摘要(英) |
This paper is designed to study the security of remote multimedia streaming connections for IP Camera. The massive consumer often has security concerns about Internet transmissions, and the remote operation of the IP Camera is also full of challenges from the consumer market for privacy and security. In this context, when the user account of the security monitoring system is maliciously used, the security protection mechanism provided by the IP Camera itself is one of the topics most concerned to consumers. This paper first collates the current status and security strategy of the four well-known security monitoring systems and analyzes their potential security issues. In order to improve the security of the remote connection of IP Camera, based on practical experience, this paper sets out five dimensions: effectiveness, confidentiality, ease of operation, verification efficiency, and derivative cost, and uses quality analysis to measure various authentication methods. After subjective analysis and objective comparison of the advantages and disadvantages of various methods applied to this study, digital signatures were summarized, which is the most suitable mechanism for applying in IP Camera and enables IP Camera to independently verify the identity of visitors. On the quantitative analysis, the simulated digital signature algorithm is used in the context of IP Camera operation, and it is proved by experiments that the verification efficiency is flawless. This study also designs a set of feasible processes for the management of public key, which will help consumers protect their privacy rights in using the security monitoring system and the security when remotely operating the IP Camera. |
參考文獻 |
[1] My Arlo Official Site,2018年 4 月 7 日,取自 https://www.arlo.com/en-us/default.aspx。
[2] Netatmo Security Official Site,2018年 4 月 7 日,取自 https://www.netatmo.com/zh-TW/product/security/。
[3] mydlink Official Site,2018年 4 月 7 日,取自 https://www.mydlink.com/entrance。
[4] 米家智慧攝影機官方網站,2018年 4 月 7 日,取自 http://www.mi.com/tw/mi-home-security-camera/。
[5] Getting a Packet Trace – Apple Developer,2018年 4 月 8 日,取自 https://developer.apple.com/library/content/qa/qa1176/_index.html。
[6] NETGEAR Official Site,2018年 4 月 7 日,取自 http://www.netgear.com/。
[7] Netatmo Official Site,2018年 4 月 7 日,取自 https://www.netatmo.com/zh-TW/site/。
[8] 洪徹易,「基於 HTTP Live Streaming 技術之實況廣播暨 VOD 系統」,國立清華大學,碩士論文,民國100年。
[9] D-Link Official Site,2018年 4 月 7 日,取自 http://www.dlinktw.com.tw/。
[10] J. Reschke, The ‘Basic’ HTTP Authentication Scheme, RFC 7617, IETF, September 2015.
[11] M. Boucadair, et al., Universal Plug and Play (UPnP), RFC 6970, IETF, July 2013.
[12] 小米台灣官網,2018年 4 月 7 日,取自 http://www.mi.com/tw/。
[13] 陳紘暉,「行動與纜線網路NAT技術之安全性探討」,國立高雄大學,碩士論文,民國105年。
[14] J. Rosenberg, et al., SIP: Session Initiation Protocol, RFC 3261, IETF, June 2002.
[15] 蔡馥宇,「VoIP之中間人攻擊偵測與安全政策」,國防大學,碩士論文,民國96年。
[16] J. Peterson, Session Initiation Protocol (SIP) Authenticated Identity Body (AIB) Format, RFC 3893, IETF, September 2004.
[17] M. Spencer, et al., IAX: Inter-Asterisk eXchange Version 2, RFC 5456, IETF, February 2010.
[18] 呂俊宏,「以IAX2為基礎之網頁電話架構設計」,中央大學,碩士論文,民國97年。
[19] Scott Ludwig, et al., Jingle, XEP 0166, XMPP Standards Foundation, May 2016.
[20] P. Saint-Andre, Extensible Messaging and Presence Protocol (XMPP): Core, RFC 6120, IETF, March 2011.
[21] Kurt Zeilenga, Encapsulating Digital Signatures in XMPP, XEP 0285, XMPP Standards Foundation, January 2011.
[22] Kurt Zeilenga, Encapsulated Digital Signatures in XMPP, XEP 0290, XMPP Standards Foundation, January 2011.
[23] 龔恩緯,「SSH 字典攻擊 BotNet 聯合入侵模式與攻擊密碼特徵分析之研究」,高雄大學,碩士論文,民國100年。
[24] 江宇平,「以Hadoop為基礎的雲端破密系統」,銘傳大學,碩士論文,民國 105年。
[25] B Vaidya, et al., “Robust one-time password authentication scheme using smart card for home network environment”, Vol 34, Computer Communications, pp. 326-336, 2011.
[26] Balaji V Durgawad, et al., “Mutual Authentication and Session Key Establishment for Secure Communication using Generalized Digital Certificate”, Vol 8, I. J. Computer Network and Information Security, pp. 23-31, 2017.
[27] Johnson, D., Menezes, A., and Vanstone, S., “The elliptic curve digital signature algorithm (ECDSA)”, International Journal of Information Security, pp. 36-63, August 2001.
[28] B Vaidya, JH Park and JJ Rodrigues, HOTP-Based User Authentication Scheme in Home Networks, Information Security and Assurance, Berlin, 2009.
[29] Archita Kale and Utkarsh Dhawan, “TOTP Based 2-Factor Authentication: Future of Security”, Imperial Journal of Interdisciplinary Research, Vol 2, pp. 910-912, 2016.
[30] D. M′Raihi, et al., HOTP: An HMAC-Based One-Time Password Algorithm, RFC 4226, IETF, December 2005.
[31] D. M′Raihi, et al., TOTP: Time-Based One-Time Password Algorithm, RFC 6238, IETF, May 2011. |