CN108171015B - Method and device for controlling aging - Google Patents
Method and device for controlling aging Download PDFInfo
- Publication number
- CN108171015B CN108171015B CN201810034035.5A CN201810034035A CN108171015B CN 108171015 B CN108171015 B CN 108171015B CN 201810034035 A CN201810034035 A CN 201810034035A CN 108171015 B CN108171015 B CN 108171015B
- Authority
- CN
- China
- Prior art keywords
- time
- system time
- user terminal
- trusted
- digital content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000032683 aging Effects 0.000 title claims abstract description 24
- 230000004048 modification Effects 0.000 claims abstract description 50
- 238000012986 modification Methods 0.000 claims abstract description 50
- 230000006855 networking Effects 0.000 claims abstract description 23
- 238000012545 processing Methods 0.000 claims description 8
- 230000000694 effects Effects 0.000 claims description 6
- 230000002431 foraging effect Effects 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 12
- 238000004364 calculation method Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 230000001550 time effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
Abstract
The invention provides a method and a device for controlling aging, comprising the following steps: the method comprises the steps that a user terminal obtains digital content and first system time, wherein the digital content is authorized to be effective within a preset time, and the first system time comprises a system time point of the user terminal when the digital content is effective; under the condition that the current system time point of the user terminal is modified in a non-networking state, the user terminal calculates a time offset, wherein the time offset comprises a difference value between the system time point before modification and the system time point after modification; the user terminal calculates a second system time, wherein the second system time comprises a combination of the current system time point and the time offset; when the difference value between the second system time and the first system time is less than or equal to the preset time, the user terminal determines that the digital content is valid, so that the user terminal can be prevented from bypassing the time-based rule when using the digital content with the time requirement.
Description
Technical Field
The invention relates to the technical field of computer security, in particular to a method and a device for time efficiency control.
Background
With the rapid development of informatization and internet technology, some digital contents contain very important information, and providers of the digital contents are not willing to deliver the digital contents through the internet or other ways without effective protection.
Currently, in order to effectively protect digital content, some digital content is licensed and contains time-based rules, such as controlling the time to be within the validity period of the license. Therefore, a method is needed to monitor the usage of digital content with temporal rules.
Disclosure of Invention
The embodiment of the invention aims at the problems and provides a method and a device for controlling the aging.
In a first aspect, a method for controlling aging is provided, which includes: the method comprises the steps that a user terminal obtains digital content and first system time, wherein the digital content is authorized to be effective within a preset time, and the first system time comprises a system time point of the user terminal when the digital content is effective; under the condition that the current system time point of the user terminal is modified in a non-networking state, the user terminal calculates a time offset, wherein the time offset comprises a difference value between the system time point before modification and the system time point after modification; the user terminal calculates a second system time, wherein the second system time comprises a combination of the current system time point and the time offset; and when the difference value between the second system time and the first system time is less than or equal to the preset time, the user terminal determines that the digital content is valid.
In a first possible implementation manner, the method further includes: in a state that the user terminal is networked with the trusted time source, the user terminal acquires first trusted time and second trusted time, wherein the first trusted time comprises a system time point of the trusted time source when the digital content takes effect, and the second trusted time comprises a current system time point of the trusted time source; and when the difference value between the second credible time and the first credible time is less than or equal to the preset time, the user terminal determines that the digital content is valid.
With reference to the first possible implementation manner of the first aspect, in a second possible implementation manner, the method further includes: the user terminal safely stores the first trusted time; the user terminal safely stores the first system time; the user terminal is stored safely for a predetermined period of time.
With reference to the first possible implementation manner of the first aspect or the second possible implementation manner of the first aspect, in a third possible implementation manner, the method further includes: and the user terminal safely stores the difference value between the second credible time and the first credible time.
With reference to any one of the foregoing possible implementation manners of the first aspect, in a fourth possible implementation manner, the method further includes: the user terminal securely stores the difference between the second system time and the first system time.
With reference to any one of the foregoing possible implementation manners of the first aspect, in a fifth possible implementation manner, in a case that the current system time point of the ue is modified, calculating a time offset includes: the user terminal determines that the current system time point of the user terminal is modified according to the system log; the user terminal determines a system time point before modification and a system time point after modification according to the system log; and the user terminal calculates the difference between the system time point before modification and the system time point after modification to obtain the time offset.
With reference to the first possible implementation manner of the first aspect or the second possible implementation manner of the first aspect, in a sixth possible implementation manner, before the determining, by the user terminal, that the digital content is valid, that a difference between the second system time and the first system time is less than or equal to a predetermined time length, the method further includes: and the user terminal determines that the difference value between the second system time and the first system time is greater than or equal to the difference value between the second credible time and the first credible time.
With reference to the first possible implementation manner of the first aspect or the second possible implementation manner of the first aspect, in a seventh possible implementation manner, before the determining, by the user terminal, that the digital content is valid, that a difference between the second system time and the first system time is less than or equal to a predetermined time length, the method further includes: and when the difference value between the second system time and the first system time is smaller than the difference value between the second credible time and the first credible time, the user terminal determines that the digital content is invalid.
In a second aspect, there is provided an aging control apparatus, including: the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring digital content and first system time, the digital content is authorized to be effective within a preset time length, and the first system time comprises a system time point of a user terminal when the digital content is effective; a calculation module, in a non-networking state, for, in case that a current system time point of the user terminal is modified: calculating a time offset, wherein the time offset comprises a difference value between a system time point before modification and a system time point after modification; calculating a second system time, the second system time comprising a combination of the current system time point and the time offset; and the judging module is used for determining that the digital content is valid when the difference value between the second system time and the first system time is less than or equal to the preset time.
In a first possible implementation manner, in a state where the user terminal is networked with the trusted time source, the obtaining module is further configured to obtain a first trusted time and a second trusted time, where the first trusted time includes a system time point of the trusted time source when the digital content takes effect, and the second trusted time includes a current system time point of the trusted time source; and when the difference value between the second credible time and the first credible time is less than or equal to the preset time, the judging module is also used for determining that the digital content is valid.
With reference to the first possible implementation manner of the second aspect, in a second possible implementation manner, the apparatus further includes: a secure storage module to: securely storing the first trusted time; securely storing the first system time; the storage is secure for a predetermined length of time.
With reference to the first possible implementation manner of the second aspect or the second possible implementation manner of the second aspect, in a third possible implementation manner, the secure storage module is further configured to securely store a difference between the second trusted time and the first trusted time.
With reference to any one of the foregoing possible implementation manners of the second aspect, in a fourth possible implementation manner, the secure storage module is further configured to securely store a difference between the second system time and the first system time.
With reference to any one of the foregoing possible implementation manners of the second aspect, in a fifth possible implementation manner, the determining module is further configured to: determining that the current system time point of the user terminal is modified according to the system log; determining a system time point before modification and a system time point after modification according to the system log; and the calculating module is specifically used for calculating the difference between the system time point before modification and the system time point after modification to obtain the time offset.
With reference to the first possible implementation manner of the second aspect or the second possible implementation manner of the second aspect, in a sixth possible implementation manner, the determining module is further configured to determine that a difference between the second system time and the first system time is greater than or equal to a difference between the second trusted time and the first trusted time.
With reference to the first possible implementation manner of the second aspect or the second possible implementation manner of the second aspect, in a seventh possible implementation manner, the determining module is further configured to determine that the digital content is invalid when a difference between the second system time and the first system time is smaller than a difference between the second trusted time and the first trusted time.
According to the embodiment of the invention, the payment asynchronous notification message can be repeatedly sent by using the aggregation payment platform for multiple times in a delayed manner, so that the merchant server can still receive the real payment message of the order even under the condition of bad network or downtime, and the problem of missed order caused by the merchant server is obviously reduced.
When the user terminal uses the digital content authorized for the predetermined time, the user terminal obtains the current truly credible current system time point, namely the second system time, by calculating the sum of the current system time point and the time offset in the non-networking state. And confirming the real use time of the digital content according to the second system time so as to judge whether the real use time of the digital content reaches the preset time length, thereby avoiding the user terminal from bypassing the time-based rule of the digital content in a non-networking state.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without inventive efforts, wherein:
FIG. 1 is a schematic flow chart diagram of a method of aging control in accordance with an embodiment of the present invention;
FIG. 2 is a schematic flow chart diagram of a method of aging control in a networked state with a trusted time source in accordance with an embodiment of the present invention;
FIG. 3 is a schematic flow chart diagram of a method of aging control in a non-networked state in accordance with another embodiment of the present invention;
FIG. 4 is a schematic block diagram of an aging control apparatus according to an embodiment of the present invention;
FIG. 5 is a schematic block diagram of an aging control apparatus according to another embodiment of the present invention;
fig. 6 is a block diagram of a computer apparatus for aging control according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Currently, to check the timing rules described above, a client or other device must use a clock. However, since the computer system clock allows for autonomous modification by the user, it is often susceptible to tampering, thereby possibly circumventing the time-based rule when the user terminal is in a non-networked state. Therefore, it is sometimes not trusted to determine the real time of the digital content operation behavior by the system clock of the user terminal.
FIG. 1 is a schematic flow diagram of a method of aging control in accordance with an embodiment of the present invention.
110, the user terminal acquires the digital content and a first system time, wherein the digital content is authorized to be valid within a preset time, and the first system time comprises a system time point of the user terminal when the digital content is valid;
digital content includes files, pictures, audio, video, computer programs, and the like.
120, in a non-networking state, calculating a time offset under the condition that the current system time point of the user terminal is modified, wherein the time offset comprises a difference value between the system time point before modification and the system time point after modification;
130, the user terminal calculates a second system time, the second system time comprises a combination of the current system time point and the time offset;
and 140, when the difference value between the second system time and the first system time is less than or equal to the predetermined time, the user terminal determines that the digital content is valid.
In the embodiment of the present invention, when the user terminal uses the digital content authorized for the predetermined time, in the non-networking state, the user terminal obtains the true current system time point, that is, the second system time, by calculating the sum of the current system time point and the time offset. The time offset may be multiple, for example, the system time point is modified twice, and the time offset is two. Then, the time difference obtained by subtracting the first system time of the user terminal when the digital content is effective from the second system time is compared with a predetermined time length to determine whether the digital content is effective. The digital content is invalid if the time difference is greater than the predetermined length of time and valid if the time difference is less than the predetermined length of time. Therefore, the use time of the digital content can be reliably confirmed, whether the use time of the digital content reaches the preset time length or not is judged, and the rule of the digital content based on the time is avoided being bypassed when the user terminal is in a non-networking state.
In step 110, the digital content is available at the same time as downloading, for example, the digital content can still be read, annotated and printed after being downloaded locally. And the downloading of the digital content must be authorized by a license, that is, the digital content is valid for a certain time and has a certain valid duration, for example, borrowing an electronic book, the valid duration is 5 days, the electronic book can be read only within the 5 days, and the electronic book cannot be read beyond the time limit. The system time point of the current user terminal, that is, the first system time, can be obtained while the digital content is downloaded, and the first system time is trusted because the first system time is obtained in a state of being networked with the trusted time source.
In step 120, the user terminal is in a non-networking state, and the current system time point is likely to be modified in order to get the benefit of the time-based rule. If the current system time point of the user terminal is modified, and the system time point has corresponding modification records before and after the modification, the difference value between the system time point before the modification and the system time point after the modification is the time offset at the moment. There may be multiple time offsets, for example, there may be multiple modified records corresponding to multiple time offsets.
According to an embodiment of the present invention, in a case where a current system time point of a user terminal is modified, calculating a time offset includes: the user terminal determines that the current system time point of the user terminal is modified according to the system log; the user terminal determines a system time point before modification and a system time point after modification according to the system log; and the user terminal calculates the difference between the system time point before modification and the system time point after modification to obtain the time offset.
For example, the user terminal may determine whether the current system time point is modified according to the system log in the non-networking state. If the time offset is modified, the system time point before modification and the system time point after modification can be determined according to the system log, and the time offset can be obtained by comparing and subtracting the two time points.
Therefore, in step 130, if there is a time offset, the second system time can be corrected to the current system time by the time offset.
For example, borrowing an electronic book, the effective duration is 5 days, downloading the electronic book to the user terminal at the first system time 2017, 12, 1, 8:00, suddenly disconnecting the network, so that the user terminal is always in a non-networking state, opening the electronic book by the user at the current system time 2017, 12, 2, 10:00, calling the system log to monitor that the current system time in the system log is modified, modifying the system time before modification by 21:00 at 2017, 12, 2, 9:00 at 2017, obviously, the current system time is modified by 12 hours in advance, so the time offset at this time is 12 hours, the second system time is the current system time + the time offset, that is, the second system time is 12 hours after 12, 2, 10:00 at 2017, i.e., 12 months and 2 days in 2017 at 22: 00.
In addition, after the e-book starts to read, the user terminal may also poll the system log at regular intervals in a non-networked state, so as to monitor whether the current system time point of the user terminal is modified. For example, a timer may be set at the ue, and the timer monitors whether the current system time point of the ue is modified for a fixed period of time. Wherein the fixed time period may be every second, every minute, every hour, every day, every week, every month, or the like. The embodiments of the present invention are not limited in this regard.
According to step 120, if there are multiple modification records in the system log, there are multiple time offsets corresponding to the multiple modification records, and the calculation method of a single time offset is as above, and will not be described herein again. The current system time point and the plurality of time offsets need to be calculated simultaneously when calculating the second system time.
According to an embodiment of the present invention, the method further includes: in a state that the user terminal is networked with the trusted time source, the user terminal acquires first trusted time and second trusted time, wherein the first trusted time comprises a system time point of the trusted time source when the digital content takes effect, and the second trusted time comprises a current system time point of the trusted time source; and when the difference value between the second credible time and the first credible time is less than or equal to the preset time, the user terminal determines that the digital content is valid.
Specifically, when the user terminal acquires the digital content, the user terminal and the trusted time source are in a networking state, and at this time, the user terminal can acquire a system time point of the trusted time source when the digital content takes effect, namely, a first trusted time; in a state where the user terminal is networked with the trusted time source, the user terminal may acquire a current system time point of the trusted time source, that is, a second trusted time. When the difference between the second credible time and the first credible time is less than or equal to the preset time, the digital content is valid, otherwise, the digital content is invalid.
According to an embodiment of the present invention, the method further includes: the user terminal safely stores the first trusted time; the user terminal safely stores the first system time; the user terminal is stored safely for a predetermined period of time.
Specifically, as described above, when the user terminal acquires the digital content for the first time, the first trusted time, the first system time, the predetermined time, and the like may be acquired at the same time, these times may be stored in one or more secure storage areas securely, and signature encryption protection may be performed by using cryptographic technology.
According to the embodiment of the invention, the first trusted time, the first system time and the preset time length are safely stored in the safe storage area, so that the time data can be prevented from being tampered, and the authenticity and the validity of the time obtained when the digital content is validated are ensured.
According to an embodiment of the present invention, the method further includes: and the user terminal safely stores the difference value between the second credible time and the first credible time.
Specifically, in a state where the user terminal is networked with the trusted time source, the difference between the second trusted time and the first trusted time should be increased all the time as time goes on, and the difference is securely stored in one or more secure storage areas and/or protected by signature encryption through cryptographic means, so that the difference is not easily tampered. Moreover, the difference value can also be used as a judgment standard of the time of the user terminal in a non-networking state.
For example, in 2017, 12, 1, 8:00, when the user terminal is networked with the trusted time source, the user purchases an e-book, reads the whole 12 hours, suddenly disconnects the network, and continues to read for 3 hours. And in 3 hours of continuous reading of the user, before the second system time is modified to 20:00 of 12/1/2017, the difference between the second trusted time and the first trusted time is stored in the secure storage area and is not easy to be tampered, and the difference between the second system time and the first system time is obviously smaller than the difference between the real trusted time and the first trusted time when the network is disconnected, so that the fact that the second system time is tampered is easy to find. Therefore, the difference value between the second credible time and the first credible time can also be used as a judgment standard of the time of the user terminal in the non-networking state.
According to an embodiment of the present invention, the method further includes: the user terminal securely stores the difference between the second system time and the first system time.
Specifically, in the non-networked state of the user terminal, the difference value between the second system time and the first system time is increased along with the time, the difference value is stored in one or more secure storage areas safely, and/or the difference value is protected by signature encryption through a cryptographic technology, so that the difference value can be ensured not to be tampered. For example, the first system time is fully trusted since the first system time is a trusted time and is stored in the secure storage area. If the difference in the storage area decreases, it can be judged that the second system time is falsified and the time is changed to be before the true second system time, based on the fact that the difference between the second system time and the first system time is increasing.
It will be appreciated that the difference between the second system time and the first system time is securely stored in one or more secure storage areas, making it difficult for the second system time to be tampered with before its true value.
Based on the embodiment of the invention, the authenticity and the validity of the second system time are ensured while the difference value between the second system time and the first system time is ensured not to be easily tampered, so that the time-based rule of the user terminal is difficult to be bypassed when the user terminal uses the digital content in a non-networking state.
According to an embodiment of the present invention, before the user terminal determines that the digital content is valid when the difference between the second system time and the first system time is less than or equal to the predetermined time length, the method further includes: and the user terminal determines that the difference value between the second system time and the first system time is greater than or equal to the difference value between the second credible time and the first credible time.
According to an embodiment of the present invention, before the user terminal determines that the digital content is valid when the difference between the second system time and the first system time is less than or equal to the predetermined time length, the method further includes: and when the difference value between the second system time and the first system time is smaller than the difference value between the second credible time and the first credible time, the user terminal determines that the digital content is invalid.
Specifically, the first system time, the second trusted time, and the first trusted time are times acquired by the user terminal in a state of being networked with the trusted time source, which are not easily tampered with and are trusted, and the second system time is not completely trusted. If the user terminal is networked with the trusted time source, the difference value between the second system time and the first system time is equal to the difference value between the second trusted time and the first trusted time; if the user terminal and the trusted time source are in the non-networking state, the difference value between the second system time and the first system time should be larger than the difference value between the second trusted time and the first trusted time. And if the difference value between the second system time and the first system time is smaller than the difference value between the second credible time and the first credible time, the time is abnormal, the digital content is invalid, and the digital content is not allowed to be used. This can ensure the security of the digital content.
FIG. 2 is a schematic flow chart diagram of a method of aging control in a networked state with a trusted time source in accordance with an embodiment of the present invention.
205, in a state of being networked with the trusted time source, the user terminal acquires the digital content, the first system time S1, the first trusted time T1, and the predetermined time period T.
210, storing S1, T1 and T in a secure storage area, and signature encryption protecting by cryptographic means.
215, in a state that the user terminal is networked with the trusted time source, a second trusted time T2 is acquired, and Δ T is calculated, which is T2-T1.
220, storing the delta T in a safe storage area, and performing signature encryption protection through a cryptographic technology.
225, judging the size of the delta T and the T. If Δ T is greater than T, the digital content is invalid and is not allowed to be used; if T is less than or equal to T, the digital content is valid and continues to be used.
FIG. 3 is a schematic flow chart diagram of a method of aging control in a non-networked state in accordance with an embodiment of the present invention.
Assuming that the user terminal was in a networked state with the trusted time source before the process of fig. 3 and the last trusted time of networking with the trusted time source was T3, after T3 the user terminal is in an unconnected state, at which time the user may still continue to use the digital content.
The system logs are polled at regular intervals 310.
And 315, determining whether the current system time point of the user terminal is modified according to the system log.
320, if the current system time point is modified, calculating a time OFFSET, wherein the time OFFSET may be multiple, for example, OFFSET1, OFFSET2, OFFSET3 … …; if the current system time point is not modified, the current system time point S3 is the second system time S2.
325, a second system time S2 is calculated. S2 ═ S3+ OFFSET1+ OFFSET2+ OFFSET3+ … ….
And 330, calculating the difference deltaS between the second system time and the first system time, wherein deltaS is S2-S1.
And 340, storing the deltaS in a safe storage area, and performing signature encryption protection through a cryptographic technology.
350, judging the size of the delta T and the delta S. If Δ T is greater than Δ S, the time is abnormal, the digital content is invalid and the digital content is not allowed to be used.
Wherein Δ T can be obtained according to step 220 in FIG. 2, and the calculation result of Δ T can also be obtained according to step 205-215.
And 360, if the Delta T is less than or equal to the Delta S, judging the sizes of the Delta S and the Delta T. If Δ S is greater than T, the digital content is invalid and is not allowed to be used; if Δ S is less than or equal to T, the digital content is valid and continues to be used.
The method for aging control according to the embodiment of the present invention is described above, and the apparatus for aging control according to the embodiment of the present invention is described below with reference to fig. 4 and 5.
Fig. 4 is a schematic block diagram of an aging control apparatus 400 according to an embodiment of the present invention.
The aging control apparatus 400 includes: an acquisition module 410, a calculation module 420, and a decision module 430.
An obtaining module 410, configured to obtain a digital content and a first system time, where the digital content is authorized to be valid within a predetermined time period, and the first system time includes a system time point of the user terminal when the digital content is valid; a calculating module 420, in a non-networking state, for, in case that a current system time point of the user terminal is modified: calculating a time offset, wherein the time offset comprises a difference value between a system time point before modification and a system time point after modification; calculating a second system time, the second system time comprising a combination of the current system time point and the time offset; the determining module 430 is configured to determine that the digital content is valid when a difference between the second system time and the first system time is less than or equal to a predetermined time.
Based on the embodiment of the invention, in a non-networking state, the calculation module calculates the time offset, and obtains the current truly credible system time, namely the second system time, through the time offset. And determining whether the digital content is valid according to the difference value between the current truly credible system time and the first system time and the preset time length determined by the determination module. Therefore, the time rule that the user bypasses the digital content with the time requirement caused by the falsification of the system time in the non-networking state is avoided.
According to the embodiment of the present invention, in a state where the user terminal is networked with the trusted time source, the obtaining module 410 is further configured to obtain a first trusted time and a second trusted time, where the first trusted time includes a system time point of the trusted time source when the digital content takes effect, and the second trusted time includes a current system time point of the trusted time source; the decision module 430 is further configured to determine that the digital content is valid when a difference between the second trusted time and the first trusted time is less than or equal to a predetermined time.
The operation and function of each module may refer to the detailed description of the method embodiment part in fig. 1 to 3, and are not repeated herein in order to avoid repetition.
Fig. 5 is a schematic configuration diagram of an aging control apparatus 500 according to another embodiment of the present invention.
The aging control apparatus 500 includes: an acquisition module 510, a calculation module 520, a decision module 530, and a secure storage module 540.
According to an embodiment of the present invention, the secure storage module 540 is configured to: securely storing the first trusted time; securely storing the first system time; the storage is secure for a predetermined length of time.
According to an embodiment of the present invention, the secure storage module 540 is further configured to securely store a difference between the second trusted time and the first trusted time.
According to an embodiment of the present invention, the secure storage module 540 is further configured to securely store a difference between the second system time and the first system time.
According to an embodiment of the present invention, the determining module 530 is further configured to: determining that the current system time point of the user terminal is modified according to the system log; determining a system time point before modification and a system time point after modification according to the system log; the calculating module 520 is specifically configured to calculate a difference between the system time point before modification and the system time point after modification to obtain a time offset.
The determining module 530 is further configured to determine that a difference between the second system time and the first system time is greater than or equal to a difference between the second trusted time and the first trusted time.
The determining module 530 is further configured to determine that the digital content is invalid when a difference between the second system time and the first system time is less than a difference between the second trusted time and the first trusted time, according to an embodiment of the present invention.
The operation and function of each module may refer to the detailed description of the method embodiment part in fig. 1 to 3, and are not repeated herein in order to avoid repetition.
FIG. 6 is a block diagram of a computer apparatus 600 for aging control according to an embodiment of the present invention.
Referring to fig. 6, the apparatus 600 includes a processing component 610 that further includes one or more processors and memory resources, represented by memory 620, for storing instructions, such as applications, that are executable by the processing component 610. The application programs stored in memory 620 may include one or more modules that each correspond to a set of instructions. Further, the processing component 610 is configured to execute instructions to perform the above-described method of time effect control.
Embodiments of the present invention further provide a non-transitory computer-readable storage medium, where instructions in the storage medium, when executed by a processor of the apparatus 600, enable the apparatus 600 to perform a method for controlling aging, where the method includes: the method comprises the steps that a user terminal obtains digital content and first system time, wherein the digital content is authorized to be effective within a preset time, and the first system time comprises a system time point of the user terminal when the digital content is effective; under the condition that the current system time point of the user terminal is modified in a non-networking state, the user terminal calculates a time offset, wherein the time offset comprises a difference value between the system time point before modification and the system time point after modification; the user terminal calculates a second system time, wherein the second system time comprises a combination of the current system time point and the time offset; and when the difference value between the second system time and the first system time is less than or equal to the preset time, the user terminal determines that the digital content is valid.
Those of ordinary skill in the art will appreciate that the steps of the aging control of the examples described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or a combination of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the method and the apparatus described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described embodiments of the aging control apparatus are merely illustrative, and for example, the division of the units is only one logic function division, and there may be other division ways in actual implementation, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part thereof, which essentially contributes to the prior art, can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program check codes, such as a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (6)
1. A method of aging control, comprising:
the method comprises the steps that a user terminal acquires digital content and first system time, wherein the digital content is authorized to be valid within a preset time length, and the first system time comprises a system time point of the user terminal when the digital content is valid;
the user terminal calculates a time offset under the condition that the current system time point of the user terminal is modified in a non-networking state, wherein the time offset comprises a difference value between the system time point before modification and the system time point after modification;
the user terminal calculating a second system time, the second system time comprising a combination of the current system time point and the time offset;
when the difference value between the second system time and the first system time is less than or equal to the predetermined time, the user terminal determines that the digital content is valid,
the method further comprises the following steps:
in a state that the user terminal is networked with a trusted time source, the user terminal acquires a first trusted time and a second trusted time of the trusted time source, wherein the first trusted time comprises a system time point of the trusted time source when the digital content is effective,
before the user terminal determines that the digital content is valid, the method further comprises:
and when the difference value between the second trusted time and the first trusted time is smaller than or equal to the predetermined time, the user terminal determines that the difference value between the second system time and the first system time is larger than or equal to the difference value between the second trusted time and the first trusted time.
2. The method of claim 1, wherein calculating the time offset in case that the current system time point of the user terminal is modified comprises:
the user terminal determines that the current system time point of the user terminal is modified according to the system log;
the user terminal determines the system time point before modification and the system time point after modification according to the system log;
and the user terminal calculates the difference between the system time point before modification and the system time point after modification to obtain the time offset.
3. The method of claim 1, wherein before the user terminal determines that the digital content is valid when the difference between the second system time and the first system time is less than or equal to the predetermined time length, the method further comprises:
and when the difference value between the second system time and the first system time is smaller than the difference value between the second credible time and the first credible time, the user terminal determines that the digital content is invalid.
4. An aging control apparatus, comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring digital content and first system time, the digital content is authorized to be effective within a preset time length, and the first system time comprises a system time point of a user terminal when the digital content is effective;
a computing module, in a non-networking state, configured to, in a case where a current system time point of the user terminal is modified: calculating a time offset, wherein the time offset comprises a difference value between a system time point before modification and a system time point after modification; calculating a second system time comprising a combination of the current system time point and the time offset;
a determining module for determining that the digital content is valid when a difference between the second system time and the first system time is less than or equal to the predetermined time period,
in a state that the user terminal is networked with a trusted time source, the obtaining module is further configured to obtain a first trusted time and a second trusted time of the trusted time source, where the first trusted time includes a system time point of the trusted time source when the digital content is in effect,
the determining module is further configured to determine that a difference between the second system time and the first system time is greater than or equal to a difference between the second trusted time and the first trusted time when the difference between the second trusted time and the first trusted time is less than or equal to the predetermined time.
5. The aging control apparatus according to claim 4, wherein the determination module is further configured to: determining that the current system time point of the user terminal is modified according to the system log; determining the system time point before modification and the system time point after modification according to the system log; the calculating module is specifically configured to calculate a difference between the system time point before the modification and the system time point after the modification to obtain the time offset.
6. The apparatus for aging control of claim 4, wherein the determination module is further configured to determine that the digital content is invalid when a difference between the second system time and the first system time is less than a difference between the second trusted time and the first trusted time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810034035.5A CN108171015B (en) | 2018-01-15 | 2018-01-15 | Method and device for controlling aging |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810034035.5A CN108171015B (en) | 2018-01-15 | 2018-01-15 | Method and device for controlling aging |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108171015A CN108171015A (en) | 2018-06-15 |
| CN108171015B true CN108171015B (en) | 2021-10-15 |
Family
ID=62514288
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810034035.5A Active CN108171015B (en) | 2018-01-15 | 2018-01-15 | Method and device for controlling aging |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108171015B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109389697A (en) * | 2018-09-25 | 2019-02-26 | 天地(常州)自动化股份有限公司 | Recording method, equipment and the readable storage medium storing program for executing of underground inspection data inputting time |
| CN110399716A (en) * | 2019-06-27 | 2019-11-01 | 苏州浪潮智能科技有限公司 | A kind of cryptographic validity test method, system and electronic equipment and storage medium |
| CN114244895A (en) * | 2021-12-21 | 2022-03-25 | 北京京东振世信息技术有限公司 | Control method and device of handheld mobile terminal, electronic equipment and storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100470568C (en) * | 2006-04-18 | 2009-03-18 | 华为技术有限公司 | Method and system for keeping digital copyright management time synchronization |
| EP2052524B1 (en) * | 2006-05-05 | 2014-12-24 | InterDigital Technology Corporation | Digital rights management using trusted processing techniques |
| CN103248614A (en) * | 2012-02-09 | 2013-08-14 | 上海新华解放数字阅读传媒有限公司 | Implementation method of safety time of client |
-
2018
- 2018-01-15 CN CN201810034035.5A patent/CN108171015B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN108171015A (en) | 2018-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101182473B1 (en) | Secure time functionality for a wireless device | |
| CN108171015B (en) | Method and device for controlling aging | |
| US9294479B1 (en) | Client-side authentication | |
| CN111556059A (en) | Abnormity detection method, abnormity detection device and terminal equipment | |
| EP3270318B1 (en) | Dynamic security module terminal device and method for operating same | |
| US10311237B2 (en) | Mechanism to synchronize clients in a digital rights management environment | |
| CN112507291B (en) | Method and device for generating unique identifier of Android device | |
| CN110046162B (en) | Auxiliary evidence storage method, system, device and equipment | |
| KR101934378B1 (en) | Computer system having the hazard protection, and method thereof | |
| US20160330030A1 (en) | User Terminal For Detecting Forgery Of Application Program Based On Hash Value And Method Of Detecting Forgery Of Application Program Using The Same | |
| CN109302383B (en) | URL monitoring method and device | |
| CN109889477A (en) | Server based on trusted cryptography's engine starts method and device | |
| CN113647053A (en) | Method for configuring a security module with at least one derived key | |
| CN111143788B (en) | License processing method, electronic device, and storage medium | |
| CN111461955A (en) | Method and device for automatically increasing digital blind watermark in screenshot, electronic equipment and storage medium | |
| CN111277601B (en) | Website security monitoring method and system | |
| WO2015000967A1 (en) | Device, system and method for securing transfer of data between a source portable data storage device and a destination computing system | |
| CN114979109A (en) | Behavior track detection method and device, computer equipment and storage medium | |
| CN110795750A (en) | Document encryption lodging method, system and device | |
| CN106909401B (en) | Application program control method and device | |
| CN110677483A (en) | Information processing system and trusted security management system | |
| CN109787766B (en) | Data processing method, device, server and system | |
| CN111814205B (en) | Computing processing method, computing processing system, computing processing device, computing processing memory, computing processing device and computer device | |
| JP6063317B2 (en) | Terminal device and determination method | |
| US20170147798A1 (en) | Mobile Device And Method Of Operating Mobile Device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |