[0087] The following briefly describes the implementation of the system of the present invention to form an operable business system:
[0088] In order to construct a large-scale remote video monitoring system, like other public telecommunication networks, the system of the present invention also performs hierarchical networking according to the monitored area and business needs, that is, adopts a multi-level monitoring center architecture. The regional monitoring sub-center, as a control platform for the monitoring and management of multiple monitoring sites within the jurisdiction of the region, needs to report the monitoring status to its superior monitoring center, and the superior monitoring center conducts business summary and certification for its sub-centers And management. In order to realize the operation and unified management of national remote video surveillance services, the surveillance service system must be hierarchically networked. Figure 4 The three-level organizational structure of the business operation system is shown: the national monitoring center, the regional monitoring center and the edge monitoring center. Each edge monitoring center can manage multiple front-end monitoring devices.
[0089] If the telecom operator manages and operates the remote video surveillance service system, the following related functions need to be added to the operation support platform: service activation, user authentication and authority management, system management, network management, equipment management, billing and accounting Service management, etc.
[0090] If the telecommunication operator provides the network environment and leases the link to the user (or forms a private network through a virtual private network VPN), and the user manages and maintains it by himself, the following functions can be set in the monitoring center: service activation, user Authentication and authority management, system management, billing and account management, etc.
[0091] In order to meet the needs of popularization, application and development of the video surveillance system, the video surveillance system of the present invention retains an open interface to meet and adapt to the interconnection and intercommunication requirements with other front-end surveillance equipment and surveillance centers of different manufacturers, and may gradually Increased business requirements for intercommunication with video conferencing systems and streaming media-based communication systems. Figure 5 It shows a schematic diagram of the intercommunication between the system of the present invention and other information systems.
[0092] In order to realize the intercommunication between the front-end monitoring device 2 and the monitoring center 3, the manufacturer of the front-end monitoring device 2 provides a standard SDK interface, and the monitoring center 3 completes the access to the monitoring platform of the third-party front-end monitoring device.
[0093] In order to realize the intercommunication with the video conference system, it is necessary to realize the intercommunication function between the communication server of the monitoring center 3 and the MCU of the video conference system, and at the communication protocol level, support the intercommunication of the H.323 protocol or the intercommunication of the SIP protocol.
[0094] In order to realize the intercommunication with the communication system based on streaming media, it is necessary to realize the intercommunication function between the communication server of the monitoring center 3 and the server of the streaming media system, and support the intercommunication of the RTP/RTCP/RTSP protocol at the communication protocol level.
[0095] The implementation method of the remote video monitoring system of the present invention can be used as a new value-added telecommunications service open to the public and operated. The following briefly introduces the typical processing process of this service:
[0096] 1. The business operation unit deploys a considerable number of network cameras within a certain set range, and performs basic configuration of each device in the system;
[0097] 2. Monitoring personnel (ie users) who apply for video surveillance services can apply for one or more network cameras to monitor and produce video images, and the business operation unit will configure users for them;
[0098] 3. The monitoring personnel operate the remote monitoring client, enter the user name/password (or digital certificate, etc.) into the system, and register the system through SIP signaling;
[0099] 4. The monitoring personnel use the remote monitoring client to input the URI address of the network camera to the monitoring center of the system, and initiate an access request through SIP signaling;
[0100] 5. The access management module of the monitoring center compares the identity authentication parameters (username/password, digital certificate, etc.) provided by the remote monitoring client with the user registration information registered in advance to determine and authenticate whether the user Be authorized to connect to the network camera;
[0101] 6. After passing the authentication, the media channel and network link are negotiated through SIP signaling between the monitoring client, the monitoring center and the network camera to confirm the basic information of this connection;
[0102] 7. The media connection between the surveillance client, the surveillance center and the network camera allows users to view the video image of the network camera;
[0103] 8. The access management module of the operation support platform manages the connection during the media connection process;
[0104] 9. After the connection is over, the access management module records the implementation of this connection, leaving basic data for future audits and queries.
[0105] The following briefly introduces several processing procedures in the SIP application system of the present invention (including registration processing procedures (see Figure 6 ), registration and cancellation process (see Figure 7 ), SIP session establishment process (see Figure 8 )), further explain the details of the relevant operations of the SIP application system.
[0106] The video monitoring system of the present invention uses SIP protocol as the interoperability protocol between various devices. Each device (including front-end monitoring equipment, remote monitoring client, and related devices of the monitoring center) must be registered with the SIP registration server before they can access other devices Or be visited.
[0107] See image 3 , An embodiment that introduces the registration process is: 1. The front-end monitoring device sends a registration request to the SIP registration server; 2. The SIP registration server requires qualification certification of the monitoring device; 3. The front-end monitoring device initiates a registration request with certification ; 4. The SIP registration server records the location information of the front-end monitoring equipment and returns a successful registration response.
[0108] If the front-end monitoring device finds itself in the NAT, it must send a UDP packet with the string "alive" to the SIP registration server every set time to maintain the NAT mapping generated during the first registration and ensure the SIP proxy server Can call the front-end monitoring equipment. The SIP registrar will ignore UDP packets with the content "alive" and will not occupy processing resources.
[0109] See Figure 4 , The operation steps of an embodiment of the deregistration process are: 1. The front-end monitoring device initiates a deregistration request; 2. The SIP registration server requires authentication; 3. The front-end monitoring device initiates a deregistration request with authentication; 4. The SIP registration server clears the terminal Location information, and return a logout success response.
[0110] In this SIP application system, the front-end monitoring equipment is a controlled device and cannot initiate INVITE/BYE requests actively, and can only respond to or reject invitations from SIP terminals or user agents from remote monitoring clients or mobile devices (INVITE)/Removal (BYE) request. See below Figure 5 , To introduce the operation steps of an embodiment of the session establishment process (the session process of the remote monitoring client accessing the front-end monitoring device):
[0111] (1) The remote monitoring client sends an invitation request to the SIP proxy server, and the message body contains the extended SDP protocol;
[0112] (2) The SIP proxy server returns a response, and at the same time searches for the spatial location of the front-end monitoring device, and forwards the invitation request to the front-end monitoring device;
[0113] (3) The front-end monitoring device returns a response, indicating that it has received the invitation request;
[0114] (4) The front-end monitoring device performs handshake matching between the media capabilities described in the SDP protocol carried in the invitation request message and the local conditions, negotiates the shared media interaction capabilities of both parties, and returns it to the SIP proxy server with a successful response 200; if the front-end monitoring device If the service limit has been reached and video services cannot be provided, a failure response 603 will be returned, and the operation process will end;
[0115] (5) The SIP proxy server forwards the successful response 200 to the remote monitoring client;
[0116] (6) The remote monitoring client returns its own response ACK, indicating that it has received a 200 response, and both parties establish a SIP session connection;
[0117] (7) The front-end monitoring equipment sends the video data stream to the remote monitoring client according to the video media stream format negotiated by both parties to realize the monitoring operation.
[0118] In the SIP application system of the present invention, regardless of the remote monitoring client or the front-end monitoring device, only if the other party's SDP message and the local SDP message contain IPv6 addresses, then IPv6 data transmission is enabled; otherwise, IPv4 data transmission is used. If the device is in the NAT, the device relies on the STUN protocol to obtain the public IP address outside the NAT.
[0119] In order to realize the intercommunication of media streams between IPv4/IPv6 devices, the present invention extends the message body of the SDP protocol. In addition, the current media data streams of both parties in SIP-based point-to-point communication are directly transmitted online without encryption, which increases the possibility of media data leakage. Therefore, a data encryption mechanism must be adopted to ensure communication security. The present invention also realizes the negotiation of encryption algorithms and the exchange of keys by extending SIP protocol signaling. The encryption of the media data stream adopts a symmetric encryption algorithm, so both parties in the communication must have both the keys and the encryption algorithms used by both parties at the same time.
[0120] The present invention has been tentatively implemented on the public network. In the embodiment, the SIP short message and its extended message are used to realize the multi-function on-site monitoring function of the remote video monitoring system, including: remote monitoring client to front-end monitoring equipment Perform monitoring, obtain online information and other information of front-end monitoring equipment (type and quantity of media data streams, all remote clients that are accessing front-end monitoring equipment, available bandwidth, whether it is in alarm state, etc.), remote monitoring client controls front-end monitoring equipment The rotation angle/position of the camera and PTZ, the remote monitoring client checks the log of the front-end monitoring device and sets the network parameters of the front-end monitoring device, the front-end monitoring device sends out notifications of alarm occurrence/alarm elimination; the remote monitoring client modifies the front-end monitoring device Working hours, add/delete/modify users of front-end monitoring equipment and restart front-end monitoring equipment, etc. In short, the experiment was successful and the purpose of the invention was achieved.