Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for safe cross-domain access to SIP video monitoring system

A technology of video monitoring system and access method, which is applied in the field of safe cross-domain access of SIP video monitoring system, can solve the problems of destroying information integrity, high system cost, time extension, etc., and achieve resistance to counterfeit SIP server attacks and replay attacks , Satisfy the effect of real-time performance and security, security capability negotiation guarantee

Active Publication Date: 2010-06-09
THE FIRST RES INST OF MIN OF PUBLIC SECURITY +1
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] 5) Destruction of message integrity (Message Integrity) - the attacker inserts offensive data into the information data accessed across domains, destroying the integrity of the information transmitted by both parties in communication
Since S / MIME encrypts, signs, or both encrypts and signs the message body or even the entire message, the encryption result and signature result must be transmitted as part of the message body, so the SIP message will be very long, so the transport layer It is necessary to use the TCP protocol instead of the UDP method recommended by the SIP protocol for transmission. TCP establishes a long connection, which is a big bottleneck for system performance.
In addition, S / MIME is based on certificate authentication, and the trust relationship must be re-established for each session, so the cost of the system is high and the delay is long
Not suitable for system applications with strong real-time requirements

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for safe cross-domain access to SIP video monitoring system
  • Method for safe cross-domain access to SIP video monitoring system
  • Method for safe cross-domain access to SIP video monitoring system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments. A secure cross-domain access method for a SIP video surveillance system proposed by the present invention includes two-way identity authentication during cross-domain routing detection and subsequent cross-domain access signaling authentication. Two steps; the two-way identity authentication during cross-domain routing detection is implemented based on the challenge response mechanism by extending the INVITE method defined in RFC3261. In this process, SIP server 1 of domain 1 and SIP server 2 of domain 2 conduct Negotiation of security capabilities, identity authentication based on digital certificates, and secure exchange of shared key seed 12 from SIP server 1 to SIP server 2 and shared key seed 21 from SIP server 2 to SIP server 1, and as a The identity of the SIP server. Subsequent cross-domain access signaling authentication is rea...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for the safe cross-domain access to an SIP video monitoring system. In the method, an INVITE method defined in RFC 3261 is expanded to complete cross-domain route exploration, server safety capacity negotiation and inter-server bidirectional identity authentication and safely transmit two shared keys between servers, and after the route exploration is completed, the digest computing of information on the two shared keys, user identity and the like guarantees the legality of a follow-up cross-domain signaling source so as to guarantee the safety of the cross-domain access of a user. The method solves the safety problem of cross-domain access, prevents phishing server attack and replay attack, solves single sing-on problem of the cross-domain access user and ensures simple safety capacity negotiation and digest authentication-based signaling safety. And due to the high efficiency of the digest computing, the high efficiency of the system is achieved, and the real-time and high application value of the system are guaranteed.

Description

technical field [0001] The invention relates to a secure cross-domain access method for a SIP video surveillance system, belonging to the technical fields of communication and video surveillance. technical background [0002] At present, the cross-domain access structure of the SIP video surveillance system is as follows: figure 1 As shown, user 1 of domain 1 accesses camera 2 of domain 2 across domains. The information exchanged in the cross-domain access includes real-time and historical video and audio, log information, configuration of front-end equipment, control operations and other information. Among them, video and audio Information is generally transmitted through the establishment of an RTP channel under the control of SIP signaling. Under the control of SIP signaling, large file information is transmitted through protocols such as FTP, and other shorter information is directly carried by the message body of SIP signaling. If an attacker masters SIP signaling, he...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04N7/18H04L29/06
Inventor 陈朝武栗红梅张本锋崔云红王建勇赵惠芳李硕刘峰王学华
Owner THE FIRST RES INST OF MIN OF PUBLIC SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com