrator client may determine the authority management information of each monitoring client by using the identification information of each monitoring client. In addition, the administrator client also has the number of monitoring clients to which one camera is connected and the authority of the monitoring clients to be cancelled. In addition, the administrator client can also request the monitoring server for the authority management information stored in the monitoring server, and modify the authority management information according to actual needs.
Referring to fig. 4, in the audio and video monitoring method provided in the embodiment of the present application, after determining that the CA certificate and the CA certificate of the target monitoring client belong to the same camera of the home CA authentication center and are the target camera of the target monitoring client, the method may further include:
step 1: and sending the information of the target camera to the target monitoring client.
In practical application, the information of the target camera may include an identifier, an installation position, an online state, and the like of the target camera, and the target monitoring client may determine whether to connect the target camera according to the information of the target camera. In a specific application scenario, the monitoring server may perform an operation of sending information of the target camera to the target client only after receiving a request for querying the camera sent by the monitoring client.
Step 2: and transmitting the connection request sent by the target monitoring client to the target camera.
And after the target monitoring client determines to be connected with the target camera according to the information of the target camera, the monitoring server transmits a connection request sent by the target monitoring client to the target camera.
And step 3: transmitting a first identity authentication request and a first key negotiation request sent by a target camera to a target monitoring client; and transmitting a second identity authentication request and a second key negotiation request sent by the target monitoring client to the target camera.
After receiving the connection request, the target camera needs to complete mutual identity authentication with the target monitoring client, and determines a negotiation key in the identity authentication process, wherein the negotiation key is used for encrypting audio and video data by the target camera or decrypting the encrypted audio and video data by the target monitoring client. In the mutual identity authentication process of the target monitoring client and the target camera, a first verification question can be preset in the target camera, a first answer of the first verification question is arranged in the target monitoring client which can be connected with the target camera, a second verification question is arranged in the target monitoring client, a second answer of the second verification question is arranged in the target camera which can be connected with the target monitoring client, correspondingly, a first identity authentication request sent by the target camera can carry the answer of the target camera to the second question, after the answer of the target camera to the second question is verified to be consistent with the second answer by the target monitoring client, the identity of the target camera is verified to be correct, the target camera is allowed to be connected with the target camera, the answer of the target camera to the first question is sent to the target camera, after the answer of the target monitoring client to the first question is verified to be consistent with the first answer by the target camera, verifying that the identity of the target monitoring client is correct, and allowing the target monitoring client to be connected with the target monitoring client, wherein at the moment, the target monitoring client is connected with the target camera; in a specific application scenario, the target monitoring client and the target camera may also complete mutual identity authentication by means of a Public Key Infrastructure (PKI), and the principle of the mutual identity authentication may refer to the principle of completing identity authentication of both parties by means of the PKI in the prior art, and of course, there may be other identity authentication processes, which is not specifically limited in this application. For the key agreement, the first key agreement request may include a key agreement generated by the target camera, and the second key agreement request may include a confirmation message for the key agreement in the first key agreement request; that is, the target camera generates a negotiation key, writes the negotiation key into the first key negotiation request, and sends the negotiation key to the target monitoring client via the monitoring server, the target monitoring client analyzes the negotiation key in the first key negotiation request, if the negotiation key is identified, the negotiation key is stored, and a confirmation message is written into the second key negotiation request and sent to the target camera via the monitoring server, and after the confirmation message in the second key negotiation request is analyzed by the target camera, the negotiation key is determined to be the negotiation key between the two; when the target monitoring client does not agree with the negotiation key generated by the target camera, the target monitoring client may write a different agreement message in the second key negotiation request, and may also write the negotiation key agreed by itself, so that the target camera determines the final negotiation key by means of the second key negotiation request, that is, in a specific application scenario, the target monitoring client and the target camera may determine the final negotiation key by means of the first key negotiation request and the second key negotiation request multiple times.
And 4, step 4: and after the target camera and the target monitoring client verify the identity of the other party to be correct by means of the first identity authentication request and the second identity authentication request and determine a negotiation key by means of the first key negotiation request and the second key negotiation request, forwarding a request for acquiring audio and video data, which is sent by the target monitoring client, to the target camera.
After the target camera and the target monitoring client confirm that the identity of the other party is correct and determine the negotiation key, the monitoring server can forward a request for acquiring audio and video data sent by the target monitoring client to the target camera, so that the target camera sends encrypted audio and video data generated by encrypting the acquired original audio and video data by using the negotiation key.
And 5: and judging whether encrypted audio and video data generated after the acquired original audio and video data is encrypted by means of the negotiation key and sent by the target camera is received, and if so, forwarding the encrypted audio and video data to the target monitoring client.
In practical application, the target camera can send the encrypted audio and video data to the target monitoring client by means of the monitoring server, and the monitoring server does not negotiate a secret key and does not know the encryption algorithm of the target camera, so that the monitoring server cannot decrypt the encrypted audio and video data to obtain the audio and video data acquired by the target camera. It is understood that when the original audio and video data is large, the target camera needs to circularly execute the operation of encrypting the original data, and correspondingly, the monitoring server needs to circularly execute the step of forwarding the encrypted audio and video data to the target monitoring client.
Referring to fig. 4, in the audio/video monitoring method provided in the embodiment of the present application, after transmitting the second identity authentication request and the second key agreement request sent by the target monitoring client to the target camera, before forwarding the request for acquiring audio/video data sent by the target monitoring client to the target camera, the method may further include:
receiving a request for acquiring P2P punching parameters sent by a target camera and a target monitoring client;
sending P2P hole punching parameters to a target camera and a target monitoring client;
judging whether a notice of using a transfer mode sent by a target monitoring client is received or not, if so, forwarding the notice of using the transfer mode to a target camera, and executing a step of forwarding a request for acquiring audio and video data sent by the target monitoring client to the target camera; if not, directly executing the step of forwarding the request for acquiring the audio and video data sent by the target monitoring client to the target camera.
In practical application, in order to save traffic consumed by the audio and video monitoring method provided by the embodiment of the present application, the monitoring server may further receive a request for obtaining a P2P hole punching parameter sent by the target camera and the target monitoring client, and then send the P2P hole punching parameter to the target camera and the target monitoring client, and after the target monitoring client and the target camera complete P2P hole punching by means of the P2P hole punching parameter, the data transmission may be directly performed by means of P2P hole punching. In a specific application scenario, the target monitoring client and the target camera may complete P2P hole punching by using UDP (User Datagram Protocol).
Referring to fig. 4, in the audio/video monitoring method provided in the embodiment of the present application, after forwarding the encrypted audio/video data to the target monitoring client, the method may further include:
forwarding a disconnection request sent by a target monitoring client to a target camera;
and forwarding a fourth confirmation message which is sent by the target camera and corresponds to the request of disconnection to the target monitoring client.
In practical application, after forwarding the encrypted audio and video data to the target monitoring client, the monitoring server may also forward a disconnection request sent by the target monitoring client to the target camera, and forward a fourth confirmation message agreeing to the disconnection and sent by the target camera to the target monitoring client, so as to complete the operation of disconnecting the target monitoring client and the target camera.
The application also provides an audio and video monitoring system which has the corresponding effect of the audio and video monitoring method provided by the embodiment of the application. Referring to fig. 5, fig. 5 is a schematic structural diagram of an audio/video monitoring system according to an embodiment of the present application.
The audio and video monitoring system provided by the embodiment of the application is characterized in that the audio and video monitoring system is applied to a monitoring server 101 and comprises the following components:
the determining module 1011 is configured to determine, according to the respective CA certificates of the camera 102 and the monitoring client 103 logged in to the monitoring server, that the CA certificate and the CA certificate of the target monitoring client belong to a camera of the same home CA authentication center, and the CA certificate of the target monitoring client are target cameras of the target monitoring client, so that the target monitoring client obtains audio and video data acquired by the target cameras;
the CA certificates of the camera and the monitoring client are issued by the home CA certificate centers to which the cameras and the monitoring client belong, and the home CA certificate centers of different families are different.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the issuing module is used for determining that the module issues a certificate for the target object through a family CA (certificate Authority) authentication center before respective CA certificates of the camera logged in the monitoring server and the monitoring client; the target object comprises a camera and a monitoring client;
wherein the module of awarding is specifically configured to:
receiving a signature certificate request sent by a target object;
signing and issuing a signature certificate, and sending the signature certificate to a target object;
receiving a first confirmation message sent by a target object after the target object receives and writes a signature certificate into the target object;
generating an encryption key pair and issuing an encryption certificate;
sending the encryption key pair and the encryption certificate to the target object;
receiving a second confirmation message sent by the target object after the target object imports the encryption key pair and writes the encryption certificate into the target object;
sending the CA certificate to the target object;
and receiving a third confirmation message sent by the target object after the target object writes the CA certificate into the target object.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the first receiving module is used for receiving a login request sent by a target object before the determining module logs in the CA certificates of the camera of the monitoring server and the monitoring client, wherein the target object comprises the camera or the monitoring client;
the return module is used for returning the challenge corresponding to the login request to the target object;
the second receiving module is used for receiving an identity certificate which is sent by the target object and generated after the challenge is signed;
and the verification module is used for verifying whether the identity certificate exists or not, and if so, allowing the target object to log in.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the third receiving module is used for receiving the authority management information sent by the administrator client before the determining module logs in the cameras and the CA certificates of the monitoring client, wherein the authority management information is used for representing the camera information which is allowed to be connected by the monitoring client and belongs to the same family;
accordingly, the determining module may include:
and the determining unit is used for determining that the CA certificate and the CA certificate of the target monitoring client belong to the same family CA authentication center according to the respective CA certificates logged in the camera and the monitoring client, and the camera meeting the authority management information is the target camera of the target monitoring client.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the first sending module is used for determining that the CA certificate and the CA certificate of the target monitoring client belong to the same camera of the family CA authentication center, and sending the information of the target camera to the target monitoring client after the CA certificate and the CA certificate of the target monitoring client are the target camera of the target monitoring client;
the first transmission module is used for transmitting a connection request sent by the target monitoring client to the target camera;
the second transmission module is used for transmitting the first identity authentication request and the first key negotiation request sent by the target camera to the target monitoring client;
the third transmission module is used for transmitting a second identity authentication request and a second key negotiation request sent by the target monitoring client to the target camera;
the first forwarding module is used for forwarding a request for acquiring audio and video data sent by the target monitoring client to the target camera after the target camera and the target monitoring client verify that the identity of the other party is correct by virtue of the first identity authentication request and the second identity authentication request and determine a negotiation key by virtue of the first key negotiation request and the second key negotiation request;
the first judgment module is used for judging whether encrypted audio and video data which are generated after the acquired original audio and video data are encrypted by means of the negotiation key and sent by the target camera are received or not, and if yes, the encrypted audio and video data are forwarded to the target monitoring client.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the fourth receiving module is used for receiving the requests for acquiring the P2P hole punching parameters, which are sent by the target camera and the target monitoring client, after the third transmission request transmits the second identity authentication request and the second key negotiation request sent by the target monitoring client to the target camera and before the first forwarding module forwards the request for acquiring the audio and video data, which is sent by the target monitoring client, to the target camera;
the second sending module is used for sending the P2P hole punching parameters to the target camera and the target monitoring client;
the second judgment module is used for judging whether a notice of using the transfer mode sent by the target monitoring client is received or not, if so, the notice of using the transfer mode is forwarded to the target camera, and the first forwarding module is prompted to execute the step of forwarding the request of acquiring the audio and video data sent by the target monitoring client to the target camera; if not, directly prompting the first forwarding module to execute the step of forwarding the request for acquiring the audio and video data sent by the target monitoring client to the target camera.
In the audio and video monitoring system provided in the embodiment of the present application, the audio and video monitoring system may further include:
the second forwarding module is used for forwarding a disconnection request sent by the target monitoring client to the target camera after the first forwarding module forwards the encrypted audio and video data to the target monitoring client;
and the third forwarding module is used for forwarding a fourth confirmation message which is sent by the target camera and corresponds to the request for disconnection to the target monitoring client.
Referring to fig. 6, fig. 6 is a schematic structural diagram and a data transmission diagram of an audio/video monitoring device provided in an embodiment of the present application in practical application. The audio and video monitoring device provided by the application comprises a family CA authentication center, a monitoring server, a monitoring client and a camera, wherein the functions of all devices require the relevant description in the embodiment; the camera and the monitoring client are internally provided with a password module, and the password module of the camera and the password module of the monitoring client are used for realizing identity authentication, key agreement and P2P hole negotiation between the camera and the monitoring client and establishing connection between the camera and the monitoring client and the monitoring server through a TCP (transmission control protocol); the camera acquires original audio and video data by means of an audio and video sensor of the camera, encodes the original audio and video data to generate encoded audio and video data, encrypts the encoded audio and video data by combining a negotiation key to generate encrypted audio and video data, can directly send the encrypted audio and video data to a monitoring client by means of P2P punching, and can transfer the encrypted audio and video data to the monitoring client by means of the monitoring client; the monitoring client side decrypts the encrypted audio and video data by adopting the negotiation key to obtain encoded audio and video data, decodes the encoded audio and video data to obtain original audio and video data, and then can select video display or store the original audio and video data.
The application also provides an audio and video monitoring server and a computer readable storage medium, which both have the corresponding effects of the audio and video monitoring method provided by the embodiment of the application. Referring to fig. 7, fig. 7 is a schematic structural diagram of an audio/video monitoring server according to an embodiment of the present application.
The audio and video monitoring server provided by the embodiment of the application can comprise:
a memory 201 for storing a computer program;
the processor 202 is configured to implement the steps of the audio/video monitoring method described in any of the above embodiments when executing the computer program.
Referring to fig. 8, another audio/video monitoring server provided in the embodiment of the present application may further include: an input port 203 connected to the processor 202, for transmitting externally input commands to the processor 202; a display unit 204 connected to the processor 202, for displaying the processing result of the processor 202 to the outside; and the communication module 205 is connected with the processor 202 and is used for realizing communication between the audio and video monitoring server and the outside. The display unit 202 may be a display panel, a laser scanning display, or the like; the communication method adopted by the communication module 205 includes, but is not limited to, mobile high definition link technology (HML), Universal Serial Bus (USB), High Definition Multimedia Interface (HDMI), and wireless connection: wireless fidelity technology (WiFi), bluetooth communication technology, bluetooth low energy communication technology, ieee802.11s based communication technology.
In the computer-readable storage medium provided in the embodiments of the present application, a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the audio and video monitoring method described in any of the above embodiments are implemented.
The computer-readable storage media to which this application relates include Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage media known in the art.
For a description of a relevant part in an audio and video monitoring system, a server, and a computer-readable storage medium provided in the embodiments of the present application, reference is made to detailed descriptions of a corresponding part in an audio and video monitoring method provided in the embodiments of the present application, and details are not repeated here. In addition, parts of the above technical solutions provided in the embodiments of the present application, which are consistent with the implementation principles of corresponding technical solutions in the prior art, are not described in detail so as to avoid redundant description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. An audio and video monitoring method is applied to a monitoring server and comprises the following steps:
determining that a CA certificate and a CA certificate of a target monitoring client belong to a camera of the same family CA authentication center according to respective CA certificates of a camera and the monitoring client logged in to the target monitoring client, wherein the CA certificate and the CA certificate of the target monitoring client are the target camera of the target monitoring client, so that the target monitoring client acquires audio and video data acquired by the target camera;
the CA certificates of the camera and the monitoring client are issued by home CA certification centers to which the cameras and the monitoring client belong, and the home CA certification centers of all the families are different;
before logging in to the respective CA certificates of the camera and the monitoring client, the method further comprises the following steps:
receiving a login request sent by a target object, wherein the target object comprises the camera or the monitoring client;
returning the challenge corresponding to the login request to the target object;
receiving an identity certificate which is sent by the target object and generated after the challenge is signed;
and verifying whether the identity certificate exists or not, and if so, allowing the target object to log in.
2. The method according to claim 1, wherein before the respective CA certificates of the camera and the monitoring client which are logged on to themselves, the method further comprises:
issuing a CA certificate for a target object through the home CA authentication center; the target object comprises the camera and the monitoring client;
the process that the home CA authentication center issues a CA certificate for the target object comprises the following steps:
receiving a signature certificate request sent by the target object;
signing and issuing a signature certificate and sending the signature certificate to the target object;
receiving a first confirmation message sent by the target object after the target object receives and writes the signature certificate into the target object;
generating an encryption key pair and issuing an encryption certificate;
sending the encryption key pair and the encryption certificate to the target object;
receiving a second confirmation message sent by the target object after the target object imports the encryption key pair and writes the encryption certificate into the target object;
sending a CA certificate to the target object;
and receiving a third confirmation message sent by the target object after the target object writes the CA certificate into the target object.
3. The method according to claim 1, wherein before the respective CA certificates of the camera and the monitoring client which are logged on to themselves, the method further comprises:
receiving authority management information sent by an administrator client, wherein the authority management information is used for representing the camera information which is allowed to be connected by the monitoring client and belongs to the same family;
according to respective CA certificates of a camera and a monitoring client which log in to the camera, the camera which determines that the CA certificate and the CA certificate of a target monitoring client belong to the same family CA authentication center is a target camera of the target monitoring client, and the method comprises the following steps:
and determining that the CA certificate and the CA certificate of the target monitoring client belong to the same family CA authentication center and the camera meeting the authority management information is the target camera of the target monitoring client according to the respective CA certificates of the camera and the monitoring client logged in to the camera.
4. The method according to any one of claims 1 to 3, wherein the determining that the CA certificate and the CA certificate of the target monitoring client belong to a camera of the same home CA authentication center, and after the determining that the CA certificate and the CA certificate of the target monitoring client are the target camera of the target monitoring client, further comprises:
sending the information of the target camera to the target monitoring client;
transmitting a connection request sent by the target monitoring client to the target camera;
transmitting a first identity authentication request and a first key agreement request sent by the target camera to the target monitoring client;
transmitting a second identity authentication request and a second key negotiation request sent by the target monitoring client to the target camera;
after the target camera and the target monitoring client verify that the identity of the other party is correct by means of the first identity authentication request and the second identity authentication request and determine a negotiation key by means of the first key negotiation request and the second key negotiation request, forwarding a request for acquiring audio and video data, which is sent by the target monitoring client, to the target camera;
and judging whether encrypted audio and video data which is generated after the acquired original audio and video data is encrypted by means of the negotiation key and is sent by the target camera is received, if so, forwarding the encrypted audio and video data to the target monitoring client.
5. The method according to claim 4, wherein after transmitting the second identity authentication request and the second key agreement request sent by the target monitoring client to the target camera and before forwarding the request for acquiring audio and video data sent by the target monitoring client to the target camera, the method further comprises:
receiving a request for acquiring P2P hole punching parameters sent by the target camera and the target monitoring client;
sending the P2P hole punching parameters to the target camera and the target monitoring client;
judging whether a notice of using a transfer mode sent by the target monitoring client is received or not, if so, forwarding the notice of using the transfer mode to the target camera, and executing the step of forwarding the request of acquiring audio and video data sent by the target monitoring client to the target camera; if not, directly executing the step of forwarding the request for acquiring the audio and video data sent by the target monitoring client to the target camera.
6. The method according to claim 4, wherein after forwarding the encrypted audio-video data to the target monitoring client, the method further comprises:
forwarding a disconnection request sent by the target monitoring client to the target camera;
and forwarding a fourth confirmation message which is sent by the target camera and corresponds to the disconnection request to the target monitoring client.
7. An audio and video monitoring system is characterized in that the system is applied to a monitoring server and comprises:
the determining module is used for determining that the CA certificate and the CA certificate of the target monitoring client belong to the same camera of a family CA authentication center according to respective CA certificates logged in to the camera and the monitoring client, and the CA certificate of the target monitoring client are the target camera of the target monitoring client, so that the target monitoring client can acquire audio and video data acquired by the target camera;
the CA certificates of the camera and the monitoring client are issued by home CA certification centers to which the cameras and the monitoring client belong, and the home CA certification centers of all the families are different;
wherein, still include:
the first receiving module is used for receiving a login request sent by a target object before the determining module logs in the CA certificates of the camera and the monitoring client of the determining module, wherein the target object comprises the camera or the monitoring client;
a returning module, configured to return the challenge corresponding to the login request to the target object;
a second receiving module, configured to receive an identity credential generated after the challenge is signed and sent by the target object;
and the verification module is used for verifying whether the identity certificate exists or not, and if so, allowing the target object to log in.
8. An audio/video monitoring server, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the audiovisual monitoring method as claimed in any of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the audio-video monitoring method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810878561.XA CN108989034B (en) | 2018-08-03 | 2018-08-03 | Audio and video monitoring method and system, monitoring server and computer medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810878561.XA CN108989034B (en) | 2018-08-03 | 2018-08-03 | Audio and video monitoring method and system, monitoring server and computer medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108989034A CN108989034A (en) | 2018-12-11 |
| CN108989034B true CN108989034B (en) | 2021-09-14 |
Family
ID=64554839
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810878561.XA Active CN108989034B (en) | 2018-08-03 | 2018-08-03 | Audio and video monitoring method and system, monitoring server and computer medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108989034B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114157646A (en) * | 2021-11-05 | 2022-03-08 | 北方工业大学 | Domestic password application system and application method for video monitoring terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1750650A (en) * | 2005-10-31 | 2006-03-22 | 北京中星微电子有限公司 | Monitoring system based on internet |
| CN101374141A (en) * | 2007-08-23 | 2009-02-25 | 浙江省电信有限公司 | TCP NAT crossing method base on PCP protocol |
| CN101848374A (en) * | 2010-04-30 | 2010-09-29 | 大唐电信科技股份有限公司 | Wireless video monitoring system and wireless video monitoring method thereof |
| CN103491540A (en) * | 2013-09-18 | 2014-01-01 | 东北大学 | Wireless local area network two-way access authentication system and method based on identity certificates |
| CN107888560A (en) * | 2017-10-12 | 2018-04-06 | 深圳市中易通安全芯科技有限公司 | A kind of mobile intelligent terminal mail security Transmission system and method |
-
2018
- 2018-08-03 CN CN201810878561.XA patent/CN108989034B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1750650A (en) * | 2005-10-31 | 2006-03-22 | 北京中星微电子有限公司 | Monitoring system based on internet |
| CN101374141A (en) * | 2007-08-23 | 2009-02-25 | 浙江省电信有限公司 | TCP NAT crossing method base on PCP protocol |
| CN101848374A (en) * | 2010-04-30 | 2010-09-29 | 大唐电信科技股份有限公司 | Wireless video monitoring system and wireless video monitoring method thereof |
| CN103491540A (en) * | 2013-09-18 | 2014-01-01 | 东北大学 | Wireless local area network two-way access authentication system and method based on identity certificates |
| CN107888560A (en) * | 2017-10-12 | 2018-04-06 | 深圳市中易通安全芯科技有限公司 | A kind of mobile intelligent terminal mail security Transmission system and method |
Non-Patent Citations (1)
| Title |
|---|
| On Using TPM for Secure Identities in Future Home Networks;Holger Kinkelin等;《Future Internet 2011》;20110107;第1.2节-1.3节 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108989034A (en) | 2018-12-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112260995B (en) | Access authentication method, device and server | |
| JP7152466B2 (en) | Secure communication method and smart lock system based thereon | |
| TWI780047B (en) | Identity authentication method, device and system | |
| CN111049660B (en) | Certificate distribution method, system, device and equipment, and storage medium | |
| WO2019120091A1 (en) | Identity authentication method and system, and computing device | |
| WO2018214777A1 (en) | Data communication method, device and apparatus, and storage medium | |
| CN103517273B (en) | Authentication method, managing platform and Internet-of-Things equipment | |
| CN105472192B (en) | The smart machine, terminal device and method realizing control security certificate and sharing | |
| EP1610202B1 (en) | Using a portable security token to facilitate public key certification for devices in a network | |
| US10511587B2 (en) | Authorization apparatus and method for an authorized issuing of an authentication token for a device | |
| CN106713279B (en) | video terminal identity authentication system | |
| CN103763356A (en) | Establishment method, device and system for connection of secure sockets layers | |
| CN103166931A (en) | Method, device and system of transmitting data safely | |
| KR101686167B1 (en) | Apparatus and Method for Certificate Distribution of the Internet of Things Equipment | |
| CN102624740A (en) | Data interaction method, client and server | |
| CN111756529B (en) | Quantum session key distribution method and system | |
| CN105553666B (en) | Intelligent power terminal safety authentication system and method | |
| CN111343613A (en) | Method and apparatus to establish secure low energy wireless communication in a process control system | |
| CN110933484A (en) | Management method and device of wireless screen projection equipment | |
| CN111478923A (en) | Access request response method and device and electronic equipment | |
| CN113411187B (en) | Identity authentication method and system, storage medium and processor | |
| JP5992535B2 (en) | Apparatus and method for performing wireless ID provisioning | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| CN104754571A (en) | User authentication realizing method, device and system thereof for multimedia data transmission | |
| US10972912B1 (en) | Dynamic establishment of trust between locally connected devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 215011 23rd Floor, Building 3, Suzhou Pioneer Park, 209 Zhuyuan Road, Suzhou High-tech Zone, Jiangsu Province Applicant after: Suzhou Guoxin Technology Co., Ltd. Address before: 215011 23rd Floor, Building 3, Suzhou Pioneer Park, 209 Zhuyuan Road, Suzhou High-tech Zone, Jiangsu Province Applicant before: C*Core Technology (Suzhou) Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |