[go: up one dir, main page]

WO2018150213A1 - Multipurpose service platform for digital internet protocol based services - Google Patents

Multipurpose service platform for digital internet protocol based services Download PDF

Info

Publication number
WO2018150213A1
WO2018150213A1 PCT/IB2017/000198 IB2017000198W WO2018150213A1 WO 2018150213 A1 WO2018150213 A1 WO 2018150213A1 IB 2017000198 W IB2017000198 W IB 2017000198W WO 2018150213 A1 WO2018150213 A1 WO 2018150213A1
Authority
WO
WIPO (PCT)
Prior art keywords
firewall
router
pbx
smart home
functions
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IB2017/000198
Other languages
French (fr)
Inventor
Thomas Walter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to PCT/IB2017/000198 priority Critical patent/WO2018150213A1/en
Publication of WO2018150213A1 publication Critical patent/WO2018150213A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/283Processing of data at an internetworking point of a home automation network

Definitions

  • Every IP-based environment requires a high effort to be constantly tested und updated against possible security exploits. This includes also the simplest systems or IP services. As result the necessary recourse to keep a system up to date and secure is increasing exponentially. In many cases the correct maintenance of a product might generate higher costs as the product development itself. This is one of the main reason why the many devices containing critical security issue that allows hackers to easily compromise the device and everything connected to it.
  • This invention describes a Multi-Service-Platform for IP-Services combining Enterprise-Grade features sets of various systems to be combined in one open industry-standard system with intuitive easy to use Web-Administration.
  • This invention provides a new Ecosystem with all State-of-the-Art functionality in just one system to deliver a secure, intuitive user experience at low costs. DESCRIPTION OF THE INVENTION
  • a Multi-Service-Platform is well known in telecommunications. Unlike the Telecommunications MSP this invention describes an MSP for digital Internet Protocol (IP) based Services.
  • IP Internet Protocol
  • This invention makes different technologies compatible and creates one user-friendly ECO-system that supports the most common user requirements in just one system. It allows to be installed and operated without vast expert know-how. This is archived with best practice pre-setups and wizards as well an intuitive to use Web-Administration.
  • MSP-System In order to reduce the overall system complexity and solve compatibility issues the MSP-System is built in layer structure. Every layer is supporting the next one adding further functions, without opening possibilities for security exploits.
  • the build-in feature-set the MSP provides the possibility to implement new applications at strongly reduced effort, because the MSP-System provides all important IP-Services in a secure and easy to use way so that development of a compatible application is reduced just to the new features.
  • This allows developer using a simple SDK without a vast networks and security know-how to rapidly implement new feature sets. This also strongly reduced the development time and development costs. It keeps the MSP update with latest functions and allows easy customization with nearly no limits. Besides all benefits of the combined features is the main achievement is the high level of security.
  • the system supports by default Network segmentation that strongly improves the overall network security. Splitting a network in different subnets provides major improves in performance and security.
  • This invention makes easy-to-us enterprise technology available for any household or SMB. Services of the Multipurpose-Service-Platform:
  • MSP Multi-Service-Platform
  • IP based services require constant testing and system update in order to avoid vulnerabilities based on security issues. This includes all devices and services including loT (Internet of Things), Router, and Servers. Even the smallest application or cheapest device would need the same intensive support to keep the system save as a professional maintained server.
  • loT Internet of Things
  • Router Router
  • Servers Even the smallest application or cheapest device would need the same intensive support to keep the system save as a professional maintained server.
  • a based system includes state of the art firewall technology and support any higher layer. This reduces complexity and allows to provide an open infrastructure.
  • Such a device might contain a minimum of 3 Network Interfaces; e.g. WAN, LAN, DMZ in order to allow Network segmentation.
  • 3 Network Interfaces e.g. WAN, LAN, DMZ in order to allow Network segmentation.
  • Splitting one network in different subnets that are routed via a firewall increases the security significantly because all the traffic between the separated subnets is going over the Firewall-Router combination.
  • the firewall can detect harmful code, illegal access attends and the router can limit the access to authorized destinations and sources by default.
  • the Operation System has a build in firewall with Statefull packet filtering and Intrusion Detection. It is able to sync that database via Internet in order to update the protection against Feodo (Trojan), Ransomware (Botnet), SLL-Blacklist, ZeuS Tracker etc.
  • wireless communications including standard Wifi Connectivity but also Multi- Cell Wifi and Multi-Cell DECT and data storage are address via the same layer.
  • the Base-system provides all centralized systems functions and connectivity for the application layer. All services are built around a central database including user interfaces (cli, admin and user gui) , LDAP/ADS and Radius connectors allowing to sync user rights and access rights with other systems and an advanced VPN Management to easy set up and maintain "Private Clouds" for distance secure access of data and services via the internet. Backup, Recovery, Disaster Recovery as well as
  • Firmware Management is provided centralized by the Base System to support the entire system including all applications.
  • the Applications layer offers build in functions as the following:
  • This kind of PBX features are normally because price and complexity reasons out of range for SMB businesses.
  • This invention includes all these functions using open industry standards as build-in functions in the application layer.
  • NAS Network Attached Storage
  • a fully featured NAS providing CIFS and NFS services with centralized user and access-right management. Allowing to attach Storage direct or indirect to the device. Indirect storage can also be other standalone NAS devices.
  • the advantage to attached these devise are the centralized management, advanced security and essay private cloud data access
  • the Surveillance system to manage IP-Videocams with live-view, motion detection, data-recording and alarming.
  • the advantages beside centralized user- and right management, easy and secure private cloud access are the new possibilities of alerting.
  • Beside email alert with pictures and video sequences the system provides an alarm-system that uses the PBX system with workflow to alert via Phone Calls or SMS including escalation and confirmation via Phone PIN.
  • the Smart Home application can take also advantage of the wireless communication module of the device to establish an efficient, low radio connection to a wide range of Smart Home Devices. Wired devices can be also use by addressing these via simple IP-Wired Gateways. The concept allows the support of a wide range of different Smart Home buses of different manufactures.
  • MSP Multi-Service-Platform

Landscapes

  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

This invention describes a Multi-Service-Platform for IP-Services combining Enterprise-Grade features sets of various systems to be combined in one open industry-standard system with intuitive easy to use Web-Administration. This invention provides a new Ecosystem with all State-of-the-Art functionality in just one system to deliver a secure, intuitive user experience at low costs.

Description

Multipurpose Service Platform for digital Internet Protocol based Network Services
Figure imgf000002_0001
Table of Contents
BACKGROUND OF THE INVENTION 3
Introduction: 3
SUMMARY OF THE INVENTION 3
DESCRIPTION OF THE INVENTION 4
MSP SERVICES: 5
Multi-Service-Platform (MSP) 5
Layer Model: 5
Figure 1 6
Layer One - Operation System 7
Layer Two - Base System 7
Layer Three - The Applications layer 7
a) Advance IP PBX and Unified Communications 7 b) Network Attached Storage (NAS) 8
c) Media-Server with DN LA 8
d) Video Surveillance 8
e) Smart Home Automation 8
f) 3rd party APP connector 8
Claims: 9
Inventor Information 10
List of Figures
Figure 1 Main Layers 6
BACKGROUND OF THE INVENTION
Introduction:
Every small and medium business and even every bigger household has the need for a professional infrastructure to support today's fast rising demands in Information Technology.
As result you often see many boxes and cables wildly connected in order to try to implement a working setup. But every box is a closed system, designed to be fulfill only specify functions and mostly at low cost budget.
The daily raising security treats in the internet as well as in the local networks would normally require Enterprise grade technologies to provide the wide range of functionality in combination with the needed effective security measures. Beside high costs, these technologies mostly needs an expert level of skillset to be operated.
Every IP-based environment requires a high effort to be constantly tested und updated against possible security exploits. This includes also the simplest systems or IP services. As result the necessary recourse to keep a system up to date and secure is increasing exponentially. In many cases the correct maintenance of a product might generate higher costs as the product development itself. This is one of the main reason why the many devices containing critical security issue that allows hackers to easily compromise the device and everything connected to it.
Besides all benefits of State of the Art functionalities, Security must be a top priority. Unfortunately that is not the case for the most products for big households and small and midsize businesses.
SUMMARY OF THE INVENTION
This invention describes a Multi-Service-Platform for IP-Services combining Enterprise-Grade features sets of various systems to be combined in one open industry-standard system with intuitive easy to use Web-Administration.
This invention provides a new Ecosystem with all State-of-the-Art functionality in just one system to deliver a secure, intuitive user experience at low costs. DESCRIPTION OF THE INVENTION
A Multi-Service-Platform (MSP) is well known in telecommunications. Unlike the Telecommunications MSP this invention describes an MSP for digital Internet Protocol (IP) based Services.
Without this invention, a variety of different systems for different manufacture were needed. Every single system needed to be configure and combined with other in order to archive wanted feature sets. Besides the purchasing costs of every separate system, the needed technical knowledge to install and operate all these system as one solution would be at highest expert level. Further it would require a constant effort to maintain such complex environment with the latest security update making this setup unsuitable for private people and household as well for Small Midsize Businesses.
This invention makes different technologies compatible and creates one user-friendly ECO-system that supports the most common user requirements in just one system. It allows to be installed and operated without vast expert know-how. This is archived with best practice pre-setups and wizards as well an intuitive to use Web-Administration.
In order to reduce the overall system complexity and solve compatibility issues the MSP-System is built in layer structure. Every layer is supporting the next one adding further functions, without opening possibilities for security exploits.
As result the MSP reduces 10+ subsystems in one fully harmonized system.
The build-in feature-set the MSP provides the possibility to implement new applications at strongly reduced effort, because the MSP-System provides all important IP-Services in a secure and easy to use way so that development of a compatible application is reduced just to the new features. This allows developer using a simple SDK without a vast networks and security know-how to rapidly implement new feature sets. This also strongly reduced the development time and development costs. It keeps the MSP update with latest functions and allows easy customization with nearly no limits. Besides all benefits of the combined features is the main achievement is the high level of security. Along with Internet security based on the SPI firewall the system supports by default Network segmentation that strongly improves the overall network security. Splitting a network in different subnets provides major improves in performance and security.
The main different between a commercial or enterprise grade IT-lnfrastructure and SMB
implementation is the centralized Management and the enterprise grade security features. To implement these two points is using a big part of the resources. Therefore, the standardization and implementation of all these features in a single Multi -Service- Platform is reducing all the variables, because this MSP-System is clear defined to be operative on a specify hardware. The system is designed to be used also on an embedded hardware. Furthermore, the system is based on nonproprietary open industry standards.
This invention makes easy-to-us enterprise technology available for any household or SMB. Services of the Multipurpose-Service-Platform:
SPI + IDS Firewall
High-Speed Router
Wireless Wi-Fi Router
VPN Gateway
Databased Centralized Management
IP-PBX and Unified Communications Services
Wireless Communications
NAS Network Attached Storage System
Media-Server
Video Surveillance
Smart Home Automatization
Open Applications Center
Multi-Service-Platform (MSP)
IP based services require constant testing and system update in order to avoid vulnerabilities based on security issues. This includes all devices and services including loT (Internet of Things), Router, and Servers. Even the smallest application or cheapest device would need the same intensive support to keep the system save as a professional maintained server.
That results why so many households and many Businesses are so vulnerable for hacker attracts. This invention solves this issues. A based system includes state of the art firewall technology and support any higher layer. This reduces complexity and allows to provide an open infrastructure.
Description to figure 1
Layer One - Operation System
Operation system with build-in SPI + IDS Firewall and advanced Router.
Such a device might contain a minimum of 3 Network Interfaces; e.g. WAN, LAN, DMZ in order to allow Network segmentation.
Splitting one network in different subnets that are routed via a firewall increases the security significantly because all the traffic between the separated subnets is going over the Firewall-Router combination. The firewall can detect harmful code, illegal access attends and the router can limit the access to authorized destinations and sources by default.
The Operation System has a build in firewall with Statefull packet filtering and Intrusion Detection. It is able to sync that database via Internet in order to update the protection against Feodo (Trojan), Ransomware (Botnet), SLL-Blacklist, ZeuS Tracker etc.
All network interfaces, wireless communications including standard Wifi Connectivity but also Multi- Cell Wifi and Multi-Cell DECT and data storage are address via the same layer.
This builds the foundation for the base system.
Layer Two - Base System
The Base-system provides all centralized systems functions and connectivity for the application layer. All services are built around a central database including user interfaces (cli, admin and user gui) , LDAP/ADS and Radius connectors allowing to sync user rights and access rights with other systems and an advanced VPN Management to easy set up and maintain "Private Clouds" for distance secure access of data and services via the internet. Backup, Recovery, Disaster Recovery as well as
Firmware Management is provided centralized by the Base System to support the entire system including all applications.
Layer Three - The Applications layer
The Applications layer offers build in functions as the following:
Advance IP PBX and Unified Communications
A fully features advanced PBX and Unified communications solution including Call-Center functions are needed to operate any successful Sales oriented business. Ever missed call is one potential client loss. Even every small business has major benefits if advanced functions with intelligent Call-Queuing, IVR, Night switch and automated Statistics can be used.
This kind of PBX features are normally because price and complexity reasons out of range for SMB businesses. This invention includes all these functions using open industry standards as build-in functions in the application layer.
Network Attached Storage (NAS)
A fully featured NAS providing CIFS and NFS services with centralized user and access-right management. Allowing to attach Storage direct or indirect to the device. Indirect storage can also be other standalone NAS devices. The advantage to attached these devise are the centralized management, advanced security and essay private cloud data access
Media-Server with DNLA
Build in Media-Server to manage and kind of media in a centralized storage and stream the content to any device including TV or Audio player. The advantage is the centralized user, rights and access management
Video Surveillance
The Surveillance system to manage IP-Videocams with live-view, motion detection, data-recording and alarming. The advantages beside centralized user- and right management, easy and secure private cloud access are the new possibilities of alerting. Beside email alert with pictures and video sequences the system provides an alarm-system that uses the PBX system with workflow to alert via Phone Calls or SMS including escalation and confirmation via Phone PIN.
Smart Home Automation
The Smart Home application can take also advantage of the wireless communication module of the device to establish an efficient, low radio connection to a wide range of Smart Home Devices. Wired devices can be also use by addressing these via simple IP-Wired Gateways. The concept allows the support of a wide range of different Smart Home buses of different manufactures.
The advantage is the centralized user- and right management in combination with the advanced possibilities based on the Multi-Service-Platform (MSP) functionality that's provides high level of security, worldwide secure access via VPN or Private Cloud, central data housing, and the Alarm- Centrale via PBX call functions and escalations.
Open App Center
All applications and service are build using Open Industry Standards. The app-connector in the Open- App-Center allows any vendor to develop simple noncomplex applications, because all complexity and security and high level functions are already provided by the MSP system.
Applications can be developed fast and cost-efficient to develop using a wide range of services without extensive network and security knowledge.
The simple point of user-and right Management and OS and firewall allows also to maintain such a system with security updates on the highest technical level without the necessary to do this intensive development work for every single application.

Claims

Claims
1) A computer system comprising multiple IP-network-services in one device being able to function also on embedded hardware systems that provides in one physical device
[101] a firewall to protect a network or system from unauthorized access
[102] and a router that forwards data packets between computer networks
[103] and a VPN gateway that connects two or more devices or networks together in a VPN infrastructure
[104] and a fully featured PBX telephone system
[105] and a digital video-surveillance system
[106] and a file-level computer data storage
[107] and a media server that provides audio and video content in a network
[108] and a smart home system that is able to automatically monitor and control wired and wireless devices
[109] and an application center that is able to execute software applications created by other vendors specific for this device.
2) A device as claim 1 limited to the functions of a firewall [101] and a router [102] and a VPN gateway [103] and a fully featured PBX [104] and a digital video surveillance system [105] and a smart home system [106] and a media server [107] and a file level computer data storage [106]
3) A device as claim 1 limited to the functions of a firewall [101] and a router [102] and a VPN gateway [103] and a fully featured PBX [104] and a digital video surveillance system [105] and a smart home system [106] and a file level computer data storage [106]
4) A device as claim 1 limited to the functions of a firewall [101] and a router [102] and a VPN gateway [103] and a fully featured PBX [104] and a digital video surveillance system [105] and a smart home system [106]
PCT/IB2017/000198 2017-02-14 2017-02-14 Multipurpose service platform for digital internet protocol based services Ceased WO2018150213A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/IB2017/000198 WO2018150213A1 (en) 2017-02-14 2017-02-14 Multipurpose service platform for digital internet protocol based services

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2017/000198 WO2018150213A1 (en) 2017-02-14 2017-02-14 Multipurpose service platform for digital internet protocol based services

Publications (1)

Publication Number Publication Date
WO2018150213A1 true WO2018150213A1 (en) 2018-08-23

Family

ID=59034808

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2017/000198 Ceased WO2018150213A1 (en) 2017-02-14 2017-02-14 Multipurpose service platform for digital internet protocol based services

Country Status (1)

Country Link
WO (1) WO2018150213A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090013210A1 (en) * 2007-06-19 2009-01-08 Mcintosh P Stuckey Systems, devices, agents and methods for monitoring and automatic reboot and restoration of computers, local area networks, wireless access points, modems and other hardware

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090013210A1 (en) * 2007-06-19 2009-01-08 Mcintosh P Stuckey Systems, devices, agents and methods for monitoring and automatic reboot and restoration of computers, local area networks, wireless access points, modems and other hardware

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MATRIX TELECOM SOLUTIONS: "Matrix NAVAN CNX200 Smart Home Connect Solution", 23 December 2014 (2014-12-23), XP055392357, Retrieved from the Internet <URL:https://www.matrixtelesol.com/resources/presentation/NAVAN-CNX200-All-in-One-Home-Solution.ppt> [retrieved on 20170719] *
MATRIXCOMSEC: "NAVAN CNX200 Introduction", YOUTUBE, 13 February 2014 (2014-02-13), pages 1 - 1, XP054977581, Retrieved from the Internet <URL:https://www.youtube.com/watch?v=oL19DsRq7XE> [retrieved on 20170721] *

Similar Documents

Publication Publication Date Title
US11595364B2 (en) System for data routing in networks
US20240163337A1 (en) Media content management
US10250624B2 (en) Method and device for robust detection, analytics, and filtering of data/information exchange with connected user devices in a gateway-connected user-space
US8180735B2 (en) Managed file backup and restore at remote storage locations through multi-services gateway at user premises
US9059863B2 (en) Method for data routing in networks
US11089122B2 (en) Controlling data routing among networks
US20190173909A1 (en) Method and device for robust detection, analytics, and filtering of data/information exchange with connected user devices in a gateway-connected user-space
US8649386B2 (en) Multi-interface wireless adapter and network bridge
US8082576B2 (en) Network-agnostic content management
US8819178B2 (en) Controlling data routing in integrated security systems
US8209400B2 (en) System for data routing in networks
US8713132B2 (en) Device for data routing in networks
US11146637B2 (en) Media content management
US8825871B2 (en) Controlling data routing among networks
US20200160679A9 (en) Device for data routing in networks
US20170310500A1 (en) Controlling Data Routing in Premises Management Systems
US20160164923A1 (en) Method for data routing in networks
US20180198788A1 (en) Security system integrated with social media platform
WO2015134520A1 (en) Media content management
WO2009029597A1 (en) System for data routing in networks
US12301379B2 (en) Controlling data routing in premises management systems
US12184443B2 (en) Controlling data routing among networks
WO2018150213A1 (en) Multipurpose service platform for digital internet protocol based services
Bruschi et al. Virtualization of set-top-box devices in next generation sdn-nfv networks: the input project perspective

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17729189

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17729189

Country of ref document: EP

Kind code of ref document: A1