CN100433032C - Method for protecting data while copying mobile-terminal data - Google Patents
Method for protecting data while copying mobile-terminal data Download PDFInfo
- Publication number
- CN100433032C CN100433032C CNB2006100744816A CN200610074481A CN100433032C CN 100433032 C CN100433032 C CN 100433032C CN B2006100744816 A CNB2006100744816 A CN B2006100744816A CN 200610074481 A CN200610074481 A CN 200610074481A CN 100433032 C CN100433032 C CN 100433032C
- Authority
- CN
- China
- Prior art keywords
- file
- data
- expansion
- content
- dcf
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
A method for protecting data when data is copied at mobile terminal includes setting up a DCF file with content being blank and with the same file name as file to be copied in mobile terminal storage on object storage region, generating cipher key and using cipher key to encipher file data to be copied in said storage, writing enciphered file data into the same name file set up in said object storage region.
Description
Technical field
The present invention relates to technical field of data storage, particularly a kind of copying mobile-terminal according to the time to the method for data protections.
Background technology
Along with the development of portable terminal manufacturing technology, the performance of portable terminal constantly promotes, and function is constantly expansion also.The user can use the mobile terminal playing multimedia file, takes pictures, records a video, operate video games or the like.These business all need portable terminal to have bigger memory capacity.Described portable terminal is except mobile communication terminal such as mobile phone, also comprise personal digital terminal (Personal Digital Terminal, PDA), digital camera (Digital Cemera, DC), Digital Video, MP3 player or the like.Often adopt the way of in the expansion slot of portable terminal, inserting the expansion memory card to increase the mobile terminal stores capacity at present, described expansion memory card comprises Security Digital (SD) (Secure Digital Memory Card, SD), multimedia storage card (MultiMedia Card, MMC) or the like.The data file of multimedia file, photo or other types that the user can store portable terminal self shifts and stores in the expansion memory card, or reads the data file of being stored from the expansion memory card.In the present processing mode; the rights of using of transferring to the data file the expansion memory card from portable terminal are not limited; can read to be stored in by other portable terminals or computer equipment without restriction and expand the file in the memory card or carry out other associative operations, the security of therefore expanding the data file in the memory card obtain due protection.
At present, the rights of using control technology to the mobile terminal stores file has Open Mobile Alliance (OpenMobile Alliance, digital copyright management OMA) (Digital Rights Management, DRM) technology.The DRM technology has defined three kinds of modes and has realized protection to the mobile terminal stores file:
A, transmit locking (Forward Lock) mode: send in the DRM message (DRMMessage) of portable terminal and have only shielded file, can play, show or carry out this document, but not allow to transmit and modification this document;
B, combination send (Combined Delivery) mode: agent-protected file is packaged in together in the DRM message with corresponding control of authority file and sends to portable terminal, operation to agent-protected file will be carried out in strict accordance with the regulation in the control of authority file, described control of authority comprises whether allowing to play, show, revise, move or print this document, time range or duration that the number of times that restriction is used to this document, restriction are used do not allow to transmit this document;
C, separation send (Separate Delivery) mode: earlier agent-protected file is carried out symmetric cryptography and handle, again this document is packaged into DRM content format (DRM Content Format, DCF) file sends to portable terminal separately, allow to transmit this document, but only obtained that key could be play this document, shows, modification, operation or printing; Described key and corresponding control of authority file by WAP (wireless application protocol) (Wireless Application Protocol, secured fashions such as PUSH WAP) send to portable terminal, can not transmit this key and control of authority file; If also comprise the DCF file in the DRM message that portable terminal is received in addition, then can not transmit this DCF file.
But, above-mentioned DRM technology only is used for the rights of using of content supplier's control portable terminal to the reception file, do not have regulation how to control the rights of using of portable terminal, therefore do not solve the safety issue of the data file that solves mobile terminal stores fully to the file of other device forwards.
Summary of the invention
In view of this, the objective of the invention is to, propose a kind of copying mobile-terminal according to the time to the method for data protections, can control the rights of using of institute's copies data.
This method comprises the steps:
A, the target memory block create a content be sky and and mobile terminal memory in the expansion DCF file of file same file name to be copied;
B, generate key, and file data to be copied in the mobile terminal memory is encrypted with key;
The file of the same name of the target memory block that C, the file data write step A after will encrypting are set up.
The described generation key of step B is: read the hardware identifier of portable terminal, generate key according to the hardware identifier that is read.
Described hardware identifier comprises device identification, the sequence number of portable terminal.
Described portable terminal is a mobile communication terminal, and described hardware identifier comprises international mobile station EIC equipment identification code IMEI or international mobile subscriber identity IMSI.
Step B further comprises:
B1, the file of the same name of target memory block being divided into a field, head part and data division, is the field that file to be copied generates DCF, a field information that generates is write before the head part of the file of the same name in the target memory block;
Step C said write file of the same name is: the data division that writes described file of the same name.
Described field further comprises: the Version of version number, content-type information length C TL, content identification message length CURIL, content type CT, content identification CURI, head length HL and data length DL.
Described head part comprises the encryption method field that is used to indicate the described method of encrypting of step B at least.
Further comprise before the step C: generate initial vector IV and the IV that is generated is write the data division of described file of the same name.
Before the described establishment file of steps A, further comprise:
Whether the target memory block of judging document copying is other equipment except that this portable terminal, if then carry out this flow process subsequent step, otherwise carry out existing copied files flow process and withdraw from this flow process.
After step C, this method can further include:
D, judge that file is whether complete and be expansion DCF file, if execution in step E then, otherwise do not do any operation;
E, calculate the head length of described file, and the reference position of specified data in view of the above;
F, obtain key and initial vector, and judge whether can be with the data in key that is obtained and the initial vector decrypted file data, if, execution in step G then, otherwise withdraw from this flow process;
G, utilize key and Iv to decipher the content in the data in this expansion DCF file, the content after the deciphering is generated file of the same name.
Step D is described to be judged that file is whether complete and is that expansion DCF file further comprises:
D1, obtain the field in the top of file, according to a field calculation document total length, and with the contrast of file physical length, if unanimity then file is complete, if inconsistent then file is imperfect;
D2, judge in the field that whether version number is indicated release number, if then this document is expansion DCF file, otherwise this document is not an expansion DCF file.
The method that described encryption and decryption are adopted is the AES128CBC method.
Described target memory block is the storage unit of expansion memory card.
As can be seen from the above technical solutions, file is encrypted security that therefore can protected file owing to start encryption mechanism during to other equipment copied files automatically at portable terminal; Preferably, the hardware identifier of choosing portable terminal is as encrypted secret key, the portable terminal that generates this encrypt file can be with the hardware identifier declassified document of self, so but this document be deciphered and be used to other portable terminals or computer equipment can not because of obtaining this hardware identifier, the safety of files that copies in other equipment can well be guaranteed.
Description of drawings
Fig. 1 generates the treatment scheme of expansion DCF file when mobile phone copies the expansion memory card to for embodiment of the invention file;
Fig. 2 deciphers the flow process of the expansion DCF file that is generated for the embodiment of the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is further elaborated below in conjunction with accompanying drawing.
Core content of the present invention is: copying data file to expansion during memory card from portable terminal, this document is being started the control function that restriction transmits encrypt; This portable terminal can use the file that copies on the expansion memory card through to after this document verification and the deciphering; But when the expansion memory card of storage this document inserts other portable terminals or computer equipment, can't use this document by other portable terminals or computer equipment.In this way, the former owner of this document can control propagation and the use to this data file.
The file encrypting method that the present invention adopts is for becoming file conversion to be encrypted the DCF file of expansion.The formal definition of DCF file is as shown in table 1.
| Field name | The corresponding English name of field | Type | Describe |
| Version number | Version | Uint8 | The sign version number information |
| Content-type information length (CTL) | ContentTypeLen | Uint8 | The length of sign mime type information |
| Content identification message length (CURIL) | ContentURILen | Uint8 | The length of sign content identification |
| Content type (CT) | ContentType | ContentTypeLen 8 hytes | Content-type information |
| Content identification (CURI) | ContentURI | ContentURILen 8 hytes | Content identification information |
| Head length (HL) | HeadersLen | The variable length integer | The length of marking head part |
| Data length (DL) | DataLen | The variable length integer | The length of identification data part |
| The head part | Headers | HeadersLen 8 hytes | Be used for the storage file additional information |
| Data division | Data | DataLen 8 hytes | Be used for the file behind the storage encryption |
Table 1
The DCF formatted file is divided into a field, head part and data division three parts, and wherein head has defined the format information of DCF file, and wherein version number is defined as 1; The specific definition of every content can be referring to the normative document of OMA issue in the table
OMA-Download-DRMCF-V1_0-20040615-A.pdf。
In order to realize that portable terminal adopts the DRM technology to file encryption, the described portable terminal of the embodiment of the invention is the portable terminal that is provided with the DRM encryption function, comprises DRM encryption flow operations and corresponding cryptographic algorithm.
The specific embodiment of the present invention is divided into two stages, and the phase one is the copy encryption stage, and the data file of mobile terminal stores packing soon generates expansion DCF formatted file and copies in other equipment; Subordinate phase is the verification and the deciphering stage of expansion DCF file, i.e. user's process of the expansion DCF formatted file in other equipment being carried out verification and deciphering by portable terminal.Copying the expansion memory card with file to from mobile phone below is example, respectively these two stages is illustrated.
When the user send with file from mobile phone memory move to the expansion memory card instruction the time, then trigger the realization flow of phase one, as shown in Figure 1, comprise the steps:
Step 101: whether the target memory block of judging document copying is the expansion memory card, if, then on the expansion memory card, create the file of and file same file name to be copied, content be empty, is divided into a field, head partly and data division; Otherwise carry out existing file copy flow process, and withdraw from this flow process.
Step 102: the field for file generation DCF form to be copied is followed successively by version number (Version), content-type information length (CTL), content identification message length (CURIL), content type (CT), content identification (CURI), head length (HL) and data length (DL).Wherein version number can be any one value in 2~255, and expression this document is an expansion DCF file, is appointed as 5 in the present embodiment; Content type (ContentType, CT) value is multi-usage internet mail extension (the Multipurpose Internet Mail Extensions of this media file correspondence, MIME) types value, (ContentTypeLen CTL) is the length of CT to content-type information length; (ContentURI CURI) can adopt current system time to represent, (ContentURILen CURIL) is the length of CURI to the content identification message length in content identification; A field information of above generation is write before the head part of the file of the same name in the expansion memory card, wherein a HL and DL field temporarily be a sky.
Step 103: for file to be copied generates the head part.
Step 104: generate head part back and calculate head length, obtain the size of this document and calculate the data length of encrypting the back data, write successively in the field of expansion memory card correspondence after head length and data length are converted to the Uintvar form; In the head part, write encryption method (EncryptionMethod) field and other head partial informations, the encryption method that adopts in the present embodiment is Advanced Encryption Standard (Advanced Encryption Standard, AES) the AES128CBC mode in, the also cryptographic algorithm that can adopt other OMA to approve.
Step 105: (Initialization Vector IV), and writes the IV that is generated the data division of the file of the same name of expansion memory card to generate an initial vector according to the DRM technology.
Step 106: from the storer of mobile phone, read hardware identifier, and generate key according to the hardware identifier that is read; The IV that uses this key and step 105 to be generated encrypts file to be copied, and encryption method is AES128CBC; Content after encrypting is write in the data division of the file of the same name of expanding memory card; In this step, also can be directly with the hardware identifier that read as key.Described hardware identifier can be the device identification or the sequence number of producer, for the such mobile communication terminal of mobile phone, can also be international mobile station EIC equipment identification code (International Mobile Station EquipmentIdentity, IMEI) or international mobile subscriber identity (International Mobile SubscriberIdentity, IMSI).Described according to above-mentioned hardware identifier generation key, it can be part or all of information generation key according to above-mentioned any hardware identifier, also can be combination in any generation key, also can adopt any known character string cryptographic algorithm at present in the process of generation key according to the part or all of information of above-mentioned hardware identifier.
Through the processing of above-mentioned steps 101~106, the file of the same name that is stored in the expansion memory card is the DCF file of an expansion.
The implementing procedure of subordinate phase comprises the steps: as shown in Figure 2
Step 201: judge that whether the file in the expansion memory card is expansion DCF file, and this document is intact bad, if execution in step 202 then, otherwise withdraw from this flow process.Determination methods is: judge whether to satisfy simultaneously following two conditions:
The length of condition a, this document is correct.Way is to read the value of CTL, CURIL, HL and DL in the field of file, add 3 uint8 unit lengths again after adding the length of DL self of record HL of head length and record data length after these value additions, resulting length value and file physical length meet; These three uint8 unit lengths are the shared length of version number, CTL and CURIL.
The value of condition b, version number is 5.
If condition a and b satisfy simultaneously, then this document is complete expansion DCF file.
Step 202: calculate head length, according to the reference position of the length specified data of being calculated;
Step 203: obtain the hardware identifier of this mobile phone and be converted to the key of deciphering, obtain the IV in the expansion DCF file;
Step 204: the key that obtains with step 203 and the content of IV data decryption, if successful decryption, then execution in step 205, otherwise finish this flow process;
Step 205: utilize key and IV to decipher the content in the data in this expansion DCF file, the content after the deciphering is generated file of the same name.
Above treatment scheme is suitable equally for the portable terminal of other types.
Therefore other portable terminals or computer equipment can't be decrypted this document because there is not the hardware identifier of former portable terminal, also can't use this document.The file that generates on the portable terminal can not lose the protection of security because of copying in the expansion memory card like this.
In above step, can also adopt other character strings that equipment itself has or user-defined character string as encrypted secret key.
Among the above embodiment, the target memory block of described portable terminal copied files all is the expansion memory card, and in fact, copy file to other equipment from portable terminal and can use the inventive method, described other equipment comprise the storer of other portable terminals, mobile memory such as portable hard drive, USB flash disk, hard disc of computer or the like.
The above only is preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of being done within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (13)
1, a kind of copying mobile-terminal according to the time to the method for data protections, it is characterized in that this method comprises the steps:
A, the target memory block create a content be sky and and mobile terminal memory in the expanding digital rights management content form DCF file of file same file name to be copied;
B, generate key, and file data to be copied in the mobile terminal memory is encrypted with key;
The file of the same name that C, the file data write step A after will encrypting are set up.
2, method according to claim 1 is characterized in that, the described generation key of step B is: read the hardware identifier of portable terminal, generate key according to the hardware identifier that is read.
3, method according to claim 2 is characterized in that, described hardware identifier comprises device identification, the sequence number of portable terminal.
4, method according to claim 3 is characterized in that, described portable terminal is a mobile communication terminal, and described hardware identifier comprises international mobile station EIC equipment identification code IMEI or international mobile subscriber identity IMSI.
5, method according to claim 1 is characterized in that, step B further comprises:
B1, the file of the same name of target memory block being divided into a field, head part and data division, is the field that file to be copied generates DCF, a field information that generates is write before the head part of the file of the same name in the target memory block;
Step C said write file of the same name is: the data division that writes described file of the same name.
6, method according to claim 5, it is characterized in that described field further comprises: the Version of version number, content-type information length C TL, content identification message length CURIL, content type CT, content identification CURI, head length HL, data length DL.
7, method according to claim 5 is characterized in that, described head part comprises the encryption method field that is used to indicate the described method of encrypting of step B at least.
8, according to the described method of claim 5, it is characterized in that, further comprise before the step C: generate initial vector IV and the IV that is generated is write the data division of described file of the same name.
9, method according to claim 1 is characterized in that, before the described establishment file of steps A, further comprises:
Whether the target memory block of judging document copying is other equipment except that this portable terminal, if then carry out this flow process subsequent step, otherwise carry out existing copied files flow process and withdraw from this flow process.
10, method according to claim 8 is characterized in that, after step C, this method further comprises:
D, judge that file is whether complete and be expansion DCF file, if execution in step E then, otherwise do not do any operation;
E, calculate the head length of described file, and the reference position of specified data in view of the above;
F, obtain key and IV, and judge whether can be with the data in key that is obtained and the IV decrypted file data, if, execution in step G then, otherwise withdraw from this flow process;
G, utilize key and IV to decipher the content in the data in this expansion DCF file, the content after the deciphering is generated file of the same name.
According to the described method of step 10, it is characterized in that 11, step D is described to be judged that file is whether complete and be that expansion DCF file further comprises:
D1, obtain the field in the top of file, according to a field calculation document total length, and with the contrast of file physical length, if unanimity then file is complete, if inconsistent then file is imperfect;
D2, judge in the field that whether version number is indicated release number, if then this document is expansion DCF file, otherwise this document is not an expansion DCF file.
12, method according to claim 10 is characterized in that, the method that described encryption and decryption are adopted is the AES128CBC method.
13, method according to claim 10 is characterized in that, described target memory block is the storage unit of expansion memory card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100744816A CN100433032C (en) | 2006-04-21 | 2006-04-21 | Method for protecting data while copying mobile-terminal data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100744816A CN100433032C (en) | 2006-04-21 | 2006-04-21 | Method for protecting data while copying mobile-terminal data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1983292A CN1983292A (en) | 2007-06-20 |
| CN100433032C true CN100433032C (en) | 2008-11-12 |
Family
ID=38165811
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100744816A Active CN100433032C (en) | 2006-04-21 | 2006-04-21 | Method for protecting data while copying mobile-terminal data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100433032C (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101141814B (en) * | 2007-10-11 | 2010-06-02 | 中兴通讯股份有限公司 | System and method for mobile terminal to download DRM file to movable storage medium |
| CN101146261B (en) * | 2007-10-19 | 2010-12-08 | 深圳掌媒科技有限公司 | A realization method for digital protection of electronic media |
| CN101183933B (en) * | 2007-12-13 | 2010-09-08 | 中兴通讯股份有限公司 | Method of determining establishment of DCF file terminal equipment |
| CN103310159A (en) * | 2013-06-20 | 2013-09-18 | 中国软件与技术服务股份有限公司 | Method and system for safely taking out electronic file with mobile intelligent terminal |
| CN104573551A (en) * | 2014-12-25 | 2015-04-29 | 广东欧珀移动通信有限公司 | File processing method and mobile terminal |
| CN105069365A (en) * | 2015-06-30 | 2015-11-18 | 广东欧珀移动通信有限公司 | Data processing method and mobile terminal |
| CN106886719B (en) * | 2017-01-10 | 2020-08-14 | 山东华软金盾软件股份有限公司 | Method for controlling use range of USB flash disk |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1189823C (en) * | 1999-03-03 | 2005-02-16 | 索尼公司 | Data processing device, data processing method, terminal, transmission method for data processing device |
| WO2005091163A1 (en) * | 2004-03-22 | 2005-09-29 | Samsung Electronics Co., Ltd. | Apparatus and method for moving and copying rights objects between device and portable storage device |
| WO2006029978A1 (en) * | 2004-09-14 | 2006-03-23 | Sony Ericsson Mobile Communications Ab | Method for distributing content to a mobile device with digital rights and mobile device therefor |
-
2006
- 2006-04-21 CN CNB2006100744816A patent/CN100433032C/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1189823C (en) * | 1999-03-03 | 2005-02-16 | 索尼公司 | Data processing device, data processing method, terminal, transmission method for data processing device |
| WO2005091163A1 (en) * | 2004-03-22 | 2005-09-29 | Samsung Electronics Co., Ltd. | Apparatus and method for moving and copying rights objects between device and portable storage device |
| WO2006029978A1 (en) * | 2004-09-14 | 2006-03-23 | Sony Ericsson Mobile Communications Ab | Method for distributing content to a mobile device with digital rights and mobile device therefor |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1983292A (en) | 2007-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100753932B1 (en) | contents encryption method, system and method for providing contents through network using the encryption method | |
| CN101821746B (en) | Device and method for backup of rights objects | |
| CN100433032C (en) | Method for protecting data while copying mobile-terminal data | |
| EP2267628B1 (en) | Token passing technique for media playback devices | |
| US20090210724A1 (en) | Content management method and content management apparatus | |
| US8694799B2 (en) | System and method for protection of content stored in a storage device | |
| US20070160209A1 (en) | Content management method, content management program, and electronic device | |
| US20060161502A1 (en) | System and method for secure and convenient handling of cryptographic binding state information | |
| CN1711514A (en) | Archive system and method for copy controlled storage devices | |
| CN101313311A (en) | Method for storing and transfer of rights objects between devices and device exploiting the method | |
| JP2006127485A (en) | Device and method for reproducing content | |
| CN101174941B (en) | Off-line digital copyright protection method and device for mobile terminal document | |
| US8479020B2 (en) | Method and apparatus for providing an asymmetric encrypted cookie for product data storage | |
| US20080279385A1 (en) | Method and host device for using content using mobile card, and mobile card | |
| CN100580684C (en) | Method for ciphering and deciphering embedded type multimedia file | |
| US8634555B2 (en) | Information processing apparatus, information processing method, and program | |
| JP2006172351A (en) | Method and system for content expiration date management by use of removable medium | |
| CN100433030C (en) | Digital data file scrambler and its method | |
| CN106454409A (en) | Encrypting method and device of multimedia document | |
| JP2005051479A (en) | Time limit encipherment/decipherment system | |
| JP7412445B2 (en) | Content duplication device, access control device and access control program | |
| JP4302076B2 (en) | Key judgment device | |
| KR20090017055A (en) | Apparatus and method for transmitting encrypted content and and record media recoded program realizing the same | |
| US20090307503A1 (en) | Digital content management systems and methods | |
| CN116226890A (en) | Audio file processing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |