CN104009989A - Link-stealing-prevention method and system for media files and server - Google Patents
Link-stealing-prevention method and system for media files and server Download PDFInfo
- Publication number
- CN104009989A CN104009989A CN201410218758.2A CN201410218758A CN104009989A CN 104009989 A CN104009989 A CN 104009989A CN 201410218758 A CN201410218758 A CN 201410218758A CN 104009989 A CN104009989 A CN 104009989A
- Authority
- CN
- China
- Prior art keywords
- address
- url address
- encryption
- terminal
- url
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention is suitable for the field of communications, and provides a link-stealing-prevention method and system for media files and a server. The method comprises the steps that a first server receives a log-in request; an outer network IP address and an encryption key of a terminal are obtained and the outer network IP address, a user name and the encryption key of the terminal are sent to a database to be stored; a URL address obtaining request is received, an original URL address corresponding to the URL address obtaining request is inquired and the encryption key corresponding to the user name is inquired; the original URL address is encrypted and the encrypted URL address is sent to the terminal; a second server receives an encrypted URL address access request; an outer network IP address of the terminal is obtained and the outer network IP address and the user name of the terminal are matched with the outer network IP address and the user name, stored in the database, of the terminal; after matching successes, the second server decrypts the encrypted URL address and the original URL address is obtained so that the terminal can have access to the original URL address. The link-stealing-prevention method and system can improve URL security.
Description
Technical field
The invention belongs to the communications field, relate in particular to a kind of anti-stealing link method, system and server of media file.
Background technology
Along with the development of multimedia technology and network technology, steal chain problem and be also on the rise, especially robber's chain of video.And the cost of making a video is conventionally higher, robber's chain of video will be provided the company of video to bring huge loss.
In the anti-stealing link method of existing media file, the function that provides URL to encrypt in portal website, makes user link according to general networking the corresponding resource of not opening, and has played good door chain effect.But existing method security is not high, be for example after original URL, directly to add added field to form new reference address, still exposed original URL address, fail safe is lower, is difficult to really reach the object that prevents from stealing chain.
Summary of the invention
The embodiment of the present invention provides a kind of anti-stealing link method of media file, is intended to solve existing method and has exposed original URL address, is difficult to really prevent from stealing the problem of chain.
The embodiment of the present invention is achieved in that a kind of anti-stealing link method of media file, and described method comprises the steps:
The logging request that first server receiving terminal sends, described logging request carries username and password;
First server is obtained the outer net IP address of described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The uniform resource position mark URL address acquisition request that first server receiving terminal sends, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address;
First server adopts the encryption key inquiring to the original URL address encryption inquiring, and the URL address after encrypting is sent to terminal;
URL Address requests after the access that second server receiving terminal sends is encrypted, the URL Address requests after described access is encrypted carries user name;
The outer net IP address that URL Address requests after second server is encrypted according to described access is obtained described terminal, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage;
The outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name are after the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
Another object of the embodiment of the present invention is to provide a kind of anti-stealing link system of media file, and described system comprises:
The first logging request receiving element, the logging request sending for receiving terminal, described logging request carries username and password;
First user name authentication unit, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The first original URL address acquisition unit, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address;
The first original URL address encryption unit, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting;
Encrypt URL address addressed location, the URL Address requests after the access sending for receiving terminal is encrypted, the URL Address requests after described access is encrypted carries user name;
IP matching addresses unit, the outer net IP address that obtains described terminal for the URL Address requests after encrypting according to described access, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage;
Encrypt URL address decryption unit, after for the outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name, the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
Another object of the embodiment of the present invention is to provide a kind of server, and described server comprises:
The second logging request receiving element, the logging request sending for receiving terminal, described logging request carries username and password;
The second user name authentication unit, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The second original URL address acquisition unit, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address; The second original URL address encryption unit, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting.
In embodiments of the present invention; because original URL address can directly not send to terminal; by first server, obtain encryption key and send to again terminal after to original URL address encryption; owing to not exposing original URL address; improve the secret effect of original URL address, therefore can protect preferably original URL address not stolen.
Accompanying drawing explanation
Fig. 1 is the flow chart of the anti-stealing link method of a kind of media file of providing of first embodiment of the invention;
Fig. 2 is the structure chart of the anti-stealing link system of a kind of media file of providing of second embodiment of the invention;
Fig. 3 is the structure chart of a kind of server of providing of second embodiment of the invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
In the embodiment of the present invention, the logging request of first server verification terminal, and after being verified, inquire about the encryption key corresponding to login user of this terminal, and the encryption key that adopts inquiry to obtain is encrypted original URL address, then the URL address after encrypting is sent to terminal.Terminal sends the URL Address requests after access is encrypted to second server, the URL Address requests that this second server be take after this access encryption is foundation, outer net IP address and the user name of mating this terminal, and after the match is successful, URL address after enabling decryption of encrypted, obtain original URL address, be finally reoriented to original URL address, so that the original URL of terminal access address.
For technical solutions according to the invention are described, below by specific embodiment, describe.
embodiment mono-:
Fig. 1 shows the flow chart of the anti-stealing link method of a kind of media file that first embodiment of the invention provides, in the present embodiment, " first " in " first server " and " second " in " second server " are only for distinguishing different servers, there is no the physical meanings such as sequencing, details are as follows:
Step 11, the logging request that first server receiving terminal sends, described logging request carries username and password.
In this step, the http logging request that first server receiving terminal sends, this http logging request carries user name and password corresponding to this user name, and certainly, this http logging request can also carry the information such as identification code of terminal.
Step 12, first server is obtained the outer net IP address of described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored.
In this step, the outer net IP address that the http logging request that first server sends according to terminal and identification code can be obtained terminal, specifically how obtaining is prior art, repeats no more herein.In this step, first server the is pre-stored corresponding relation of username and password, after this first server receives the username and password that logging request carries, whether the username and password that judgement receives mates with pre-stored username and password, if coupling, the outer net IP address of the terminal of obtaining and user name are deposited in database, the database here refers to the database in high in the clouds.During storage, preserve the corresponding relation of this outer net IP address, user name, encryption key, and obtain the encryption key that key server generates; If do not mate, the unmatched information of username and password is fed back to terminal, certainly, also can not carry out any operation.Wherein, key server is used for generating encryption key and decruption key, wherein, encryption key and decruption key can be identical, also can be different, specifically according to the requirement of fail safe, just select, when requiring security performance higher, can select public key encryption algorithm to generate encryption key and decruption key, the encryption key and the decruption key that generate are different.During concrete generation, can generate in the cycle, also can when Preset Time arrives, generate, be not construed as limiting herein.Certainly, in order to improve the fail safe of key, the encryption key that can give tacit consent to up-to-date generation is effective encryption key, the encryption key that the encryption key obtaining is up-to-date generation.
Step 13, the uniform resource position mark URL address acquisition request that first server receiving terminal sends, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address.
In this step, after terminal logins successfully, the URL address acquisition request of the media file that this terminal need to be watched to first server initiation, this URL address acquisition request carries the unique identification of URL, after first server receives the request of URL address acquisition, according to the unique identification of URL address from database lookup to original URL address, inquiry simultaneously during with the login of this terminal the user name of employing corresponding for encrypting the encryption key of URL address.
Step 14, first server adopts the encryption key inquiring to the original URL address encryption inquiring, and the URL address after encrypting is sent to terminal.
In this step, first server by the encryption key inquiring to original URL address encryption, due to corresponding with certain user name for encrypting the encryption key of original URL address, be to be generated by the key server cycle, or generate in real time, therefore at different time, the encryption key of encrypting the URL address of same media file is different most probably, if the encryption key that adopts key server to generate is in real time encrypted media file, at one time, the encryption key of encrypting the URL address of same media file is also different, the i.e. URL address to same media file, at the same time, URL address after the encryption that each terminal receives is very likely different, and the URL address of same terminal after the same media file not receiving is in the same time encrypted also may be different, thereby confidentiality and the fail safe of original URL address have greatly been improved.When encrypting original URL address, can select whole original URL addresses to be encrypted, also can select the part field of original URL address to be encrypted, specifically can be according to the actual requirements such as enciphering rate, encryption cost, encryption safe degree are selected.
Particularly, in first server, during only to the part field encryption of original URL address, first server adopts the encryption key inquiring to the original URL address encryption inquiring, and sends to the step of terminal specifically to comprise the URL address after encrypting:
A1, first server adopt domain name character string below in the original URL of the encryption keys address inquiring;
The memory address of additional decruption key after A2, the first server URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database; When encryption key is different with decruption key, can, when obtaining the encryption key of key server generation, obtain the decruption key corresponding to this encryption key simultaneously, and deposit in database.
A3, first server send to terminal by the URL address having added after the encryption of memory address of decruption key.
At above-mentioned steps A1, to steps A 3, suppose that original URL address is
http:// emuch.net/bbs/viewthread.php? tid=6017207in this original URL address domain name character string be below " bbs/viewthread.php? tid=6017207 ", the ciphertext obtaining after this character string is encrypted is " XXXXXX ", and decruption key is " 5 " in the memory address of database, and first server will
http:// emuch.net/XXXXXX5send to terminal.Owing to having encrypted the original URL address at media file place, therefore reduced the possibility of revealing this original URL address.And the fail safe of encrypting can be by selecting different cryptographic algorithm to control.
Particularly, when first server is encrypted the outer net IP address of the part field of original URL address and terminal simultaneously, first server adopts the encryption key inquiring to the original URL address encryption inquiring, and sends to the step of terminal specifically to comprise the URL address after encrypting:
The outer net IP address of B1, first server attaching terminal behind the original URL address inquiring;
B2, first server adopt the secret key encryption inquiring to add domain name character string below in the original URL address of outer net IP address of terminal;
The memory address of additional decruption key after B3, the first server URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
B4, first server send to terminal by the URL address having added after the encryption of memory address of decruption key.
In above-mentioned steps B1 to B4, when to original URL address encryption, increased the outer net IP address of terminal, by intactly encrypting the address after domain name, original URL is encrypted completely, and encrypt again by the outer net IP address of terminal being attached to after original URL, make same URL when user is different, the URL after encryption is also different, can reach well the object of door chain.And because the outer net IP address of each terminal changes, so above-mentioned steps increased the difficulty of the URL address of cracking after encryption, increased the difficulty of pirate this URL address, thereby improved the fail safe of the URL address after encrypting.
Step 15, the URL Address requests after the access that second server receiving terminal sends is encrypted, the URL Address requests after described access is encrypted carries user name.
In this step, the user name that user's terminal by name that the URL Address requests after access is encrypted is carried adopts while logining.Terminal sends the URL Address requests after access is encrypted to second server, to obtain the media file of the URL address storage after this encryption.
Step 16, the outer net IP address that URL Address requests after second server is encrypted according to described access is obtained described terminal, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage.
In this step, the outer net IP address that the outer net IP address of the terminal that second server obtains is this terminal, the outer net IP address of the terminal of obtaining with first server is identical.Whether this second server is by outer net IP address and the user name comparison of the terminal of the outer net IP address of the terminal of obtaining and the user name of obtaining and database storage, identical to judge them.
Step 17, the outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name are after the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
In this step, when the outer net IP address of judging the terminal of obtaining identical with the outer net IP address of the terminal of database storage, and after the user name that the user name of obtaining is stored with database is identical, second server adopts the URL address after the decruption key enabling decryption of encrypted obtaining, like this, terminal just can navigate to original URL address, watches this media file corresponding to original URL address.
Particularly, described second server is deciphered the URL address after described encryption, and the step that obtains original URL address specifically comprises:
In URL Address requests the access that C1, second server send from described terminal is encrypted, obtain the memory address of decruption key;
C2, second server, according to the memory address of described decruption key, are searched corresponding decruption key in database;
C3, second server are deciphered the URL address after described encryption according to the decruption key finding, and obtain original URL address.
At above-mentioned steps C1 to step C3, suppose URL address after encrypting for "
http:// emuch.net/XXXXXX5"; second server is resolved this address; the memory address that obtains decruption key for " 5 " this second server according to this memory address " 5 ", find corresponding decruption key, and adopt the URL address after this decruption key enabling decryption of encrypted, obtain original URL address "
http:// emuch.net/bbs/viewthread.php? tid=6017207".
In the embodiment of the present invention, the logging request of first server verification terminal, and after being verified, inquire about the encryption key corresponding to login user of this terminal, and the encryption key that adopts inquiry to obtain is encrypted original URL address, then the URL address after encrypting is sent to terminal.Terminal sends the URL Address requests after access is encrypted to second server, the URL Address requests that this second server be take after this access encryption is foundation, outer net IP address and the user name of mating this terminal, and after the match is successful, URL address after enabling decryption of encrypted, obtain original URL address, be finally reoriented to original URL address, so that the original URL of terminal access address.Because original URL address can directly not send to terminal, and first server is encrypted the key of original URL address according to user name Random assignment, so same time, URL address after the encryption that different terminals receives greatly part is different, different time, URL address after the encryption that same terminal receives is also different most probably, thereby has reduced the possibility that the URL address after encrypting is cracked, and has improved confidentiality and the fail safe of original URL address.
embodiment bis-:
Fig. 2 shows the structure chart of the anti-stealing link system of a kind of media file that second embodiment of the invention provides, and for convenience of explanation, only shows the part relevant to the embodiment of the present invention.
The anti-stealing link system of this media file comprises: first server 21, second server 22 and terminal 23.Wherein, first server 21 comprises the first logging request receiving element 211, first user name authentication unit 212, the first original URL address encryption of original URL address acquisition unit 213, first unit 214.Second server 22 comprises encrypts URL address addressed location 221.IP matching addresses unit 222, encryption URL address decryption unit 223.
Wherein:
The first logging request receiving element 211, the logging request sending for receiving terminal, described logging request carries username and password.
This logging request refers to the http logging request that terminal sends.
First user name authentication unit 212, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored.
Wherein, can be by independently regularly generation in advance of key generator for encrypting the encryption key of original URL address, generation in real time after the user name that also can adopt when database stored terminal login is not construed as limiting herein.
The username and password that this first user name authentication unit 212 carries logging request mates with pre-stored username and password, if the match is successful, the outer net IP address of terminal and user name is sent to database storage.
The first original URL address acquisition unit 213, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address.
The first original URL address encryption unit 214, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting.
If the part field encryption to original URL address only, this first original URL address encryption unit 214 comprises:
The one URL Partial encryption module, for adopting the character string after the domain name of the original URL of the encryption keys inquiring address.
First encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database.
First encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
In above-mentioned module, only encrypt the partial character string of original URL address, thereby both do not exposed original URL address, also can accelerate the enciphering rate of original URL address.
Further, in order to strengthen the confidentiality of encrypting rear URL address, can to the partial character string of the outer net IP address of terminal and original URL address, be encrypted, this first original URL address encryption unit 214 comprises simultaneously:
The one URL recombination module, for the outer net IP address of attaching terminal behind the original URL address inquiring.
The 2nd URL Partial encryption module, for adopting the secret key encryption inquiring to add the character string after the original URL address domain name of outer net IP address of terminal.
Second encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database.
Second encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
Owing to having increased the outer net IP address of the terminal after encrypting, therefore reduced the possibility of the URL address occurring after identical encryption, improved the fail safe of original URL address.
Encrypt URL address addressed location 221, the URL Address requests after the access sending for receiving terminal is encrypted, the URL Address requests after described access is encrypted carries user name.
IP matching addresses unit 222, the outer net IP address that obtains described terminal for the URL Address requests after encrypting according to described access, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage.
Encrypt URL address decryption unit 223, after for the outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name, the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
Further, encrypting URL address decryption unit 223 comprises:
Decruption key address resolution module, the URL Address requests encrypting for the access sending from described terminal is obtained the memory address of decruption key.
Decruption key is searched module, for searching corresponding decruption key according to the memory address of described decruption key at database.
Original URL acquisition module, for deciphering the URL address after described encryption according to the decruption key finding, obtains original URL address.
In the embodiment of the present invention, original URL address can directly not send to terminal, and encrypt the key of original URL address according to user name Random assignment, so same time, URL address after the encryption that different terminals receives greatly part is different, different time, and the URL address after the encryption that same terminal receives is also different most probably, thereby reduced the possibility that the URL address after encrypting is cracked, improved confidentiality and the fail safe of original URL address.
embodiment tri-:
Fig. 3 shows the structure chart of a kind of server that third embodiment of the invention provides, and for convenience of explanation, only shows the part relevant to the embodiment of the present invention.
This server comprises: the second logging request receiving element 31, the second user name authentication unit 32, the second original URL address encryption of original URL address acquisition unit 33, second unit 34.Wherein:
The second logging request receiving element 31, the logging request sending for receiving terminal, described logging request carries username and password.
This logging request refers to the http logging request that terminal sends, and this http logging request can also carry the information such as identification code of terminal.
The second user name authentication unit 32, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored.
By authentication of users name, can judge whether user possesses operating right, reduce the potential risk that exposes original URL address.
The second original URL address acquisition unit 33, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquire about described user name corresponding for encrypting the key of original URL address.Described key is distributed to described user name after described database has been stored user name.
Wherein, the request of URL address acquisition carries the unique identification of URL.The key of the original URL of user encryption address is that Random assignment is to user name.
The second original URL address encryption unit 34, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting.
Wherein, when original URL address part character string is encrypted, the second original URL address encryption unit 34 comprises:
The 3rd URL Partial encryption module, for adopting the character string after the domain name of the original URL of the encryption keys inquiring address;
The 3rd encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
The 3rd encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal;
Or again during Partial encryption, the second original URL address encryption unit 34 comprises after original URL address adds the outer net IP address of terminal:
Described the second original URL address encryption unit 34 comprises:
The 2nd URL recombination module, for the outer net IP address of attaching terminal behind the original URL address inquiring;
The 4th URL Partial encryption module, for adopting the secret key encryption inquiring to add the character string after the original URL address domain name of outer net IP address of terminal;
The 4th encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
The 4th encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
In the embodiment of the present invention, after original URL address encryption, just send to terminal, and encrypt the key of original URL address according to user name Random assignment, so same time, URL address after the encryption that different terminals receives greatly part is different, different time, and the URL address after the encryption that same terminal receives is also different most probably, thereby reduced the possibility that the URL address after encrypting is cracked, improved confidentiality and the fail safe of original URL address.
One of ordinary skill in the art will appreciate that, the all or part of step realizing in above-described embodiment method is to come the hardware that instruction is relevant to complete by program, described program can be in being stored in a computer read/write memory medium, described storage medium, as ROM/RAM, disk, CD etc.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any modifications of doing within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. an anti-stealing link method for media file, is characterized in that, described method comprises the steps:
The logging request that first server receiving terminal sends, described logging request carries username and password;
First server is obtained the outer net IP address of described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The uniform resource position mark URL address acquisition request that first server receiving terminal sends, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address;
First server adopts the encryption key inquiring to the original URL address encryption inquiring, and the URL address after encrypting is sent to terminal;
URL Address requests after the access that second server receiving terminal sends is encrypted, the URL Address requests after described access is encrypted carries user name;
The outer net IP address that URL Address requests after second server is encrypted according to described access is obtained described terminal, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage;
The outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name are after the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
2. the method for claim 1, is characterized in that, described first server adopts the encryption key inquiring to the original URL address encryption inquiring, and sends to the step of terminal specifically to comprise the URL address after encrypting:
First server adopts domain name character string below in the original URL of the encryption keys address inquiring;
The memory address of additional decruption key after the URL address of first server after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
First server sends to terminal by the URL address having added after the encryption of memory address of decruption key.
3. the method for claim 1, is characterized in that, described first server adopts the encryption key inquiring to the original URL address encryption inquiring, and sends to the step of terminal specifically to comprise the URL address after encrypting:
The outer net IP address of first server attaching terminal behind the original URL address inquiring;
First server adopts the encryption keys inquire to add domain name character string below in the original URL address of outer net IP address of terminal;
The memory address of additional decruption key after the URL address of first server after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
First server sends to terminal by the URL address having added after the encryption of memory address of decruption key.
4. method as claimed in claim 2 or claim 3, is characterized in that, described second server is deciphered the URL address after described encryption, and the step that obtains original URL address specifically comprises:
In URL Address requests the access that second server sends from described terminal is encrypted, obtain the memory address of decruption key;
Second server, according to the memory address of described decruption key, is searched corresponding decruption key in database;
Second server is deciphered the URL address after described encryption according to the decruption key finding, and obtains original URL address.
5. an anti-stealing link system for media file, is characterized in that, described system comprises:
The first logging request receiving element, the logging request sending for receiving terminal, described logging request carries username and password;
First user name authentication unit, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The first original URL address acquisition unit, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address;
The first original URL address encryption unit, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting;
Encrypt URL address addressed location, the URL Address requests after the access sending for receiving terminal is encrypted, the URL Address requests after described access is encrypted carries user name;
IP matching addresses unit, the outer net IP address that obtains described terminal for the URL Address requests after encrypting according to described access, and the outer net IP address of the terminal of obtaining and the user name of obtaining are mated with outer net IP address and the user name of the terminal of described database storage;
Encrypt URL address decryption unit, after for the outer net IP address of the terminal of storing at the outer net IP address of the terminal of obtaining and the user name obtained and described database and user name, the match is successful, second server is deciphered the URL address after described encryption, obtain original URL address, so that original URL address described in described terminal access.
6. system as claimed in claim 5, is characterized in that, described the first original URL address encryption unit comprises:
The one URL Partial encryption module, for adopting the character string after the domain name of the original URL of the encryption keys inquiring address;
First encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
First encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
7. system as claimed in claim 5, is characterized in that, described the first original URL address encryption unit comprises:
The one URL recombination module, for the outer net IP address of attaching terminal behind the original URL address inquiring;
The 2nd URL Partial encryption module, for adopting the encryption keys inquiring to add the character string after the original URL address domain name of outer net IP address of terminal;
Second encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
Second encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
8. the system as described in claim 6 or 7, is characterized in that, described encryption URL address decryption unit comprises:
Decruption key address resolution module, the URL Address requests encrypting for the access sending from described terminal is obtained the memory address of decruption key;
Decruption key is searched module, for according to the memory address of described decruption key, searches corresponding decruption key in database;
Original URL acquisition module, for deciphering the URL address after described encryption according to the decruption key finding, obtains original URL address.
9. a server, is characterized in that, described server comprises:
The second logging request receiving element, the logging request sending for receiving terminal, described logging request carries username and password;
The second user name authentication unit, for the outer net IP address that obtains described terminal according to described logging request, and at the username and password that carries of the described logging request of checking after the match is successful, obtain the encryption key that key server generates, by outer net IP address and the user name of the described terminal of obtaining, and the encryption key obtaining is sent to database corresponding stored;
The second original URL address acquisition unit, the uniform resource position mark URL address acquisition request sending for receiving terminal, in described database, inquire about original URL address corresponding to described URL address acquisition request, and inquiry corresponding with described user name for encrypting the encryption key of original URL address; The second original URL address encryption unit, for adopting the encryption key inquiring to the original URL address encryption inquiring, and sends to terminal by the URL address after encrypting.
10. server as claimed in claim 9, is characterized in that, described the second original URL address encryption unit comprises:
The 3rd URL Partial encryption module, for adopting the character string after the domain name of the original URL of the encryption keys inquiring address;
The 3rd encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
The 3rd encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal;
Or,
Described the second original URL address encryption unit comprises:
The 2nd URL recombination module, for the outer net IP address of attaching terminal behind the original URL address inquiring;
The 4th URL Partial encryption module, for adopting the encryption keys inquiring to add the character string after the original URL address domain name of outer net IP address of terminal;
The 4th encrypts URL composite module, memory address for additional decruption key after the URL address after encryption, the memory address of described decruption key stores the decruption key of the URL address after the described encryption of deciphering, and described decruption key is stored in described database;
The 4th encrypts URL sending module, for the URL address having added after the encryption of memory address of decruption key is sent to terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410218758.2A CN104009989B (en) | 2014-05-22 | 2014-05-22 | A kind of anti-stealing link method of media file, system and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410218758.2A CN104009989B (en) | 2014-05-22 | 2014-05-22 | A kind of anti-stealing link method of media file, system and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104009989A true CN104009989A (en) | 2014-08-27 |
| CN104009989B CN104009989B (en) | 2018-02-16 |
Family
ID=51370483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410218758.2A Active CN104009989B (en) | 2014-05-22 | 2014-05-22 | A kind of anti-stealing link method of media file, system and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104009989B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104320377A (en) * | 2014-09-25 | 2015-01-28 | 华为技术有限公司 | An anti-stealing-link method and device for stream media file |
| CN105827673A (en) * | 2015-01-05 | 2016-08-03 | 中国移动通信集团浙江有限公司 | Link theft preventing method, link theft preventing device, and network server |
| CN105893873A (en) * | 2016-03-31 | 2016-08-24 | 乐视控股(北京)有限公司 | Hotlink protection method and system based on Blond filter query optimization |
| CN106101155A (en) * | 2016-08-23 | 2016-11-09 | 北京信安世纪科技有限公司 | A kind of method and device of guarding website |
| CN106973310A (en) * | 2017-04-13 | 2017-07-21 | 中国联合网络通信集团有限公司 | The player method of Streaming Media, EPG server and CDN server in a kind of IPTV system |
| CN107707532A (en) * | 2017-09-15 | 2018-02-16 | 北京小米移动软件有限公司 | URL generations, query argument verification method, device, equipment and storage medium |
| CN107835159A (en) * | 2017-10-20 | 2018-03-23 | 福建中金在线信息科技有限公司 | Access path time slot scrambling, device and server |
| CN107846405A (en) * | 2017-10-31 | 2018-03-27 | 北京百悟科技有限公司 | The control system and implementation method that intranet and extranet file is exchanged visits |
| CN109639741A (en) * | 2019-01-31 | 2019-04-16 | 安宇云联(广州)科技有限责任公司 | The two-way method and apparatus across stack addressing are realized based on http protocol conversion |
| CN109819337A (en) * | 2019-02-02 | 2019-05-28 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of video file downloading anti-stealing link method, system and medium |
| CN109905731A (en) * | 2019-02-22 | 2019-06-18 | 湖南快乐阳光互动娱乐传媒有限公司 | It can the anti-pass video file downloading anti-stealing link method, system and the medium usurped |
| CN110839035A (en) * | 2019-11-19 | 2020-02-25 | 深圳前海环融联易信息科技服务有限公司 | Path access control method and device, computer equipment and storage medium |
| CN110875903A (en) * | 2018-08-31 | 2020-03-10 | 阿里巴巴集团控股有限公司 | Security defense method and device |
| CN113055344A (en) * | 2019-12-27 | 2021-06-29 | 贵州白山云科技股份有限公司 | Scheduling method, device, medium and equipment |
| CN113055343A (en) * | 2019-12-27 | 2021-06-29 | 贵州白山云科技股份有限公司 | URI construction method, apparatus, medium and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801824A (en) * | 2006-01-16 | 2006-07-12 | 北京北方烽火科技有限公司 | Anti-theft chain method for WEB service |
| CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
| CN103229181A (en) * | 2010-10-13 | 2013-07-31 | 阿卡麦科技公司 | Protecting websites and website users by obscuring URLs |
-
2014
- 2014-05-22 CN CN201410218758.2A patent/CN104009989B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801824A (en) * | 2006-01-16 | 2006-07-12 | 北京北方烽火科技有限公司 | Anti-theft chain method for WEB service |
| CN103229181A (en) * | 2010-10-13 | 2013-07-31 | 阿卡麦科技公司 | Protecting websites and website users by obscuring URLs |
| CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104320377B (en) * | 2014-09-25 | 2017-07-07 | 华为技术有限公司 | The anti-stealing link method and equipment of a kind of files in stream media |
| CN104320377A (en) * | 2014-09-25 | 2015-01-28 | 华为技术有限公司 | An anti-stealing-link method and device for stream media file |
| CN105827673B (en) * | 2015-01-05 | 2019-03-12 | 中国移动通信集团浙江有限公司 | A kind of method, apparatus and network server of door chain |
| CN105827673A (en) * | 2015-01-05 | 2016-08-03 | 中国移动通信集团浙江有限公司 | Link theft preventing method, link theft preventing device, and network server |
| CN105893873A (en) * | 2016-03-31 | 2016-08-24 | 乐视控股(北京)有限公司 | Hotlink protection method and system based on Blond filter query optimization |
| CN106101155A (en) * | 2016-08-23 | 2016-11-09 | 北京信安世纪科技有限公司 | A kind of method and device of guarding website |
| CN106101155B (en) * | 2016-08-23 | 2020-08-21 | 北京信安世纪科技股份有限公司 | Method and device for protecting website |
| CN106973310A (en) * | 2017-04-13 | 2017-07-21 | 中国联合网络通信集团有限公司 | The player method of Streaming Media, EPG server and CDN server in a kind of IPTV system |
| CN107707532A (en) * | 2017-09-15 | 2018-02-16 | 北京小米移动软件有限公司 | URL generations, query argument verification method, device, equipment and storage medium |
| CN107707532B (en) * | 2017-09-15 | 2022-05-13 | 北京小米移动软件有限公司 | URL (Uniform resource locator) generation and query parameter verification method, device, equipment and storage medium |
| CN107835159A (en) * | 2017-10-20 | 2018-03-23 | 福建中金在线信息科技有限公司 | Access path time slot scrambling, device and server |
| CN107846405A (en) * | 2017-10-31 | 2018-03-27 | 北京百悟科技有限公司 | The control system and implementation method that intranet and extranet file is exchanged visits |
| CN107846405B (en) * | 2017-10-31 | 2020-11-10 | 北京百悟科技有限公司 | Control system for internal and external network file mutual access and implementation method |
| CN110875903A (en) * | 2018-08-31 | 2020-03-10 | 阿里巴巴集团控股有限公司 | Security defense method and device |
| CN109639741A (en) * | 2019-01-31 | 2019-04-16 | 安宇云联(广州)科技有限责任公司 | The two-way method and apparatus across stack addressing are realized based on http protocol conversion |
| CN109819337A (en) * | 2019-02-02 | 2019-05-28 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of video file downloading anti-stealing link method, system and medium |
| CN109905731A (en) * | 2019-02-22 | 2019-06-18 | 湖南快乐阳光互动娱乐传媒有限公司 | It can the anti-pass video file downloading anti-stealing link method, system and the medium usurped |
| CN110839035A (en) * | 2019-11-19 | 2020-02-25 | 深圳前海环融联易信息科技服务有限公司 | Path access control method and device, computer equipment and storage medium |
| CN113055344A (en) * | 2019-12-27 | 2021-06-29 | 贵州白山云科技股份有限公司 | Scheduling method, device, medium and equipment |
| CN113055343A (en) * | 2019-12-27 | 2021-06-29 | 贵州白山云科技股份有限公司 | URI construction method, apparatus, medium and device |
| CN113055343B (en) * | 2019-12-27 | 2023-04-28 | 贵州白山云科技股份有限公司 | URI construction method, device, medium and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104009989B (en) | 2018-02-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104009989B (en) | A kind of anti-stealing link method of media file, system and server | |
| CN105050081B (en) | Method, device and system for connecting network access device to wireless network access point | |
| US8712041B2 (en) | Content protection apparatus and content encryption and decryption apparatus using white-box encryption table | |
| CN101510877B (en) | Single-point logging-on method and system, communication apparatus | |
| CN102420821B (en) | Method and system for improving transmission security of file | |
| CN105162772A (en) | IoT equipment authentication and key agreement method and device | |
| CN102595213B (en) | Security certificate method and system of credible TV terminal | |
| CN108347428B (en) | Registration system, method and device of application program based on block chain | |
| CN108243176B (en) | Data transmission method and device | |
| CN108809633B (en) | Identity authentication method, device and system | |
| CN113067699B (en) | Data sharing method and device based on quantum key and computer equipment | |
| WO2008118966A1 (en) | System and method for user authentication with exposed and hidden keys | |
| CN102957708B (en) | Application encrypting and decrypting method, server and terminal | |
| CN103236931A (en) | Trusted platform module (TPM)-based identity authentication method and system and related equipment | |
| CN111615105A (en) | Information providing method, information obtaining method, information providing device, information obtaining device and terminal | |
| CN106470103B (en) | Method and system for sending encrypted URL request by client | |
| CN112115461B (en) | Equipment authentication method and device, computer equipment and storage medium | |
| CN101305542A (en) | Method for downloading digital certificate and cryptographic key | |
| CN115632880B (en) | Reliable data transmission and storage method and system based on state cryptographic algorithm | |
| CN104994095A (en) | Equipment authentication method, clients, server and system | |
| CN102404337A (en) | Data encryption method and device | |
| CN113204757A (en) | Information interaction method, device and system | |
| CN104767766A (en) | Web Service interface verification method, Web Service server and client side | |
| CN107181589B (en) | Bastion machine private key management method and device | |
| KR101358375B1 (en) | Prevention security system and method for smishing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |