Radius-based video monitoring platform security certification method

A technology of security authentication and video surveillance, applied in electrical components, transmission systems, etc., can solve problems such as business data theft, disallowed diffusion and dissemination, hidden dangers of platform system security, etc., to improve security, prevent intrusion, and reduce security risk effect

Active Publication Date: 2017-05-17
武汉微创光电股份有限公司
8 Cites 6 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0002] For the security management of the video surveillance platform, the existing authentication and authorization methods are not perfect, and there are cases where key services are not authorized, which brings serious security risks to the platform system, such as the highway video surveillance system where security is very important, business Information must be closed within the monitoring...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention discloses a Radius-based video monitoring platform security certification method, comprising: defining a user model by a monitoring platform; specifying by the monitoring platform, a Radius server to load an authorization mechanism base; allowing a manager to configure user information for a user through the Radius server; allowing the user to issue an access request to a network access server through a client, and issuing a certification request to the Radius server by the network access server; certificating and returning certification results by the Radius server; receiving the certification results by the network access server, and executing or denying a user-requested operation. The Radius-based security certification method enables certification login authorization and certification authorization to be carried out in a video monitoring platform so as to judge whether a user has real user information or not, invasion of a hacker can be effectively stopped, the security risk of a business system is lessened, and video monitoring platform management safety is improved.

Application Domain

Technology Topic

Image

  • Radius-based video monitoring platform security certification method

Examples

  • Experimental program(2)

Example Embodiment

[0050] Example one:
[0051] S1: The monitoring platform defines the user name, password, role, management domain, and loads the authority database.
[0052] S2: The monitoring platform specifies the Radius server to load the authorization mechanism library for authentication login authorization.
[0053] S3: The administrator configures user names, passwords, roles, and management domains for users through the Radius server.
[0054] S4: The role of a user is A and the management domain is section S. The user initiates a request to the network access server to access the historical monitoring records of video source 1 through the client, and the network access server initiates an authentication request to the Radius server. The value of authentication authority carried in it is historical browsing, and the authentication domain resource list is video source 1.
[0055] S5: The Radius server first judges whether the user is logged in; if it is logged in, it judges whether the user name exists; if the user name exists, it judges whether the password matches; if the password matches, it sends an authentication request to the authority database, and the authority database checks Whether the user has the historical browsing permission in the role, if so, that is, the authentication is passed, then the authentication operation is performed, that is, it is judged whether the video source 1 manages the resource subset of the S section of the domain, and if it is, the authentication is passed. If all the above passes, the authentication is considered successful, otherwise the authentication fails.
[0056] S6: If the authentication is successful, the Radius server returns the authentication success to the network access server, and the network access server performs the operation requested by the user; if the authentication fails, the Radius server returns the authentication failure to the network access server, and the Radius server rejects what the user requested operating.
[0057] S7: The permissions configured for role A in the user information are real-time monitoring and historical browsing, and the permissions of role B are real-time monitoring and video wall scheduling. When the administrator modifies the user information on the Radius server and changes the role of the user from A to B:
[0058] S8: The user re-initiates a request to the network access server to access the historical monitoring records of video source 1 through the client, and the network access server initiates an authentication request to the Radius server. The authentication request carries the authentication authority value for historical browsing and authentication. The domain resource list is video source 1. Since the Radius server uses the cached user information for authentication, the authentication succeeds, and the network access server executes the user's operation request.
[0059] S9: After the user logs out, log in again and request access to the historical monitoring records of video source 1. The network access server initiates an authentication request, and the Radius server uses the modified user information for authentication. The authentication fails due to authentication failure. The network access server rejected the user's operation request.

Example Embodiment

[0060] Example two
[0061] Under the user model of the first embodiment, the monitoring platform specifies the Radius server to load the authorization mechanism library for authentication and authorization.
[0062] S1: The administrator configures user names, passwords, roles, and management domains for users through the Radius server.
[0063] S2: The role of a user is A and the management domain is section S. The user initiates a request to the network access server to access the historical monitoring records of video source 1 through the client, and the network access server initiates an authentication request to the Radius server. The value of authentication authority carried in it is historical browsing, and the authentication domain resource list is video source 1.
[0064] S3: The Radius server first determines whether the user name exists; if the user name exists, it determines whether the password matches; if the password matches, it sends an authentication request to the authority database, and the authority database checks whether the user has historical browsing authority in the role. Owned, that is, the authentication is passed, then the authentication operation is performed, that is, it is judged whether the video source 1 manages the resource subset of the road section S, and if it is, the authentication is passed. If all the above passes, the authentication is considered successful, otherwise the authentication fails.
[0065] S4: If the authentication is successful, the Radius server returns the authentication success to the network access server, and the network access server performs the operation requested by the user; if the authentication fails, the Radius server returns the authentication failure to the network access server, and the Radius server rejects what the user requested operating.
[0066] S5: Video source 1 is the resource of the S section of the management domain. When the administrator modifies the user information on the Radius server and changes the user's management domain from S section to P section:
[0067] S6: The user re-initiates a request to the network access server to access the video surveillance history record of video source 1 through the client, and the network access server initiates an authentication request to the Radius server. The authentication request carries the authentication authority value as historical browsing, and The list of authentication domain resources is video source 1. The Radius server uses the modified user information for authentication. Since the video source 1 is not a subset of the resource list of the management domain P section, the authentication domain fails, and the authentication fails, and the network access server rejects the user's operation request.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

Electric screen device

InactiveUS6357390B1Prevent intrusionElectric shock equipmentsPisciculture and aquariaElectric fieldPeak value
Owner:HITACHI ZOSEN CORP

Classification and recommendation of technical efficacy words

  • Prevent intrusion
  • Reduce security risks

Automatic driving system

Owner:CHERY AUTOMOBILE CO LTD

Power safety socket device

Owner:东莞科奔电器有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products