CN103873895A - DVB/IPTV dual-mode interactive business protection system - Google Patents
DVB/IPTV dual-mode interactive business protection system Download PDFInfo
- Publication number
- CN103873895A CN103873895A CN201210539322.4A CN201210539322A CN103873895A CN 103873895 A CN103873895 A CN 103873895A CN 201210539322 A CN201210539322 A CN 201210539322A CN 103873895 A CN103873895 A CN 103873895A
- Authority
- CN
- China
- Prior art keywords
- key
- module
- server
- scrambling
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
A DVB/IPTV dual-mode interactive business protection system comprises a client end subsystem, a front end subsystem, an authentication authorization subsystem, a subscriber management system, a program stream management system, and a program information management system; the client end subsystem, the CA front end subsystem and the authentication authorization subsystem are the main portion; the subscriber management system, the program stream management system, and the program information management system belong to a peripheral auxiliary system. The DVB/IPTV dual-mode interactive business protection system supports DVB and IPTV video scrambling, provides a controllable scrambling depth control strategy and adaptive scrambling of program content, and supports more than three secret key management modes; secret key length selection above 128 bits and distributed packaging of large size content are realized; the protection system supports safety and business monitoring of the content based on digit watermarking. The DVB/IPTV dual-mode interactive business protection system supports DVB/IPTV dual modes, introduces secret key update batch processing strategy and a distributed authentication authorization scheme, provides secret key real time update and distribution in a million user scale, reduces system overhead, enhances whole secret key updating capacity, improves system safety, and provides a flexible changeable protection mechanism for pay TV business.
Description
Technical field
The present invention relates to information security field, specifically, relate to the key technology of the asymmetric digital television system of broadband interdynamic TV system bidirectional.
Background technology
In the construction development of the interdynamic video systems such as iDTV (digital television interaction), IPTV (IPTV); the protection and control of interdynamic video business tine is just becoming affects the important bottleneck that interdynamic video business is promoted, and it relates to the technology of the aspects such as content protecting, transmission protection, access control, piracy tracking and contents supervision.
Traditional video traffic protection system is based upon in unilateral network; for by the client that is transferred to full scrambling control word, user's the important content such as authorization message and management information, adopt the basic thought of setting up defenses in depth, system configuration complexity; fail safe is not high, is easily cracked by hacker.
Because traditional Broadcasting Cable Network belongs to radio network, determine that its video traffic protection system must be also broadcast mode.In this manner; service front end is not understood the situation of client; cannot verify the validity and reliability of client; client also cannot be verified the validity and reliability of front end; reception that can only be passive, this and video traffic protection system are carried out the original intention of pay per view for user and the behavior of watching thereof and are had contradiction.
In traditional video traffic protection system; front end generates the security information that may need to all users and encrypts and transmitted; increase on the one hand offered load; waste massive band width; experience and brought larger delay to user; on the other hand again because the existence of a large amount of enciphered messages, increase saboteur and cracked the possibility of encryption system, form potential potential safety hazard.
Traditional video traffic protection system adopts complicated multi-enciphering as its key distribution mechanism, has increased the difficulty of implementing, and easily produces security breaches.Key of every increase, the difficulty of generation to key, distribution, management will have greatly improved.Saboteur, as long as destroy any one link wherein, just can destroy whole system effectively, even take the ancillary methods such as many cryptographic algorithms backup, also cannot fundamentally solve this defect.
Tradition interactive service protection system is the charge system of radio network, and the authentication to user, is not suitable for bilateral network; The opening of content digitlization and internet has caused very large difficulty to piracy tracking and contents supervision.
The protection of video frequency program is generally adopted in two ways: pre-packaged mode and real-time encrypted mode.In the time that the video frequency program of needs encapsulation is more or video is larger, because CPU disposal ability is limited, program packaging efficiency is lower.
For traditional C A system, the collection of video source all adopts mode expressly with transmission, and the fail safe of video source is threatened.In addition,, no matter be directly storage or the storage of reception file encryption, all there is potential safety hazard in existing storage mode.
Common signal scrambling technique cannot be realized the selection control to the scrambling degree of depth, can not distinguish important and non-important information, and scrambling intensity is often excessive, scrambling poor effect.
Summary of the invention
Based on above-mentioned; the present invention proposes a kind of DVB/IPTV bimodulus interactive service protection system; a kind of DVB/IPTV bimodulus interactive service protection system, is characterized in that: this system comprises the parts such as client-end subsystem, front terminal system, Certificate Authority subsystem, subscriber management system, program stream management system, program information management system.Wherein client-end subsystem, Certificate Authority subsystem are major part, and subscriber management system, program stream management system, program information management system are peripheral auxiliary system.This system comprises CAClient module three parts in service protection CAServer server, empowerment management DRMServer and client STB; the wherein corresponding front terminal system of CAServer server subsystem; the corresponding Certificate Authority subsystem of empowerment management DRMServer, the corresponding client-end subsystem of CAClient module in client STB.
Described client-end subsystem (abbreviation client) adopts layering and modular structure, and client is divided into interface layer, key-course and operation layer from top to bottom; Interface layer provides the task interface of standard, receives customer service instruction and user profile, and interface layer is to the programme content after user feedback system execution result or descrambling; Key-course is in charge of business module list, call corresponding operation layer module according to service order and complete corresponding business, coordinate the operation of each business module, the data exchange mechanism of each business module is provided, and the execution result of compiling each industry module feeds back to interface layer; Operation layer comprises multiple business modules, comprising: order module, business application module, business acquisition module; Order module and complete registration, purchase, query function; Application module completes programme application, program request application, broadcast application, live application, arranging key function; Business acquisition module completes demultiplexing, deciphering ECM, descrambling program stream, checking program legitimacy function; Wherein, demultiplexing function adopts traditional DVB-CA terminal to synchronize with front terminal system made, and reception, demultiplexing, obtains ECM and program stream; Deciphering ECM function is used the session key of consulting to be decrypted and to obtain descrambled control words CW ECM; The Control Word that descrambling program stream function is used deciphering to obtain calls AES or CSA Descrambling Algorithms is carried out descrambling to program stream, and the DVB/IPTV program stream obtaining is transferred to key-course; Checking program legitimacy function is for extracting the legitimacy mark watermark of program stream.
Described front terminal system further forms by encapsulating in real time subsystem, pre-packaged subsystem, secure memory subsystem.Encapsulation subsystem is for real-time online encapsulation and protection to programme content in real time, and pre-packaged subsystem is for off-line encapsulation and protection to programme content.Encapsulation subsystem and pre-packaged subsystem can be selected as required one of them use or jointly use in real time.Secure memory subsystem is choice for use as required.Described front terminal system comprises: control word maker (CWG), ECM maker (ECMG), watermarking algorithm (WEA) and common scrambling algorithm (CSA); The effect of front terminal system is to generate control word, calls CSA the programme content from program stream management system is carried out to scrambling; The control word generator of front terminal system generates control word take system key as basis, adopts DVB common scrambling algorithm (CSA) to carry out scrambling operation to the programme content from program stream management system; Front terminal system is also used session key to be encrypted and to generate traditional ECM control word simultaneously; Programme content after scrambling and ECM pass to program distribution system and carry out multiplexing transmission; Front terminal system will regenerate scrambling control word with fixed intervals, guarantee the transmission security of programme content; Under program request interactive mode, front terminal system is also responsible for receiving user's Play Control information simultaneously, and scrambling and program stream transmission are adjusted.
Described Certificate Authority subsystem is made up of service handling module, business cipher key SK update module, bidirectional identification protocol, SK agreement protocol, timer, online user's list part, Certificate Authority subsystem is accepted the application of user to programme content, by authenticating and negotiation obtains business cipher key SK, and periodically carry out key updating; The service handling module of Certificate Authority subsystem is and user's interface, start corresponding operation flow according to user's program application, the application to user under the cooperation of Subscriber Management System and identity information thereof, credit information carry out legitimacy and validation verification; For legal, effectively application, Certificate Authority subsystem provides key agreement mechanism to consult to obtain session key with user, and session key and pertinent program information thereof are sent to front terminal service system by safe lane, business cipher key be verified and be regenerated to Certificate Authority subsystem will to user's identity again with fixed intervals.
Described CAServer server comprises receiving port, transmit port, descrambler, key port four parts; Described empowerment management DRMServer comprises CA port, STB port, authentication and url management module, program key administration module and control module; Described CAClient module comprises descrambler and key port two parts, is divided into key-course, operation layer by level, and operation layer is core layer, realizes user's registration, service authorization acquisition of information, the descrambling function of program.
This system (the Key Distribution Center of KDC, KDC) for the encryption and decryption file of client provides business cipher key, KDC first obtains the situation of cutting apart of client cryptograph files, in the time being n subfile, generate corresponding 1 to n unduplicated random sequence, client sends ciphertext subfile to storage server successively according to random sequence; Storage server is set up new file, and the ciphertext subfile of receiving is write to new file, until ciphertext subfile is sent.
This system is for the demand to program scrambling and publicity under bandwidth varying environment; controlled scrambling depth-size strategy and adaptive scrambling technology have been implemented in design; dynamically adjust scrambling parameter according to carrier network situation, different compressed encoding and code check; in protection business; reduce data processing amount, reduced the scrambling expense of video.System is the control realizing the scrambling degree of depth, the method for counting of I frame and I-macro block is adopted to the method for two upper limit countings (n1, n2), and making to count upper limit n value all can be with selecting with any scrambling depth d; To d arbitrarily, if: 1) 1/d is integer, makes n1=1/d, n2=1; 2) 1/d is not integer, d is expressed as to fraction, and obtains the greatest common divisor r of molecule denominator with Euclidean algorithm, obtains approximately afterwards d=a/b, order:
To the I frame count c1 finding, c2, in the time that c1 reaches upper limit n1, carries out scrambling operation to present frame; In the time that c2 reaches upper limit n2, two all zero clearings of counter, c1=c2=0;
In application, provide the set-up mode of two kinds of scrambling degree of depth: 1) n mode arranges, n is the scrambling upper limit, and the actual scrambling degree of depth that arranges is 1/n; 2) d mode arranges, and d is the scrambling degree of depth, and scrambling upper limit n value adopts above-mentioned two upper limit method of counting to determine.
The efficiency that this system encapsulates for the interactive large scale programme content of high definition, the distributed pre-packaged technology based on intelligent agent thought has been implemented in design, the means such as cut apart, dispatch, work in coordination with by intelligentized, guaranteeing, under fail safe and conforming prerequisite, to have improved the pre-packaged speed to large scale programme content.This system model adopts C/S structure, and pre-packaged system end is server, and video input is client, also use C/S model in pre-packaged internal system, be made up of master server and proxy server, proxy server is server end to master server, and master server is client; The video that encapsulation is encrypted to needs, first enters master server, and master server judges according to video size select whether to need proxy server encapsulation; If do not need agency to carry out, do not cut apart video file, master server directly encapsulates encryption; If desired agency carries out, and video file is divided into several segments according to the algorithm of design, and then the idle proxy server on automatic search network, sends the video of segmentation to available agency, allows it carry out encapsulation function; After proxy server has encapsulated, then return in time master server end, by master server end, the segmentation of returning is recombinated, revert to complete packaged " former video " file.
This system employs dynamic key upgrade and distribution technique; Dynamic key upgrades with distribution and is divided into two stages, is respectively that business cipher key switching phase and dynamic service key push the stage; The business application module of Certificate Authority subsystem and client produces business cipher key SK by key agreement protocol.After successful arranging key, user profile and corresponding SK thereof will be saved to online user's list, and timer is activated; In the time of arrival fixed time interval, by SK update module, the user in online user's list is re-started to Authentication and Key Agreement, more new session key SK, wherein, business cipher key SK adopts SSL mode to distribute by safe lane; Except business cipher key SK, in this system, also comprise Control Word and system key MK; Wherein the renewal of Control Word and user are irrelevant, upgrade by appointed interval.
System, upgrading in the process of business cipher key, has adopted respectively cipher key hierarchy to upgrade and group key management; Described cipher key hierarchy is upgraded, be that DRM authorization identifying system is in the time carrying out key updating, upper level DRM Server only carries out key updating to the DRM Server in local area, and directly do not provide service to user, and group key management is that broadcasting service and other value-added services are treated with a certain discrimination, if user has ordered the broadcasting service of specifying, so in the time switching other business of use, DRM system is not upgraded broadcasting service cryptographic key, only value-added service is carried out to key updating processing, in the process of key updating, find the minimum nodes of group key management.
This system scrambling module in the pre-packaged module of front terminal system adopts CSA and two kinds of algorithms of AES, change in real time scrambling algorithm according to need for environment, encrypting module adopts aes algorithm to encrypt CW, support CBC (inverse block linking scheme), OFB (output feedback mode), CFB (cipher feedback pattern), five kinds of encryption modes of CTR (technology mode), ECB (electronic codebook mode pattern) to be encrypted Entitlement Control Message ECM, in front terminal system configuration parameter structure, choose arbitrarily, realized the secrecy transmission of information flow.
This system adopts double-deck encryption policy, comprise two and encrypt level, be single-unit order relevant layers (PRL:Program RelatedLayer) and traffic aided layer (SRL:Service Related Layer), PRL layer is implemented the scrambling to video content based on control word cw, SRL layer generates traffic aided control information (SRI:Service RelatedInformation) based on business cipher key by encryption, be Entitlement Control Message ECM, scrambling is take CW as key, call common scrambling algorithm CSA and complete the direct scrambling protection to the defeated programme content of tendency to develop, encrypt take business cipher key SK as key, call cryptographic algorithm, to the encryption of Control Word, form Entitlement Control Message (ECM), CW guarantees the safe transmission of programme content, while CW separates with SK's, also make scrambling and the user of programme content irrelevant, reduce the complexity of system.
This system is introduced key updating batch processing strategy, make key real-time update and the distribution of 1,000,000 userbases, it comprises an authorization server (AS, Authentication Server) and multiple key server (KS, Key Server) two parts, wherein authorization server is as tree root, the key message of distribution service protection, and by all users of cipher key service management indirect control; Authorization server, comprises user authentication module, key server module and subscriber authorisation module, and authorization server receives user's access (leaving) request by SSL safe lane, and user is carried out to authentication; Key server, comprises key production module, key distribution module and key management module, and key server produces pseudo random number by key production module, as demand (telecommunication) service key to be distributed; Realize and distributing for grant set member's group key by key distribution module; Key management module and authorization server carry out data interaction, in the time that authorization server sends interpolation (deletion) mandatory member's instruction, key management module notice key production module produces new demand (telecommunication) service key, then the program request key after upgrading is sent to authorization server by key management module, and by key distribution module, the user key node of specifying is carried out to key updating.
This system has effectively solved the technical problem that the present invention proposes.
Accompanying drawing explanation
Fig. 1 is system framework figure;
Fig. 2 is the basic block diagram of client;
Fig. 3 is the basic block diagram of front terminal system;
Fig. 4 is Certificate Authority subsystem structure figure;
Fig. 5 is overall system modular structure figure;
Fig. 6 is distributed pre-packaged system model figure;
Fig. 7 is key updating Path selection figure.
Embodiment
DVB of the present invention and IPTV interactive service protection system comprise the parts such as client-end subsystem, front terminal system, Certificate Authority subsystem, subscriber management system, program stream management system, program information management system.Wherein client-end subsystem, front terminal system, Certificate Authority subsystem are major part, and subscriber management system, program stream management system, program information management system are peripheral auxiliary system.This system comprises CAClient module three parts in service protection CAServer server, empowerment management DRMServer and client STB; the wherein corresponding front terminal system of CAServer server subsystem; the corresponding Certificate Authority subsystem of empowerment management DRMServer, the corresponding client-end subsystem of CAClient module in client STB.
Referring to accompanying drawing 2, the basic structure of client-end subsystem (abbreviation client) is as follows: client provides transparent programme content access for Set Top Box or TV, the programme information providing according to user, be responsible for and subscriber management system, Certificate Authority subsystem and front terminal system interaction, obtain descramble key, implement the descrambling work to scrambled program, realize Conditional Access and the ability to play of having ready conditions.The order module of client and subscriber management system transmit the content such as subscriber identity information, user credit information alternately by safe lane, complete the functions such as registration, purchase, for user provides the interaction mechanism of inquiring about its identity and credit information; The business application module of client and the service handling module of Certificate Authority subsystem are transmitted subscriber identity information and the application to program, programme, program category (program request, broadcast, live) alternately, and be responsible for and Certificate Authority subsystem negotiation generation business cipher key, pass to business acquisition module; The programme content that the business acquisition module of client synchronously obtains scrambling to the past terminal system is decrypted and descrambling work, and under program request interactive mode, submit user's Play Control information (F.F., rewind down, stop etc.) to CA, realize the interactive operation to program stream.
Customer end adopted layering and modular structure, be convenient to renewal and the upgrading of system, to improve compatibility and the flexibility of system.Client is divided into interface layer, key-course and operation layer from top to bottom.Interface layer is responsible for providing the task interface of standard, receive user's service order (as registration, order, program request, broadcast, live, F.F., rewind down, stop etc.) and relevant information (as user's number of set-top box, identification card number, letter of identity etc.) thereof, submit to control module.Meanwhile, interface layer is also responsible for to the programme content after user feedback system execution result or descrambling.
Key-course is in charge of business module list, and call corresponding operation layer module according to service order and complete corresponding business,
Operation layer is divided into several business modules, and each business module completes relatively independent business.Main business module comprises: order module, business application module, business acquisition module.Order module and complete registration, purchase, query function.Application module completes programme application, program request application, broadcast application, live application, arranging key function.Business acquisition module completes demultiplexing, deciphering ECM, descrambling program stream, checking program legitimacy function.Wherein, demultiplexing function adopts traditional DVB-CA terminal to synchronize with front terminal system made, and reception, demultiplexing, obtains ECM and program stream; Deciphering ECM function is used the session key of consulting to be decrypted and to obtain descrambled control words CW ECM; The Control Word that descrambling program stream function is used deciphering to obtain calls Descrambling Algorithms (AES or CSA algorithm) program stream is carried out to descrambling, and the DVB/IPTV program stream obtaining is transferred to key-course; Checking program legitimacy function is for extracting the legitimacy mark watermark of program stream.
The main information stream of client comprises: Conditional Access (CA), have ready conditions broadcast (CP) and piracy tracking (PT)., according to information flow definition, client function is made up of CA, CP, PT, is respectively:
Wherein DS is descrambling function, and C is the transport stream after scrambling or encryption, and CW is the control word that control word maker generates, and K is business cipher key, and D is decryption function, and EX is the handling function that demultiplexing obtains ECM (Entitlement Control Message) from transport stream; WD is legitimacy watermark extracting function, and whether successfully valid is detection mark, and valid=1 represents to detect successfully, comprises watermark W in carrier, and it is unsuccessful that valid=0 represents to detect, and do not find legitimacy watermark W in carrier; FE is finger water-print imbedding function, α, β ∈ { 0,1} ∧ α ≠ β.
Referring to accompanying drawing 3, front terminal system basic structure is as follows: front terminal system comprises control word maker (CWG), ECM maker (ECMG), watermarking algorithm (WEA) and common scrambling algorithm (CSA), its Main Function is to generate control word, call CSA the programme content from program stream management system is carried out to scrambling, realize encapsulation (RP) and pre-packaged (PP) in real time.In addition, in order to tackle transmission and the interference of illegal programs, in real-time encapsulation and pre-packaged process, realize by embedding legitimacy digital watermarking mark W the broadcasting CP that has ready conditions, whether client-end subsystem is by existing legitimacy watermark identifier W to carry out the broadcast of working control program on user terminal in checking program transport streams accordingly.
According to information flow definition, front terminal system function is:
Wherein C is the transport stream after scrambling or encryption, and K is business cipher key, and WE represents legitimacy watermark imbedding function, and S represents scrambling function, and E represents encryption function, and T is carrier, and W is that legitimacy watermark maker generates legitimacy watermark information.α,β∈{0,1}∧α≠β
The control word generator of front terminal system generates control word take system key as basis, adopts DVB common scrambling algorithm (CSA) to carrying out scrambling operation from the programme content of program stream management system (as CDN network content management server).Front terminal system is also used session key to be encrypted and to generate traditional ECM control word simultaneously.Programme content after scrambling and ECM pass to program distribution system and carry out multiplexing transmission.In addition, front terminal system will regenerate scrambling control word with fixed intervals, guarantee the transmission security of programme content.Under program request interactive mode, front terminal system simultaneously is also responsible for receiving user's Play Control information (F.F., rewind down, stop etc.), and scrambling and program stream transmission are adjusted.
The processing procedure of condition reception front end is as follows:
1) embed legitimacy watermark: for support condition is broadcasted and copyright protection, embed copyright and legitimacy watermark by copyright watermarking algorithm and the legitimacy watermarking algorithm of water mark embedding device WEA in TS transport stream.Copyright watermark bit sequence is produced according to front end mark and business information by certificate server.Legitimacy watermark bit sequence is generated by regulator.
2) generate CW: for MPTS and complicated front end system, CW is generated by independent scrambler.For SPTS and front end system cheaply, CW is generated by CWG.According to the initial vector (IV) and the service identification (AC) that are provided by EIS (event scheduling system), CWG is that TS transport stream generates CW by nonlinear pseudorandom sequence generator, and according to the 5-10 cycle continuous renewal of second.
3) obtain SK: before system operation, front end system will be registered in certificate server.In service in system, front end system and certificate server will be set up SAC (secure authenticated channel).Dynamically update and obtain agreement based on SAC and business cipher key, front end obtains and dynamically updates business cipher key from certificate server.
4) scrambling and encryption: scrambling and be encrypted as parallel running.The software scrambler that the transport stream TS that copyright and legitimacy watermark are crossed in embedding is sent into hardware independence scrambler or system front end carries out scrambling.Meanwhile, ECMG adopts aes algorithm under the control of business cipher key SK, the CW of each video traffic to be encrypted and to obtain ECM.
Front terminal system forms by encapsulating in real time subsystem, pre-packaged subsystem, secure memory subsystem.Encapsulation subsystem is for real-time online encapsulation and protection to programme content in real time, and pre-packaged subsystem is for off-line encapsulation and protection to programme content.Encapsulation subsystem and pre-packaged subsystem can be selected as required one of them use or jointly use in real time.Secure memory subsystem is choice for use as required.In real-time encapsulation situation, ski (key) from Certificate Authority subsystem will dynamically update according to the time interval of specifying, adopt propelling movement mode that the content after upgrading is resend to front terminal system, the business cipher key agency of front terminal system is receiving after PUSH message, also be switched to push-ready (preparing to push) state from listening state accordingly, checking after internal state and memory space, the port of specifying to Certificate Authority subsystem sends push-ready message, activates the transmission process of ski.In the feedback that obtains Certificate Authority subsystem, while having new sk message to arrive, business cipher key agency is switched to Recv-SKI (reception key) state from listening state, resolves the message from Certificate Authority subsystem, extract ski, store in the communal space.
For the program transport streams that will encapsulate, first to obtain transport stream and the business information such as its PSI/SI, after the PSI/SI packet of catching in transport stream, Data-process (business scrambling encryption) is switched to Read-PSI (reading PSI) state from Read-packet (reading package informatin) state, analyzes the information such as PSI and SI from packet.For pre-packaged process, PSI, SI information immobilize in whole transport stream, therefore only need to experience one time Read-PSI state, for real-time encapsulation process, PSI, SI information can change according to the requirement of operator in whole transport stream, therefore, there is the possibility of PSI, SI information updating, at this moment need the version of these information to identify, need to repeatedly experience Read-PSI state, carry out the renewal of relevant information.
Referring to Fig. 4, the structure of Certificate Authority subsystem is as follows: Certificate Authority subsystem comprises the part compositions such as service handling module, business cipher key SK update module, bidirectional identification protocol, SK agreement protocol, timer, online user's list.Its effect is to accept the application of user to programme content, by authenticating and negotiation obtains business cipher key SK, and periodically carries out key updating.
The main information stream of Certificate Authority subsystem comprises: client certificate (CT), client authorization (CR), business cipher key upgrade and the ability (KM) of distributing, its moment is in listening state, client to access is carried out CT authentication, and according to the time interval Δ of specifying
tdynamic renewal and distribution service key; after service protection information (the SPI:Service Protection Information) request and service authorization information (SAI:ServiceAuthorization Information) request that receive from client-end subsystem and front terminal system subsystem; respond respectively, carry out CR Authorized operation.
According to information flow definition, the handling function of Certificate Authority subsystem is made up of CT, CR, KM:
Wherein I representative capacity verification function, C represents credit verification function, the identify label that uid is user, the cryptographic Hash that hpass is static password, cert is user identity certificate, the identify label that uid is user; R represents right describing function, and P represents right encapsulation function, and sid is the operable service identification of user uid, and rid represents the fundamental right mark that user uid has business sid, condition and restriction when cid represents right execution; KD represents business cipher key partition function, and PKG is the handling function that generates right encapsulation key, and yn is the business cipher key in t moment, α, β ∈ { 0,1} ∧ α ≠ β
The service handling module of Certificate Authority subsystem as with user's interface, be responsible for starting corresponding operation flow according to user's program application, the application to user under the cooperation of Subscriber Management System and identity information thereof, credit information carry out legitimacy and validation verification.For legal, effectively application, Certificate Authority subsystem provides key agreement mechanism to consult to obtain session key with user, and session key and pertinent program information thereof are sent to front terminal service system by safe lane.In addition, business cipher key be verified and be regenerated to Certificate Authority subsystem will to user's identity again with fixed intervals.
The business application module of the service handling module of Certificate Authority subsystem and client is corresponding carries out alternately, and the business of support mainly comprises: listing, program request, broadcast etc.
Under program request and broadcasting service, service handling module obtains user related information from Subscriber Management System, confirm user's identity information and the legitimacy of credit information and validity by bidirectional identification protocol, then generate the business cipher key SK consistent with user side by SK agreement protocol, send to front terminal system together with user profile, start programme content scrambling transmitting procedure.After successful arranging key, user profile and corresponding SK thereof will be saved to online user's list, and timer is activated.When arriving fixed time interval (this interval regulation minimum interval that authentication is consulted again, increasing this interval and may automatically expand along with number of users) time, by SK update module, the user in online user's list is re-started to Authentication and Key Agreement, more new session key SK, to improve the fail safe of system.
SK update module produces and the more secret key of new business (SK) and initial vector (IV) of timing, and send SK renewal signaling by SSL (SSL) safe lane to the client being recorded in online user's list, send the SK data after upgrading by ICP/IP protocol to the front terminal system of assigned ip and port, and guarantee that the SK data of client and front terminal system are in full accord.
The key updating process of Certificate Authority subsystem and client is as follows: (program request)
After Certificate Authority subsystem and client are set up SSL and are connected, by SSL safe lane transmitting subscriber information;
Process user profile by Subscriber Management System, program request application form is sent to Certificate Authority subsystem by user;
Certificate Authority subsystem utilizes the Pid of program request application form, sends corresponding SK to client;
Client is to the information that is masked as SK, analyzes this information and obtain the SK in next moment;
Peripheral auxiliary system
Subscriber management system provides that user registers, purchase, inquiry service.Subscriber management system is set up user's essential information record, and user's resource information record, is mainly the record of smart card relevant information, and the corresponding service condition of recording user and smart card on this basis.Subscriber management system is ordered interface in conjunction with program information management system for user provides, receive user's registration, purchase application, the legitimacy of identity information (as Set Top Box numbering, user name, identification card number, public key certificate etc.) for checking, generates user's registration information storehouse and user's ordering information storehouse.User only registration does not buy, or not only registers but also buy, or does not register and only buy (but must register in advance).Program stream management system (as CDN network content management server) manages programme content.Program information management system is classified to the information of program, and provides programme information to subscriber management system.
(2) DVB/IPTV bimodulus interactive service protection system
Referring to Fig. 5, overall system module comprises: CAClient module three parts in service protection CAServer server, empowerment management DRMServer and client STB.The wherein corresponding front terminal system of CAServer server, the corresponding Certificate Authority subsystem of empowerment management DRMServer, the corresponding client-end subsystem of CAClient module in client STB.
CAServer server comprises receiving port, transmit port, descrambler, key port four parts.1) scrambler is realized the generation of CW (control word), the generation of ECM (Entitlement Control Message), the analysis of TS stream, the multiplexing whole core contents that wait in scrambling process of ECM.2) receiving port is realized and is received in real time the TS program stream of specifying UDP multicast address; 3) transmit port is realized real-time program TS stream after multiplexing to scrambling and is forwarded according to the UDP multicast address of specifying; 4) realization of key port and DRMServer server is mutual, and obtains service protection information.
Empowerment management DRMServer comprises CA port, STB port, authentication and url management module, program key administration module and control module.1) CA port is responsible for receiving the business cipher key request of CAServer server, and after transferring to authentication and url management module to connect, carries out the transmission of service protection information and renewal service protection information.2) STB port is responsible for receiving the service authorization request of client STB, and transfers to authentication and url management module to set up after escape way, carries out the transmission of service authorization information and renewal service authorization information.3) authentication and url management module complete linking between DRMServer server and CAServer server and set up with safeguarding, complete linking between DRMServer server and client STB and set up and maintenance, and foundation is maintenance safe passage also.4) program key administration module is responsible for generation, the renewal of service authorization information, is responsible for to online client STB and the CAServer server distribution service authorization message of authorizing.5) control module is responsible for system module management, and for multi-user's concurrent processing provides support, the expansion of back-up system and performance boost.
CAClient module comprises descrambler and key port two parts, also can be divided into key-course, operation layer by level, and operation layer is core layer, realizes the functions such as user's registration, service authorization acquisition of information, the descrambling of program.1) descrambler is realized the whole core contents in the descrambling process such as deciphering, the descrambling of program of analysis, CW of demultiplexing, the TS stream of ECM.2) key port is realized mutual with DRMServer server, submits client STB information to, and registered user's log-on message or obtain service authorization information.Client STB completes by CAClient module that the program that user is selected receives, descrambling, decoding output.3) client STB, according to user's operation requirements, selects the multicast address of access respective program.4) program of receiving is given CAClient module by client STB, uses service authorization information to complete the deciphering to scrambling control word.5) program of receiving is given CAClient module by client STB, to its analyze, descrambling; (5) client STB is by the output of decoding of the program after descrambling.
(3) DVB/IPTV bimodulus interactive service protection system is for the application of different business pattern
Live (multicast) pattern:
Live (multicast) system groundwork flow process:
Starter motor top box, BOSS system (business operation support system) connects CA client, and browse its ordered service list, CA client provides client id and service list by EPG/Portal (electronic program guides/portal technology) to BOSS, orders program or request program and plays;
CA client provides client id to authorization server, concurrently takes business authorization message request; Authorization server is by searching online user's information, and and BOSS between carry out the authentication of client id, generate authorization of service information, it is required that the assets management module of BOSS confirms that can user's account meet ordered program, if can meet, BOSS is to the request results of authorization server return service authorization message;
If by authorizing, transmit instruction to streaming server, program data stream TS is sent by SS (streaming server) according to the service list of request, and by CA server, CA server sends service protection information request to authorization server; Authorization server generates corresponding system key information and service protection information to service list, and returns to the request results of CA server service protection information;
At CA server end, TS stream, through PSI (program settings information) analysis, scrambling, encryption, sends CA client to; CA client is through the processing contrary with CA server end, after descrambling deciphering TS and be sent to screen display.
Authorization server, by pushing interface respectively to the Entitlement Control Message interface Push Service protection information of CA server and CA client, is used for scrambling and descrambling.
Demand mode:
Program request iCAS system groundwork flow process:
Starter motor top box, BOSS system connects CA client, and browses its ordered service list, and CA client provides client id and media list by EPG/Portal to BOSS, orders program or request program and plays;
CA client provides client id to authorization server, and sends media authorization information request; Authorization server is by searching online user's information, and and BOSS between carry out the authentication of client id, generate media authorization information, it is required that the assets management module of BOSS confirms that can user's account meet ordered program, if can meet, BOSS returns to the request results of media authorization information to authorization server;
If by authorizing, transmit instruction to VOD server, program data stream TS is sent by VS (ordering server) according to the media list of request;
Pre-packaged server sends media protection information request to authorization server; Authorization server generates corresponding system key information and service protection information to media list, and returns to the request results of pre-packaged server media protection information;
At pre-packaged server, TS stream is according to the pre-packaged agreement of C/S or B/S working method (pre-packaged agreement: the asset management in BOSS system sends the URL after original URL and encryption to pre-packaged server, and to configurations such as the scrambling degree of depth and scrambling modes, pre-packaged server returns to result.) carry out, after PSI analysis, scrambling, encryption, sending VOD server to; CA client obtains required content by the access Web page, through the processing contrary with pre-packaged server end, after descrambling deciphering TS and be sent to screen display.
Authorization server pushes media protection information to the Entitlement Control Message interface of preprocessing server and CA client respectively by pushing interface, is used for scrambling and descrambling.
(4) the controlled traffic flow security transmission of encryption mode
This system scrambling module in the pre-packaged module of front terminal system adopts CSA and two kinds of algorithms of AES, can change in real time scrambling algorithm according to need for environment.Encrypting module adopts aes algorithm to encrypt CW, support CBC (inverse block linking scheme), OFB (output feedback mode), CFB (cipher feedback pattern), five kinds of encryption modes of CTR (technology mode), ECB (electronic codebook mode pattern) to be encrypted Entitlement Control Message ECM, can in front terminal system configuration parameter structure, can choose arbitrarily, thereby realize the secrecy transmission of information flow.Idiographic flow is as follows.
1) chi is the program stream that needs protection and transmit, and can be unity logic channel, can be also single one physical channel;
2) ski is the business cipher key relevant to program (group) chi, is produced and is upgraded by Certificate Authority subsystem controls;
3) P is the set that all ski form, and Q is the subset of the ski formation that user-selected chi is corresponding, and encrypted transmission is to user;
4) cwit is the control word using in the time of t moment scrambling chi, and length is 64bits (CSA) or 128bits (AES);
5) S () is the scrambling function to tsi, may be selected to be CSA and AES, and scrambling key is cwit (note: S () should be consistent with S-1 () selection algorithm and key);
6) S-1 () is the descrambling function to tsi, may be selected to be CSA and AES, and scrambling key is cwit (note: S () should be consistent with S-1 () selection algorithm and key);
7) ECMi is the Entitlement Control Message corresponding with chi, comprises cwit and relevant information thereof;
8) E () is ECMi generating function, is chosen as AES, and encryption mode is one of CBC, CFB, OFB, CTR, and encryption key is ski (note: D () with E () selection algorithm with pattern, key should be consistent);
9) D () is ECMi decryption function, is chosen as AES, and encryption mode is one of CBC, CFB, OFB, CTR, and decruption key is ski (note: D () with E () selection algorithm with pattern, key should be consistent).
(5) the service protection level of simplifying
This system adopts double-deck encryption policy, comprises two and encrypts level, i.e. single-unit order relevant layers (PRL:Program Related Layer) and traffic aided layer (SRL:Service Related Layer).PRL layer is implemented the scrambling to video content based on control word cw, and SRL layer generates traffic aided control information (SRI:Service Related Information), i.e. Entitlement Control Message ECM based on business cipher key by encryption.Scrambling, take CW as key, is called common scrambling algorithm CSA and is completed the direct scrambling protection to the defeated programme content of tendency to develop.Encrypt take business cipher key SK as key, call cryptographic algorithm, as AES, realize the encryption to Control Word, form Entitlement Control Message (ECM).CW guarantees the safe transmission of programme content, and while CW separates with SK's, also makes the scrambling of programme content and user irrelevant, has reduced the complexity of system.
Entitlement Control Message ECM further with scrambling after the multiplexing formation transport stream of program stream, be distributed to client by multipling channel.Because ECM is relevant to user, therefore only hold user's ability descrambling of SK, realize the target of Conditional Access.For terminal consumer, if need to access certain video traffic, must be by the IP duplex channel Entitlement Management Message relevant with consumer with the mutual acquisition of certificate server.
At PRL layer, the scrambling under the control of scrambling ciphering key W of video traffic transport stream.CW is generated by the CW maker (CWG) of front end, scrambling algorithm adopt common scrambling algorithm (CSA) in case with DVB-CAS compatibility.At SRL layer, CW generates ECM by encrypting under the control at business cipher key SK.Business cipher key SK is produced by key agreement protocol by the business application module of Certificate Authority subsystem and client.ECM is by the transport stream being multiplexed to after scrambling.In the terminals such as consumer's Set Top Box, complete contrary process, demultiplexing ECM decryption restoration go out CW, and then obtain original transport stream and give decoder.Identical with front end, business cipher key sk be obtained and be dynamically updated to client also will from Certificate Authority subsystem.
(6) business cipher key upgrades
This system employs dynamic key upgrade and distribution technique.Dynamic key upgrades with distribution and is divided into two stages, is respectively that business cipher key switching phase and dynamic service key push the stage.The business application module of Certificate Authority subsystem and client produces business cipher key SK by key agreement protocol.After successful arranging key, user profile and corresponding SK thereof will be saved to online user's list, and timer is activated.When arriving fixed time interval (this interval regulation minimum interval that authentication is consulted again, increasing this interval and may automatically expand along with number of users) time, by SK update module, the user in online user's list is re-started to Authentication and Key Agreement, more new session key SK, to improve the fail safe of system.Wherein, business cipher key SK adopts the modes such as SSL to distribute by safe lane.Except business cipher key SK, in native system, also comprise Control Word and system key MK.Wherein the renewal of Control Word and user are irrelevant, upgrade by appointed interval (as 10seconds).In the time finding that service operation goes wrong, system key just upgrades, or upgrades in the time arriving fixed time interval (as 1month).
System, upgrading in the process of business cipher key, has adopted respectively cipher key hierarchy renewal technology and improved group key management technology.So-called cipher key hierarchy is upgraded, be exactly that DRM authorization identifying system is in the time carrying out key updating, upper level DRM Server only carries out key updating to the DRM Server in local area, and directly do not provide service to user, and the feature of improved group key agreement is to consider the concrete business characteristic of television services, broadcasting service and other value-added services are treated with a certain discrimination, if user has ordered the broadcasting service of specifying, so in the time switching other business of use, DRM system is not upgraded broadcasting service cryptographic key, only value-added service is carried out to key updating processing, and in the process of key updating, find the minimum nodes of group key management, further reduce communication overhead and the computing capability loss that business cipher key upgrades.
Certificate Authority subsystem is as follows with the key updating process of front terminal system: Certificate Authority subsystem is connected with front terminal system made TCP/IP, opens the network monitoring of front terminal system, and the message in real time Certificate Authority subsystem being sent is analyzed; Certificate Authority subsystem sends the SK information of upgrading at official hour interval; After the information that is SK that front terminal system receives message flag that Certificate Authority subsystem sends, this information is analyzed.Current SK is verified and extracts the SK data that the next moment is used.Then send confirmation to Certificate Authority subsystem.Complete the key updating of Certificate Authority subsystem and front terminal system.
Certificate Authority subsystem is as follows with the key updating process (broadcast) of client: after Certificate Authority subsystem and client are set up SSL and be connected, by SSL safe lane transmitting subscriber information; Certificate Authority subsystem obtains after user program Pid and user profile according to online user's list, and whether notice SSL is transferred to customer service key, with and program Pid; Client, to the information that is masked as SK, saves backup.
Certificate Authority subsystem is as follows with the key updating process (program request) of client: after Certificate Authority subsystem and client are set up SSL and be connected, by SSL safe lane transmitting subscriber information; Process user profile by Subscriber Management System, program request application form is sent to Certificate Authority subsystem by user; Certificate Authority subsystem utilizes the Pid of program request application form, sends corresponding SK to client; Client is to the information that is masked as SK, analyzes this information and obtain the SK in next moment.
(7) the pre-packaged technology based on agency
With reference to figure 6, this system model adopts C/S structure, as shown in the figure.The pre-packaged system end on the right side is server, and video input is client.Also use C/S model in pre-packaged internal system, be made up of master server and proxy server, proxy server is server end to master server, and master server is client.
The design philosophy of whole model is: the video that encapsulation is encrypted to needs, first enter master server, and it judges according to video size select whether to need proxy server encapsulation.If do not need agency to carry out, do not cut apart video file, oneself directly encapsulates encryption; If desired agency carries out, and video file is divided into several segments according to the algorithm of design, and then the idle proxy server on automatic search network, sends the video of segmentation to available agency, allows it carry out encapsulation function.After proxy server has encapsulated, then return in time master server end, by master server end, the segmentation of returning is recombinated, revert to complete packaged " former video " file.
Proxy server mainly comprises pre-packaged main control module and pre-packaged proxy module.Can be divided into two parts according to the function of pre-packaged main control module: a part is central controller, mainly realize the encapsulation operation of acting on behalf of to video file, as cut apart, dispatch and merge; Another part is independent pre-packaged module, does not use proxy server, directly video content is completed to encapsulation function.
Pre-packaged technical method based on agency mainly comprises Video segmentation, and video dispatching and key obtain.
Video segmentation is for the video of needs encapsulation, and establishing its size is m (mb), and need cut apart hop count is s, video package speed is k (mb/s), the speed of transmission of video is v (mb/s), and Video segmentation needs duration t1, and it is t2 that video merges length consuming time.In concrete implementation, carry out according to the following rules: cut apart one section, transmit one section; When transmission, carry out real-time encapsulation; After having encapsulated, video-frequency band passes back at once; Pass several sections back, merge several sections.The hop count s that should cut apart should meet formula: Δ t
1+ Δ t
2s+2 (m/s)/v+ (m/s)/k < m/k, wherein, m/k is the independent pre-packaged needed time.
TS video file is made up of the TS bag of multiple 188 bytes, and therefore needed buffer size all should be the integral multiple of 188 bytes when the size of divided video and divided video part.If the video size of input is ten thousand TS bags of n, cuts apart thought and be:
(1) n <=160 o'clock, video is not cut apart;
(2) 160 < n <=320 o'clock, Video segmentation is 2 sections;
(3) 320 < n <=480 o'clock, Video segmentation is 3 sections;
(4) 480 < n <=640 o'clock, Video segmentation is 4 sections;
(5), when n > 640, Video segmentation is 5 sections.
Video dispatching has mainly been realized main control module and has been selected proxy module to make it pre-packaged process, idiographic flow is: timed sending broadcast after pre-packaged main control module starts, online pre-packaged proxy module is received after broadcast, send confirmation to pre-packaged main control module end, pre-packaged main control module is saved in the situation of each pre-packaged proxy module in database.After pre-packaged main control module end request broker, just start transmission of video, the relevant information that video transmits can be saved in corresponding journal file (comprise agent identification that video name, video delivery time, video are transferred to etc.).When video segmentation number be less than response act on behalf of number time, need random selection several agencies wherein to carry out encapsulation process, detailed process is: 1) agency's who receives mark is mapped as to the integer (supposing total <=100 of agency) between 1-100; 2) according to the quantity of cutting apart of video, determine need act on behalf of number n; 3) use pseudorandom number generator to produce the n number between 1-100; 4) find corresponding agent identification according to the random number producing, final definite encapsulation agency who needs.
Key obtains and comprises that obtaining with the pre-packaged key of client-end subsystem of the pre-packaged service key of front terminal system subsystem obtain.The flow process of obtaining of the pre-packaged service key of front terminal system subsystem is: video content DBMS (Database Administration Server) sends transport stream according to Mlist (media list) to pre-packaged main control module, and pre-packaged main control module sends a MPI (media protection information) request to the Certificate Authority module of Certificate Authority subsystem; Certificate Authority module is set up MKI (media key information), generates MPI, stores MKI into database, and take Mlist as index; Certificate Authority module returns to pre-packaged main control module MPI request results; Pre-packaged master control mould call acted on behalf of pre-packaged after, TS is sent back to DBMS.The pre-packaged key of client-end subsystem obtains flow process: after starter motor top box, client is to the packaged video content from video server; The media list Mlist that client-end subsystem provides client identification and obtains from video transmission stream to the Certificate Authority module of Certificate Authority subsystem, sends MAI request; Certificate Authority module and subscriber management intermodule carry out the authentication of client identification, and subscriber management module is returned to Certificate Authority module can be for the media list Mlist ' of subscriber authorisation, according to Mlist ' the Information generation MAI in database; Certificate Authority module returns to client-end subsystem MAI request results; Client-end subsystem can descrambling watching video content.
This system is supported off-line data processing, need to close or when break in service, can first pass through central controller when pre-packaged system server, selects proxy server, after video transmission, closes or break in service.After the service of pre-packaged system server is opened again, agent side can send video automatically, and it is just passable that server only need carry out later operation.In addition, can also alleviate master server burden, realize high efficiency encapsulation.When Dang Yi road video need to encapsulate, if use proxy server help, the processing time can reduce; When multi-channel video needs scrambling, server end, due to the restriction of operational capability, complete the scrambling work of many data volumes, can bring excessive burden to server, the efficiency of impact encapsulation.And if multiple video datas are processed, then give the work that proxy server encapsulates, can accelerate like this efficiency of encapsulation, alleviate the burden of server end.The quantity of proxy server has determined the number of video segmentation, and proxy server is more, and the segments of video is more.The hop count that video divides is more, will make the data volume that each video-frequency band comprises reduce, can further reduce the transmission time so on the one hand, on the other hand, encapsulate video section required time on all proxy servers also can tail off, thereby has improved operating efficiency on the whole.
Distributed pre-packaged system, if at high performance net environment, will have more advantage.The transmission of video file can, by means of the transmission medium more fast such as high bandwidth network or optical fiber, be carried out real-time send and receive by video file.Because the transmission speed of the transmission mediums such as optical fiber is very fast, aspect multiple video segmentation transmission, can not take the long time, thereby the efficiency of whole system can improve.
(8) safe storage
The memory space ergodic algorithm of this system based on random process realized safe storage.This system (the Key Distribution Center of KDC, KDC) for the encryption and decryption file of client provides business cipher key, KDC first obtains the situation of cutting apart (for example n subfile) of client cryptograph files, generate corresponding 1 to n unduplicated random sequence, client sends ciphertext subfile to storage server successively according to random sequence; Storage server is set up new file, and the ciphertext subfile of receiving is write to new file, until ciphertext subfile is sent; Like this, just deposited out of order cryptograph files in storage server in, file is uploaded successfully.In the time that user applies for download file, storage server obtains file path, finds file, and out of order cryptograph files is directly sent to client, directly completes the secure decryption of data in client, and protected file is the safe storage of encrypted transmission and data end to end.
(9) selectivity scrambling severity control
This system is controlled the scrambling degree of depth more accurately in order to realize, and the method for counting of I frame and I-macro block is adopted to the method for new two upper limit countings (n1, n2), and making to count upper limit n value all can be with selecting with any scrambling depth d.To d arbitrarily, if: 1) 1/d is integer, makes n1=1/d, n2=1; 2) 1/d is not integer, d is expressed as to fraction, and obtains the greatest common divisor r of molecule denominator with Euclidean algorithm, obtains approximately afterwards d=a/b, order:
To the I frame count c1 finding, c2, in the time that c1 reaches upper limit n1, carries out scrambling operation to present frame; In the time that c2 reaches upper limit n2, two all zero clearings of counter, c1=c2=0.
Provide in actual applications the set-up mode of two kinds of scrambling degree of depth: 1) n mode arranges, n is the scrambling upper limit, and the actual scrambling degree of depth that arranges is 1/n; 2) d mode arranges, and d is the scrambling degree of depth, and scrambling upper limit n value adopts above-mentioned two upper limit method of counting to determine.
(10) key updating batch processing strategy
System is introduced key updating batch processing strategy; key real-time update and the distribution of 1,000,000 userbases are provided, have reduced overhead, strengthened the ability of whole key updating; promote the fail safe of system, for pay TV business provides flexible and changeable protection mechanism.This cipher key management structure proposing comprises an authorization server (AS, Authentication Server) and these two major parts of multiple key server (KS, Key Server).Authorization server is as tree root, the key message of distribution service protection, and by all users of cipher key service management indirect control.
Authorization server, it comprises user authentication module, key server module and subscriber authorisation module.Its effect comprises access (leaving) request that receives user by SSL safe lane, and user is carried out to authentication; If grant set member occurs to change, the key server administration module of authorization center is obtained the demand (telecommunication) service key of each key server module generation and is calculated broadcasting service cryptographic key by one-way function by SSL safe lane, notify demand (telecommunication) service key server to upgrade its sub-grant set broadcast (program request) business cipher key simultaneously, bear foundation and the maintenance work of the key tree of authorization server and each program request key server formation; It is mutual that authoring system carries out control word scrambling key information by ES (Encryption System) interface and front end scrambling server, thereby the multicast key of each key server is sent to scrambling server as control word scrambling key; Authorization server and Subscriber Management System carry out the mutual of user profile, are signed and issued based on the digital certificate of standard x.509 by authorization center.This certificate carries out authentication for authorized user in the time that application adds grant set.
Key server, comprises key production module, key distribution module and key management module.Its function comprises by key production module and produces pseudo random number, as demand (telecommunication) service key to be distributed; Realize and distributing for grant set member's group key by key distribution module; Key management module and authorization server carry out data interaction, in the time that authorization server sends interpolation (deletion) mandatory member's instruction, key management module notice key production module produces new demand (telecommunication) service key, then the program request key after upgrading is sent to authorization server by key management module, and by key distribution module, the user key node of specifying is carried out to key updating.
Referring to Fig. 7, suppose that u3 and u4 are the users that sub-grant set is shifted in two applications.U3 transfers to B group from A group, and u4 transfers to A group from B group.U4 has replaced the original position of u3, and u3 has replaced the position of original u4.Needing the cipher key node of upgrading is K
aand K
b.Determine key updating path, only need be in each process of upgrading, we follow the tracks of the more node of new key of each needs, need the more node of new key to carry out mark to its upper level.In this process, be labeled twice if find that there is a node, stop the mark in this path.Until all path tag are complete, key updating path has just been determined.In whole key tree, only has K
a' and K
b' need to upgrade.K
ademand (telecommunication) service key updating is K
a', K
bdemand (telecommunication) service key updating is K
b'.Demand (telecommunication) service key server A sends to u1, sends to u2, sends to u4.Demand (telecommunication) service key server B sends to u3, sends to u5, sends to u6.
Claims (13)
1. a DVB/IPTV bimodulus interactive service protection system, it is characterized in that: this system comprises client-end subsystem, front terminal system, Certificate Authority subsystem, subscriber management system, program stream management system, program information management system part, wherein client-end subsystem, front terminal system, Certificate Authority subsystem is major part, subscriber management system, program stream management system, program information management system is peripheral auxiliary system, this DVB/IPTV bimodulus interactive service protection system, comprise service protection CAServer server, CAClient tri-part of module in empowerment management DRMServer and client STB, the wherein corresponding front terminal system of CAServer server, the corresponding Certificate Authority subsystem of empowerment management DRMServer, the corresponding client-end subsystem of CAClient module in client STB.
2. DVB/IPTV bimodulus interactive service protection system according to claim 1, is characterized in that: customer end adopted layering and modular structure, and client is divided into interface layer, key-course and operation layer from top to bottom; Interface layer provides the task interface of standard, receives customer service instruction and user profile, and interface layer is to the programme content after user feedback system execution result or descrambling; Key-course is in charge of business module list, call corresponding operation layer module according to service order and complete corresponding business, coordinate the operation of each business module, the data exchange mechanism of each business module is provided, and the execution result of compiling each industry module feeds back to interface layer; Operation layer comprises multiple business modules: order module, business application module, business acquisition module; Order module and complete registration, purchase, query function; Business application module completes programme application, program request application, broadcast application, live application, arranging key function; Business acquisition module completes demultiplexing, deciphering ECM, descrambling program stream, checking program legitimacy function; Wherein, demultiplexing function adopts odd even control word mode in traditional DVB-CA system to synchronize with front terminal system made, and reception, demultiplexing, obtains ECM and program stream; Deciphering ECM function is used the session key of consulting to be decrypted and to obtain descrambled control words CW ECM; The Control Word that descrambling program stream function is used deciphering to obtain calls AES or CSA Descrambling Algorithms is carried out descrambling to program stream, and the DVB/IPTV program stream obtaining is transferred to key-course; Checking program legitimacy function is for extracting the legitimacy mark watermark of program stream.
3. DVB/IPTV bimodulus interactive service protection system according to claim 1, is characterized in that: described front terminal system comprises: control word maker (CWG), ECM maker (ECMG), watermarking algorithm (WEA) and common scrambling algorithm (CSA), the effect of front terminal system is to generate control word, calls CSA the programme content from program stream management system is carried out to scrambling, the control word generator of front terminal system generates control word take system key as basis, adopts DVB common scrambling algorithm (CSA) to carry out scrambling operation to the programme content from program stream management system, front terminal system is also used session key to be encrypted and to generate traditional ECM control word simultaneously, programme content after scrambling and ECM pass to program distribution system and carry out multiplexing transmission, front terminal system will regenerate scrambling control word with fixed intervals, guarantee the transmission security of programme content, under program request interactive mode, front terminal system is also responsible for receiving user's Play Control information simultaneously, and scrambling and program stream transmission are adjusted, described front terminal system is further by encapsulating in real time subsystem, pre-packaged subsystem, secure memory subsystem forms, encapsulation subsystem is for real-time online encapsulation and protection to programme content in real time, pre-packaged subsystem is for off-line encapsulation and protection to programme content, encapsulation subsystem and pre-packaged subsystem can be selected as required one of them use or jointly use in real time, secure memory subsystem is choice for use as required.
4. DVB/IPTV bimodulus interactive service protection system according to claim 1, it is characterized in that: described Certificate Authority subsystem is by service handling module, business cipher key SK update module, bidirectional identification protocol, SK agreement protocol, timer, online user's list part composition, Certificate Authority subsystem is accepted the application of user to programme content, by authenticating and negotiation obtains business cipher key SK, and periodically carry out key updating, the service handling module of Certificate Authority subsystem is and user's interface, start corresponding operation flow according to user's program application, application to user under the cooperation of Subscriber Management System and identity information thereof, credit information carries out legitimacy and validation verification, for legal, effectively application, Certificate Authority subsystem provides key agreement mechanism to consult to obtain session key with user, and session key and pertinent program information thereof are sent to front terminal service system by safe lane, business cipher key be verified and be regenerated to Certificate Authority subsystem will to user's identity again with fixed intervals.
5. DVB/IPTV bimodulus interactive service protection system according to claim 1,, it is characterized in that: described CAServer server comprises receiving port, transmit port, descrambler, key port four parts; Described empowerment management DRMServer comprises CA port, STB port, authentication and url management module, program key administration module and control module; Described CAClient module comprises descrambler and key port two parts, is divided into key-course, operation layer by level, and operation layer is core layer, realizes user's registration, service authorization acquisition of information, the descrambling function of program.
6. DVB/IPTV bimodulus interactive service protection system according to claim 1, it is characterized in that: this system (the Key Distribution Center of KDC, KDC) for the encryption and decryption file of client provides business cipher key, KDC first obtains the situation of cutting apart of client cryptograph files, in the time being n subfile, generate corresponding 1 to n unduplicated random sequence, client sends ciphertext subfile to storage server successively according to random sequence; Storage server is set up new file, and the ciphertext subfile of receiving is write to new file, until ciphertext subfile is sent.
7. DVB/IPTV bimodulus interactive service protection system according to claim 1, it is characterized in that: this system has been used controlled scrambling depth-size strategy and adaptive scrambling technology, according to carrier network situation, different compressed encodings and code check are dynamically adjusted scrambling parameter, can be in protection business, reduce data processing amount, reduce the scrambling expense of video, this system is the control realizing the scrambling degree of depth, the method of counting of I frame and I-macro block is adopted to two upper limit counting (n1, n2) method, making to count upper limit n value all can be with selecting with any scrambling depth d, to d arbitrarily, if: 1) 1/d is integer, makes n1=1/d, n2=1, 2) 1/d is not integer, d is expressed as to fraction, and obtains the greatest common divisor r of molecule denominator with Euclidean algorithm, obtains approximately afterwards d=a/b, order:
To the I frame count c1 finding, c2, in the time that c1 reaches upper limit n1, carries out scrambling operation to present frame; In the time that c2 reaches upper limit n2, two all zero clearings of counter, c1=c2=0;
In application, provide the set-up mode of two kinds of scrambling degree of depth: 1) n mode arranges, n is the scrambling upper limit, and the actual scrambling degree of depth that arranges is 1/n; 2) d mode arranges, and d is the scrambling degree of depth, and scrambling upper limit n value adopts above-mentioned two upper limit method of counting to determine.
8. DVB/IPTV bimodulus interactive service protection system according to claim 1, it is characterized in that: the efficiency that this system encapsulates the interactive large scale programme content of high definition, based on the distributed pre-packaged technology of intelligent agent, cut apart by intelligentized, scheduling, collaborative, guaranteeing under fail safe and conforming prerequisite, improve the pre-packaged speed to large scale programme content, system model adopts C/S structure, pre-packaged system end is server, video input is client, also use C/S model in pre-packaged internal system, formed by master server and proxy server, proxy server is server end to master server, master server is client, the video that encapsulation is encrypted to needs, first enters master server, and master server judges according to video size select whether to need proxy server encapsulation, if do not need agency to carry out, do not cut apart video file, master server directly encapsulates encryption, if desired agency carries out, and video file is divided into several segments according to the algorithm of design, and then the idle proxy server on automatic search network, sends the video of segmentation to available agency, allows it carry out encapsulation function, after proxy server has encapsulated, then return in time master server end, by master server end, the segmentation of returning is recombinated, revert to complete packaged " former video " file.
9. DVB/IPTV bimodulus interactive service protection system according to claim 1, is characterized in that: this system employs dynamic key upgrade and distribution technique; Dynamic key upgrades with distribution and is divided into two stages, is respectively that business cipher key switching phase and dynamic service key push the stage; The business application module of Certificate Authority subsystem and client produces business cipher key SK by key agreement protocol; After successful arranging key, user profile and corresponding business cipher key SK thereof will be saved to online user's list, and timer is activated; In the time of arrival fixed time interval, by business cipher key SK update module, the user in online user's list is re-started to Authentication and Key Agreement, more new session key SK, wherein, business cipher key SK adopts SSL mode to distribute by safe lane; Except business cipher key SK, in this system, also comprise Control Word and system key MK; Wherein the renewal of Control Word and user are irrelevant, upgrade by appointed interval.
10. DVB/IPTV bimodulus interactive service protection system according to claim 1, is characterized in that: system, upgrading in the process of business cipher key, has adopted respectively cipher key hierarchy to upgrade and group key management, described cipher key hierarchy is upgraded, be that DRM authorization identifying system is in the time carrying out key updating, upper level DRM Server only carries out key updating to the DRM Server in local area, and directly do not provide service to user, and group key management is that broadcasting service and other value-added services are treated with a certain discrimination, if user has ordered the broadcasting service of specifying, so in the time switching other business of use, DRM authorization identifying system does not upgrade broadcasting service cryptographic key, only value-added service is carried out to key updating processing, in the process of key updating, find the minimum nodes of group key management.
11. DVB/IPTV bimodulus interactive service protection systems according to claim 1, it is characterized in that: this system scrambling module in the pre-packaged module of front terminal system adopts CSA and two kinds of algorithms of AES, change in real time scrambling algorithm according to need for environment, encrypting module adopts aes algorithm to encrypt CW, support CBC (inverse block linking scheme), OFB (output feedback mode), CFB (cipher feedback pattern), CTR (technology mode), five kinds of encryption modes of ECB (electronic codebook mode pattern) are encrypted Entitlement Control Message ECM, in front terminal system configuration parameter structure, choose arbitrarily, realize the secrecy transmission of information flow.
12. DVB/IPTV bimodulus interactive service protection systems according to claim 1, it is characterized in that: this system adopts double-deck encryption policy, comprise two and encrypt level, be single-unit order relevant layers (PRL:Program Related Layer) and traffic aided layer (SRL:Service Related Layer), PRL layer is implemented the scrambling to video content based on Control Word, SRL layer generates traffic aided control information (SRI:Service Related Information) based on business cipher key by encryption, be Entitlement Control Message ECM, scrambling is take Control Word as key, call common scrambling algorithm CSA and complete the direct scrambling protection to the defeated programme content of tendency to develop, encrypt take business cipher key SK as key, call cryptographic algorithm, to the encryption of Control Word, form Entitlement Control Message (ECM), Control Word guarantees the safe transmission of programme content, while Control Word separates with business cipher key SK's, also make scrambling and the user of programme content irrelevant, reduce the complexity of system.
13. DVB/IPTV bimodulus interactive service protection systems according to claim 1, it is characterized in that, this system is introduced key updating batch processing strategy, make key real-time update and the distribution of 1,000,000 userbases, it comprises an authorization server (AS, Authentication Server) and multiple key server (KS, Key Server) two parts, wherein authorization server is as tree root, the key message of distribution service protection, and by all users of cipher key service management indirect control; Authorization server, comprises user authentication module, key server module and subscriber authorisation module, and authorization server is received user's access or left request by SSL safe lane, and user is carried out to authentication; Key server, comprises key production module, key distribution module and key management module, and key server produces pseudo random number by key production module, as demand (telecommunication) service key to be distributed; Realize and distributing for grant set member's group key by key distribution module; Key management module and authorization server carry out data interaction, in the time that authorization server sends interpolation or deletes mandatory member's instruction, key management module notice key production module produces new demand (telecommunication) service key, then the program request key after upgrading is sent to authorization server by key management module, and by key distribution module, the user key node of specifying is carried out to key updating.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210539322.4A CN103873895B (en) | 2012-12-14 | 2012-12-14 | A kind of DVB/IPTV bimodulus interactive service protects system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210539322.4A CN103873895B (en) | 2012-12-14 | 2012-12-14 | A kind of DVB/IPTV bimodulus interactive service protects system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103873895A true CN103873895A (en) | 2014-06-18 |
| CN103873895B CN103873895B (en) | 2017-07-25 |
Family
ID=50911967
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210539322.4A Active CN103873895B (en) | 2012-12-14 | 2012-12-14 | A kind of DVB/IPTV bimodulus interactive service protects system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103873895B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104023237A (en) * | 2014-06-23 | 2014-09-03 | 安徽皖通邮电股份有限公司 | Signal source authenticity identification method for signal transmission tail end |
| CN105491409A (en) * | 2015-12-24 | 2016-04-13 | 北京腾锐视讯科技有限公司 | Enhancement CA system in digital television system |
| CN106411713A (en) * | 2016-10-24 | 2017-02-15 | 腾讯音乐娱乐(深圳)有限公司 | Status notification method and server |
| CN106487773A (en) * | 2015-09-01 | 2017-03-08 | 中兴通讯股份有限公司 | A kind of encryption and decryption method and device |
| CN106664196A (en) * | 2014-07-11 | 2017-05-10 | 三星电子株式会社 | Method and apparatus of joint security advanced ldpc cryptcoding |
| CN106658076A (en) * | 2016-10-26 | 2017-05-10 | 中国传媒大学 | Digital copyright management system |
| WO2017219871A1 (en) * | 2016-06-20 | 2017-12-28 | 深圳创维数字技术有限公司 | Program payment method and system based on set-top box |
| CN108322778A (en) * | 2018-02-09 | 2018-07-24 | 珠海迈科智能科技股份有限公司 | A kind of method and device promoting DVB data sts-stream scrambling sts speed |
| CN110049009A (en) * | 2019-03-08 | 2019-07-23 | 视联动力信息技术股份有限公司 | A kind of identity information acquisition system and method |
| CN110784318A (en) * | 2019-10-31 | 2020-02-11 | 广州华多网络科技有限公司 | Group key updating method, device, electronic equipment, storage medium and communication system |
| CN111601155A (en) * | 2020-04-07 | 2020-08-28 | 广东省广播电视网络股份有限公司 | Method for enabling set top box to be compatible with different network access devices and service platforms |
| CN111613234A (en) * | 2020-05-29 | 2020-09-01 | 富盛科技股份有限公司 | Multi-stage flow scheduling method, system and device |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108390754B (en) * | 2018-01-24 | 2020-12-04 | 上海航天芯锐电子科技有限公司 | Scrambling method of chip internal bus scrambling device based on variable parameters |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101155048A (en) * | 2006-09-25 | 2008-04-02 | 华为技术有限公司 | Method and system for implementing network television service |
| EP2071838A1 (en) * | 2006-09-25 | 2009-06-17 | Huawei Technologies Co., Ltd. | A system, device and method of suppoting ims terminals to share iptv services |
-
2012
- 2012-12-14 CN CN201210539322.4A patent/CN103873895B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101155048A (en) * | 2006-09-25 | 2008-04-02 | 华为技术有限公司 | Method and system for implementing network television service |
| EP2071838A1 (en) * | 2006-09-25 | 2009-06-17 | Huawei Technologies Co., Ltd. | A system, device and method of suppoting ims terminals to share iptv services |
Non-Patent Citations (1)
| Title |
|---|
| 杨成,刘剑波,张宜春,田佳音: "宽带互动电视双模有条件接收系统架构", 《图像图形技术研究与应用2009—第四届图像图形技术与应用学术会议论文集》 * |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104023237A (en) * | 2014-06-23 | 2014-09-03 | 安徽皖通邮电股份有限公司 | Signal source authenticity identification method for signal transmission tail end |
| CN106664196A (en) * | 2014-07-11 | 2017-05-10 | 三星电子株式会社 | Method and apparatus of joint security advanced ldpc cryptcoding |
| CN106487773A (en) * | 2015-09-01 | 2017-03-08 | 中兴通讯股份有限公司 | A kind of encryption and decryption method and device |
| CN105491409B (en) * | 2015-12-24 | 2019-01-08 | 北京腾锐视讯科技有限公司 | Enhance CA system in a kind of digital television system |
| CN105491409A (en) * | 2015-12-24 | 2016-04-13 | 北京腾锐视讯科技有限公司 | Enhancement CA system in digital television system |
| WO2017219871A1 (en) * | 2016-06-20 | 2017-12-28 | 深圳创维数字技术有限公司 | Program payment method and system based on set-top box |
| CN106411713A (en) * | 2016-10-24 | 2017-02-15 | 腾讯音乐娱乐(深圳)有限公司 | Status notification method and server |
| CN106658076A (en) * | 2016-10-26 | 2017-05-10 | 中国传媒大学 | Digital copyright management system |
| CN106658076B (en) * | 2016-10-26 | 2020-04-14 | 中国传媒大学 | Digital copyright management system |
| CN108322778B (en) * | 2018-02-09 | 2020-11-20 | 珠海迈科智能科技股份有限公司 | Method and device for increasing scrambling speed of DVB data stream |
| CN108322778A (en) * | 2018-02-09 | 2018-07-24 | 珠海迈科智能科技股份有限公司 | A kind of method and device promoting DVB data sts-stream scrambling sts speed |
| CN110049009A (en) * | 2019-03-08 | 2019-07-23 | 视联动力信息技术股份有限公司 | A kind of identity information acquisition system and method |
| CN110049009B (en) * | 2019-03-08 | 2022-06-17 | 视联动力信息技术股份有限公司 | Identity information acquisition system and method |
| CN110784318A (en) * | 2019-10-31 | 2020-02-11 | 广州华多网络科技有限公司 | Group key updating method, device, electronic equipment, storage medium and communication system |
| CN111601155B (en) * | 2020-04-07 | 2022-05-17 | 广东省广播电视网络股份有限公司 | Method for set top box to be compatible with different network access devices and service platforms |
| CN111601155A (en) * | 2020-04-07 | 2020-08-28 | 广东省广播电视网络股份有限公司 | Method for enabling set top box to be compatible with different network access devices and service platforms |
| CN111613234A (en) * | 2020-05-29 | 2020-09-01 | 富盛科技股份有限公司 | Multi-stage flow scheduling method, system and device |
| CN111613234B (en) * | 2020-05-29 | 2022-09-13 | 富盛科技股份有限公司 | Multi-stage flow scheduling method, system and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103873895B (en) | 2017-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103873895A (en) | DVB/IPTV dual-mode interactive business protection system | |
| JP4086782B2 (en) | Access to broadcast content | |
| CN100459697C (en) | IPTV system, enciphered digital programme issuing and watching method | |
| CN102365873B (en) | The method of updated contents encryption | |
| CN100476683C (en) | Equipment for processing data, receiver and decoder thereof | |
| CN100591121C (en) | Upgradable error elastic DRM used for upgradable medium | |
| CN101719910B (en) | Terminal equipment for realizing content protection and transmission method thereof | |
| CN101019370A (en) | Method of providing conditional access | |
| CN101277181A (en) | Dynamic multilayer encryption method for managing flow medium digital authority | |
| CN101442655B (en) | Digital copyright management system of digital program broadcast system | |
| EP2772062B1 (en) | Constructing a transport stream | |
| CN1310497C (en) | CA system for using multiple cipher key broadcasting DTV to different service supply merchants and service areas | |
| CN101945248A (en) | But handle the recorded content in the stream | |
| CN101287099A (en) | System and method for realizing video demand-casting and push-casting by P2P technique | |
| CN102438172A (en) | System for realizing video-on-demand (VOD) and push VOD by cloud computing technology and method thereof | |
| CN100401769C (en) | Method for enciphering and deciphering living-broadcasting flow-medium data | |
| CN102369736A (en) | Content decryption device and encryption system using an additional key layer | |
| CN101160965B (en) | Method of implementing preview of network TV program, encryption device, copyright center system and subscriber terminal equipment | |
| CN102917252B (en) | IPTV (internet protocol television) program stream content protection system and method | |
| CN105874805A (en) | A method and device for distributing multimedia licences within a distribution system of a secure multimedia service | |
| CN101783925B (en) | Method for security protection of video data of set top box for peer-to-peer computing | |
| CN103546767B (en) | Content protection method and system of multimedia service | |
| CN105407366B (en) | A kind of internet video and data file hardware encryption transmission system | |
| CN103186731A (en) | Digital copyright protection method and system of hybrid mode | |
| CN101567779A (en) | OMA DRM mobile stream media rights management system facing multicast service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |