CN108337540A - A kind of authorization management method, device and authentication management system - Google Patents
A kind of authorization management method, device and authentication management system Download PDFInfo
- Publication number
- CN108337540A CN108337540A CN201710045778.8A CN201710045778A CN108337540A CN 108337540 A CN108337540 A CN 108337540A CN 201710045778 A CN201710045778 A CN 201710045778A CN 108337540 A CN108337540 A CN 108337540A
- Authority
- CN
- China
- Prior art keywords
- authorization
- terminal
- mobile terminal
- information
- carrier server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4627—Rights management associated to the content
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention discloses a kind of authorization management method, device and authentication management systems.Authorization management method in the embodiment of the present invention includes:The identification information of acquisition for mobile terminal account ID information and authorization terminal;The encrypted authentication information that account ID information and the identification information of authorization terminal are formed is sent to carrier server by mobile terminal, the encrypted authentication information is used to indicate carrier server and generates the authorization message of authorization terminal, and authorization message is sent to authorization terminal.The embodiment of the present invention solves the authorization to DTV in the prior art, generally existing causes the user to be difficult the problem of watching the mandate program subscribed at any time since authorization is more single, and due to authorization and caused by the poor problem of safety.
Description
Technical field
The present invention relates to wireless communication technology field, espespecially a kind of authorization management method, device and authentication management system.
Background technology
With the development of wireless communication technique and universal, cordless communication network has been applied to each of people's daily life
A aspect.For example, DTV network can be authorized and be managed by radio communication, brought greatly for the use of user
Convenience.
Current DTV generally includes two kinds of authorizations, i.e. smart card is fixed to authorize and be awarded with DTV STB
Power.Smart card fixes the mode authorized:User's family puts a set-top box, is inserted into smart card, carrier server is to the use
The smart card at family is authorized, and after set-top box receives authorization message, can carry out the broadcasting of TV programme;However, the smart card
The mandate that the fixed mode authorized limits user is used just for the set-top box and smart card of family, if user arrived it is other
In place, such as other houses of user, friend's family, the places such as hotel, then can not watch the TV Festival oneself having subscribed to
Mesh.The mode of DTV STB mandate is:Interactive Internet TV (Internet Protocol Television, letter
Referred to as:IPTV) or by internet provide application service (Over The Top, referred to as:OTT) DTV STB is
It is authenticated login by the account of user, pin mode, user to other places is if it is desired to watch the TV of oneself order
Program then needs the account, the password that input oneself, in this way, can have security risk.
In conclusion in the prior art to the authorization of DTV, generally existing is more single due to authorization
And cause the user to be difficult the problem of watching the mandate program subscribed at any time, and due to authorization and caused by safety compared with
The problem of difference.
Invention content
In order to solve the above-mentioned technical problem, an embodiment of the present invention provides a kind of authorization management method, device and mandate pipes
Reason system, to solve in the prior art to the authorization of DTV, generally existing is led since authorization is more single
Family of applying is difficult the problem of watching the mandate program subscribed at any time, and due to authorization and caused by safety it is poor
Problem.
In a first aspect, the embodiment of the present invention provides a kind of authorization management method, including:
The identification information of acquisition for mobile terminal account number id information and authorization terminal;
The mobile terminal believes the encryption certification that the account ID information and the identification information of the authorization terminal are formed
Breath is sent to carrier server, and the encrypted authentication information is used to indicate the carrier server and generates the authorization terminal
Authorization message, and the authorization message is sent to the authorization terminal.
In the first possible realization method of first aspect, the mobile terminal is by the account ID information and described
The encrypted authentication information that the identification information of authorization terminal is formed is sent to before carrier server, including:
The mobile terminal forms authentication information according to the identification information of the account ID information and the authorization terminal
String;
The authentication information string is encrypted in the mobile terminal, forms the encrypted authentication information.
In second of possible realization method of first aspect, the method further includes:
The mobile terminal selects the first authorization terminal, and determine first authorization terminal the mandate period and/or
Mandate project;
The mobile terminal sends update authorized order to the carrier server, and the update authorized order is for referring to
Show battalion's quotient's server to the mandate period of first authorization terminal and/or project is authorized to authorize a change.
In the third possible realization method of first aspect, the method further includes:
The mobile terminal selects the second authorization terminal;
The mobile terminal is sent to the carrier server cancels authorized order, and the cancellation authorized order is for referring to
Show that the carrier server cancels the mandate to second authorization terminal.
In the 4th kind of possible realization method of first aspect, the method further includes:
The mobile terminal selects charge authorization project;
The mobile terminal sends application authorized order to the carrier server, and the application authorized order is for referring to
Show that battalion's quotient's server authorizes the charge authorization project.
According to first aspect, first aspect the first to any one in the 4th kind of possible realization method, the 5th
In the possible realization method of kind, before the identification information of the acquisition for mobile terminal account number id information and authorization terminal, institute
The method of stating further includes:
When the mobile terminal logs in registered account for the first time, authentication request message is sent to battalion's quotient's server;
The mobile terminal receives the authentication response message that battalion's quotient's server is sent, and is wrapped in the authentication response message
Include verification information;
The mobile terminal is logged according to verification information completion.
Second aspect, the embodiment of the present invention provide a kind of authorization management method, including:
Carrier server obtains account number id information and mandate according to the encrypted authentication information received from mobile terminal
The identification information of terminal;
The carrier server is awarded described in generation according to the identification information of the account ID information and the authorization terminal
Weigh the authorization message of terminal;
The authorization message is sent to the authorization terminal by the carrier server.
In the first possible realization method of second aspect, the carrier server is received according to from mobile terminal
Encrypted authentication information, obtain account number id information and authorization terminal identification information, including:
The encrypted authentication information is decrypted in the carrier server, obtains authentication information string;
The carrier server obtains the account ID information and the authorization terminal according to the authentication information string
Identification information.
In second of possible realization method of second aspect, the method further includes:
The carrier server receives the update authorized order that the mobile terminal is sent, in the update authorized order
Include the first authorization terminal of mobile terminal selection, and authorizes the period and/or authorize project;
The carrier server according to the update authorized order to mandate period of first authorization terminal and/
Or project is authorized to authorize a change.
In the third possible realization method of second aspect, the method further includes:
The carrier server receives the cancellation authorized order that the mobile terminal is sent, in the cancellation authorized order
Include the second authorization terminal of mobile terminal selection;
The carrier server cancels the mandate to second authorization terminal according to the cancellation authorized order.
In the 4th kind of possible realization method of second aspect, the method further includes:
The carrier server receives the application authorized order that the mobile terminal is sent, in the application authorized order
Include the charge authorization project of mobile terminal selection;
The carrier server authorizes the charge authorization project according to the application authorized order.
According to second aspect, second aspect the first to any one in the 4th kind of possible realization method, the 5th
In kind possible realization method, the carrier server obtain account number id information and authorization terminal identification information it
Before, the method further includes:
The carrier server receives the authentication request message that the mobile terminal is sent;
The carrier server carries out safety certification according to the authentication request message to the mobile terminal;
The carrier server sends the authentication response message for carrying verification information, the verification to the mobile terminal
Information is used to indicate the mobile terminal completion and logs in.
The third aspect, the embodiment of the present invention provide a kind of empowerment management device, and described device is set in mobile terminal, institute
Stating device includes:
Acquisition module, the identification information for obtaining account number id information and authorization terminal;
Sending module, the mark of the account ID information and the authorization terminal for getting the acquisition module
The encrypted authentication information that information is formed is sent to carrier server, and the encrypted authentication information is used to indicate operator's clothes
Business device generates the authorization message of the authorization terminal, and the authorization message is sent to the authorization terminal.
In the first possible realization method of the third aspect, described device further includes:
First formed module, for the sending module by the encrypted authentication information be sent to carrier server it
Before, according to the identification information of the account ID information and the authorization terminal that the acquisition module is got, form certification letter
Breath string;
Second forms module, and the authentication information string for being formed to the first formation module is encrypted, described in formation
Encrypted authentication information.
In second of possible realization method of the third aspect, described device further includes:
Selecting module, for selecting the first authorization terminal, and determine first authorization terminal the mandate period and/or
Mandate project;
The sending module is additionally operable to send update authorized order to the carrier server, and the update mandate refers to
It enables and is used to indicate battalion's quotient's server to the mandate period of first authorization terminal and/or project is authorized to carry out mandate change
More.
In the third possible realization method of the third aspect, described device further includes:
Selecting module, for selecting the second authorization terminal;
The sending module is additionally operable to send to the carrier server and cancels authorized order, and the cancellation mandate refers to
Enable the mandate for being used to indicate the carrier server cancellation to second authorization terminal.
In the 4th kind of possible realization method of the third aspect, described device further includes:
Selecting module, for selecting charge authorization project;
The sending module is additionally operable to send application authorized order to the carrier server, and the application mandate refers to
Order is used to indicate battalion's quotient's server and is authorized to the charge authorization project.
According to the third aspect, the third aspect the first to any one in the 4th kind of possible realization method, the 5th
In the possible realization method of kind,
The sending module is additionally operable to obtain the mark of account ID information and the authorization terminal described in the acquisition module
Before knowing information, and when the mobile terminal logs in registered account for the first time, sends certification to battalion's quotient's server and ask
Seek message;
Described device further includes:
Receiving module, the authentication response message sent for receiving battalion's quotient's server, in the authentication response message
Including verification information;
Log-in module, the verification information completion for being received according to the receiving module log in.
Fourth aspect, the embodiment of the present invention provide a kind of empowerment management device, and described device is set to carrier server
In, described device includes:
Acquisition module, for according to the encrypted authentication information received from mobile terminal, obtaining account number id information and awarding
Weigh the identification information of terminal;
Generation module, the mark of the account ID information and the authorization terminal for being got according to the acquisition module
Know information, generates the authorization message of the authorization terminal;
Sending module, the authorization message for generating the generation module are sent to the authorization terminal.
In the first possible realization method of fourth aspect, the acquisition module includes:
Decryption unit obtains authentication information string for the encrypted authentication information to be decrypted;
Acquiring unit, the authentication information string for being got according to the decryption unit obtain the account ID letters
The identification information of breath and the authorization terminal.
In second of possible realization method of fourth aspect, described device further includes:
Receiving module, the update authorized order sent for receiving the mobile terminal wrap in the update authorized order
The first authorization terminal of the mobile terminal selection is included, and authorizes the period and/or authorizes project;
Authorization module, the update authorized order for being received according to the receiving module is to first authorization terminal
The mandate period and/or authorize project authorize a change.
In the third possible realization method of fourth aspect, described device further includes:
Receiving module, the cancellation authorized order sent for receiving the mobile terminal wrap in the cancellation authorized order
Include the second authorization terminal of the mobile terminal selection;
Authorization module, the cancellation authorized order for being received according to the receiving module is cancelled to be authorized to described second
The mandate of terminal.
In the 4th kind of possible realization method of fourth aspect, described device further includes:
Receiving module, the application authorized order sent for receiving the mobile terminal wrap in the application authorized order
Include the charge authorization project of the mobile terminal selection;
Authorization module, the application authorized order for being received according to the receiving module is to the charge authorization project
It is authorized.
According to fourth aspect, fourth aspect the first to any one in the 4th kind of possible realization method, the 5th
In the possible realization method of kind, described device further includes:
Receiving module, the identification information for obtaining the account ID information and the authorization terminal in the acquisition module
Before, the authentication request message that the mobile terminal is sent is received;
Authentication module, the authentication request message for being received according to the receiving module carry out the mobile terminal
Safety certification;
The sending module is additionally operable to send the authentication response message for carrying verification information to the mobile terminal, described
Verification information is used to indicate the mobile terminal completion and logs in.
5th aspect, the embodiment of the present invention provide a kind of authentication management system, including:Mobile terminal, carrier server
With at least one authorization terminal;
Wherein, the empowerment management device as described in any one of above-mentioned third aspect, institute are provided in the mobile terminal
State the empowerment management device being provided in carrier server as described in any one of above-mentioned fourth aspect;
The authorization terminal, the authorization message sent for receiving the carrier server, and believed according to the mandate
Breath plays corresponding mandate project.
Authorization management method, device and authentication management system provided in an embodiment of the present invention, pass through acquisition for mobile terminal account
The identification information of number id information and authorization terminal, and the encryption that the account ID information and the identification information of authorization terminal are formed is recognized
Card information is sent to carrier server, which is used to indicate carrier server and generates awarding for the authorization terminal
Information is weighed, and the authorization message is sent to the authorization terminal, has been ordered so that authorization terminal can watch corresponding account
TV programme, wherein the authorization terminal for receiving authorization message is the authorization terminal that uniquely indicates of identification information of authorization terminal;
Technical solution provided in an embodiment of the present invention, solves the authorization in the prior art to DTV, generally existing due to
Authorization is more single and causes the user to be difficult the problem of watching the mandate program subscribed at any time, and due to authorization
The poor problem of safety caused by and.
Description of the drawings
Attached drawing is used for providing further understanding technical solution of the present invention, and a part for constitution instruction, with this
The embodiment of application technical solution for explaining the present invention together, does not constitute the limitation to technical solution of the present invention.
Fig. 1 is a kind of flow chart of authorization management method provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another authorization management method provided in an embodiment of the present invention;
Fig. 3 is the flow chart of another authorization management method provided in an embodiment of the present invention;
Fig. 4 is the flow chart of another authorization management method provided in an embodiment of the present invention;
Fig. 5 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention;
Fig. 6 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention;
Fig. 7 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention;
Fig. 8 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention;
Fig. 9 is a kind of application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention;
Figure 10 is another application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention;
Figure 11 is another application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention;
Figure 12 is a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention;
Figure 13 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention;
Figure 14 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention;
Figure 15 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention;
Figure 16 is also a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention;
Figure 17 is also a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention;
Figure 18 is a kind of structural schematic diagram of authentication management system provided in an embodiment of the present invention.
Specific implementation mode
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention
Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application
Feature mutually can arbitrarily combine.
Step shown in the flowchart of the accompanying drawings can be in the computer system of such as a group of computer-executable instructions
It executes.Also, although logical order is shown in flow charts, and it in some cases, can be with suitable different from herein
Sequence executes shown or described step.
Technical scheme of the present invention is described in detail below by specific embodiment, the present invention relates to mobile whole
End, carrier server and authorization terminal, the mobile terminal are, for example, smart mobile phone, personal digital assistant (Personal
Digital Assistant, referred to as:PDA) or tablet computer etc., carrier server is, for example, CHINA RFTCOM Co Ltd or unicom net
The server etc. of network, authorization terminal are, for example, the set-top box of IPTV or OTT DTVs.The present invention provides following specific
Embodiment can be combined with each other, and same or analogous concept or process may be repeated no more in some embodiments.
Fig. 1 is a kind of flow chart of authorization management method provided in an embodiment of the present invention.Mandate pipe provided in this embodiment
In the case of reason method is suitable for providing TV programme mandate to the set-top box of DTV by mobile terminal, this method can be with
It is executed by empowerment management device, which realizes that the device can collect hardware and software in conjunction with by way of
At in the processor of mobile terminal, calls and use for processor.As shown in Figure 1, the method for the present embodiment may include:
S110, the identification information of acquisition for mobile terminal account ID information and authorization terminal.
Authorization management method provided in an embodiment of the present invention carries the set-top box of DTV by mobile terminal to be a kind of
For the mode of TV programme mandate, method provided in an embodiment of the present invention is not directly in set-top box or insertion set-top box
Smart card is authorized, but is authorized by mobile terminal, which plays critical work in licensing process
With.In practical applications, mobile terminal can first obtain account number (Identification, referred to as:ID it) information and awards
The identification information of terminal is weighed, which is the account that user registers in carrier server side, which can
To include the contents such as subscriber identity information, account title, password, the identification information of authorization terminal is the unique mark of authorization terminal
Information, for example, unique encodings of set-top box, mobile terminal can pass through the universal serial bus in authorization terminal
(Universal Serial Bus, referred to as:USB) modes such as interface, local network or bluetooth connection and authorization terminal are established
Link, to obtain the identification information of authorization terminal, mobile terminal can also obtain mandate by way of selecting historical record
The identification information of terminal.In addition, mode of the user in carrier server side register account number, it can be for user by radio communication
Network is in carrier server side register account number, or and user handles the business of application account at carrier service center,
And obtain register account number.
It should be noted that it is some changeless mobile terminal that the embodiment of the present invention, which does not limit mobile terminal,
Also it is a changeless set-top box not limit authorization terminal to be authorized (being, for example, set-top box), and user can be according to demand
Mobile terminal and set-top box are replaced at any time, for example, when user watches TV programme in own home, PAD can be used in family
Set-top box authorized, when user does not carry PAD in kith and kin family, registered account can be logged in using smart mobile phone,
And the set-top box in kith and kin family is authorized.
The encrypted authentication information that account ID information and the identification information of authorization terminal are formed is sent to by S120, mobile terminal
Carrier server, the encrypted authentication information are used to indicate the authorization message that carrier server generates authorization terminal, and should
Authorization message is sent to authorization terminal.
It in embodiments of the present invention, can be with after acquisition for mobile terminal to account ID information and the identification information of authorization terminal
According to account ID information, the identification information of authorization terminal and preset rule, authentication information string is formed, which is used for
It is authenticated in carrier server side.In practical applications, it is contemplated that the safety of account and mandate, it generally can not be in plain text
Form send the authentication information string, therefore, the authentication information string can also be encrypted in mobile terminal, with formed encryption recognize
Card information then sends the encrypted authentication information to carrier server.In carrier server side, receives the encryption and recognize
After demonstrate,proving information, it can be decrypted, the mode of the encryption and decryption can be that both sides set in advance in advance, to
The account information authorized to authentication information string, the authentication information string request that carrier server is obtained according to decryption and request
The authorization terminal of mandate, under conditions of the account meets mandate, carrier server can be generated for the authorization terminal
Authorization message, the authorization terminal are the authorization terminal indicated by the identification information of authorization terminal, and then, carrier server is logical
It crosses digital TV network or cordless communication network and the authorization message of generation is sent to corresponding authorization terminal, authorization terminal is connecing
After receiving authorization message, authorization message can be stored and code stream is descrambled using authorization message, so that it may to play user's
TV programme ordered by register account number.
It is stated that being had the following problems in the prior art to the authorization of DTV in above-mentioned background technology:Its
One, the mandate that the mode that smart card fixation authorizes limits user is used just for specific set-top box and smart card, if replacing
Set-top box and smart card can not then watch the TV programme that user has ordered, in this way so that user cannot watch anywhere or anytime
The TV programme ordered have poor intelligent and flexibility, and reduce the effect of user experience;Second, digital
The mode of TV set-top box mandate can watch user in different places and order although compared with smart card fixes authorization
The TV programme of purchase, but since user needs to be authenticated and log in by set-top box input account and password, for users,
Some potential safety problems is brought, the account and password of user may be revealed, caused damages.Mandate in compared with the prior art
Method, authorization management method provided in an embodiment of the present invention, as long as user has the account authenticated, even if user is not current
The family of inhabitation, such as gone in other houses of user, kith and kin's family, gone out, in hotel etc., to want the electricity for watching oneself order
Depending on program, corresponding set-top box need to only be authorized by mobile terminal, also do not need multiple accounts and pay surcharge
With, in addition, the mobile terminal using user authorizes, compared with the prior art in directly authorized by set-top box, have compared with
High safety and reliability.
The authorization management method that the embodiment of the present invention is provided passes through acquisition for mobile terminal account ID information and authorization terminal
Identification information, and the encrypted authentication information that the account ID information and the identification information of authorization terminal are formed is sent to operator
Server, the encrypted authentication information are used to indicate the authorization message that carrier server generates the authorization terminal, and by the mandate
Information is sent to the authorization terminal, so that authorization terminal can watch the TV programme that corresponding account has been ordered, wherein connect
The authorization terminal for receiving authorization message is the authorization terminal that the identification information of authorization terminal uniquely indicates;It is provided in an embodiment of the present invention
Method, solves the authorization in the prior art to DTV, and generally existing causes since authorization is more single
User is difficult the problem of watching the mandate program subscribed at any time, and due to authorization and caused by safety is poor asks
Topic.
Optionally, Fig. 2 is the flow chart of another authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 1
On the basis of applying example, method provided in this embodiment can also include after S120:
S130, mobile terminal select the first authorization terminal, and determine the mandate period of first authorization terminal and/or award
Claim mesh;
S140, mobile terminal send update authorized order to carrier server, which is used to indicate this
It seeks the mandate period of quotient's the first authorization terminal of server pair and/or project is authorized to authorize a change.
In embodiments of the present invention, the above-mentioned authorization terminal that has been described above is not limited to some specific authorization terminal, in addition,
In the extent of competence of register account number, one or more authorization terminals can be given to be authorized by mobile terminal.For example, with
The permission for the account 1 that family is registered as:Be only capable of the TV programme for being authorized, being authorized to an authorization terminal simultaneously, then it is mobile whole
After end logs in the account 1, it is only capable of asking to authorize an authorization terminal to carrier server in the same period, if desired authorizes
Other authorization terminals then need to cancel the mandate to authorization terminal;For another example the permission of the account 2 of user's registration is:Simultaneously
To the TV programme that most 5 authorization terminals are authorized, authorized, then after mobile terminal logs in the account 2, in the same period
The terminal authorized can be asked to be up to 5 to carrier server.
After being authorized to one or more authorization terminals by mobile terminal, it can also be selected by the mobile terminal
To specifying the authorized content of authorization terminal, in practical applications, after mobile terminal selects the first authorization terminal, it may be determined that this
The contents such as the mandate period of the first authorization terminal and/or mandate project carry above- mentioned information after determining above- mentioned information
Update authorized order is sent to carrier server, and is authorized a change by the first authorization terminal of carrier server pair, becomes
Content more is the contents such as above-mentioned fixed mandate period and/or mandate project.For example, when in user no longer family, it can
To the mandate period of set-top box in family and program is authorized with the selection of network by radio communication, in this way, being conducive to control in family
Child solely see TV Festival object time and content, realize the intelligent management of TV programme and the purpose of flexible management.
Optionally, Fig. 3 is the flow chart of another authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 1
On the basis of applying example, method provided in this embodiment can also include after S120:
S150, mobile terminal select the second authorization terminal;
S160, mobile terminal is sent to carrier server cancels authorized order, which is used to indicate this
Carrier server cancels the mandate to the second authorization terminal.
It in embodiments of the present invention, can be with after being authorized to one or more authorization terminals by mobile terminal
Cancel the mandate to specifying authorization terminal by the mobile terminal, in practical applications, mobile terminal selects the second authorization terminal
Afterwards, the cancellation authorized order for the identification information for carrying second authorization terminal, operator's clothes can be sent to carrier server
Business device can have and targetedly cancel to second authorization terminal according to the second authorization terminal cancelled indicated by authorized order
Mandate.For example, when user is outgoing, after being authorized to the set-top box in hotel by mobile terminal, when no longer needing to use wine
When the set-top box viewing TV programme in shop, can the mandate to the set-top box be cancelled by mobile terminal selection at any time, in this way, can
Forget when leaving hotel to avoid user cancel authorize and caused by economic loss.
Optionally, Fig. 4 is the flow chart of another authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 1
On the basis of applying example, method provided in this embodiment can also include after S120:
S170, mobile terminal select charge authorization project;
S180, mobile terminal send application authorized order to carrier server, and this application authorized order is used to indicate this
Battalion's quotient's server authorizes the charge authorization project.
In embodiments of the present invention, after logging in register account number by mobile terminal and being authorized to authorization terminal, also
It can apply for other mandate projects, usually charge authorization project, such as certain TV programme can not be straight after register account number
Viewing is connect, user is needed to apply and can just be watched after paying corresponding expense, it, can after mobile terminal selects charge authorization project
To send the application authorized order for carrying the charge authorization project to carrier server, carrier server can be according to application
Charge authorization project indicated by authorized order is authorized so that set-top box can play corresponding charge program, Yong Hutong
The charge authorization project of mobile terminal application is crossed, some account application is typically directed to, as long as being logged in by the account, you can
To watch corresponding charge program.
Further, after the charge authorization project that user passes through mobile terminal application, authorization terminal can also be specified, such as
It specifies some or certain authorization terminals that can watch charge program, then the identification information of the authorization terminal is carried and authorized in application
Instruction, instruction battalion quotient's server only open charge program to specified authorization terminal.
Optionally, on the basis of the above embodiment of the present invention, method provided in this embodiment, can be with before S110
Include the following steps, i.e. S1~S3:
When mobile terminal logs in registered account for the first time, authentication request message is sent to battalion's quotient's server by S1;
S2, mobile terminal receive the authentication response message that battalion's quotient's server is sent, which includes verification
Information;
S3, mobile terminal are logged according to verification information completion.
In embodiments of the present invention, user is after the register account number of carrier server side, you can with by arbitrarily mobile whole
End logs in the account, if user logs in registered account for the first time using some mobile terminal, needs to carry out two-way authentication,
In verification process, after carrier server receives authentication request message, authentication operations can be carried out, then, can will be verified
Information carrying is sent to mobile terminal in authentication response message, which is, for example, an identifying code, and user is in movement
The verification information is inputted in terminal and password completion logs in;If user forgets Password in landfall process, mobile terminal can be passed through
Password push-botton operation of giving for change in software interface gives password for change, and after logging in successfully, the software in mobile terminal can be by account ID
Information extraction is spare.In this way, it is advantageously ensured that the safety of register account number, even if user replaces mobile terminal login account,
It can ensure the safety of account.
Fig. 5 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention.Mandate provided in this embodiment
In the case of management method is suitable for providing TV programme mandate to the set-top box of DTV by mobile terminal, this method can
To be executed by empowerment management device, which is realized hardware and software in conjunction with by way of, which can be with
It is integrated in the processor of carrier server, calls and use for processor.As shown in figure 5, the method for the present embodiment can wrap
It includes:
S210, carrier server obtain account ID information and award according to the encrypted authentication information received from mobile terminal
Weigh the identification information of terminal.
Authorization management method provided in an embodiment of the present invention carries the set-top box of DTV by mobile terminal to be a kind of
For the mode of TV programme mandate, method provided in an embodiment of the present invention is not directly in set-top box or insertion set-top box
Smart card is authorized, but is authorized by mobile terminal, i.e., carrier server receives the encryption that mobile terminal is sent
Authentication information, and thereby the identification information of account ID information and authorization terminal is obtained in the encrypted authentication information, i.e. the movement is whole
Play the role of in licensing process critical in end.In practical applications, carrier server is got account ID information and
In the identification information of authorization terminal, which is the account that user registers in carrier server side, account ID letters
Breath may include the contents such as subscriber identity information, account title, password, and the identification information of authorization terminal is the unique of authorization terminal
Identification information, for example, unique encodings of set-top box, mobile terminal can pass through USB interface, the local network in authorization terminal
Or the modes such as bluetooth connection are established the link with authorization terminal, to obtain the identification information of authorization terminal, mobile terminal can be with
The identification information of authorization terminal is obtained by way of selecting historical record.In addition, user registers account in carrier server side
Number mode, can be user by radio communication network in carrier server side register account number, or user is transporting
Ying Shang service centres handle the business of application account, and obtain register account number.
In embodiments of the present invention, carrier service, can be with after the encrypted authentication information for receiving mobile terminal transmission
The encrypted authentication information is decrypted, authentication information string is obtained, to according to the authentication information string and preset rule, obtain
The identification information of account ID information and authorization terminal.In practical applications, it is contemplated that the safety of account and mandate, mobile terminal
Above-mentioned authentication information string generally can not be sent in the form of plaintext, therefore, the authentication information string can be encrypted in mobile terminal,
To form encrypted authentication information, then, the encrypted authentication information is sent to carrier server, wherein the encryption and decryption
Mode can be that both sides set in advance in advance.
It should be noted that it is some changeless mobile terminal that the embodiment of the present invention, which does not limit mobile terminal,
Also it is a changeless set-top box not limit authorization terminal to be authorized (being, for example, set-top box), and user can be according to demand
Mobile terminal and set-top box are replaced at any time, for example, when user watches TV programme in own home, PAD can be used in family
Set-top box authorized, when user does not carry PAD in kith and kin family, registered account can be logged in using smart mobile phone,
And the set-top box in kith and kin family is authorized.
S220, carrier server generate awarding for authorization terminal according to the identification information of account ID information and authorization terminal
Weigh information.
The authorization message is sent to the authorization terminal by S230, carrier server.
In embodiments of the present invention, carrier server is in the identification information for getting account ID information and authorization terminal
Afterwards, it is known that the authorization terminal for asking the account information authorized and request to authorize, under conditions of the account meets mandate, operator
Server can generate the authorization message for the authorization terminal, which is indicated by the identification information of authorization terminal
Authorization terminal, then, carrier server is sent out the authorization message of generation by digital TV network or cordless communication network
Corresponding authorization terminal is given, authorization terminal can store authorization message and utilize authorization message after receiving authorization message
Code stream is descrambled, so that it may to play the TV programme ordered by the register account number of user.
Had been described above in above-described embodiment the shortcomings that authorization in the prior art to DTV there are problems that and, therefore
Details are not described herein.Authorization method in compared with the prior art, authorization management method provided in an embodiment of the present invention, as long as with
Family has the account that authenticated, even if user not in the family of current resident, such as has gone in other houses of user, Qin Youjia
Innner and outer goes out to want to watch in hotel etc. the TV programme of oneself order, need to only be awarded to corresponding set-top box by mobile terminal
Power does not need multiple accounts yet and pays extra charge, in addition, the mobile terminal using user authorizes, compared to existing
Have in technology and directly authorized by set-top box, there is higher safety and reliability.
The authorization management method that the embodiment of the present invention is provided, carrier server is according to the encryption received from mobile terminal
Authentication information obtains the identification information of account ID information and authorization terminal, and carrier server is according to the account ID information
The authorization message of the authorization terminal is generated with the identification information of authorization terminal, and the authorization message of generation is then sent to the mandate
Terminal, so that authorization terminal can watch the TV programme that corresponding account has been ordered, wherein receive the mandate of authorization message
Terminal is the authorization terminal that the identification information of authorization terminal uniquely indicates;Method provided in an embodiment of the present invention solves existing
User is caused to be difficult to watch at any time since authorization is more single the authorization of DTV, generally existing in technology
The problem of mandate program subscribed to, and due to authorization and caused by the poor problem of safety.
Optionally, Fig. 6 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 5
On the basis of applying example, method provided in this embodiment can also include after S230:
S240, carrier server receive the update authorized order that mobile terminal is sent, which includes
First authorization terminal of mobile terminal selection, and authorize the period and/or authorize project;
S250, carrier server is according to mandate period of first authorization terminal of update authorized order pair and/or awards
Claim mesh authorizes a change.
In embodiments of the present invention, the above-mentioned authorization terminal that has been described above is not limited to some specific authorization terminal, in addition,
In the extent of competence of register account number, one or more authorization terminals can be given to be awarded by carrier server by mobile terminal
Power.
It, can also be by carrier server to shifting after carrier server authorizes one or more authorization terminals
The dynamic selected specified authorization terminal of terminal and specified authorized content are authorized, and in practical applications, carrier server connects
The update authorized order that mobile terminal is sent is received, which includes that the mobile terminal selects the first authorization terminal,
And selection to contents such as the mandate period of first authorization terminal and/or mandate projects, carrier server is according to more
The first authorization terminal of information pair in new authorized order authorizes a change, the content of change be the above-mentioned mandate period and/
Or the contents such as mandate project.For example, when in user no longer family, network selection can be awarded by set-top box in family by radio communication
It weighs the period and authorizes program, in this way, the child for being conducive to control in family solely sees TV Festival object time and content, realize TV
The intelligent management of program and the purpose of flexible management.
Optionally, Fig. 7 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 5
On the basis of applying example, method provided in this embodiment can also include after S230:
S260, carrier server receive the cancellation authorized order that mobile terminal is sent, which includes
Second authorization terminal of mobile terminal selection;
S270, carrier server cancel the mandate to the second authorization terminal according to the cancellation authorized order.
It in embodiments of the present invention, can be with after carrier server authorizes one or more authorization terminals
By carrier server to cancelling the mandate to specifying authorization terminal, in practical applications, carrier server receives mobile whole
The cancellation authorized order sent is held, carrying mobile terminal in the cancellation authorized order selects the second authorization terminal, then operator takes
Business device can have and targetedly cancel to second authorization terminal according to the second authorization terminal cancelled indicated by authorized order
Mandate.For example, when user is outgoing, after carrier server authorizes the set-top box in hotel, when no longer needing to use wine
When the set-top box viewing TV programme in shop, carrier server can pass through the cancellation authorized order cancellation pair of reception mobile terminal
The mandate of the set-top box, this way it is possible to avoid user forget when leaving hotel cancel authorize and caused by economic loss.
Optionally, Fig. 8 is also a kind of flow chart of authorization management method provided in an embodiment of the present invention.Reality shown in Fig. 5
On the basis of applying example, method provided in this embodiment can also include after S230:
S280, carrier server receive the application authorized order that mobile terminal is sent, and this application authorized order includes
The charge authorization project of mobile terminal selection;
S290, carrier server authorize charge authorization project according to this application authorized order.
In embodiments of the present invention, in carrier server certification register account number and after being authorized to authorization terminal, also
Can be by the other mandate projects of carrier server mandate, usually charge authorization project, such as certain TV programme are being registered
After account can not direct viewing, need user to apply and can just be watched after paying corresponding expense, carrier server connects
The application authorized order that mobile terminal is sent is received, the charge authorization item of mobile terminal selection is carried in this application authorized order
Mesh, then carrier server can according to application authorized order indicated by charge authorization project be authorized so that set-top box
Corresponding charge program can be played, user is typically directed to some account by the charge authorization project of mobile terminal application
Application, as long as being logged in by the account, you can to watch corresponding charge program.
It further, can also be specified by mobile terminal after the charge authorization project that user passes through mobile terminal application
Authorization terminal, such as specify some or certain authorization terminals that can watch charge program, then the Shen that carrier server receives
Please authorized order also carry the identification information of the authorization terminal, that is, seek quotient's server and specified authorization terminal can be opened and received
Take program.
Optionally, on the basis of the above embodiment of the present invention, method provided in this embodiment, can be with before S210
Include the following steps, i.e. S1~S3:
S1, carrier server receive the authentication request message that mobile terminal is sent;
S2, carrier server carry out safety certification according to authentication request message to mobile terminal;
S3, carrier server send the authentication response message for carrying verification information to mobile terminal, which uses
It is logged in instruction mobile terminal completion.
In embodiments of the present invention, user is after the register account number of carrier server side, you can with by arbitrarily mobile whole
End logs in the account, if user logs in registered account for the first time using some mobile terminal, needs to carry out two-way authentication,
In verification process, after carrier server receives authentication request message, authentication operations can be carried out, that is, realize that safety is recognized
Verification information then can be carried and be sent to mobile terminal in authentication response message, which is, for example, one and tests by card
Code is demonstrate,proved, user inputs the verification information in the terminal and password completion logs in;It, can if user forgets Password in landfall process
It is soft in mobile terminal after logging in successfully to give password for change by the password push-botton operation of giving for change in mobile terminal software interface
Part can extract account ID information spare.In this way, it is advantageously ensured that the safety of register account number, is moved eventually even if user replaces
Hold login account, it is also ensured that the safety of account.
Fig. 9 is a kind of application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention.Applied field shown in Fig. 9
Scape is one-way broadcast systems in the prior art, and authorization terminal is, for example, unilateral network set-top box, in application scenarios shown in Fig. 9
Authorization management method may include:
Step 1, the unique identification information of acquisition for mobile terminal set-top box.
The mode of the unique identification information of the set-top box of unilateral network should be obtained in application scenarios, such as can move
Dynamic remote controler, interface I D, USB interface of the terminal by set-top box, and search the Quick Response Code of set-top box or other coding informations
Etc. modes.
Step 2, unilateral network set-top box provides the unique identification information of the set-top box by USB interface or Quick Response Code.
In the application scenarios, mobile terminal can also obtain account ID information according to the account that user has logged in.
Step 3, mobile terminal will be sent to after the unique identification information of set-top box and account ID information encryption by network
Carrier server, then, carrier server can decrypt ciphertext, and obtain the unique identification information and account ID of set-top box
Information generates authorization code.
Step 4, which is sent to specified unilateral network machine top by television network broadcast by carrier server
Box, then, the unilateral network set-top box can play the TV programme that corresponding account is ordered according to authorization code.
Figure 10 is another application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention.It is answered shown in Figure 10
It is remote authorization management with scene, you can to manage the authorization conditions of set-top box by mobile terminal remote, application shown in Figure 10
Authorization management method in scene may include:
Step 1, after mobile terminal login account, history authority record is selected;Set-top box is obtained by historical record
Unique identification information.
In the application scenarios, when mobile terminal elsewhere, when needing to particular historical set-top box mandate, Ke Yi
The unique identification information of the set-top box is searched in history grant column list, then to carrier server application mandate;In addition, mobile
Terminal can also obtain account ID information according to the account that user has logged in.
Step 2, mobile terminal will be sent to after the unique identification information of set-top box and account ID information encryption by network
Carrier server, then, carrier server can decrypt ciphertext, and obtain the unique identification information and account ID of set-top box
Information generates authorization code.
Step 3, which is sent to specified set-top box by television network broadcast by carrier server, then,
The set-top box can play the TV programme that corresponding account is ordered according to authorization code.
In the application scenarios, when parent stays out, the mandate of TV programme can be flexibly controlled by mobile terminal
Period and the program that can be watched for children avoid children's viewing TV for a long time, you can to become by mobile terminal remote
The mandate period of more set-top box and/or mandate project, may include steps of in practical operation:
Step 4, the specified set-top box of mobile terminal selection, and determine and authorize period and/or mandate project.
Step 5, mobile terminal is by the specified set-top box of selection, and authorizes the information such as period and/or mandate project
Carrying is sent to carrier server in updating authorized order.
Step 6, carrier server sends update authorized order to specified set-top box, to specify the mandate of set-top box to this
Period and/or mandate project authorize a change.
It, can also be at any time if user is not intended to some set-top box oneself authorized to watch program in the application scenarios
Cancelled by mobile terminal and being authorized.
Figure 11 is another application scenarios schematic diagram in authorization management method provided in an embodiment of the present invention.It is answered shown in Figure 11
In the case of being IPTV private networks or public OTT business with scene, which is bilateral network, and authorization terminal is, for example, bilateral network
Set-top box, the authorization management method in application scenarios shown in Figure 11 may include:
Step 1, mobile terminal obtains the unique identification information of set-top box by local network.
In the application scenarios, mobile terminal can by way of sending request message acquisition request set-top box it is unique
Identification information.
Step 2, bilateral network set-top box provides the unique identification information of the set-top box by local network.
In the application scenarios, its unique identification information can be carried and be sent in the response message by bilateral network set-top box
To mobile terminal;In addition, mobile terminal can also obtain account ID information according to the account that user has logged in.
It should be noted that Fig. 9 can also be used by obtaining the mode of the unique identification information of set-top box in the application scenarios
Step 1 and step 2 in shown application scenarios.
Step 3, mobile terminal will be sent to after the unique identification information of set-top box and account ID information encryption by network
Carrier server, then, carrier server can decrypt ciphertext, and obtain the unique identification information and account ID of set-top box
Information generates authorization code.
Step 4, which is sent to specified bilateral network machine top by television network broadcast by carrier server
Box, then, the bilateral network set-top box can play the TV programme that corresponding account is ordered according to authorization code.
In the application scenarios, realize that set-top box logs in authentication process using mobile terminal, support in arbitrary IPTV or
It is logged in arbitrary OTT set-top box, realizes that charge program strange land is watched or charge program long-distance authorizing, you can with by mobile whole
Mandate of the end selection to program of charging, may include steps of in practical operation:
Step 5, mobile terminal selection needs the charge program watched, and the charge program is carried in application authorized order
In be sent to carrier server, i.e., to the carrier server application mandate charge program.
Step 6, carrier server sends charge program authorized order to bilateral network set-top box, wherein specified mobile whole
The charge program for holding selection, to be authorized to the charge program.
Figure 12 is a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention.It is provided in this embodiment to award
In the case of managing device is weighed suitable for providing TV programme mandate to the set-top box of DTV by mobile terminal, the mandate
Managing device realizes that the device can be integrated in the processor of mobile terminal hardware and software in conjunction with by way of, supplies
Processor, which calls, to be used.As shown in figure 12, the empowerment management device of the present embodiment may include:Acquisition module 11 and sending module
12。
Wherein, acquisition module 11, the identification information for obtaining account ID information and authorization terminal.
Empowerment management device provided in an embodiment of the present invention carries the set-top box of DTV by mobile terminal to be a kind of
For the mode of TV programme mandate, device provided in an embodiment of the present invention executes when authorizing, and is not directly to set-top box or to insert
The smart card entered in set-top box is authorized, but is authorized by mobile terminal, which rises in licensing process
To critical effect.In practical applications, acquisition module 11 can first obtain account ID information and the mark letter of authorization terminal
Breath, the account ID information are the account that user registers in carrier server side, which may include user identity
The contents such as information, account title, password, the identification information of authorization terminal are the unique identification information of authorization terminal, for example, machine
The unique encodings of top box, mobile terminal can pass through general-purpose serial bus USB interface, local network or the bluetooth in authorization terminal
The modes such as connection are established the link with authorization terminal, and to obtain the identification information of authorization terminal, acquisition module 11 can also pass through
The mode of selection historical record obtains the identification information of authorization terminal.In addition, user is in carrier server side register account number
Mode, can be user by radio communication network in carrier server side register account number, or user is in operator
Service centre handles the business of application account, and obtains register account number.
It should be noted that it is some changeless mobile terminal that the embodiment of the present invention, which does not limit mobile terminal,
Also it is a changeless set-top box not limit authorization terminal to be authorized (being, for example, set-top box), and user can be according to demand
Mobile terminal and set-top box are replaced at any time, for example, when user watches TV programme in own home, PAD can be used in family
Set-top box authorized, when user does not carry PAD in kith and kin family, registered account can be logged in using smart mobile phone,
And the set-top box in kith and kin family is authorized.
The identification information of sending module 12, account ID information and authorization terminal for getting acquisition module 11 is formed
Encrypted authentication information be sent to carrier server, the encrypted authentication information be used to indicate carrier server generate authorize eventually
The authorization message at end, and the authorization message is sent to authorization terminal.
In embodiments of the present invention, it after acquisition module 11 gets account ID information and the identification information of authorization terminal, moves
First formation module of dynamic terminal can recognize according to account ID information, the identification information of authorization terminal and preset rule, formation
Bit string is demonstrate,proved, the authentication information string in carrier server side for being authenticated.In practical applications, it is contemplated that account and award
The safety of power generally can not send the authentication information string in the form of plaintext, and therefore, the second of mobile terminal forms module can
The authentication information string to be encrypted, to form encrypted authentication information, then, sent out from sending module 12 to carrier server
Give the encrypted authentication information.In carrier server side, after receiving the encrypted authentication information, it can be decrypted place
The mode of reason, the encryption and decryption can be that both sides set in advance in advance, to obtain authentication information string, carrier server root
The authorization terminal that the account information and request that request known to the authentication information string obtained according to decryption authorizes authorize, meets in the account
Under conditions of mandate, carrier server can generate the authorization message for the authorization terminal, which is to authorize
Authorization terminal indicated by the identification information of terminal, then, carrier server pass through digital TV network or wireless communication networks
The authorization message of generation is sent to corresponding authorization terminal by network, and authorization terminal can be stored and be awarded after receiving authorization message
Power information simultaneously descrambles code stream using authorization message, so that it may to play the TV programme ordered by the register account number of user.
Had been described above in above-described embodiment the shortcomings that authorization in the prior art to DTV there are problems that and, therefore
Details are not described herein.Authorization in compared with the prior art, empowerment management device provided in an embodiment of the present invention, as long as with
Family has the account that authenticated, even if user not in the family of current resident, such as has gone in other houses of user, Qin Youjia
Innner and outer goes out to want to watch in hotel etc. the TV programme of oneself order, need to only be awarded to corresponding set-top box by mobile terminal
Power does not need multiple accounts yet and pays extra charge, in addition, the mobile terminal using user authorizes, compared to existing
Have in technology and directly authorized by set-top box, there is higher safety and reliability.
The empowerment management device that inventive embodiments provide is used to execute the empowerment management that embodiment illustrated in fig. 1 of the present invention provides
Method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, Figure 13 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention.In Figure 12
On the architecture basics of shown device, device provided in this embodiment can also include:
Selecting module 13, for select the first authorization terminal, and determine first authorization terminal the mandate period and/or
Mandate project;
Sending module 12 is additionally operable to send update authorized order to carrier server, and the update authorized order is for referring to
Show the mandate period of the battalion the first authorization terminal of quotient's server pair and/or project is authorized to authorize a change.
In embodiments of the present invention, the above-mentioned authorization terminal that has been described above is not limited to some specific authorization terminal, in addition,
In the extent of competence of register account number, one or more authorization terminals can be given to be authorized by mobile terminal.
After being authorized to one or more authorization terminals by mobile terminal, it can also be selected by the mobile terminal
To specifying the authorized content of authorization terminal, in practical applications, after selecting module 13 selects the first authorization terminal, it may be determined that right
The contents such as the mandate period of first authorization terminal and/or mandate project, after determining above- mentioned information, sending module 12 can be with
Above- mentioned information is carried and is sent to carrier server in update authorized order, and by the first authorization terminal of carrier server pair
It authorizes a change, the content of change is the contents such as above-mentioned fixed mandate period and/or mandate project.For example, with
When in the no longer family of family, network it can select the mandate period to set-top box in family by radio communication and authorize program, in this way,
The child for being conducive to control in family solely sees TV Festival object time and content, realizes the intelligent management and flexible management of TV programme
Purpose.
The empowerment management device that inventive embodiments provide is used to execute the empowerment management that embodiment illustrated in fig. 2 of the present invention provides
Method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, in the empowerment management device that embodiment illustrated in fig. 13 provides,
Selecting module 13 is additionally operable to the second authorization terminal of selection;
Sending module 12 is additionally operable to send to carrier server and cancels authorized order, and the cancellation authorized order is for referring to
Show that the carrier server cancels the mandate to the second authorization terminal.
It in embodiments of the present invention, can be with after being authorized to one or more authorization terminals by mobile terminal
Cancel the mandate to specifying authorization terminal by the mobile terminal, in practical applications, the selection of selecting module 13 second authorizes eventually
Behind end, the cancellation mandate that sending module 12 can send the identification information for carrying second authorization terminal to carrier server refers to
It enables, carrier server can have and targetedly cancel to this according to the second authorization terminal cancelled indicated by authorized order
The mandate of second authorization terminal.For example, when user is outgoing, after being authorized to the set-top box in hotel by mobile terminal, when not
When needing the set-top box viewing TV programme using hotel again, it can be cancelled at any time to the set-top box by mobile terminal selection
Authorize, this way it is possible to avoid user forget when leaving hotel cancel authorize and caused by economic loss.
The empowerment management device that inventive embodiments provide is used to execute the empowerment management that embodiment illustrated in fig. 3 of the present invention provides
Method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, in the empowerment management device that embodiment illustrated in fig. 13 provides,
Selecting module 13 is additionally operable to selection charge authorization project;
Sending module 12 is additionally operable to send application authorized order to carrier server, and this application authorized order is for referring to
Show that battalion quotient's server authorizes charge authorization project.
In embodiments of the present invention, after logging in register account number by mobile terminal and being authorized to authorization terminal, also
It can apply for other mandate projects, usually charge authorization project, such as certain TV programme can not be straight after register account number
Viewing is connect, user is needed to apply and can just be watched after paying corresponding expense, after selecting module 13 selects charge authorization project,
Sending module 12 can send the application authorized order for carrying the charge authorization project, carrier server to carrier server
It can be authorized according to the charge authorization project indicated by application authorized order so that set-top box can play corresponding charge
Program, user are typically directed to some account application, as long as passing through the account by the charge authorization project of mobile terminal application
Family logs in, you can to watch corresponding charge program.
Further, after the charge authorization project that user passes through mobile terminal application, authorization terminal can also be specified, such as
It specifies some or certain authorization terminals that can watch charge program, then the identification information of the authorization terminal is carried and authorized in application
Instruction, instruction battalion quotient's server only open charge program to specified authorization terminal.
The empowerment management device that inventive embodiments provide is used to execute the empowerment management that embodiment illustrated in fig. 4 of the present invention provides
Method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, Figure 14 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention.In Figure 12
On the architecture basics of shown device, device provided in this embodiment can also include receiving module 14 and log-in module 15.
In the present embodiment, sending module 12 are additionally operable to obtain account ID information and authorization terminal in acquisition module 11
Before identification information, and when mobile terminal logs in registered account for the first time, authentication request message is sent to battalion's quotient's server;
Receiving module 14, the authentication response message sent for receiving battalion's quotient's server, the authentication response message include
Verification information;
Log-in module 15, the verification information completion for being received according to receiving module 14 log in.
In embodiments of the present invention, user is after the register account number of carrier server side, you can with by arbitrarily mobile whole
End logs in the account, if user logs in registered account for the first time using some mobile terminal, needs to carry out two-way authentication,
In verification process, after carrier server receives authentication request message, authentication operations can be carried out, then, can will be verified
Information carrying is sent to mobile terminal in authentication response message, which is, for example, an identifying code, and user is in movement
The verification information is inputted in terminal and password completion logs in;If user forgets Password in landfall process, mobile terminal can be passed through
Password push-botton operation of giving for change in software interface gives password for change, and after logging in successfully, the software in mobile terminal can be by account ID
Information extraction is spare.In this way, it is advantageously ensured that the safety of register account number, even if user replaces mobile terminal login account,
It can ensure the safety of account.
In practical applications, the sending module 12 in each embodiment shown in Figure 12 to Figure 14 of the present invention and receiving module 14 are logical
The transceiver of mobile terminal is crossed to realize, acquisition module 11, selecting module 13 and log-in module 15 can pass through mobile terminal
Processor realizes, the processor for example can be a central processing unit (Central Processing Unit, referred to as:
CPU) or specific integrated circuit (Application Specific Integrated Circuit, referred to as:ASIC),
Either complete one or more integrated circuits of the implementation embodiment of the present invention.
Figure 15 is the structural schematic diagram of another empowerment management device provided in an embodiment of the present invention.It is provided in this embodiment
In the case of empowerment management device is suitable for providing TV programme mandate to the set-top box of DTV by mobile terminal, this is awarded
Power managing device realizes that the device can be integrated in the processor of carrier server hardware and software in conjunction with by way of
In, it calls and uses for processor.As shown in figure 15, the empowerment management device of the present embodiment may include:Acquisition module 21 generates
Module 22 and sending module 23.
Wherein, acquisition module 21, for according to from mobile terminal receive encrypted authentication information, obtain account ID information and
The identification information of authorization terminal.
Empowerment management device provided in an embodiment of the present invention carries the set-top box of DTV by mobile terminal to be a kind of
For the mode of TV programme mandate, device provided in an embodiment of the present invention executes when authorizing, and is not directly to set-top box or to insert
The smart card entered in set-top box is authorized, but is authorized by mobile terminal, i.e., carrier server receives mobile whole
The encrypted authentication information sent is held, and by acquisition module 21 to obtain account ID information in the encrypted authentication information and authorize eventually
The identification information at end, the i.e. mobile terminal play the role of critical in licensing process.In practical applications, acquisition module 21
In the identification information of the account ID information and authorization terminal that get, which is that user notes in carrier server side
The account of volume, which may include the contents such as subscriber identity information, account title, password, the mark of authorization terminal
Information is the unique identification information of authorization terminal, and for example, unique encodings of set-top box, mobile terminal can pass through authorization terminal
On the modes such as USB interface, local network or bluetooth connection and authorization terminal establish the link, to obtain the mark of authorization terminal
Information, mobile terminal can also obtain the identification information of authorization terminal by way of selecting historical record.In addition, user is transporting
The mode of quotient's server side register account number is sought, can be that network registers account to user in carrier server side by radio communication
Number, or user handles the business of application account at carrier service center, and obtains register account number.
In embodiments of the present invention, carrier service, can be with after the encrypted authentication information for receiving mobile terminal transmission
The encrypted authentication information is decrypted by decryption unit, obtains authentication information string, thus by acquiring unit according to decryption unit
The authentication information string got and preset rule obtain the identification information of account ID information and authorization terminal.In practical application
In, it is contemplated that the safety of account and mandate, mobile terminal generally can not send above-mentioned authentication information string in the form of plaintext, because
This, the authentication information string can be encrypted in mobile terminal, to form encrypted authentication information, then, sent out to carrier server
Give the encrypted authentication information, wherein the mode of the encryption and decryption can be that both sides set in advance in advance.
It should be noted that it is some changeless mobile terminal that the embodiment of the present invention, which does not limit mobile terminal,
Also it is a changeless set-top box not limit authorization terminal to be authorized (being, for example, set-top box), and user can be according to demand
Mobile terminal and set-top box are replaced at any time, for example, when user watches TV programme in own home, PAD can be used in family
Set-top box authorized, when user does not carry PAD in kith and kin family, registered account can be logged in using smart mobile phone,
And the set-top box in kith and kin family is authorized.
Generation module 22, the identification information of account ID information and authorization terminal for being got according to acquisition module 21,
Generate the authorization message of authorization terminal;
Sending module 23, the authorization message for generating generation module 22 are sent to authorization terminal.
In embodiments of the present invention, acquisition module 21 is after getting the identification information of account ID information and authorization terminal,
The authorization terminal for understanding the account information and request mandate that request authorizes, under conditions of the account meets mandate, generation module
22 can generate the authorization message for the authorization terminal, which is awarding indicated by the identification information of authorization terminal
Terminal is weighed, then, the authorization message of generation is sent to phase by sending module 23 by digital TV network or cordless communication network
The authorization terminal answered, authorization terminal can store authorization message and using authorization message to code stream after receiving authorization message
Descrambled, so that it may to play the TV programme ordered by the register account number of user.
Had been described above in above-described embodiment the shortcomings that authorization in the prior art to DTV there are problems that and, therefore
Details are not described herein.Authorization in compared with the prior art, empowerment management device provided in an embodiment of the present invention, as long as with
Family has the account that authenticated, even if user not in the family of current resident, such as has gone in other houses of user, Qin Youjia
Innner and outer goes out to want to watch in hotel etc. the TV programme of oneself order, need to only be awarded to corresponding set-top box by mobile terminal
Power does not need multiple accounts yet and pays extra charge, in addition, the mobile terminal using user authorizes, compared to existing
Have in technology and directly authorized by set-top box, there is higher safety and reliability.
Empowerment management device provided in an embodiment of the present invention is used to execute the mandate pipe that embodiment illustrated in fig. 5 of the present invention provides
Reason method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, Figure 16 is also a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention.In Figure 15
On the architecture basics of shown device, device provided in this embodiment can also include:
Receiving module 24, the update authorized order for receiving mobile terminal transmission, the update authorized order include moving
First authorization terminal of dynamic terminal selection, and authorize the period and/or authorize project;
Authorization module 25, for according to receiving module 25 receives update the first authorization terminal of authorized order pair mandate when
Between section and/or authorize project authorize a change.
In embodiments of the present invention, the above-mentioned authorization terminal that has been described above is not limited to some specific authorization terminal, in addition,
In the extent of competence of register account number, one or more authorization terminals can be given to be awarded by carrier server by mobile terminal
Power.
It, can also be by carrier server to shifting after carrier server authorizes one or more authorization terminals
The dynamic selected specified authorization terminal of terminal and specified authorized content are authorized, and in practical applications, receiving module 24 receives
The update authorized order that mobile terminal is sent, the update authorized order include that the mobile terminal selects the first authorization terminal, with
And selection to contents such as the mandate period of first authorization terminal and/or mandate projects, authorization module 25 is awarded according to update
The first authorization terminal of information pair in power instruction authorizes a change, and the content of change is the above-mentioned mandate period and/or awards
The contents such as claim mesh.For example, when in user no longer family, can by radio communication network selection in family when the mandate of set-top box
Between section and authorize program, in this way, the child for being conducive to control in family solely sees TV Festival object time and content, realize TV programme
Intelligent management and flexible management purpose.
Empowerment management device provided in an embodiment of the present invention is used to execute the mandate pipe that embodiment illustrated in fig. 6 of the present invention provides
Reason method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, in the empowerment management device that embodiment illustrated in fig. 16 provides,
Receiving module 24, the cancellation authorized order for receiving mobile terminal transmission, which includes this
Second authorization terminal of mobile terminal selection;
The second authorization terminal is awarded in authorization module 25, the cancellation authorized order cancellation for being received according to receiving module 24
Power.
It in embodiments of the present invention, can be with after carrier server authorizes one or more authorization terminals
By carrier server to cancelling the mandate to specifying authorization terminal, in practical applications, receiving module 24 receives mobile terminal
The cancellation authorized order of transmission carries mobile terminal in the cancellation authorized order and selects the second authorization terminal, then authorization module 25
Can have targetedly to cancel and second authorization terminal awarded according to the second authorization terminal cancelled indicated by authorized order
Power.For example, when user is outgoing, after carrier server authorizes the set-top box in hotel, when no longer needing using hotel
When set-top box watches TV programme, carrier server can be cancelled by receiving the cancellation authorized order of mobile terminal to the machine
The mandate of top box, this way it is possible to avoid user forget when leaving hotel cancel authorize and caused by economic loss.
Empowerment management device provided in an embodiment of the present invention is used to execute the mandate pipe that embodiment illustrated in fig. 7 of the present invention provides
Reason method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, in the empowerment management device that embodiment illustrated in fig. 16 provides,
Receiving module 24, the application authorized order for receiving mobile terminal transmission, this application authorized order includes this
The charge authorization project of mobile terminal selection;
Authorization module 25, the application authorized order for being received according to receiving module 24 award charge authorization project
Power.
In embodiments of the present invention, in carrier server certification register account number and after being authorized to authorization terminal, also
Can be by the other mandate projects of carrier server mandate, usually charge authorization project, such as certain TV programme are being registered
After account can not direct viewing, need user to apply and can just be watched after paying corresponding expense, receiving module 24 receive
The application authorized order that mobile terminal is sent carries the charge authorization project of mobile terminal selection in this application authorized order,
Then authorization module 25 can be authorized according to the charge authorization project indicated by application authorized order so that set-top box can be broadcast
Corresponding charge program is put, user is typically directed to some account application by the charge authorization project of mobile terminal application,
As long as being logged in by the account, you can to watch corresponding charge program.
It further, can also be specified by mobile terminal after the charge authorization project that user passes through mobile terminal application
Authorization terminal, such as specify some or certain authorization terminals that can watch charge program, then the Shen that carrier server receives
Please authorized order also carry the identification information of the authorization terminal, that is, seek quotient's server and specified authorization terminal can be opened and received
Take program.
Empowerment management device provided in an embodiment of the present invention is used to execute the mandate pipe that embodiment illustrated in fig. 8 of the present invention provides
Reason method has corresponding function module, and implementing principle and technical effect are similar, and details are not described herein again.
Optionally, Figure 17 is also a kind of structural schematic diagram of empowerment management device provided in an embodiment of the present invention.In Figure 15
On the architecture basics of shown device, device provided in this embodiment can also include receiving module 24 and authentication module 26.
Receiving module 24, for before the identification information that acquisition module 21 obtains account ID information and authorization terminal, connecing
Receive the authentication request message that mobile terminal is sent;
Authentication module 26, the authentication request message for being received according to receiving module 24 carry out safety to mobile terminal and recognize
Card;
Sending module 23 is additionally operable to send the authentication response message for carrying verification information, the verification information to mobile terminal
Mobile terminal completion is used to indicate to log in.
In embodiments of the present invention, user is after the register account number of carrier server side, you can with by arbitrarily mobile whole
End logs in the account, if user logs in registered account for the first time using some mobile terminal, needs to carry out two-way authentication,
In verification process, after receiving module 24 receives authentication request message, authentication module 26 can carry out authentication operations, that is, realize
Verification information carrying can be sent to mobile terminal by safety certification, then, sending module 22 in authentication response message, the verification
Information is, for example, an identifying code, and user inputs the verification information in the terminal and password completion logs in;If landfall process
Middle user forgets Password, and can give password for change by the password push-botton operation of giving for change in mobile terminal software interface, log in success
Afterwards, the software in mobile terminal can extract account ID information spare.In this way, it is advantageously ensured that the safety of register account number,
Even if user replaces mobile terminal login account, it is also ensured that the safety of account.
In practical applications, the sending module 23 in each embodiment shown in Figure 15 to Figure 17 of the present invention and receiving module 24 can
It is realized with the transceiver by carrier server, acquisition module 21, generation module 22, authorization module 25 and authentication module 26
It can be realized by the processor of carrier server, which for example can be a CPU or ASIC, or
It is the one or more integrated circuits for completing to implement the embodiment of the present invention.
Figure 18 is a kind of structural schematic diagram of authentication management system provided in an embodiment of the present invention, the authentication management system packet
Mobile terminal 100, carrier server 200 and at least one authorization terminal 300 are included, in the mobile terminal 100 in the present embodiment
Configured with the empowerment management device in any embodiment as shown in above-mentioned Figure 12 to Figure 14, it is configured in carrier server 200
Empowerment management device in any embodiment as shown in above-mentioned Figure 15 to Figure 17, each authorization terminal, for receiving operator's clothes
The authorization message that business device 200 is sent, and corresponding mandate project is played according to the authorization message;Wherein, carrier server 200
It is connected respectively with mobile terminal 100 and each authorization terminal 300.Embodiment illustrated in fig. 18 includes 3 with authentication management system
It is shown for a authorization terminal 300, in addition, the mobile terminal 100 in the unlimited system shown in Figure 180 processed of the embodiment of the present invention
For some specific mobile terminal, which can replace according to the use demand of user, the empowerment management
Each network element in system executes the mode of service switching, and network element is corresponded to above-mentioned Figure 12 to embodiment illustrated in fig. 17 and executes business
The mode of switching is identical, is equally used for executing the authorization management method of the offer of any embodiment shown in Fig. 1 to Figure 11 of the present invention, tool
Standby corresponding entity apparatus, implementing principle and technical effect are similar, and details are not described herein again.
One of ordinary skill in the art will appreciate that all or part of step in the above method can be referred to by program
Related hardware (such as processor) is enabled to complete, described program can be stored in computer readable storage medium, such as read-only storage
Device, disk or CD etc..Optionally, all or part of step of above-described embodiment can also use one or more integrated circuits
To realize.Correspondingly, the form realization of hardware may be used in each module/unit in above-described embodiment, such as passes through integrated electricity
Its corresponding function is realized on road, can also be realized in the form of software function module, such as is stored in by processor execution
Program/instruction in memory realizes its corresponding function.The embodiment of the present invention be not limited to any particular form hardware and
The combination of software.
Although disclosed herein embodiment it is as above, the content only for ease of understanding the present invention and use
Embodiment is not limited to the present invention.Technical staff in any fields of the present invention is taken off not departing from the present invention
Under the premise of the spirit and scope of dew, any modification and variation, but the present invention can be carried out in the form and details of implementation
Scope of patent protection, still should be subject to the scope of the claims as defined in the appended claims.
Claims (25)
1. a kind of authorization management method, which is characterized in that including:
The identification information of acquisition for mobile terminal account number id information and authorization terminal;
The mobile terminal sends out the encrypted authentication information that the account ID information and the identification information of the authorization terminal are formed
Carrier server is given, the encrypted authentication information is used to indicate the carrier server and generates awarding for the authorization terminal
Information is weighed, and the authorization message is sent to the authorization terminal.
2. authorization management method according to claim 1, which is characterized in that the mobile terminal is by the account ID information
Before the encrypted authentication information formed with the identification information of the authorization terminal is sent to carrier server, including:
The mobile terminal forms authentication information string according to the identification information of the account ID information and the authorization terminal;
The authentication information string is encrypted in the mobile terminal, forms the encrypted authentication information.
3. authorization management method according to claim 1, which is characterized in that the method further includes:
The mobile terminal selects the first authorization terminal, and determines mandate period and/or the mandate of first authorization terminal
Project;
The mobile terminal sends update authorized order to the carrier server, and the update authorized order is used to indicate institute
Battalion's quotient's server is stated to the mandate period of first authorization terminal and/or project is authorized to authorize a change.
4. authorization management method according to claim 1, which is characterized in that the method further includes:
The mobile terminal selects the second authorization terminal;
The mobile terminal is sent to the carrier server cancels authorized order, and the cancellation authorized order is used to indicate institute
State mandate of the carrier server cancellation to second authorization terminal.
5. authorization management method according to claim 1, which is characterized in that the method further includes:
The mobile terminal selects charge authorization project;
The mobile terminal sends application authorized order to the carrier server, and the application authorized order is used to indicate institute
Battalion's quotient's server is stated to authorize the charge authorization project.
6. authorization management method according to any one of claims 1 to 5, which is characterized in that the acquisition for mobile terminal
Before account number id information and the identification information of authorization terminal, the method further includes:
When the mobile terminal logs in registered account for the first time, authentication request message is sent to battalion's quotient's server;
The mobile terminal receives the authentication response message that battalion's quotient's server is sent, and the authentication response message includes testing
Demonstrate,prove information;
The mobile terminal is logged according to verification information completion.
7. a kind of authorization management method, which is characterized in that including:
Carrier server obtains account number id information and authorization terminal according to the encrypted authentication information received from mobile terminal
Identification information;
The carrier server generates the mandate eventually according to the identification information of the account ID information and the authorization terminal
The authorization message at end;
The authorization message is sent to the authorization terminal by the carrier server.
8. authorization management method according to claim 7, which is characterized in that the carrier server is according to whole from movement
The encrypted authentication information received is held, the identification information of account number id information and authorization terminal is obtained, including:
The encrypted authentication information is decrypted in the carrier server, obtains authentication information string;
The carrier server obtains the mark of the account ID information and the authorization terminal according to the authentication information string
Information.
9. authorization management method according to claim 7, which is characterized in that the method further includes:
The carrier server receives the update authorized order that the mobile terminal is sent, and the update authorized order includes
First authorization terminal of the mobile terminal selection, and authorize the period and/or authorize project;
The carrier server to the mandate period of first authorization terminal and/or is awarded according to the update authorized order
Claim mesh authorizes a change.
10. authorization management method according to claim 7, which is characterized in that the method further includes:
The carrier server receives the cancellation authorized order that the mobile terminal is sent, and the cancellation authorized order includes
Second authorization terminal of the mobile terminal selection;
The carrier server cancels the mandate to second authorization terminal according to the cancellation authorized order.
11. authorization management method according to claim 7, which is characterized in that the method further includes:
The carrier server receives the application authorized order that the mobile terminal is sent, and the application authorized order includes
The charge authorization project of the mobile terminal selection;
The carrier server authorizes the charge authorization project according to the application authorized order.
12. the authorization management method according to any one of claim 7~11, which is characterized in that the carrier service
Before device obtains account number id information and the identification information of authorization terminal, the method further includes:
The carrier server receives the authentication request message that the mobile terminal is sent;
The carrier server carries out safety certification according to the authentication request message to the mobile terminal;
The carrier server sends the authentication response message for carrying verification information, the verification information to the mobile terminal
The mobile terminal completion is used to indicate to log in.
13. a kind of empowerment management device, which is characterized in that described device is set in mobile terminal, and described device includes:
Acquisition module, the identification information for obtaining account number id information and authorization terminal;
Sending module, the identification information of the account ID information and the authorization terminal for getting the acquisition module
The encrypted authentication information of formation is sent to carrier server, and the encrypted authentication information is used to indicate the carrier server
The authorization message of the authorization terminal is generated, and the authorization message is sent to the authorization terminal.
14. empowerment management device according to claim 13, which is characterized in that described device further includes:
First forms module, for before the encrypted authentication information is sent to carrier server by the sending module,
According to the identification information of the account ID information and the authorization terminal that the acquisition module is got, authentication information is formed
String;
Second forms module, and the authentication information string for being formed to the first formation module is encrypted, and forms the encryption
Authentication information.
15. empowerment management device according to claim 13, which is characterized in that described device further includes:
Selecting module for selecting the first authorization terminal, and determines mandate period and/or the mandate of first authorization terminal
Project;
The sending module is additionally operable to send update authorized order to the carrier server, and the update authorized order is used
To the mandate period of first authorization terminal and/or project is authorized to authorize a change in instruction battalion's quotient's server.
16. empowerment management device according to claim 13, which is characterized in that described device further includes:
Selecting module, for selecting the second authorization terminal;
The sending module is additionally operable to send to the carrier server and cancels authorized order, and the cancellation authorized order is used
Cancel the mandate to second authorization terminal in the instruction carrier server.
17. empowerment management device according to claim 13, which is characterized in that described device further includes:
Selecting module, for selecting charge authorization project;
The sending module is additionally operable to send application authorized order to the carrier server, and the application authorized order is used
The charge authorization project is authorized in instruction battalion's quotient's server.
18. the empowerment management device according to any one of claim 13~17, which is characterized in that
The sending module is additionally operable to obtain account ID information and the mark letter of the authorization terminal described in the acquisition module
Before breath, and when the mobile terminal logs in registered account for the first time, sends certification request to battalion's quotient's server and disappear
Breath;
Described device further includes:
Receiving module, the authentication response message sent for receiving battalion's quotient's server, the authentication response message include
Verification information;
Log-in module, the verification information completion for being received according to the receiving module log in.
19. a kind of empowerment management device, which is characterized in that described device is set in carrier server, and described device includes:
Acquisition module, for according to the encrypted authentication information received from mobile terminal, obtaining account number id information and authorizing eventually
The identification information at end;
Generation module, the mark letter of the account ID information and the authorization terminal for being got according to the acquisition module
Breath, generates the authorization message of the authorization terminal;
Sending module, the authorization message for generating the generation module are sent to the authorization terminal.
20. empowerment management device according to claim 19, which is characterized in that the acquisition module includes:
Decryption unit obtains authentication information string for the encrypted authentication information to be decrypted;
Acquiring unit, the authentication information string for being got according to the decryption unit, obtain the account ID information and
The identification information of the authorization terminal.
21. empowerment management device according to claim 19, which is characterized in that described device further includes:
Receiving module, the update authorized order sent for receiving the mobile terminal, the update authorized order includes institute
The first authorization terminal of mobile terminal selection is stated, and authorizes the period and/or authorizes project;
Authorization module, the update authorized order for being received according to the receiving module award first authorization terminal
Power period and/or mandate project authorize a change.
22. empowerment management device according to claim 19, which is characterized in that described device further includes:
Receiving module, the cancellation authorized order sent for receiving the mobile terminal, the cancellation authorized order includes institute
State the second authorization terminal of mobile terminal selection;
Authorization module, the cancellation authorized order for being received according to the receiving module are cancelled to second authorization terminal
Mandate.
23. empowerment management device according to claim 19, which is characterized in that described device further includes:
Receiving module, the application authorized order sent for receiving the mobile terminal, the application authorized order includes institute
State the charge authorization project of mobile terminal selection;
Authorization module, for being carried out to the charge authorization project according to the application authorized order that the receiving module receives
It authorizes.
24. the empowerment management device according to any one of claim 19~23, which is characterized in that described device is also wrapped
It includes:
Receiving module, for obtained in the acquisition module account ID information and the authorization terminal identification information it
Before, receive the authentication request message that the mobile terminal is sent;
Authentication module, the authentication request message for being received according to the receiving module carry out safety to the mobile terminal
Certification;
The sending module is additionally operable to send the authentication response message for carrying verification information, the verification to the mobile terminal
Information is used to indicate the mobile terminal completion and logs in.
25. a kind of authentication management system, which is characterized in that including:Mobile terminal, carrier server and at least one mandate are eventually
End;
Wherein, it is arranged in the mobile terminal just like the empowerment management device described in any one of claim 13~18, it is described
It is arranged just like the empowerment management device described in any one of claim 19~24 in carrier server;
The authorization terminal, the authorization message sent for receiving the carrier server, and broadcast according to the authorization message
Put corresponding mandate project.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710045778.8A CN108337540B (en) | 2017-01-20 | 2017-01-20 | Authorization management method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710045778.8A CN108337540B (en) | 2017-01-20 | 2017-01-20 | Authorization management method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108337540A true CN108337540A (en) | 2018-07-27 |
| CN108337540B CN108337540B (en) | 2021-11-23 |
Family
ID=62922928
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710045778.8A Active CN108337540B (en) | 2017-01-20 | 2017-01-20 | Authorization management method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108337540B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111488593A (en) * | 2019-11-28 | 2020-08-04 | 杭州海康威视系统技术有限公司 | Service authorization method, device, electronic equipment and storage medium |
| CN112148597A (en) * | 2020-09-16 | 2020-12-29 | 北京基调网络股份有限公司 | Method for eliminating iOS device authorization dialog box, test method and storage medium |
| CN112383577A (en) * | 2021-01-19 | 2021-02-19 | 北京信安世纪科技股份有限公司 | Authorization method, device, system, equipment and storage medium |
| CN112969091A (en) * | 2021-02-19 | 2021-06-15 | 江苏省广电有线信息网络股份有限公司无锡分公司 | Automatic authorization correction method for set top box |
| CN114024742A (en) * | 2021-11-03 | 2022-02-08 | 北京天融信网络安全技术有限公司 | Authorization management method, device, equipment and storage medium |
| TWI788199B (en) * | 2022-01-20 | 2022-12-21 | 中華電信股份有限公司 | Authorizing apparatus and method for video playback and computer program product for executing the method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2003046966A (en) * | 2001-07-27 | 2003-02-14 | Yamaura Corp | Supervising operation automatic charging method in video conference |
| CN102821317A (en) * | 2012-08-31 | 2012-12-12 | 深圳创维-Rgb电子有限公司 | Method and system for managing digital television |
| CN103747300A (en) * | 2013-12-02 | 2014-04-23 | 中国传媒大学 | Conditional access system capable of supporting mobile terminal |
| CN105141995A (en) * | 2015-08-07 | 2015-12-09 | 北京思特奇信息技术股份有限公司 | Method and system for realizing television cloud remote control based on converged communication technology |
| CN105681877A (en) * | 2014-11-20 | 2016-06-15 | 中国移动通信集团公司 | Set-top box, television, platform, remote controller and method and apparatus for establishing connection |
-
2017
- 2017-01-20 CN CN201710045778.8A patent/CN108337540B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2003046966A (en) * | 2001-07-27 | 2003-02-14 | Yamaura Corp | Supervising operation automatic charging method in video conference |
| CN102821317A (en) * | 2012-08-31 | 2012-12-12 | 深圳创维-Rgb电子有限公司 | Method and system for managing digital television |
| CN103747300A (en) * | 2013-12-02 | 2014-04-23 | 中国传媒大学 | Conditional access system capable of supporting mobile terminal |
| CN105681877A (en) * | 2014-11-20 | 2016-06-15 | 中国移动通信集团公司 | Set-top box, television, platform, remote controller and method and apparatus for establishing connection |
| CN105141995A (en) * | 2015-08-07 | 2015-12-09 | 北京思特奇信息技术股份有限公司 | Method and system for realizing television cloud remote control based on converged communication technology |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111488593A (en) * | 2019-11-28 | 2020-08-04 | 杭州海康威视系统技术有限公司 | Service authorization method, device, electronic equipment and storage medium |
| CN112148597A (en) * | 2020-09-16 | 2020-12-29 | 北京基调网络股份有限公司 | Method for eliminating iOS device authorization dialog box, test method and storage medium |
| CN112383577A (en) * | 2021-01-19 | 2021-02-19 | 北京信安世纪科技股份有限公司 | Authorization method, device, system, equipment and storage medium |
| CN112969091A (en) * | 2021-02-19 | 2021-06-15 | 江苏省广电有线信息网络股份有限公司无锡分公司 | Automatic authorization correction method for set top box |
| CN114024742A (en) * | 2021-11-03 | 2022-02-08 | 北京天融信网络安全技术有限公司 | Authorization management method, device, equipment and storage medium |
| TWI788199B (en) * | 2022-01-20 | 2022-12-21 | 中華電信股份有限公司 | Authorizing apparatus and method for video playback and computer program product for executing the method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108337540B (en) | 2021-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108337540A (en) | A kind of authorization management method, device and authentication management system | |
| CN106295394B (en) | Resource authorization method and system and authorization server and working method | |
| KR101819556B1 (en) | Apparatus and method for supporting family cloud in cloud computing system | |
| CN105812341B (en) | A kind of method and device of identity user identity | |
| CN101166261B (en) | Pay program providing system and television broadcast reception apparatus | |
| KR101098091B1 (en) | Method for using contents, method for sharing contents and device based on security level | |
| CN103297408B (en) | Login method and device and terminal, the webserver | |
| CN107205166B (en) | A kind of terminal device exchange method and system based on Cloud Server | |
| CN110235424A (en) | For providing the device and method with managing security information in a communications system | |
| CN110505616A (en) | The method and apparatus of wireless device are registered in a wireless communication system | |
| CN103098068A (en) | Method and apparatus for an ephemeral trusted device | |
| CN106230838A (en) | A kind of third-party application accesses the method and apparatus of resource | |
| JP2005323070A (en) | Authentication method for home information appliance by portable telephone | |
| CN109688573A (en) | Exchange method and bluetooth equipment between bluetooth equipment | |
| CN106411517A (en) | Password resetting method and device | |
| JP4897503B2 (en) | Account linking system, account linking method, linkage server device | |
| CN106161354A (en) | Service authentication method, device, equipment and service server | |
| CN103067174A (en) | Digital signature method and system completed in mobile operating system | |
| CN105897784A (en) | Internet of things terminal equipment encryption communication method and device | |
| CN102685606B (en) | The method and system that in IPTV, business is watched | |
| CN102685144A (en) | Cloud security processing method and system based on home gateway | |
| CN103096181B (en) | A kind of provide the method for interactive application business, equipment | |
| CN114760112A (en) | Wireless local area network-oriented intelligent household equipment network access method, system, equipment and storage medium | |
| CN105897722A (en) | Method, system and mobile terminal for rapid unlocking based on client side | |
| CN104902481B (en) | It is a kind of can in case flow safety nozzle method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |