CN104378379A - Encryption transmission method, equipment and system for digital content - Google Patents
Encryption transmission method, equipment and system for digital content Download PDFInfo
- Publication number
- CN104378379A CN104378379A CN201410697582.3A CN201410697582A CN104378379A CN 104378379 A CN104378379 A CN 104378379A CN 201410697582 A CN201410697582 A CN 201410697582A CN 104378379 A CN104378379 A CN 104378379A
- Authority
- CN
- China
- Prior art keywords
- request
- data
- digital content
- client
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The invention relates to the field of network technologies, in particular to an encryption transmission method for digital content. The method comprises the steps that a first data request transmitted by a client side is received, wherein the first data request is used for requesting the address of the digital content; according to the first data request, identification information of the client side and first timestamp information corresponding to the first data request are obtained, the address of the digital content is encrypted through the identification information and the first timestamp information so that information of the address of the encrypted digital content can be obtained, and the information of the address of the encrypted digital content is transmitted to the client side; a second data request transmitted by the client side is received, wherein the second data request is used for requesting the digital content and contains the information of the address of the encrypted digital content; the second data request is verified, so that a verification result is obtained; when the verification result indicates that the verification is passed, the digital content corresponding to the second data request is transmitted to the client side.
Description
Technical field
The present invention relates to networking technology area, particularly relate to a kind of encrypt digital content transmission method, equipment and system.
Background technology
Along with the development of computer networking technology, digital content services obtains and develops widely.Such as, user can use the digital content such as video, audio frequency that client is provided by internet viewing server.Because traditional digital content services supplier (such as video website) adopts HTTP (Hypertexttransfer protocol usually, HTML (Hypertext Markup Language)) protocol transmission digital content, and the URL of digital content (Uniform Resource Locator, URL(uniform resource locator)) address is that plaintext version is present in network transmission process, very easily obtained by third party and usurps.Therefore, how to improve the fail safe of digital content in network transmission process, protection copyrighted digital content make it not stolen, abuse become and problem demanding prompt solution.
A kind of method is there is in prior art, in order to whether checking client is true, effective client, the key that self stores is attached to server in the video URL address that client sends by server requirement client, and the video URL address that with the addition of key value is returned to server and be used for server and carry out validation verification.Server extracts key value from the video URL address that client returns, and the key value preserved with server compares, to carry out validation verification.If key value is identical, be then verified.
Inventor is realizing finding in process of the present invention, the method that prior art provides, client is needed to store a fixing key value and utilize described key value to verify, but in the video URL address that returns of client, key value exists with the form of intimate plaintext, and this key value is very easily acquired.Third party can utilize the key value of acquisition directly to construct final effective video URL address, thus obtains final effective video file.Such as, when final effective video URL address is made up of jointly key value and URL address, if third party obtain unencrypted URL address and obtain be close to plaintext version exist key time, then very easily construct effective video URL address.Therefore, the method that prior art provides exist fail safe not high, very easily by third party attack and the risk usurped.
Summary of the invention
For solving the problems of the technologies described above, embodiments providing a kind of encrypt digital content transmission method, equipment and system, to improve the fail safe of digital content in network transmission process, reducing the risk that it is attacked, usurps.
According to the first aspect of the embodiment of the present invention, disclose a kind of encrypt digital content transmission method, described method is applied to server end, comprising:
Receive the first request of data that client sends, described first request of data is for asking the address of digital content;
The identification information of described client is obtained and the very first time corresponding with described first request of data stabs information according to described first request of data, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client;
Receive the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Described second request of data is verified, obtains check results;
When described check results show verification by time, send the digital content corresponding with described second request of data to described client.
Preferably, the identification information of described client comprise in user totem information corresponding to the IP address of client, client identifier, client any one, for client described in unique identification.
Preferably, described described second request of data to be verified, obtains check results and comprise:
The address information of the digital content after the described encryption comprise described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time;
Identification information and the very first time information of stamp of the client of the described identification information after the deciphering of acquisition and stamp information and described server end of the described very first time being preserved compare, acquisition comparative result;
When described comparative result shows that the identification information of the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved and the very first time stab information matches, determine that verification is passed through.
Preferably, described method also comprises:
When described check results shows that verification is obstructed out-of-date, do not respond the second request of data of described client or send error message to described client.
According to the second aspect of the embodiment of the present invention, disclose a kind of encrypt digital content transmission method, described method is applied to client, comprising:
Send the first request of data to server end, described first request of data is for asking the address of digital content;
Receive the address information of the digital content after the encryption of described server end transmission;
Send the second request of data to described server end, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Receive the response that described server end sends for described second request of data.
Preferably, the response that the described server end of described reception sends for described second request of data comprises:
Receive described server described second request of data is verified and verify by time the digital content that sends; Or
Receive described server verifying described second request of data and verifying the error message of obstructed out-of-date transmission.
According to the third aspect of the embodiment of the present invention, disclose a kind of server apparatus, described server apparatus comprises:
First receiving element, for receiving the first request of data that client sends, described first request of data is for asking the address of digital content;
Ciphering unit, identification information and the very first time corresponding with described first request of data for obtaining described client according to described first request of data stab information, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client;
Second receiving element, for receiving the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Verification unit, for verifying described second request of data, obtains check results;
Transmitting element, for show when described check results verification by time, send the digital content corresponding with described second request of data to described client.
Preferably, described verification unit comprises:
Decryption unit, the address information for the digital content after the described encryption that comprises described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time;
Comparing unit, compares for the identification information of client the described identification information after the deciphering of acquisition and stamp information and described server end of the described very first time preserved and the very first time information of stamp, acquisition comparative result;
Determining unit, when identification information and the very first time for showing the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved when described comparative result stab information matches, determines that verification is passed through.
Preferably, described equipment also comprises:
Response trigger element, for showing that when described check results verification is obstructed out-of-date, not responding the second request of data of described client or sending error message to described client.
According to the fourth aspect of the embodiment of the present invention, disclose a kind of client device, described client device comprises:
First request of data transmitting element, for sending the first request of data to server end, described first request of data is for asking the address of digital content;
First receiving element, for receiving the address information of digital content after encryption that described server end sends;
Second request of data transmitting element, for sending the second request of data to described server end, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Second receiving element, for receiving the response that described server end sends for described second request of data.
Preferably, described second receiving element specifically for:
Receive described server described second request of data is verified and verify by time the digital content that sends; Or, receive described server and described second request of data verified and is verifying the error message of obstructed out-of-date transmission.
According to the 5th aspect of the embodiment of the present invention, disclose a kind of encrypt digital content transmission system, comprise server apparatus and client device, wherein:
Described client device is used for sending the first request of data to described server apparatus, and described first request of data is for asking the address of digital content; Receive the address information of the digital content after the encryption of described server apparatus transmission; Send the second request of data to described server apparatus, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Receive the response that described server apparatus sends for described second request of data;
The first request of data that described server apparatus sends for receiving client device, described first request of data is for asking the address of digital content; The identification information of described client device is obtained and the very first time corresponding with described first request of data stabs information according to described first request of data, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client device; Receive the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Described second request of data is verified, obtains check results; When described check results show verification by time, send the digital content corresponding with described second request of data to described client device.
The beneficial effect that the embodiment of the present invention can reach is: in the method that the embodiment of the present invention provides, in the request carrying out digital content at server end and client and transmitting procedure, utilize and be encrypted with the client identification information of the real information close association of client and the address of timestamp information to digital content, and utilize the digital content address after encryption to carry out the verification of client, the address of digital content is made not easily to be cracked and to forge, thus improve digital content fail safe in the transmission, reduce digital content by third party attack and the risk usurped.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, the accompanying drawing that the following describes is only some embodiments recorded in the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The encrypt digital content transmission method first embodiment schematic diagram that Fig. 1 provides for the embodiment of the present invention;
The encrypt digital content transmission method second embodiment schematic diagram that Fig. 2 provides for the embodiment of the present invention;
Encrypt digital content transmission method the 3rd embodiment schematic diagram that Fig. 3 provides for the embodiment of the present invention;
The server apparatus schematic diagram that Fig. 4 provides for the embodiment of the present invention;
The client device schematic diagram that Fig. 5 provides for the embodiment of the present invention;
The encrypt digital content transmission system schematic diagram that Fig. 6 provides for the embodiment of the present invention.
Embodiment
Embodiments provide a kind of encrypt digital content transmission method, equipment and system, to improve the fail safe of digital content in network transmission process, reduce the risk that it is attacked, usurps.
Technical scheme in the present invention is understood better in order to make those skilled in the art person, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, should belong to the scope of protection of the invention.
In this article, it is to be appreciated that involved term " digital content " represents the content such as text, image, sound existed in digital form, it can be stored in as on the digital carrier such as CD, hard disk, also can be propagated by means such as networks, but also be not limited to this.
(English full name is Uniform ResourceLocator to involved term " URL(uniform resource locator) ", english abbreviation is URL) be a kind of expression succinctly of position to the resource that can obtain from the Internet and access method, be the address of standard resource on the Internet.Each file on the Internet has a unique URL, and the information that it comprises points out how the position of file and browser should process it.
Involved term " client " can be called user side again, corresponding with server end, and being a kind ofly provides the program of local service for client, generally needs to work in coordination with service end to run.Client involved in the present invention can be applied in electronic equipment, described electronic equipment can be existing, research and develop or any electronic equipment of in the future research and development, include but not limited to: existing, research and develop or research and development in the future, desktop computer, laptop computer, mobile terminal (comprising smart mobile phone, non intelligent mobile phone, various panel computer) etc.Described client can also include but not limited to the client etc. of web browser, instant communication software.
Involved term " server end " is general corresponding with client, can be connected carry out data communication with one or more client.
Below with reference to some representative embodiments of the present invention, explaination principle of the present invention and spirit in detail.
See Fig. 1, it is the encrypt digital content transmission method first embodiment schematic diagram that the embodiment of the present invention provides.Method described in Fig. 1 is applied to server end, can comprise:
S101, the first request of data that received server-side client sends, described first request of data is for asking the address of digital content.
In this embodiment of the present invention, the method shown in Fig. 1 is applied to server side, described server end can with client interaction data.When user end to server sends the first request of data, during for asking the address of digital content, described server receives described request and also responds described request.Further, described first request of data can comprise the identification information of client, the identification information of described client comprise in user totem information corresponding to the internet protocol address of client, client identifier, client any one, for client described in unique identification.Such as, the identification information of described client can be the information with client (or user) Identity Association, the addresses of items of mail of such as client id, the user ID corresponding with client, user, the phone number of user, the identity information of user, the sequence number, MAC Address, IP address etc. of client, but be not limited to this.Preferably, described first request of data comprises the IP address of described client.Further, described first request of data can also comprise the identification information of the digital content that will ask, and identification information and the digital content of described digital content have one-to-one relationship, for unique identification number content, its concrete form can be various, does not limit at this.Server end can determine the digital content corresponding with the first request of data of described client and the information corresponding with described digital content according to the mark of described digital content, such as, can comprise the address of digital content.
S102, server end obtains the identification information of described client according to described first request of data and the very first time corresponding with described first request of data stabs information, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client.
In this embodiment of the present invention, server end can obtain the address of the real information corresponding with described client for encrypted digital content.Particularly, server end is according to the first request of data, and the identification information and the very first time corresponding with described first request of data that obtain the client corresponding with described first request of data stab information.Described very first time stamp information for identifying the first request of data of client, such as, can be the time that server receives the first request of data of described client.Because the identification information of client is used for unique identification client, very first time stamp information generally only has server or client to obtain, and therefore greatly improves the difficulty that above-mentioned information is cracked, improves the fail safe of digital content address transfer.
Server end utilizes the described identification information of acquisition and the described very first time to stab the address of digital content described in information encryption, obtains the address information of the digital content after encryption.In one implementation, server end can be encrypted described identification information and stamp information of the described very first time, and the identification information after encryption and very first time stamp information are added in the URL address of digital content, and the URL address of the digital content after process is returned to client.In another kind of implementation, server end also can directly utilize described identification information and stamp information of the described very first time to be encrypted as the URL address of digital content described in double secret key, to obtain the URL address information of the digital content after encryption.The present invention does not limit concrete encryption method, such as can comprise AES-128 method, DES algorithm (DataEncrypt ion Algorithm, DEA, a kind of symmetric encipherment algorithm), 3DES algorithm (Triple hybrid), TDEA algorithm (triple DEA), Blowfish algorithm (a kind of symmetric encryption method of the character string being used for encrypting 64Bit length), RC5 algorithm (a kind of block cipher of changeable parameters), (full name is IntelliJ IDEA to IDEA algorithm, a kind of data ciphering method based on JAVA) etc.
S103, the second request of data that client described in received server-side sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption.
The second request of data that received server-side client sends, described second request of data comprises the address information of the digital content after described encryption.
S104, server end verifies described second request of data, obtains check results.
During specific implementation, the address information of the digital content after the described encryption that server end comprises described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time; The identification information corresponding with described client that described identification information after the deciphering of acquisition and stamp information of the described very first time are preserved with described server end by server end and the very first time information of stamp compare, and obtain comparative result; When described comparative result shows that the identification information of the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved and the very first time stab information matches, determine that verification is passed through.When described comparative result shows the identification information of the client that the described identification information after described deciphering and stamp information of the described very first time are preserved with described server end and the very first time, information of stabbing was not mated, determine that verification is not passed through.
S105, when described check results show verification by time, server end sends the digital content corresponding with described second request of data to described client.
When verify by time, server end sends the digital content corresponding with the second request of data to client.When verification is obstructed out-of-date, server end does not respond the second request of data of described client or sends error message to described client.
In the method that the embodiment of the present invention provides, in the request carrying out digital content at server end and client and transmitting procedure, utilize and be encrypted with the client identification information of the real information close association of client and the address of timestamp information to digital content, and utilize the digital content address after encryption to carry out the verification of client, the address of digital content is made not easily to be cracked and to forge, thus improve digital content fail safe in the transmission, reduce digital content by third party attack and the risk usurped.
See Fig. 2, it is the encrypt digital content transmission method second embodiment schematic diagram that the embodiment of the present invention provides.Method shown in Fig. 2 is applied to client-side, can comprise:
S201, client sends the first request of data, and described first request of data is for asking the address of digital content.
When client needs playing digital content, the first request of data can be sent to ask the address of described digital content to server.Preferably, described first request of data comprises the identification information of described client and/or the identification information of described digital content.
S202, client receives the address information of the digital content after the encryption of described server end transmission.
It should be noted that, the respective handling of server end after receiving the first request of data that client sends, can realize with reference to the method in embodiment illustrated in fig. 1, does not repeat them here.
The address information of the digital content after the encryption that client reception server sends.Wherein, the identification information of the client that the address information server by utilizing of the digital content after described encryption obtains and the very first time corresponding with described first request of data stab the address of information to described digital content and are encrypted and obtain.
S203, client sends the second request of data to described server end, and described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption.
S204, client receives the response that described server end sends for described second request of data.
Wherein, client receive described server end for described second request of data send response comprise:
Client receive described server described second request of data is verified and verify by time the digital content that sends; Or
Client receives described server and is verifying described second request of data and verifying the error message of obstructed out-of-date transmission.
When client obtains digital content, namely described digital content can be play.Preferably, described digital content is through encryption.Described client utilizes the decryption method shared with described server to be decrypted process to described digital content.
See Fig. 3, it is encrypt digital content transmission method the 3rd embodiment schematic diagram that the embodiment of the present invention provides.It should be noted that, in conjunction with the first embodiment and the second embodiment, in server end, the server carrying out interaction process with client and the server being encrypted authentication can be same servers, also can be different servers.In the embodiment shown in fig. 3, server end interactive server and authentication server, wherein interactive server is mainly used in the interaction process of carrying out request of data with client, and authentication server is mainly used in being encrypted, checking treatment.Be video below with digital content be example, the address of digital content is URL address, and the IP address that the identification information of client is client is described the method shown in Fig. 3 for example, is below only exemplary illustration, is not considered as limitation of the present invention.
S301, client sends the first request of data to interactive server, for asking the URL address of video.
S302, described interactive server receives the first request of data that client sends, and obtains and stabs information with the IP address of described client and server time, and send CIPHERING REQUEST to authentication server.
During specific implementation, described CIPHERING REQUEST comprises IP address and the server time stamp information of the client of described acquisition.Described CIPHERING REQUEST can also comprise the URL address of the video of request.
S303, the URL address of authentication server to described IP address, server time stamp information, video is encrypted, and obtains the video URL address after encryption.
S304, authentication server sends the video URL address after encryption to described interactive server.
S305, interactive server sends the video URL address after encryption to client.
S306, client sends the second request of data to interactive server, for asking video file.Wherein, described second request of data comprises the video URL address after described encryption.
S307, interactive server sends authentication request to authentication server.Wherein, described authentication request comprises the video URL address after described encryption.
S308, authentication server is decrypted process to the video URL address after described encryption, obtain the IP address of client, server time stamp information, and itself and the described client ip address preserved, the server time information of stamp are compared, to obtain authenticating result.
S309, authentication server sends authenticating result to described interactive server.
S310, interactive server receives described authenticating result, when described authenticating result show authentication by time, send effective video file to client; When described authenticating result shows that authentication is obstructed out-of-date, send error message to described client.
Above embodiment of the method provided by the invention introduced, it will be appreciated by persons skilled in the art that above-described embodiment all can be changed, be out of shape, combine and obtain other implementations, all belong to protection scope of the present invention.
The server apparatus schematic diagram that Fig. 4 provides for the embodiment of the present invention.
A kind of server apparatus 400, described server apparatus comprises:
First receiving element 401, for receiving the first request of data that client sends, described first request of data is for asking the address of digital content.
Ciphering unit 402, identification information and the very first time corresponding with described first request of data for obtaining described client according to described first request of data stab information, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client.
Second receiving element 403, for receiving the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption.
Verification unit 404, for verifying described second request of data, obtains check results.
Transmitting element 405, for show when described check results verification by time, send the digital content corresponding with described second request of data to described client.
Preferably, described verification unit 404 comprises:
Decryption unit, the address information for the digital content after the described encryption that comprises described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time.
Comparing unit, compares for the identification information of client the described identification information after the deciphering of acquisition and stamp information and described server end of the described very first time preserved and the very first time information of stamp, acquisition comparative result.
Determining unit, when identification information and the very first time for showing the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved when described comparative result stab information matches, determines that verification is passed through.
Preferably, described equipment also comprises:
Response trigger element, for showing that when described check results verification is obstructed out-of-date, not responding the second request of data of described client or sending error message to described client.
See Fig. 5, it is the client device schematic diagram that the embodiment of the present invention provides.
A kind of client device 500, described client device comprises:
First request of data transmitting element 501, for sending the first request of data to server end, described first request of data is for asking the address of digital content;
First receiving element 502, for receiving the address information of digital content after encryption that described server end sends;
Second request of data transmitting element 503, for sending the second request of data to described server end, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Second receiving element 504, for receiving the response that described server end sends for described second request of data.
Preferably, described second receiving element specifically for:
Receive described server described second request of data is verified and verify by time the digital content that sends; Or, receive described server and described second request of data verified and is verifying the error message of obstructed out-of-date transmission.
See Fig. 6, it is the encrypt digital content transmission system schematic diagram that the embodiment of the present invention provides.
A kind of encrypt digital content transmission system, comprises server apparatus 400 and client device 500, wherein:
Described client device 500 is for sending the first request of data to described server apparatus, and described first request of data is for asking the address of digital content; Receive the address information of the digital content after the encryption of described server apparatus transmission; Send the second request of data to described server apparatus, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Receive the response that described server apparatus sends for described second request of data;
The first request of data that described server apparatus 400 sends for receiving client device, described first request of data is for asking the address of digital content; The identification information of described client device is obtained and the very first time corresponding with described first request of data stabs information according to described first request of data, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client device; Receive the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Described second request of data is verified, obtains check results; When described check results show verification by time, send the digital content corresponding with described second request of data to described client device.
It should be noted that, the client device 500 that encrypt digital content transmission system 600 comprises and server-side devices 400 all can realize with reference to the device shown in Fig. 4 and Fig. 5, do not repeat them here.
It should be noted that, the above introduction to device embodiment is comparatively simple, the realization of device can reference method embodiment part introduction and realize.
It should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
The present invention can describe in the general context of computer executable instructions, such as program unit.Usually, program unit comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the present invention in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program unit can be arranged in the local and remote computer-readable storage medium comprising memory device.
The above is only the specific embodiment of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (12)
1. an encrypt digital content transmission method, is characterized in that, described method is applied to server end, comprising:
Receive the first request of data that client sends, described first request of data is for asking the address of digital content;
The identification information of described client is obtained and the very first time corresponding with described first request of data stabs information according to described first request of data, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client;
Receive the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Described second request of data is verified, obtains check results;
When described check results show verification by time, send the digital content corresponding with described second request of data to described client.
2. method according to claim 1, it is characterized in that, the identification information of described client comprise in user totem information corresponding to the internet protocol address of client, client identifier, client any one, for client described in unique identification.
3. method according to claim 1, is characterized in that, describedly verifies described second request of data, obtains check results and comprises:
The address information of the digital content after the described encryption comprise described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time;
Identification information and the very first time information of stamp of the client of the described identification information after the deciphering of acquisition and stamp information and described server end of the described very first time being preserved compare, acquisition comparative result;
When described comparative result shows that the identification information of the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved and the very first time stab information matches, determine that verification is passed through.
4. method according to claim 1, is characterized in that, described method also comprises:
When described check results shows that verification is obstructed out-of-date, do not respond the second request of data of described client or send error message to described client.
5. an encrypt digital content transmission method, is characterized in that, described method is applied to client, comprising:
Send the first request of data to server end, described first request of data is for asking the address of digital content;
Receive the address information of the digital content after the encryption of described server end transmission;
Send the second request of data to described server end, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Receive the response that described server end sends for described second request of data.
6. method according to claim 5, is characterized in that, the response that the described server end of described reception sends for described second request of data comprises:
Receive described server described second request of data is verified and verify by time the digital content that sends; Or
Receive described server verifying described second request of data and verifying the error message of obstructed out-of-date transmission.
7. a server apparatus, is characterized in that, described server apparatus comprises:
First receiving element, for receiving the first request of data that client sends, described first request of data is for asking the address of digital content;
Ciphering unit, identification information and the very first time corresponding with described first request of data for obtaining described client according to described first request of data stab information, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client;
Second receiving element, for receiving the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Verification unit, for verifying described second request of data, obtains check results;
Transmitting element, for show when described check results verification by time, send the digital content corresponding with described second request of data to described client.
8. equipment according to claim 7, is characterized in that, described verification unit comprises:
Decryption unit, the address information for the digital content after the described encryption that comprises described second request of data is decrypted process, obtains the described identification information after deciphering and stamp information of the described very first time;
Comparing unit, compares for the identification information of client the described identification information after the deciphering of acquisition and stamp information and described server end of the described very first time preserved and the very first time information of stamp, acquisition comparative result;
Determining unit, when identification information and the very first time for showing the client that the described identification information after described deciphering and stamp information of the described very first time and described server end are preserved when described comparative result stab information matches, determines that verification is passed through.
9. equipment according to claim 7, is characterized in that, described equipment also comprises:
Response trigger element, for showing that when described check results verification is obstructed out-of-date, not responding the second request of data of described client or sending error message to described client.
10. a client device, is characterized in that, described client device comprises:
First request of data transmitting element, for sending the first request of data to server end, described first request of data is for asking the address of digital content;
First receiving element, for receiving the address information of digital content after encryption that described server end sends;
Second request of data transmitting element, for sending the second request of data to described server end, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption;
Second receiving element, for receiving the response that described server end sends for described second request of data.
11. equipment according to claim 10, is characterized in that, described second receiving element specifically for:
Receive described server described second request of data is verified and verify by time the digital content that sends; Or, receive described server and described second request of data verified and is verifying the error message of obstructed out-of-date transmission.
12. 1 kinds of encrypt digital content transmission systems, is characterized in that, comprise server apparatus and client device, wherein:
Described client device is used for sending the first request of data to described server apparatus, and described first request of data is for asking the address of digital content; Receive the address information of the digital content after the encryption of described server apparatus transmission; Send the second request of data to described server apparatus, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Receive the response that described server apparatus sends for described second request of data;
The first request of data that described server apparatus sends for receiving client device, described first request of data is for asking the address of digital content; The identification information of described client device is obtained and the very first time corresponding with described first request of data stabs information according to described first request of data, utilize the address of digital content described in described identification information and the stamp information encryption of the described very first time, obtain the address information of the digital content after encryption, send the address information of the digital content after encryption to described client device; Receive the second request of data that described client sends, described second request of data is for asking described digital content, and described second request of data comprises the address information of the digital content after described encryption; Described second request of data is verified, obtains check results; When described check results show verification by time, send the digital content corresponding with described second request of data to described client device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410697582.3A CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410697582.3A CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104378379A true CN104378379A (en) | 2015-02-25 |
| CN104378379B CN104378379B (en) | 2018-10-16 |
Family
ID=52557035
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410697582.3A Active CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104378379B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104735484A (en) * | 2015-03-05 | 2015-06-24 | 天脉聚源(北京)科技有限公司 | Method and device for playing video |
| CN105491073A (en) * | 2016-01-21 | 2016-04-13 | 腾讯科技(深圳)有限公司 | Data downloading method, device and system |
| CN106230824A (en) * | 2016-07-29 | 2016-12-14 | 浙商银行股份有限公司 | A kind of mobile device authentic authentication system and method |
| CN106331055A (en) * | 2016-08-09 | 2017-01-11 | 努比亚技术有限公司 | Identifier generation device and method |
| CN106658093A (en) * | 2016-12-27 | 2017-05-10 | 深圳市九洲电器有限公司 | Set top box and server interaction method and system |
| CN107579977A (en) * | 2017-09-04 | 2018-01-12 | 珠海迈科智能科技股份有限公司 | A kind of key theft preventing method and device |
| CN108737412A (en) * | 2018-05-15 | 2018-11-02 | 福建天晴数码有限公司 | A kind of method and terminal for realizing request of data |
| CN109450858A (en) * | 2018-10-15 | 2019-03-08 | 杭州迪普科技股份有限公司 | Method, apparatus, equipment and the storage medium of resource request |
| CN109922068A (en) * | 2019-03-13 | 2019-06-21 | 特斯联(北京)科技有限公司 | Security protection patrol robot, security system and its secret communication method |
| CN111541758A (en) * | 2020-04-17 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Page updating method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801824A (en) * | 2006-01-16 | 2006-07-12 | 北京北方烽火科技有限公司 | Anti-theft chain method for WEB service |
| CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
| CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
| CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
| CN104144160A (en) * | 2014-07-08 | 2014-11-12 | 北京彩云动力教育科技有限公司 | Online video resource downloading prevention method and system |
-
2014
- 2014-11-26 CN CN201410697582.3A patent/CN104378379B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801824A (en) * | 2006-01-16 | 2006-07-12 | 北京北方烽火科技有限公司 | Anti-theft chain method for WEB service |
| CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
| CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
| CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
| CN104144160A (en) * | 2014-07-08 | 2014-11-12 | 北京彩云动力教育科技有限公司 | Online video resource downloading prevention method and system |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104735484A (en) * | 2015-03-05 | 2015-06-24 | 天脉聚源(北京)科技有限公司 | Method and device for playing video |
| CN105491073A (en) * | 2016-01-21 | 2016-04-13 | 腾讯科技(深圳)有限公司 | Data downloading method, device and system |
| CN105491073B (en) * | 2016-01-21 | 2020-07-14 | 腾讯科技(深圳)有限公司 | Data downloading method, device and system |
| CN106230824A (en) * | 2016-07-29 | 2016-12-14 | 浙商银行股份有限公司 | A kind of mobile device authentic authentication system and method |
| CN106331055A (en) * | 2016-08-09 | 2017-01-11 | 努比亚技术有限公司 | Identifier generation device and method |
| CN106331055B (en) * | 2016-08-09 | 2019-08-16 | 努比亚技术有限公司 | Identifier generating means and method |
| CN106658093B (en) * | 2016-12-27 | 2019-07-09 | 深圳市九洲电器有限公司 | The exchange method and system of set-top box and server |
| CN106658093A (en) * | 2016-12-27 | 2017-05-10 | 深圳市九洲电器有限公司 | Set top box and server interaction method and system |
| CN107579977A (en) * | 2017-09-04 | 2018-01-12 | 珠海迈科智能科技股份有限公司 | A kind of key theft preventing method and device |
| CN108737412A (en) * | 2018-05-15 | 2018-11-02 | 福建天晴数码有限公司 | A kind of method and terminal for realizing request of data |
| CN108737412B (en) * | 2018-05-15 | 2021-06-25 | 福建天晴数码有限公司 | Method and terminal for realizing data request |
| CN109450858A (en) * | 2018-10-15 | 2019-03-08 | 杭州迪普科技股份有限公司 | Method, apparatus, equipment and the storage medium of resource request |
| CN109922068A (en) * | 2019-03-13 | 2019-06-21 | 特斯联(北京)科技有限公司 | Security protection patrol robot, security system and its secret communication method |
| CN111541758A (en) * | 2020-04-17 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Page updating method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104378379B (en) | 2018-10-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9992176B2 (en) | Systems and methods for encrypted communication in a secure network | |
| CN104378379B (en) | A kind of digital content encrypted transmission method, equipment and system | |
| CN109088889B (en) | SSL encryption and decryption method, system and computer readable storage medium | |
| JP6367375B2 (en) | System and method for secure communication over a network using linking addresses | |
| CN101510877B (en) | Single-point logging-on method and system, communication apparatus | |
| US8527762B2 (en) | Method for realizing an authentication center and an authentication system thereof | |
| US11323433B2 (en) | Digital credential management method and device | |
| CN108809633B (en) | Identity authentication method, device and system | |
| JP2005102163A (en) | Equipment authentication system, server, method and program, terminal and storage medium | |
| CN105657474B (en) | The anti-stealing link method and system of identity-based signature system are used in Video Applications | |
| CN105554098A (en) | Device configuration method, server and system | |
| CN108322416B (en) | Security authentication implementation method, device and system | |
| CN103716330A (en) | Method and device for encryption and decryption of digital content | |
| CN105491073B (en) | Data downloading method, device and system | |
| CN1716953B (en) | Method for identifying conversation initial protocol | |
| US20170070486A1 (en) | Server public key pinning by url | |
| KR20150059347A (en) | Mobile terminal, terminal and method for authentication using security cookie | |
| CN113225352A (en) | Data transmission method and device, electronic equipment and storage medium | |
| CN103368918A (en) | Method, device and system for dynamic password authentication | |
| JP2005322033A (en) | Information distribution system, information distribution server, terminal appliance, information distribution method, information reception method, information processing program and storage medium | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN115296807B (en) | Key generation method, device and equipment for preventing industrial control network viruses | |
| CN109379371B (en) | Certificate verification method, device and system | |
| CN104811421A (en) | Secure communication method and secure communication device based on digital rights management | |
| CN114158046B (en) | Method and device for realizing one-key login service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |