CN104283686A - Digital right management method and system - Google Patents

Digital right management method and system Download PDF

Info

Publication number
CN104283686A
CN104283686A CN201410228282.0A CN201410228282A CN104283686A CN 104283686 A CN104283686 A CN 104283686A CN 201410228282 A CN201410228282 A CN 201410228282A CN 104283686 A CN104283686 A CN 104283686A
Authority
CN
China
Prior art keywords
content
key
user
client
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410228282.0A
Other languages
Chinese (zh)
Inventor
犹杰
李政放
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen MPR Technology Co Ltd
Original Assignee
Shenzhen MPR Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen MPR Technology Co Ltd filed Critical Shenzhen MPR Technology Co Ltd
Priority to CN201410228282.0A priority Critical patent/CN104283686A/en
Publication of CN104283686A publication Critical patent/CN104283686A/en
Pending legal-status Critical Current

Links

Abstract

The invention discloses a digital right management method and system. The digital right management method includes the steps that the digital right management system responds to a content request of a user at a client side under the condition that the response conditions are met, a user secret key at least containing pre-recorded fingerprint feature information of the user is used for carrying out encryption on a content secret key corresponding to the requested content to form an encrypted secret key; the encrypted secret key is returned to the client side, the client side uses the user secret key for decrypting the encrypted secret key to obtain the content secret key, and therefore the client side can use the content secret key to decrypt the requested content. The digital right management system uses the user secret key based on fingerprint features to encrypt the content secret key to form the encrypted secret key, and the content secret key is obtained only by decrypting the encrypted secret key through the user secret key based on the fingerprint features at the client side. Thus, safe transmission of the content secret key is guaranteed, and safety of content protection is further improved.

Description

A kind of digital literary property protection method and system thereof
Technical field
The present invention relates to a kind of digital literary property protection method and system thereof, particularly relate to a kind of digital literary property protection method based on fingerprint characteristic and system thereof.
Background technology
Along with the development of sensor technology and image processing techniques, fingerprint sensor and recognition device are widely used in various electronic equipment and security certification system.Fingerprint characteristic due to everyone is almost unique, and fingerprint identification technology utilizes the sensing technologies such as optics, temperature-sensitive or sound wave by the fingerprint image acquisition of people, and by image processing techniquess such as denoisings, extracts the identify label of a unique correspondence people.Once fingerprint image is gathered for the first time, just can be stored in Computer Database, each image to same fingerprint collecting can by mating with the data that database is preserved later, and realize the certification to personal identification, reliability is high.There is a lot of electronic equipments all to contain fingerprint sensor and identification module in the market, comprise notebook computer, mobile phone and panel computer etc., as iPhone5S etc.And along with the deep development of mobile Internet; people by the ease for use of various mobile terminal device and security requirement more and more higher; fingerprint Identification sensor will become the standard configuration of various terminal equipment, and user protects the mode of individual privacy and digital asset also will become custom by fingerprint recognition.
And simultaneously, along with the fast development of the Internet, the digital content of various media formats is also more and more abundanter, and the channel of presenting to user also gets more and more, this also brings many challenges to digital content services: on the one hand, because Web content and information are too abundant, it is quick, easy that people wish to obtain content; On the other hand, content service provider or provider wish that the content of serving by available protecting, can allow authorized user rationally access, and at random do not copied, revise and propagate.In order to protect the copyright of digital content; a lot of mechanism have devised many methods to content protecting and DRM system; there is the encryption method also had by hardware by software; all have nothing in common with each other in the emphasis of content protecting or the degree of protection; but the contradiction of fail safe and Consumer's Experience faced by all necessary; method as by hardware encipher can improve fail safe; but need to provide extra hardware device (as encrypted card to subscriber equipment; scrambler etc.), make troubles to the use of user.
Summary of the invention
The invention provides a kind of method and the system thereof that realize digital copyright protecting based on user fingerprints feature, improve the fail safe of Electronic Content Delivery.
For achieving the above object, the present invention by the following technical solutions:
The invention discloses a kind of digital literary property protection method, comprise the following steps: digital copyright protection system responds the content requests of user in client when meeting response condition, use the user key at least comprising the fingerprint feature information of pre-recorded described user to be encrypted the content key corresponding to the content of request, form encryption key; Described encryption key is returned to described client by described digital copyright protection system; wherein said encryption key is decrypted to obtain described content key to it for described client user key; thus enabling the described content key of described client carry out content deciphering to asked content, the user key that wherein said client uses is at least utilize the fingerprint feature information of the current input of user to generate.
Further, described in meet response condition and refer to, described digital copyright protection system, when receiving the content requests of described client, first carries out authentication and authentication success to user.
Further, described content is the content in described client this locality, or is returned to the content of described client by digital copyright protection system, or is returned to the content on the content address of described client by digital copyright protection system.
Further, described in meet response condition and refer to, described digital copyright protection system, when receiving the content requests of described client, first carries out authentication and authentication success to user; When described content not in described client this locality, described response also comprises the content address perhaps obtaining described content in described is returned to described client.
Further; described authentication comprises: utilize the authentication request information that the fingerprint feature information of the current input of user and the user ID of the current input of user generate; both are checked by the authentication information utilizing fingerprint feature information pre-recorded in described digital copyright protection system and generate with the unique corresponding user ID of this fingerprint feature information.
Further; the user key that described digital copyright protection system uses utilizes pre-recorded fingerprint feature information and generates with the unique corresponding user ID of this fingerprint feature information, and the user key that described client uses utilizes the user ID of the fingerprint feature information of the current input of user and the current input of user to generate.
The invention also discloses a kind of digital copyright protection system, comprise user authentication AUC and key management system, wherein: described user authentication AUC responds user in the content requests of client and notifies described key management system when meeting response condition, the user key of the content key corresponding to the content of request and the fingerprint feature information that at least comprises pre-recorded described user is returned to described user authentication AUC by described key management system, described user authentication AUC uses described user key to be encrypted described content key, form encryption key, and described encryption key is returned to described client, its user key is used to be decrypted to obtain described content key to described encryption key for described client, thus enable the described content key of described client carry out content deciphering to asked content, the user key that wherein said client uses is at least utilize the fingerprint feature information of the current input of user to generate.
Further, described content is the content in described client this locality, or is returned to the content of described client by digital copyright protection system, or is returned to the content on the content address of described client by digital copyright protection system.
Further, also comprise content encryption system and content delivering system, be when returning to described client by described digital copyright protection system in the content of request, described content is by the described content key encryption of described content encryption system; Described content delivering system is used for encrypted contents distribution to client.
Further, the described response condition that meets refers to, described user authentication AUC is when receiving the content requests of client, first authentication is carried out and authentication success to user, described authentication comprises: utilize the authentication request information that the fingerprint feature information of the current input of user and the user ID of the current input of user generate, both are checked by the authentication information utilizing fingerprint feature information pre-recorded in described digital copyright protection system and generate with the unique corresponding user ID of this fingerprint feature information; When obtaining the content address of content and returning to described client by described digital copyright protection system, described response also comprises described content address is returned to described client.
The invention has the beneficial effects as follows:
Disclosed by the invention be a kind of based on fingerprint characteristic Content-Authorize is obtained and to the method for content protecting and system thereof, the content that the method is protected is not encrypted by means of only content key, and digital publishing rights system is encrypted formation encryption key by the user key based on fingerprint characteristic to content key simultaneously, and content key must obtain by being decrypted encryption key based on the user key of fingerprint characteristic in client, thus ensure that the safe transmission of content key, and then improve the fail safe of content protecting, even if copied arbitrarily, copy to any electronic medium, the safety of content itself can be guaranteed.In addition; due to the uniqueness of fingerprint characteristic with not easily by counterfeit or acquisition; making the protection of content is for the protection of people instead of for machine or certain hardware device; the mandate of content service provider to content is the mandate for user; and be not limited to certain specific equipment, be conducive to the service that content service provider provides " customer-centric ".
In preferred scheme, user, when client-requested content, first need pass through authentication, and authentication is also user key by least comprising finger print information carries out checking certification, thus ensure that the safe transmission of encryption key.
Accompanying drawing explanation
Fig. 1 be digital copyright protection system of the present invention each module between and and client between annexation figure;
Fig. 2 is the responding process figure that content requests that the digital publishing rights system in digital literary property protection method of the present invention accepts client is done;
Fig. 3 is the flow chart of the authenticating user identification authentication process in digital literary property protection method of the present invention;
Fig. 4 is the flow chart of a kind of situation of customer identity registration process in digital literary property protection method of the present invention;
Fig. 5 is the flow chart of the another kind of situation of customer identity registration process in digital literary property protection method of the present invention.
Embodiment
Below contrast accompanying drawing and combine preferred embodiment the invention will be further described.
According to embodiments of the invention; digital copyright protection system comprises user authentication AUC and key management system; user authentication AUC responds user in the content requests of client and notifies key management system when meeting response condition, key management system is by the content key KEY corresponding to the content of request cand at least comprise the user key KEY of fingerprint feature information of pre-recorded user ureturn to user authentication AUC, user authentication AUC uses user key KEY uto content key K EY cbe encrypted, form encryption key KEY uc, and by encryption key KEY ucreturn to client, use its user key KEY for client u' is to encryption key KEY ucbe decrypted to obtain content key KEY c, thus enable client content key KEY ccontent deciphering is carried out to asked content, wherein used user key KEY u' utilizes the fingerprint feature information of the current input of user to generate.
In comparatively specific embodiment, content can be the content in client this locality, also can be the content being returned to client by digital copyright protection system, can also be the content returned to by digital publishing rights system on the content address of client.
Below by instantiation, digital copyright protection system is described; as shown in Figure 1; for a kind of digital copyright protection system each module between and and client between annexation figure; digital copyright protection system comprises user authentication AUC 11, key management system 12, content encryption system 13 and content delivering system 14, and the user authentication AUC 11 wherein in digital copyright protection system can carry out with subscription client 15 with content delivering system 14 alternately.User authentication AUC 11 accepts the content requests of client 15 by interface A, first authentication (the authentication request information that the user ID that wherein authentication comprises fingerprint feature information and the current input of user utilizing the current input of user generates is carried out to user, the authentication information utilizing fingerprint feature information pre-recorded in described digital copyright protection system and generate with the unique corresponding user ID of this fingerprint feature information, both are checked), if authentication success, meet response condition and carry out corresponding, namely key management system 12 is notified by interface C, key management system 12 is by the content key KEY corresponding to the content of request cand at least comprise the user key KEY of fingerprint feature information of pre-recorded user ureturn to user authentication AUC 11 by interface C, user authentication AUC 11 uses user key KEY uto content key K EY cbe encrypted, form encryption key KEY uc, and by encryption key KEY ucclient is returned to by interface A.
The content of asking when client 15 is the content of client 15 this locality, then the client 15 user key KEY that just can be generated by input fingerprint feature information u' is to encryption key KEY ucbe decrypted to obtain content key KEY c, thus enable client content key KEY ccontent deciphering is carried out to asked content.
The content of asking when client 15 is the content being returned to client by digital copyright protection system, by content encryption system 13 content key KEY during described content cencryption, wherein content key KEY ccontent encryption system 13 is sent to from key management system 12 by interface D; Content key KEY is used in content encryption system 13 cthe content of encryption is started to content delivering system 14 by interface E, and content delivering system 14 also responds according to authentication situation, and by the contents distribution through encryption to client 15, client 15 is again by inputting the user key KEY that fingerprint feature information generates u' is to encryption key KEY ucbe decrypted to obtain content key KEY c, thus enable client content key KEY ccontent deciphering is carried out to asked content.
The content of asking when client 15 is the content returned to by digital copyright protection system on the content address of client; its content address can be distributed to client 15 by content delivering system 14 through interface B; also client 15 can be sent to by user authentication AUC 11 through interface A; its decrypting process is same as described above, does not repeat them here.
Client 15 in the present embodiment be operate in transducer with fingerprint electric terminal on and directly user oriented carry out the extraction of identity information and content presents, can with user interactions; This client 15 can be the Web application run on a web browser, also can be apply based on this locality of certain operating system, as Android App or iOS App, but not as limit.
In sum, user authentication AUC 11 is responsible for preservation, the management of subscriber identity information and carries out certification and authentication to user identity; Key management system 12 generates corresponding content key KEY according to the request of user authentication AUC 11 c, and by content key KEY cbe saved in database, key management system 12 is also according to asking content key KEY cbe distributed to content encryption system 13 pairs of content-encrypts, or key distribution is decrypted to client 15 pairs of pertinent authorization information or content (this process can through user authentication AUC 11, also can directly be distributed to subscription client 15 by network, concrete distribution path is not limit); Content encryption system 13 utilizes the content key KEY obtained from key management system 12 c, regularly content is encrypted protection, then by encryption after down sending content to content delivering system 14; Content delivering system 14 is responsible for shielded content to be distributed to client 15 by the mode of stream media mode or file download.
In addition, client 15 is mutual by the Internet with digital copyright protection system, based on including but not limited to the communication protocols such as HTTP (S), TCP.Interface A realizes the authentication and authorization to user, the relevant information of transmission user between client 15 and user authentication AUC 11; Interface B is contents distribution interface, content delivering system 14 by the Internet by encryption content delivery to subscription client 15; Interface C, D, E are background system content exchange interface, and wherein, user authentication AUC 11 asks to generate corresponding content key KEY to key management system 12 by C interface cwith to content key K EY cbe encrypted; Interface D according to the request of content encryption system 13 for it provides content key KEY c, and obtain corresponding content information and make key management system 12 can carry out storage administration to key information; Content delivery after encryption to content delivering system 14, can be docked third party CDN by interface E.
According to embodiments of the invention; digital literary property protection method comprises the following steps: digital copyright protection system responds the content requests of user in client when meeting response condition, uses the user key KEY at least comprising the fingerprint feature information of pre-recorded user uto the content key KEY corresponding to the content of asking cbe encrypted, form encryption key KEY uc; Digital copyright protection system is by encryption key KEY ucreturn to client, wherein encryption key KEY ucfor client user key KEY u' is decrypted to obtain content key KEY to it c, thus enable client content key KEY ccontent deciphering is carried out to asked content, wherein the user key KEY that uses of client u' utilizes the fingerprint feature information of the current input of user to generate.
In comparatively specific embodiment, content can be the content in described client this locality, also can be the content being returned to client by digital copyright protection system, can also be the content returned to by digital copyright protection system on the content address of client.
In embodiment more specifically, meet response condition and refer to, digital copyright protection system, when receiving the content requests of client, first carries out authentication and authentication success to user; And when described content not in described client this locality, described response also comprises the content address perhaps obtaining described content in described is returned to described client.
Below by instantiation, digital literary property protection method is described.
As shown in Figure 2, be the responding process figure that content requests that digital copyright protection system accepts client is done.Content involved in the present invention is not limited to concrete form, and all the elements are all in advance by content key KEY cbe encrypted, concrete steps are as follows:
Step 202: user asks certain content by client 15;
Step 204: client 15 asks authentication authentication to user authentication AUC 11;
Step 206: check that whether certification is successful, if success, then perform step 208, if unsuccessful, then perform step 222;
Step 208: the acquisition address of user authentication AUC 11 returned content;
Step 210: user authentication AUC 11 is to key management system 12 request content key K EY c;
Step 212: authentication center is by user key KEY uto content key K EY cbe encrypted, obtain encryption key KEY uc;
Step 214: user authentication AUC 11 is by encryption key KEY ucreturn to client 15;
Step 216: client 15 perhaps directly reads local content in being obtained by content address;
Step 218: client 15 uses the fingerprint character code of user and user ID to generate user key KEY u';
Step 220: client 15 is by user key KEY u' is to encryption key KEY ucbe decrypted and obtain content key KEY c, then content is decrypted.
Step 222: report an error.
What the arrow between each step shown in Fig. 2 showed is logic precedence relationship, does not represent temporal precedence relationship, and the operation of some steps in such as figure can walk abreast and to occur.
Flow chart shown in Fig. 2 is the responding process that the digital copyright protection system content requests that accepts client is done when content is the content returned to by digital copyright protection system on the content address of client; And when content is the content in client this locality, then there is no step 208, after step 206 authentication success, directly perform step 210; Returned to the content of client in addition by digital copyright protection system when content, further comprising the steps of: to perform content encryption system 13 before carrying out certification to key management system request content key K EY cand content is encrypted, when also performing content encryption system 13 after authentication success, the content after encryption is sent to content delivering system 14, the content after encryption is sent to client 15 by content delivering system 14.
As shown in Figure 3; authentication process described in the responding process that the content requests accepting client for digital copyright protection system is done; the authentication procedures that authentication authentication process involved in the present invention comprises login process and carries out according to user fingerprints characteristic information, when user carry out paying, buy, acquisition request pay content or other special mandates time carry out.Whether have other Account Registration information according to user, the login process in whole Certificate Authority process in two kinds of situation: one, by verification process (login as by account number cipher) that other account informations carry out; Two, the user ID that this locality is preserved is issued user authentication AUC 11 by client 15.Authentication involved in the present invention and authentication process are undertaken by safe lane (as HTTPS) or non-security channel (as HTTP), and concrete communication protocol is not limit.Concrete steps are as follows:
Step 302: user's running client 15 also logs in by other account numbers, or the user ID that this locality is preserved is issued user authentication AUC 11;
Step 304: user gathers finger print data by the fingerprint sensor on equipment;
Step 306: client 15 is taken the fingerprint by the technology such as image procossing and pattern matching the feature of image, then generates a fingerprint character code;
Step 308: client 15 fingerprint character code and user ID (user account number used when user logs in step 302), adopts and the pre-recorded user key KEY of system usame HASH algorithm calculates a temporary key: KEY u0=HASH (fingerprint character code, user ID), its HASH algorithm includes but not limited to following method: fingerprint character code and user ID are carried out that character string is connected by (1), XOR or with computing after, calculate SHA value; (2) fingerprint character code and user ID are carried out character string is connected, XOR or with computing after, calculate MD5 value; (3) HMAC-SHA; (4) HMAC-MD5.
Step 310: client 15 is to user authentication AUC 11 request authentication, and both sides consult a Token value (concrete negotiations process, and the generation method of Token value is not limit, as with current time);
Step 312: the KEY that client 15 will produce in step 308 u0another HASH value is calculated: Auth=HASH (KEY together with the Token value obtained in step 410 step u0, Token), concrete HASH algorithm the present invention does not specify, then Auth is issued user authentication AUC 11;
Step 314: the KEY of user authentication AUC 11 inquiring user u, and with the algorithm calculating K EY same with client 15 uwith the HASH value of Token, then equal with the Auth value received;
Step 316: if Auth value checking is in a step 314 correct, then authentication success, user authentication AUC 11 inquiring user data message, returns corresponding authorization message; If Auth value authentication error, then authentification failure.
As shown in Figure 4 and Figure 5, be the flow chart of two kinds of situations of the customer identity registration process in digital literary property protection method, identity registration process is also the pre-recorded user key KEY of digital copyright protection system uprocess.Customer identity registration process involved in the present invention is from the finger print information typing of user and binding with relevant user information, and the registration not comprising user account number is (as by subscription client or other webpages, the personal information such as the E-mail address of user, cell-phone number are carried out the process registered), this identity registration process can be passed through safe lane (as HTTPS) and carry out, also can be undertaken by non-security channel (as HTTP), concrete communication protocol is not limit.Customer identity registration involved in the present invention comprises two kinds of situations: one, user is registered as system user (account registration process) by other personal information such as E-mail address or cell-phone number, just carry out identity registration by fingerprint when user perhaps carries out certain special mandate in initial purchase, detailed process as shown in Figure 4; Two, user uses subscription client first time, or client is reinstalled on new equipment, but be not registered as system user by other personal information, but directly carry out account register by fingerprint, detailed process as shown in Figure 5, logs in for each user of this situation and all needs to carry out fingerprint recognition.The identity registration step of two kinds of situations is as follows:
Situation one (as shown in Figure 4):
Step 402: user's running client 15 (form web page or client software), and log in by registered account number;
Step 404: user gathers the finger print data of oneself specific finger by the fingerprint sensor on equipment;
Step 406: client 15 is taken the fingerprint by the technology such as image procossing and pattern matching the feature of image, then generates a fingerprint character code;
Step 408: fingerprint character code is together issued user authentication AUC 11 with usersaccount information by client 15; Or fingerprint character code is only issued user authentication AUC 11 by client 15, and technology is kept to guarantee mating of fingerprint character code and account by the state such as Session or Token;
Step 410: the same user ID of the fingerprint character code (unique subscriber identification that the user name that user oneself registers, mailbox, telephone number or system generate that user authentication AUC 11 will obtain, and OAuth, OpenID account number etc.) generate a HASH value together, and as user key: KEY u=HASH (fingerprint character code, user ID), the HASH algorithm of employing includes but not limited to following method: fingerprint character code and user ID are carried out that character string is connected by (1), XOR or with computing after, calculate SHA value; (2) fingerprint character code and user ID are carried out character string is connected, XOR or with computing after, calculate MD5 value; (3) HMAC-SHA; (4) HMAC-MD5.
Step 412: user authentication AUC 11 will generate HASH value KEY in step 410 ucorresponding together stored in database with usersaccount information with user fingerprints condition code;
Step 414: user authentication AUC 11 returns to client 15 information of succeeding in registration;
Step 416: client 15 points out customer identity registration success.
Situation two (as shown in Figure 5):
Step 502: user's run user client 15 (form web page or client software);
Step 504: user gathers the finger print data of oneself specific finger by the fingerprint sensor on equipment;
Step 506: client 15 is taken the fingerprint by the technology such as image procossing and pattern matching the feature of image, then generates a fingerprint character code;
Step 508: the fingerprint character code of generation is uploaded to user authentication AUC 11 by client 15;
Step 510: by Database Systems, user authentication AUC 11 checks whether this fingerprint character code exists, if exist, inquires about the user ID corresponding with it and jumps to step 518, otherwise continues to perform step 512;
Step 512: user authentication AUC 11 generates a unique identification as user ID;
Step 514: the fingerprint character code of acquisition is generated a HASH value with the user ID generated by user authentication AUC 11 together, and as user key: KEY u=HASH (fingerprint character code, user ID), the HASH algorithm of employing includes but not limited to following method: fingerprint character code and user ID are carried out that character string is connected by (1), XOR or with computing after, calculate SHA value; (2) fingerprint character code and user ID are carried out character string is connected, XOR or with computing after, MD5 value; (3) HMAC-SHA; (4) HMAC-MD5.
Step 516: the HASH value KEY that previous step generates by user authentication AUC 11 ucorresponding with user ID and fingerprint character code together stored in database;
Step 518: user ID is returned to client 15 by user authentication AUC 11;
Step 520: client 15 is preserved the user ID that returns and pointed out customer identity registration success.
The present invention is intended to the development trend based on various electric terminal; make full use of the standard configuration of electric terminal; when not increasing extras and more change user use habit or increasing use complexity; propose a kind ofly to utilize user fingerprints feature to realize the method and the system thereof that digital content are realized to digital copyright protecting; make content be easier to be distributed to various types of electric terminal equipment, expand audient's scope.In addition; present invention employs the such biological characteristic of fingerprint and carry out content association protection; due to its uniqueness with not easily by counterfeit or acquisition; making the protection of digital content is for the protection of people instead of for machine or certain hardware device; the mandate of content service provider to content is the mandate for user; and be not limited to certain specific equipment, be conducive to the service that content service provider provides " customer-centric ".In a word, the present invention is not additionally increasing hardware device and not reducing on the basis of Consumer's Experience, and the available protecting copyright of digital content, provides a kind of significant digits copy-right protection method and the system of taking into account Consumer's Experience.
In addition; in instantiation of the present invention; carry out in verification process to the user key based on fingerprint characteristic; fingerprint feature information transmission after irreversible HASH operation; even if HASH value is intercepted on network; can not fingerprint feature information be extrapolated, add the not easily counterfeit property of fingerprint, further ensure that the fail safe of content protecting.
Above content is in conjunction with concrete preferred implementation further description made for the present invention, can not assert that specific embodiment of the invention is confined to these explanations.For those skilled in the art, without departing from the inventive concept of the premise, some equivalent to substitute or obvious modification can also be made, and performance or purposes identical, all should be considered as belonging to protection scope of the present invention.

Claims (10)

1. a digital literary property protection method, is characterized in that, comprises the following steps:
Digital copyright protection system responds the content requests of user in client when meeting response condition, use the user key (KEY at least comprising the fingerprint feature information of pre-recorded described user u) to the content key (KEY corresponding to the content of asking c) be encrypted, form encryption key (KEY uc);
Described digital copyright protection system is by described encryption key (KEY uc) return to described client, wherein said encryption key (KEY uc) be for described client user key (KEY u') be decrypted to obtain described content key (KEY to it c), thus enable the described content key (KEY of described client c) content deciphering is carried out to asked content, the user key (KEY that wherein said client uses u') at least utilize the fingerprint feature information of the current input of user to generate.
2. digital literary property protection method as claimed in claim 1, is characterized in that, described in meet response condition and refer to, described digital copyright protection system, when receiving the content requests of described client, first carries out authentication and authentication success to user.
3. digital literary property protection method as claimed in claim 1; it is characterized in that; described content is the content in described client this locality; or returned to the content of described client by digital copyright protection system, or returned to the content on the content address of described client by digital copyright protection system.
4. digital literary property protection method as claimed in claim 3, is characterized in that, described in meet response condition and refer to, described digital copyright protection system, when receiving the content requests of described client, first carries out authentication and authentication success to user;
When described content not in described client this locality, described response also comprises the content address perhaps obtaining described content in described is returned to described client.
5. the digital literary property protection method as described in claim 2 or 4; it is characterized in that; described authentication comprises: utilize the authentication request information that the fingerprint feature information of the current input of user and the user ID of the current input of user generate; both are checked by the authentication information utilizing fingerprint feature information pre-recorded in described digital copyright protection system and generate with the unique corresponding user ID of this fingerprint feature information.
6. the digital literary property protection method as described in any one of Claims 1-4, is characterized in that, the user key (KEY that described digital copyright protection system uses u) be utilize pre-recorded fingerprint feature information and generate with the unique corresponding user ID of this fingerprint feature information, the user key (KEY that described client uses u') utilize the user ID of the fingerprint feature information of the current input of user and the current input of user to generate.
7. a digital copyright protection system, is characterized in that, comprises user authentication AUC and key management system, wherein:
Described user authentication AUC responds user in the content requests of client and notifies described key management system when meeting response condition,
Described key management system is by the content key (KEY corresponding to the content of request c) and at least comprise the user key (KEY of fingerprint feature information of pre-recorded described user u) return to described user authentication AUC,
Described user authentication AUC uses described user key (KEY u) to described content key (KEY c) be encrypted, form encryption key (KEY uc), and by described encryption key (KEY uc) return to described client, use its user key (KEY for described client u') to described encryption key (KEY uc) be decrypted to obtain described content key (KEY c), thus enable the described content key (KEY of described client c) content deciphering is carried out to asked content, the user key (KEY that wherein said client uses u') at least utilize the fingerprint feature information of the current input of user to generate.
8. digital copyright protection system as claimed in claim 7; it is characterized in that; described content is the content in described client this locality; or returned to the content of described client by digital copyright protection system, or returned to the content on the content address of described client by digital copyright protection system.
9. digital copyright protection system as claimed in claim 8, is characterized in that, also comprise content encryption system and content delivering system,
When request content be when returning to described client by described digital copyright protection system, described content is by the described content key encryption of described content encryption system;
Described content delivering system is used for encrypted contents distribution to client.
10. digital copyright protection system as claimed in claim 8, is characterized in that, described in meet response condition and refer to, described user authentication AUC, when receiving the content requests of client, first carries out authentication and authentication success to user,
Described authentication comprises: utilize the authentication request information that the fingerprint feature information of the current input of user and the user ID of the current input of user generate, both are checked by the authentication information utilizing fingerprint feature information pre-recorded in described digital copyright protection system and generate with the unique corresponding user ID of this fingerprint feature information;
When obtaining the content address of content and returning to described client by described digital copyright protection system, described response also comprises described content address is returned to described client.
CN201410228282.0A 2014-05-27 2014-05-27 Digital right management method and system Pending CN104283686A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410228282.0A CN104283686A (en) 2014-05-27 2014-05-27 Digital right management method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410228282.0A CN104283686A (en) 2014-05-27 2014-05-27 Digital right management method and system

Publications (1)

Publication Number Publication Date
CN104283686A true CN104283686A (en) 2015-01-14

Family

ID=52258199

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410228282.0A Pending CN104283686A (en) 2014-05-27 2014-05-27 Digital right management method and system

Country Status (1)

Country Link
CN (1) CN104283686A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836796A (en) * 2015-04-14 2015-08-12 百度在线网络技术(北京)有限公司 Method and apparatus for acquiring network content information
CN105227300A (en) * 2015-08-27 2016-01-06 北京百度网讯科技有限公司 A kind of acquisition methods of key and system
CN106209730A (en) * 2015-04-30 2016-12-07 华为技术有限公司 A kind of method and device managing application identities
CN106464485A (en) * 2014-02-11 2017-02-22 爱立信股份有限公司 System and method for securing content keys delivered in manifest files
CN108140073A (en) * 2015-07-08 2018-06-08 Ipra科技有限公司 For providing a user the method and system for the access right for accessing limitation content
CN108881205A (en) * 2018-06-08 2018-11-23 西安理工大学 A kind of safety broadcasting system and playback method of HLS Streaming Media
CN109067702A (en) * 2018-06-25 2018-12-21 兴唐通信科技有限公司 A kind of method that system of real name network identity is generated and protected
CN109120584A (en) * 2018-06-19 2019-01-01 上海交通大学 Terminal security prevention method and system based on UEFI and WinPE
CN110069903A (en) * 2019-04-28 2019-07-30 腾讯科技(上海)有限公司 A kind of method and device of the determining user for consulting text data
US11500968B2 (en) 2014-01-08 2022-11-15 Lauri Valjakka Method of and system for providing access to access restricted content to a user

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1746809A (en) * 2004-09-07 2006-03-15 索尼株式会社 Biometric identification system
CN1855112A (en) * 2005-03-31 2006-11-01 索尼株式会社 Content information providing system, content information providing server, content reproduction apparatus, content information providing method, content reproduction method and computer program
CN101036098A (en) * 2004-10-08 2007-09-12 皇家飞利浦电子股份有限公司 User based content key encryption for a DRM system
CN101136749A (en) * 2006-08-31 2008-03-05 株式会社日立制作所 Encryption key generation and restoration method and individual authentication system
US20090228450A1 (en) * 2008-03-04 2009-09-10 Sony (China) Limited Digital right management client system and method thereof as well as digital right management system
CN101594233A (en) * 2009-06-26 2009-12-02 成都市华为赛门铁克科技有限公司 Upload the method for information, the method and apparatus and the communication system of reception information
CN101635924A (en) * 2009-08-27 2010-01-27 成都卫士通信息产业股份有限公司 CDMA port-to-port encryption communication system and key distribution method thereof
CN101795271A (en) * 2010-01-20 2010-08-04 西安电子科技大学 Network secure printing system and printing method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1746809A (en) * 2004-09-07 2006-03-15 索尼株式会社 Biometric identification system
CN101036098A (en) * 2004-10-08 2007-09-12 皇家飞利浦电子股份有限公司 User based content key encryption for a DRM system
CN1855112A (en) * 2005-03-31 2006-11-01 索尼株式会社 Content information providing system, content information providing server, content reproduction apparatus, content information providing method, content reproduction method and computer program
CN101136749A (en) * 2006-08-31 2008-03-05 株式会社日立制作所 Encryption key generation and restoration method and individual authentication system
US20090228450A1 (en) * 2008-03-04 2009-09-10 Sony (China) Limited Digital right management client system and method thereof as well as digital right management system
CN101594233A (en) * 2009-06-26 2009-12-02 成都市华为赛门铁克科技有限公司 Upload the method for information, the method and apparatus and the communication system of reception information
CN101635924A (en) * 2009-08-27 2010-01-27 成都卫士通信息产业股份有限公司 CDMA port-to-port encryption communication system and key distribution method thereof
CN101795271A (en) * 2010-01-20 2010-08-04 西安电子科技大学 Network secure printing system and printing method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王梦龙: "《网络信息安全原理与技术》", 30 November 2009 *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11500968B2 (en) 2014-01-08 2022-11-15 Lauri Valjakka Method of and system for providing access to access restricted content to a user
CN106464485A (en) * 2014-02-11 2017-02-22 爱立信股份有限公司 System and method for securing content keys delivered in manifest files
CN106464485B (en) * 2014-02-11 2020-03-06 爱立信股份有限公司 System and method for protecting content keys delivered in manifest files
CN104836796A (en) * 2015-04-14 2015-08-12 百度在线网络技术(北京)有限公司 Method and apparatus for acquiring network content information
US10439809B2 (en) 2015-04-30 2019-10-08 Huawei Technologies Co., Ltd. Method and apparatus for managing application identifier
CN106209730A (en) * 2015-04-30 2016-12-07 华为技术有限公司 A kind of method and device managing application identities
CN106209730B (en) * 2015-04-30 2020-03-10 华为技术有限公司 Method and device for managing application identifier
CN108140073A (en) * 2015-07-08 2018-06-08 Ipra科技有限公司 For providing a user the method and system for the access right for accessing limitation content
CN105227300B (en) * 2015-08-27 2019-09-20 北京百度网讯科技有限公司 A kind of acquisition methods and system of key
CN105227300A (en) * 2015-08-27 2016-01-06 北京百度网讯科技有限公司 A kind of acquisition methods of key and system
CN108881205A (en) * 2018-06-08 2018-11-23 西安理工大学 A kind of safety broadcasting system and playback method of HLS Streaming Media
CN108881205B (en) * 2018-06-08 2020-11-17 西安理工大学 HLS streaming media safe playing system and playing method
CN109120584A (en) * 2018-06-19 2019-01-01 上海交通大学 Terminal security prevention method and system based on UEFI and WinPE
CN109067702A (en) * 2018-06-25 2018-12-21 兴唐通信科技有限公司 A kind of method that system of real name network identity is generated and protected
CN109067702B (en) * 2018-06-25 2021-05-04 兴唐通信科技有限公司 Method for generating and protecting real-name system network identity
CN110069903A (en) * 2019-04-28 2019-07-30 腾讯科技(上海)有限公司 A kind of method and device of the determining user for consulting text data
CN110069903B (en) * 2019-04-28 2023-03-21 腾讯科技(上海)有限公司 Method and device for determining user for looking up text data

Similar Documents

Publication Publication Date Title
JP6941146B2 (en) Data security service
CN104283686A (en) Digital right management method and system
CN101373528B (en) Electronic payment system, device and method based on position authentication
US9838205B2 (en) Network authentication method for secure electronic transactions
US9231925B1 (en) Network authentication method for secure electronic transactions
CN110798315B (en) Data processing method and device based on block chain and terminal
US8661254B1 (en) Authentication of a client using a mobile device and an optical link
US20160307194A1 (en) System and method for point of sale payment data credentials management using out-of-band authentication
CN101977190B (en) Digital content encryption transmission method and server side
CN109905360B (en) Data verification method and terminal equipment
CN109412812B (en) Data security processing system, method, device and storage medium
CN112333198A (en) Secure cross-domain login method, system and server
CN101221641B (en) On-line trading method and its safety affirmation equipment
CN110868291B (en) Data encryption transmission method, device, system and storage medium
CN112232814A (en) Encryption and decryption method of payment key, payment authentication method and terminal equipment
CN111131416A (en) Business service providing method and device, storage medium and electronic device
CN104125064A (en) Dynamic password authentication method, client and authentication system
CN106656955A (en) Communication method and system and user terminal
WO2018227471A1 (en) Secure processing method and apparatus for biometric feature data, sensor, and terminal device
CN107395600B (en) Service data verification method, service platform and mobile terminal
CN113872989A (en) Authentication method and device based on SSL protocol, computer equipment and storage medium
CN112699404A (en) Method, device and equipment for verifying authority and storage medium
Chen et al. A secure mobile DRM system based on cloud architecture
KR102053993B1 (en) Method for Authenticating by using Certificate
US11671475B2 (en) Verification of data recipient

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20150114