Method for fast transmission and distribution of video data between public network and secure internal network
By utilizing a method for video data transmission and distribution between public networks and secure intranets, and employing a layered design of HDMI interfaces and network protocols, a lightweight pre-trained model, and dual-channel encryption, the problem of cumbersome and costly external video data access processes is solved, achieving secure and fast video data transmission and distribution.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- CHENGDU JIAOTOU INTELLIGENT TRANSPORTATION TECHNOLOGY SERVICE CO LTD
- Filing Date
- 2026-03-31
- Publication Date
- 2026-06-19
Smart Images

Figure CN122248213A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of data communication technology, specifically relating to a method for rapid transmission and distribution of video data between a public network and a secure intranet. Background Technology
[0002] As a critical infrastructure carrying core business data and confidential information, a secure intranet has high requirements for network isolation and data transmission compliance. Its core objective is to eliminate security risks such as external network attacks and data leaks. External video data, as an important business auxiliary resource, must undergo strict security boundary verification when accessing the secure intranet. In this process, significant bottlenecks in existing access models have gradually become apparent.
[0003] Currently, external video access faces two major constraints: First, the security boundary approval process is extremely cumbersome, requiring multiple steps such as cross-departmental security assessments, network architecture adaptation reviews, and hierarchical reporting of access permissions. The entire process typically takes 3-15 working days, which is completely unacceptable for time-sensitive access needs such as emergency response and temporary project collaboration. Second, the procurement and maintenance costs of traditional boundary access equipment are high. To ensure secure isolation, dedicated network gateways, high-performance firewalls, video security gateways, and other specialized equipment need to be deployed. The procurement cost of a single set of equipment is generally between 50,000 and 200,000 yuan, and a professional technical team is required for daily maintenance and parameter debugging. For small-scale access scenarios, the cost-effectiveness is extremely low, resulting in a waste of resources. Summary of the Invention
[0004] In view of this, the purpose of this invention is to provide a method for rapid transmission and distribution of video data between a public network and a secure intranet, which solves the external video access needs at low cost while ensuring the security of the intranet, and meets the usage needs of small-scale, temporary video access scenarios.
[0005] To achieve the above objectives, the present invention provides the following technical solution: A method for rapid transmission and distribution of video data between a public network and a secure intranet, comprising: The video terminals deployed on the public network are identified. These video terminals are used to acquire raw video data and to allow staff to directly access the required raw video data. Deploy a video encoder, connect the HDMI capture interface of the video encoder to the video terminal, receive the HDMI signal transmitted by the video terminal and encode it into a standard video stream; Determine the video platform deployed on a secure intranet, connect the video platform to the standard video interface of the video encoder, and directly access the standard video stream encoded by the video encoder through the standard video access and transmission protocol; The video platform stores standard video streams in a database, allowing only authorized entities to access them. Simultaneously, the video platform provides a standard API interface, enabling authorized third-party business platforms to obtain standard video streams on demand by calling this interface.
[0006] Furthermore, the video terminal converts the raw video data into an HDMI signal, and transmits the HDMI signal to the video encoder for encoding through the HDMI output interface of the video terminal. The standard video bitstream is H.264 or H.265.
[0007] Furthermore, a method for rapid transmission and distribution of video data between a public network and a secure intranet also includes: A lightweight pre-trained video classification model is pre-installed in the video terminal. When the terminal receives raw video data, it uses the lightweight pre-trained video classification model to classify the raw video data in real time, obtain video type information, and simultaneously extract the upload timestamp information of the raw video data, while associating it with its source information. The video type information, upload timestamp information and source information of the same original video data are encapsulated according to a preset standard format to obtain structured data; Structured data is embedded in the auxiliary data area of the HDMI transmission frame, encapsulated together with the HDMI signal into a unified transmission unit, and transmitted to the video encoder through the HDMI output interface of the video terminal. The video encoder parses and separates the unified transmission unit to extract structured data and HDMI signals, and encodes the HDMI signals to obtain a standard video stream. The video encoder uses a dual-encryption mode to encrypt both the structured data and the standard video stream, and then transmits the encrypted data to the video platform.
[0008] Furthermore, a method for rapid transmission and distribution of video data between a public network and a secure intranet also includes: the video encoder adopts a dual-NIC physical isolation architecture on the public network side and the secure intranet side, wherein the public network side is only used to receive the unified transmission unit of the video terminal, and the secure intranet side is used to complete parsing separation, encoding, encryption, and communication with the video platform.
[0009] Furthermore, a method for rapid transmission and distribution of video data between a public network and a secure intranet also includes: After receiving the encrypted data, the video platform decrypts the encrypted structured data, breaks down the decrypted structured data into a standardized set of triples of time authorization, type authorization, and source authorization, and associates and annotates them with the encrypted standard video stream through a unique video ID, resulting in several annotated encrypted streams; When a video platform receives an authorization request from a third-party business platform, it completes the legality verification and registration authentication, and then extracts the core authorization information from the authorization request, including the authorized time range, the authorized video type, and the specified video source range. The first query sequence is formed based on the core authorization information, and the labeled encrypted streams that meet the current authorization conditions are filtered out through the first query sequence to form a temporary call set; For each labeled video stream in the temporary access set, a unique dynamic access key corresponding to a unique video ID is generated, forming a key set; Authorized third-party business platforms can obtain the labeled encryption stream of the temporary call set and the corresponding key set by calling the standard API interface, and then use it after decryption on the local machine.
[0010] Furthermore, the video platform employs a dual-mode encryption storage strategy to store the labeled encrypted stream separately: this includes directly caching the labeled encrypted stream locally to meet the temporary access needs of authorized third-party business platforms, and storing the labeled encrypted stream in a database for long-term archiving and traceability.
[0011] The beneficial effects of this invention are as follows: This invention proposes a method for rapid transmission and distribution of video data between a public network and a secure intranet. Through a layered design of the HDMI physical interface and network protocols, it achieves complete isolation between public network video signals and the intranet network, avoiding the security risks of external video access from the source, without relying on traditional security boundary devices and approval processes. At the same time, it relies on the intranet video platform to implement video access control, allowing only authorized users to access video resources. It also supports on-demand distribution, avoiding disorderly flow of video resources and further strengthening security management.
[0012] Other advantages, objectives, and features of the invention will be set forth in the following description and will be apparent to those skilled in the art in some respects, or may be learned by practice of the invention. The objects and other advantages of the invention may be realized and obtained by means of the structures particularly pointed out in the written description and the accompanying drawings.
[0013] The technical solution of the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. Attached Figure Description
[0014] The accompanying drawings are provided to further illustrate the invention and form part of the specification. They are used in conjunction with embodiments of the invention to explain the invention and do not constitute a limitation thereof. In the drawings: Figure 1This is a schematic diagram illustrating the transmission and distribution process of a method for rapid transmission and distribution of video data between a public network and a secure intranet, as described in an embodiment of the present invention. Figure 2 This is a schematic diagram illustrating the data acquisition and transmission process in a method for rapid transmission and distribution of video data between a public network and a secure intranet, as described in an embodiment of the present invention. Figure 3 This is a flowchart illustrating the rapid video data distribution process in a method for rapid transmission and distribution of video data between a public network and a secure intranet, as described in an embodiment of the present invention. Detailed Implementation
[0015] The preferred embodiments of the present invention will be described below with reference to the accompanying drawings. It should be understood that the preferred embodiments described herein are for illustration and explanation only and are not intended to limit the present invention.
[0016] like Figure 1 As shown, this invention proposes a method for rapid transmission and distribution of video data between a public network and a secure intranet, comprising: The video terminals deployed on the public network are identified. These video terminals are used to acquire raw video data and to allow staff to directly access the required raw video data. Deploy a video encoder, connect the HDMI capture interface of the video encoder to the video terminal, receive the HDMI signal transmitted by the video terminal and encode it into a standard video stream; Determine the video platform deployed on a secure intranet, connect the video platform to the standard video interface of the video encoder, and directly access the standard video stream encoded by the video encoder through the standard video access and transmission protocol; The video platform stores standard video streams in a database and only allows authorized entities to access them. Simultaneously, the video platform provides a standard API interface, allowing authorized third-party business platforms to obtain standard video streams as needed by calling the standard API interface. The working principle of the above technical solution is as follows: To solve the external video access needs at low cost while ensuring intranet security and meeting the usage needs of small-scale, temporary video access scenarios, this application proposes a method for rapid transmission and distribution of video data between a public network and a secure intranet, mainly including: 1. External terminal deployment and video encoding; 2. Intranet platform access and video management; wherein, step 1 includes deploying a video terminal on the external network (public network), where staff can directly access the required video through a video client, connecting the HDMI acquisition interface of the video encoder to the public network video terminal, and the encoder encoding the HDMI signal into H.264 or H.265 standard video streams to ensure the universality of video formats; step 2 includes the encoder providing standard video interface such as ONVIF or RTSP, through which the intranet video platform directly accesses the HDMI video acquired by the encoder; the intranet video platform undertakes two core functions: first, storing and distributing the accessed video on demand; second, opening up video resources to third-party business platforms on demand through standard API interfaces; In one specific embodiment, a municipal unit deploys high-definition cameras in public areas (such as pedestrian streets and parks) as video acquisition channels (external video sources) for video terminals. Located in a public network environment, these cameras are responsible for real-time acquisition of raw video data such as pedestrian flow and environmental conditions. Simultaneously, they support maintenance personnel in directly retrieving raw video data from the public network side for on-site inspections. A video encoder is deployed at the boundary between the public network and the secure intranet. The encoder's HDMI acquisition interface is connected one-to-one with the HDMI output ports of each camera, receiving high-definition HDMI signals transmitted from the cameras and converting them into standard video streams. The video platform of the government's secure intranet is connected to the encoder's standard video interface via a wired network, directly accessing the encoded video stream using the RTSP standard protocol, avoiding intermediate transfer steps. The video platform stores the received standard video streams in the intranet database and sets up an authorized whitelist, allowing only authorized units such as the Municipal Public Security Bureau and the Emergency Management Bureau to retrieve the data. The video platform develops a standardized API interface. Due to flood prevention and inspection needs, the Emergency Management Bureau, after authorization, calls this API interface to obtain the surveillance video stream of the pedestrian street area as needed, completing rapid cross-network distribution. The beneficial effects of the above technical solution are as follows: It achieves secure isolation and controllable management of video data. Specifically, through the layered design of the HDMI physical interface and network protocol, it achieves complete isolation between public network video signals and the internal network, avoiding the security risks of external video access from the source, without relying on traditional security boundary devices and approval processes. Furthermore, it relies on the internal network video platform to achieve video access control, ensuring that only authorized entities can access video resources. It also supports on-demand distribution, preventing the disorderly flow of video resources and further strengthening security management.
[0017] In one embodiment, the video terminal converts the raw video data into an HDMI signal and transmits the HDMI signal to the video encoder for encoding through the HDMI output interface of the video terminal. The standard video bitstream is H.264 or H.265. The working principle of the above technical solution is as follows: The core of the above technical solution is to balance video transmission quality and bandwidth usage through standardized signal conversion and encoding. After the video terminal collects the raw video data, it first converts it into HDMI signal format, and then transmits the converted HDMI signal to the HDMI acquisition interface of the video encoder through the HDMI output interface of the video terminal itself. After receiving the HDMI signal, the video encoder starts the encoding process and encodes it into a standard video stream in H.264 or H.265 format. Finally, the encoded standard video stream is transmitted to the video platform of the secure intranet for subsequent storage and distribution through the standard video interface of the video encoder. In one specific embodiment, after network cameras deployed in a corporate campus collect raw video data, they first convert the raw video (RAW format) into an HDMI standard signal through a built-in signal conversion module. This signal contains complete information such as the brightness and color of the video image. The camera then transmits the signal to a video encoder at the campus boundary via its own HDMI output interface and a high-definition HDMI cable. After receiving the HDMI signal, the encoder starts the H.265 encoding algorithm to compress and encode the high-definition HDMI signal into a 1080P resolution H.265 standard video stream. During the encoding process, the bitrate is automatically optimized (compressing the original 20Mbps bitrate to 4Mbps). After encoding, the encoder transmits the H.265 stream to the video platform on the corporate secure intranet via the RTMP protocol. The platform can then directly use the stream for storage and distribution without additional transcoding. The beneficial effects of the above technical solution are as follows: Through the HDMI physical interface, the video terminal only transmits HDMI signals. Since HDMI has no network transmission capability, network attacks on public networks (such as SQL injection and port scanning) cannot enter the encoder through the HDMI link, effectively avoiding risky data carried in the original video data; at the same time, H.265 encoding and H.264 encoding are beneficial to saving bandwidth compared with traditional encoding. In the limited bandwidth environment of the enterprise intranet, multiple monitoring videos can be transmitted simultaneously, improving the system's concurrency capability.
[0018] like Figure 2 As shown, in one embodiment, a method for rapid transmission and distribution of video data between a public network and a secure intranet further includes: A lightweight pre-trained video classification model is pre-installed in the video terminal. When the terminal receives raw video data, it uses the lightweight pre-trained video classification model to classify the raw video data in real time, obtain video type information, and simultaneously extract the upload timestamp information of the raw video data, while associating it with its source information. The video type information, upload timestamp information and source information of the same original video data are encapsulated according to a preset standard format to obtain structured data; Structured data is embedded in the auxiliary data area of the HDMI transmission frame, encapsulated together with the HDMI signal into a unified transmission unit, and transmitted to the video encoder through the HDMI output interface of the video terminal. The video encoder parses and separates the unified transmission unit to extract structured data and HDMI signals, and encodes the HDMI signals to obtain a standard video stream. The video encoder uses a dual-channel encryption mode to encrypt both the structured data and the standard video stream, and then transmits the encrypted data to the video platform. The working principle of the above technical solution is as follows: To improve the efficiency of rapid video data distribution, this application also proposes a method for pre-annotating the transmitted video data using pre-set structured data, which facilitates rapid filtering during subsequent distribution. This solution innovatively encrypts the annotated data and stores it in the auxiliary data area of the HDMI transmission frame, eliminating the need for additional data transmission through other channels. This ensures the reliability of the original network isolation scheme while improving distribution efficiency. Specifically, a lightweight pre-trained video classification model is pre-installed in the video terminal on the public network (this video classification model is widely used in existing technologies and is a commonly used model on video platforms; its specific training process is not detailed here). When the terminal receives the original video data, the model classifies the original video in real time to obtain video type information, and simultaneously extracts the upload timestamp of the original video. The system first obtains information about the source of the data and the terminal itself. Then, according to a preset standard format, it encapsulates the "video type information + upload timestamp information + source information" corresponding to the same original video into structured data. This structured data is then embedded into the auxiliary data area of the HDMI transmission frame and encapsulated together with the HDMI signal converted from the original video into a unified transmission unit. The video terminal transmits the unified transmission unit to the video encoder via the HDMI output interface. After receiving the unified transmission unit, the video encoder parses and separates it, extracting the structured data and the HDMI signal respectively. The video encoder encodes the HDMI signal to obtain a standard video stream and uses a dual-channel encryption mode to encrypt both the structured data and the standard video stream. Finally, the video encoder transmits the encrypted structured data and the encrypted video stream together to a video platform on a secure intranet. In one specific embodiment, taking a campus scenario as an example, a lightweight MobileNet video classification model (adapted to the limited computing power of the terminal) is pre-installed in the monitoring terminals of various areas of the campus (teaching buildings, playground, canteen). When the terminal collects raw video data, the model classifies the video content in real time, marking videos from the teaching buildings as "teaching scenes" and videos from the playground as "activity scenes"; at the same time, it extracts the video upload timestamp (e.g., "2025-06-01 09:30:00") and associates it with the terminal source information (e.g., "camera in the east corridor of the 3rd floor of the teaching building"); according to the preset JSON format, it classifies the video content into categories such as "video type: teaching scene, timestamp: 2025-06-01 09:30:00". The source, "East Corridor on the 3rd Floor of the Teaching Building," is encapsulated as structured data. Through the terminal's built-in HDMI signal processing module, the structured data is embedded into the auxiliary data area of the HDMI transmission frame (without occupying the video transmission channel), and together with the corresponding HDMI signal, it is encapsulated into a unified transmission unit. The terminal transmits the unified transmission unit to the video encoder at the campus boundary via an HDMI cable. The encoder receives the data, analyzes and separates the structured data and the HDMI video signal, performs H.264 encoding on the HDMI signal to obtain a standard bitstream, then uses the AES-256 algorithm to encrypt the structured data and the SM4 algorithm to encrypt the video bitstream. After dual encryption, the data is transmitted to the video platform on the campus's secure intranet. The beneficial effects of the above technical solution are as follows: The lightweight pre-trained model enables real-time classification of the original video, eliminating the need for secondary classification by the video platform, which lays the foundation for rapid screening and distribution and improves distribution efficiency; Structured data is embedded in the HDMI auxiliary data area for transmission, still completing the transmission only through the HDMI physical interface, without the need to build an additional independent transmission link, improving distribution efficiency while ensuring the reliability of the original network isolation solution; The dual-channel encryption mode encrypts the structured data and video stream separately, facilitating subsequent reception verification, preventing malicious data from infiltrating the video platform through the video encoder, and further strengthening security control.
[0019] In one embodiment, a method for rapid transmission and distribution of video data between a public network and a secure intranet further includes: the video encoder adopts a dual-NIC physical isolation architecture on the public network side and the secure intranet side, wherein the public network side is only used to receive the unified transmission unit of the video terminal, and the secure intranet side is used to complete parsing separation, encoding, encryption, and communication with the video platform; The working principle and beneficial effects of the above technical solution are as follows: The video encoder is deployed using a dual-NIC physical isolation architecture. The first NIC (public network side NIC) only has data reception functionality enabled, specifically for receiving unified transmission units transmitted from video terminals in the public network, and does not have communication permissions with the secure intranet. The second NIC (secure intranet side NIC) only has communication functionality enabled with the secure intranet, and is specifically responsible for completing the parsing and separation of the unified transmission unit, HDMI signal encoding, dual encryption of structured data and video streams, and the entire process of transmitting encrypted data to the secure intranet video platform. The two NICs achieve physical isolation between the public network and the secure intranet through the encoder's internal hardware isolation design, with no data interaction channel. The dual-NIC physical isolation cuts off the direct data interaction channel between the public network and the secure intranet at the hardware level, avoiding the security risks of external video access from the source, without relying on traditional security boundary devices and approval processes.
[0020] like Figure 3 As shown, in one embodiment, a method for rapid transmission and distribution of video data between a public network and a secure intranet further includes: S101. After receiving the encrypted data, the video platform decrypts the encrypted structured data, decomposes the decrypted structured data into a standardized set of triples of time authorization, type authorization, and source authorization, and associates and annotates them with the encrypted standard video stream through a unique video ID to obtain several annotated encrypted streams. S102. When the video platform receives an authorization request from a third-party business platform, it extracts the core authorization information from the authorization request after completing the legality verification and registration authentication, including the authorized time call range, the authorized video type, and the specified video source range. S103. Based on the core authorization information, a first query sequence is formed, and the labeled encrypted streams that meet the current authorization conditions are filtered out through the first query sequence to form a temporary call set; S104. For each labeled video stream in the temporary call set, generate a unique dynamic access key corresponding to the unique video ID to form a key set. S105. An authorized third-party business platform obtains the labeled encrypted stream of a temporary call set and the corresponding key set by calling the standard API interface, and then uses it after decryption on the local machine. The working principle of the above technical solution is as follows: After receiving encrypted data transmitted by the encoder, the video platform on the secure intranet first decrypts the encrypted structured data, and then decomposes the decrypted structured data into a standardized set of triples of "time authorization - type authorization - source authorization"; a unique video ID is generated, and the standardized triples are associated with the encrypted standard video stream through this ID, forming several labeled encrypted streams of "video ID + triples + encrypted stream"; when the video platform receives an authorization application from a third-party business platform, it first completes the legality verification and registration authentication of the applying platform through a preset mechanism (such as UUID + filing qualification verification). After successful verification, the core authorization information (authorized time range, authorized video type, and specified video source) is extracted from the authorization application. A first query sequence is formed based on this core authorization information, and the annotated encrypted streams are filtered through this sequence to obtain a temporary call set that meets the current authorization conditions. For each annotated encrypted stream in the temporary call set, a unique dynamic access key corresponding to a unique video ID is generated, forming a key set. Authorized third-party business platforms obtain the annotated encrypted streams and corresponding key sets of the temporary call set by calling the video platform's standard API interface, and then decrypt them locally before using the video data. Furthermore, a second query sequence can be generated using a three-level inverted index to further improve the filtering speed of the first query sequence. In one specific embodiment, building upon the aforementioned extension using a campus scenario as an example, after receiving the encrypted data transmitted by the encoder, the video platform on the campus security intranet first decrypts the structured data using the SM4 key, breaking it down into a standardized set of triples: "Time Authorization: 2025-06-01 to 2025-06-30, Type Authorization: Teaching Scene, Source Authorization: 3rd Floor of Teaching Building". A unique video ID is generated for this batch of videos, and the triples are associated with the encrypted H.264 video stream using this ID, forming an annotated encrypted stream. An education authority, needing to conduct a teaching inspection, submits an authorization application to the video platform, requesting access to video data from the teaching building area between June 1st and 10th, 2025. "Teaching Scene Monitoring"; The video platform first verifies the applicant's UUID registration information and qualification certificate. After completing the legality authentication, it extracts the core authorization information from the application (time: June 1, 2025 to June 10, 2025, type: teaching scene, source: teaching building); Based on this information, a first query sequence is formed. By matching the sequence with the triplet of the encrypted stream, 12 videos that meet the conditions are selected to form a temporary call set; The platform generates a corresponding dynamic access key for the unique ID of each video, forming a key set; The education authority obtains the temporary call set and key set by calling the standard API interface of the video platform, and then decrypts the video data locally using the key to view the video data; The beneficial effects of the above technical solution are as follows: In the above technical solution, triplet annotation realizes the structured index of video data, the first query sequence can quickly locate videos that meet the conditions, avoid full scanning, and reduce the screening time from seconds to milliseconds, supporting rapid distribution; the unique video ID ensures the accurate association between the triplet and the video bitstream, avoiding data misalignment; the dynamic key corresponds to the video ID and is only effective within the authorized scope, realizing "least privilege" control. Even if the key is leaked, it will not lead to the leakage of all data, realizing further rapid distribution of video data and on-demand distribution, avoiding disorderly flow of video resources, and further strengthening security control.
[0021] In one embodiment, the video platform employs a dual-mode encrypted storage strategy to store the labeled encrypted stream separately; this includes directly caching the labeled encrypted stream locally to satisfy temporary access by authorized third-party business platforms, and storing the labeled encrypted stream in a database for long-term archiving and traceability. The working principle and beneficial effects of the above technical solution are as follows: The video platform uses a dual-mode encryption storage strategy to classify and store the encrypted stream obtained after association and annotation: The first mode is local cache storage, which directly stores the encrypted stream to the video platform's local cache module (such as a memory + SSD hybrid cache). This mode is specifically used to respond to temporary access requests from authorized third-party business platforms. Local caching adapts to temporary high-frequency access scenarios, and low-latency response improves user experience. Database archiving adapts to long-term traceability needs and meets enterprise data retention compliance requirements. The second mode is database storage, which stores the encrypted stream in a distributed database while maintaining its encrypted state. Classified storage reduces the load on a single storage module. The cache focuses on high-frequency data, and the database focuses on low-frequency data, improving system stability and scalability. This mode is specifically used for long-term archiving and traceability of video data. The two storage modes run in parallel and automatically match the corresponding storage module to provide data.
[0022] Finally, it should be noted that the above preferred embodiments are only used to illustrate the technical solutions of the present invention and are not intended to limit it. Although the present invention has been described in detail through the above preferred embodiments, those skilled in the art should understand that various changes can be made to it in form and detail without departing from the scope defined by the claims of the present invention.
Claims
1. A method for rapid transmission and distribution of video data between a public network and a secure intranet, characterized in that, include: The video terminal is deployed on a public network. The video terminal is used to acquire raw video data and to allow staff to directly access the required raw video data. Deploy a video encoder, connect the HDMI acquisition interface of the video encoder to the video terminal, receive the HDMI signal transmitted by the video terminal and encode it into a standard video stream; A video platform is deployed on a secure intranet, and the video platform is connected to the standard video interface of the video encoder, and the standard video stream encoded by the video encoder is directly accessed through the video access and transmission standard protocol; The video platform stores the standard video stream in a database, allowing only authorized entities to access it. Simultaneously, the video platform provides a standard API interface, allowing authorized third-party business platforms to obtain the standard video stream as needed by calling this API interface.
2. The method for rapid transmission and distribution of video data between a public network and a secure intranet according to claim 1, characterized in that, The video terminal converts the raw video data into an HDMI signal and transmits the HDMI signal to the video encoder for encoding through the HDMI output interface of the video terminal. The standard video bitstream is H.264 or H.
265.
3. The method for rapid transmission and distribution of video data between a public network and a secure intranet according to claim 1, characterized in that, Also includes: A lightweight pre-trained video classification model is pre-installed in the video terminal. When the terminal receives raw video data, it uses the lightweight pre-trained video classification model to classify the raw video data in real time, obtain video type information, and simultaneously extract the upload timestamp information of the raw video data, while associating it with its source information. The video type information, upload timestamp information and source information of the same original video data are encapsulated according to a preset standard format to obtain structured data; The structured data is embedded into the auxiliary data area of the HDMI transmission frame, and together with the HDMI signal, it is encapsulated into a unified transmission unit, and transmitted to the video encoder through the HDMI output interface of the video terminal. The video encoder parses and separates the unified transmission unit to extract structured data and HDMI signals, and encodes the HDMI signals to obtain a standard video stream. The video encoder uses a dual-channel encryption mode to encrypt the structured data and the standard video stream respectively, and transmits the encrypted data to the video platform.
4. The method for rapid transmission and distribution of video data between a public network and a secure intranet according to claim 3, characterized in that, Also includes: The video encoder adopts a dual-NIC physical isolation architecture with a public network side and a secure intranet side. The public network side is only used to receive the unified transmission unit of the video terminal, while the secure intranet side is used to complete parsing separation, encoding, encryption, and communication with the video platform.
5. The method for rapid transmission and distribution of video data between a public network and a secure intranet according to claim 3, characterized in that, Also includes: After receiving the encrypted data, the video platform decrypts the encrypted structured data, decomposes the decrypted structured data into a standardized set of triples of time authorization, type authorization, and source authorization, and associates and annotates them with the encrypted standard video stream through a unique video ID to obtain several annotated encrypted streams; When the video platform receives an authorization request from a third-party business platform, it completes the legality verification and registration authentication, and then extracts the core authorization information from the authorization request, including the authorized time call range, the authorized video type, and the specified video source range. The first query sequence is formed based on the core authorization information, and the labeled encrypted streams that meet the current authorization conditions are filtered out through the first query sequence to form a temporary call set; For each labeled video stream in the temporary access set, a unique dynamic access key corresponding to a unique video ID is generated, forming a key set; Authorized third-party business platforms can obtain the labeled encryption stream of the temporary call set and the corresponding key set by calling the standard API interface, and then use it after decryption on the local machine.
6. The method for rapid transmission and distribution of video data between a public network and a secure intranet according to claim 5, characterized in that, The video platform employs a dual-mode encryption storage strategy to store the labeled encrypted streams. This includes directly caching the labeled encrypted streams locally to meet temporary access requirements of authorized third-party business platforms, and storing the labeled encrypted streams in a database for long-term archiving and traceability.