A kind of medium transmission system and method based on WAPI
Technical field
The present invention relates to media play and WAPI technical field, particularly a kind of medium transmission system and method based on WAPI.
Background technology
WAPI is the english abbreviation of WLAN Authentication and Privacy Infrastructure.Be WAPI, it is at WEP protocol security problem among the IEEE 802.11, the wlan security solution that proposes in Chinese WLAN (wireless local area network) standard GB 15629.11.Its main feature is the certificate mechanism that adopts based on the public key cryptography system, has really realized two-way discriminating between portable terminal (MT) and WAP (wireless access point) (AP).
In present network media playing process, the user adopts the mode logon server of username and password mostly, obtains the authorization and can carry out download, the broadcast of medium.
Fig. 1 is traditional user's operating platform and server structure chart and data flowchart, and this structure comprises user's operating terminal and server.The user is in the business application, and the user is provided with username and password by operating terminal on server, and server examination username and password is also authorized.The user is when using business, and behind input right user name and password on the server, the user watches program by operating terminal to the user on server by operating terminal.This structure is unfavorable for the management of server to subscriber data, is unfavorable for that the network operator charges, and is unfavorable for the secret transmission of data etc.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of medium transmission system and method based on WAPI, when the WAPI terminal finish by digital certificate with the discriminating of access point and server checking after, the data message transparent transmission that access point can receive from server has improved efficiency of transmission to the WAPI terminal.
In order to address the above problem, the invention provides a kind of media transmission method based on WAPI, comprise: behind WAPI terminal, access point and startup of server, finish mutual discriminating, described server uses the confidentiality agreement of WAPI agreement regulation that the business datum of WAPI terminal request is encrypted, and afterwards data encrypted is sent to the WAPI terminal by access point.
Further, described access point carries out demodulation after receiving the business datum of described encryption, afterwards the business datum after the demodulation is sent to described WAPI terminal.
Further, described server is also issued digital certificate for described WAPI terminal and access point;
Described WAPI terminal, access point and server are finished mutual discriminating and be meant: described WAPI terminal obtains the security strategy of access point, and then finishes checking according to the digital certificate of described security strategy, WAPI terminal and the digital certificate and the access point of access point; Described server differentiates by access point digital certificate and described access point, and differentiates by the digital certificate and the WAPI terminal of WAPI terminal, and judges the rights of using of described WAPI terminal according to the digital certificate of WAPI terminal.
Further, described WAPI terminal is inquired after the security strategy that obtains access point by passive listening beacon frame or active.
Further, described WAPI terminal and server are finished and are differentiated that the back is by described access point and server negotiate session key.
The present invention also provides a kind of medium transmission system based on WAPI, comprises WAPI terminal, access point and server;
Described WAPI terminal is used for starting the back and verifies with described access point, finishes discriminating with described server;
Described access point is used for starting the back and verifies with described WAPI terminal, finishes discriminating with described server, and the business datum after the encryption that server is sent is sent to the WAPI terminal;
Described server is used for starting the back and finishes discriminating with described WAPI terminal and access point, also is used to use the confidentiality agreement of WAPI agreement regulation that the business datum of WAPI terminal request is encrypted, and data encrypted is sent to access point.
Further, described access point carries out demodulation after also being used to receive the business datum of described encryption, afterwards the business datum after the demodulation is sent to described WAPI terminal.
Further, described server comprises the discriminating service module, is used for issuing digital certificate to described WAPI terminal and access point;
Described WAPI terminal and described access point verify and are meant that the WAPI terminal obtains the security strategy of access point, and then finish checking according to the digital certificate of described security strategy, WAPI terminal and the digital certificate and the access point of access point;
Described server and WAPI terminal and access point are finished discriminating and are meant, the discriminating service module is finished discriminating by access point digital certificate and described access point, digital certificate and described WAPI terminal by the WAPI terminal are differentiated, and the rights of using of judging described WAPI terminal.
Further, described WAPI terminal is inquired after the security strategy that obtains access point by passive listening beacon frame or active.
Further, after described WAPI terminal also is used for finishing discriminating with server, by described access point and server negotiate session key;
After described server also is used for finishing discriminating with the WAPI terminal, by described access point and WAPI terminal consulting session key.
In sum, the invention provides a kind of medium transmission system and method based on WAPI, when the WAPI terminal finish by digital certificate with the discriminating of access point and server checking after, the data message transparent transmission that access point can receive from server is to the WAPI terminal, under the situation that guarantees secret transmission characteristic, improved efficiency of transmission, reduced user's use cost, make things convenient for the WAPI terminal to watch related-program, simultaneously also help management and the charging of network operator, guaranteed professional sane developments such as video request program the user.
Description of drawings
Fig. 1 a to Fig. 1 c is traditional user's operating platform and server structure chart and data flowchart;
Fig. 2 is the graph of a relation of user's operating platform of the present invention and server;
Fig. 3 is the schematic diagram of WAPI terminal;
Fig. 4 is the operational flowchart of user terminal of the present invention and server.
Embodiment
The present invention a kind of medium transmission system and method based on WAPI, the mode of employing digital certificate mandate can allow the WAPI terminal use who has digital certificate watch related-program very easily.
Present embodiment provides a kind of medium transmission system based on WAPI, as shown in Figure 2, comprises WAPI terminal, AP (Access Point, access point) and server;
Server comprises ASU (authentication service unit differentiates service module);
The WAPI terminal is used for starting the back and verifies with access point, finishes discriminating with server; And by access point and server negotiate session key; Also be used to receive and decode after the data encrypted and play.
Access point is used for starting the back and verifies with the WAPI terminal, finishes discriminating with server, and the business datum after the encryption that server is sent is sent to the WAPI terminal;
Server is used for starting the back and finishes discriminating with WAPI terminal and access point, and by AP and WAPI terminal consulting session key;
Judge whether the WAPI terminal has this professional authority of use after also being used to receive the service request that the WAPI terminal sends, use the confidentiality agreement of WAPI agreement regulation that business datum is encrypted if having, and data encrypted is sent to access point.
Access point carries out demodulation after also being used to receive the business datum of encryption, afterwards the business datum after the demodulation is sent to the WAPI terminal.
Differentiate service module, be used to WAPI terminal and access point to issue digital certificate;
Server and WAPI terminal and access point are finished discriminating and are meant, the discriminating service module is finished discriminating by access point digital certificate and access point, differentiate by the digital certificate and the WAPI terminal of WAPI terminal, and the rights of using of judging the WAPI terminal.
Other outer WAPI equipment of WAPI terminal comprise WAPI personal device PDA, WAPI notebook computer, WAPI personal broadcasting equipment etc.
Fig. 3 is the schematic diagram of WAPI terminal, comprises media play unit, WAPI communication unit and control unit.Media play unit is used to receive the data of WAPI communication unit, and the data that receive are decoded and play; The WAPI communication unit is responsible for being connected authentication associated with other WAPI equipment such as WAPI access point and communicating by letter with access point; Control unit is used to dispose the mode of operation of media play unit and WAPI communication unit and the processing of parameter and upper-layer protocol.
Media play unit is supported multiple broadcast instrument, as MPC, and audio-visual star, realplayer, kmplayer, realone etc.The medium of supporting comprise multimedia broadcast-multicast service MBMS (Multimedia Broadcast/Multicast Service), Streaming Media, movie program, the DVB-H of mobile TV system of European standard, the mobile phone television broadcasting system MediaFLO that QualCom is leading, the T-DMB of mobile TV system of Korea S, the ISDB-T of mobile TV system of Japan, the mobile multimedia broadcast system CMMB and the TMMB of China, the S-DVB in Europe, Japan, the S-DMB of Korea S, the mobile multimedia broadcast system CMMB of China etc.This WAPI terminal also comprises the program selection function, selects suitable program.The WAPI communication unit comprises WAPI hardware module and WAPI agreement.Other outer WAPI equipment of WAPI terminal comprise WAPI personal device PDA, WAPI notebook computer, WAPI personal broadcasting equipment etc.Control unit can be included in media play unit or the WAPI communication unit, uses the processor of media play unit or WAPI communication unit to finish controlled function, can independently not exist.
Present embodiment provides a kind of media transmission method based on WAPI, and it comprises:
Step 201, the WAPI function of other WAPI equipment such as startup WAPI terminal, and start access point and server;
Step 202, WAPI terminal are by the passive listening beacon frame or initiatively inquire after the security strategy that obtains AP, and then finish checking according to the digital certificate of this security strategy, WAPI terminal and the digital certificate and the access point of access point;
Step 203, WAPI terminal and access point are all finished with server and are differentiated checking, promptly, server is differentiated by the digital certificate and the access point of access point, digital certificate and WAPI terminal by the WAPI terminal are differentiated, judge with this whether WAPI terminal and access point be all legal, and judge its rights of using by the digital certificate of WAPI terminal.The rule execution in step 204 if WAPI terminal and access point are combined, otherwise finish.
Step 204, the WAPI terminal is by access point and server negotiate session key;
When step 205, server send data to the WAPI terminal, use the confidentiality agreement of WAPI agreement regulation that the data that will send are encrypted, afterwards data encrypted is sent to access point;
Step 206, access point is received data encrypted, and the confidentiality agreement of the WAPI agreement regulation of using because of server is encrypted, and access point need not to be decrypted and encrypts, directly sends to the WAPI terminal after the modulation, has realized the transparent transmission of data.
Step 207, WAPI terminal are to the data of the receiving broadcast of decoding, and the WAPI terminal can be downloaded related content or the online related-program of watching from server.
Adopt the media playing method based on the WAPI technology of the present invention, owing to can utilize the discriminating of third party's identity, secret transmission characteristic, the high speed data transfers characteristic of the technology of WAPI, reduce user's use cost, make things convenient for the WAPI terminal to watch related-program, simultaneously also help management and the charging of network operator, guaranteed professional sane developments such as video request program the user.