CN108337540B - Authorization management method, device and system - Google Patents

Authorization management method, device and system Download PDF

Info

Publication number
CN108337540B
CN108337540B CN201710045778.8A CN201710045778A CN108337540B CN 108337540 B CN108337540 B CN 108337540B CN 201710045778 A CN201710045778 A CN 201710045778A CN 108337540 B CN108337540 B CN 108337540B
Authority
CN
China
Prior art keywords
authorization
terminal
information
mobile terminal
operator server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710045778.8A
Other languages
Chinese (zh)
Other versions
CN108337540A (en
Inventor
寇平
李迎新
张孝猛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201710045778.8A priority Critical patent/CN108337540B/en
Publication of CN108337540A publication Critical patent/CN108337540A/en
Application granted granted Critical
Publication of CN108337540B publication Critical patent/CN108337540B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention discloses an authorization management method, an authorization management device and an authorization management system. The authorization management method in the embodiment of the invention comprises the following steps: the mobile terminal acquires account ID information and identification information of an authorized terminal; the mobile terminal sends encrypted authentication information formed by the account ID information and the identification information of the authorization terminal to the operator server, wherein the encrypted authentication information is used for indicating the operator server to generate authorization information of the authorization terminal and sending the authorization information to the authorization terminal. The embodiment of the invention solves the problems that in the prior art, the authorization mode of the digital television is single, so that the user is difficult to watch the subscribed authorized program at any time, and the security is poor due to the authorization mode.

Description

Authorization management method, device and system
Technical Field
The present invention relates to the field of wireless communications technologies, and in particular, to an authorization management method, an authorization management device, and an authorization management system.
Background
With the development and popularization of wireless communication technology, wireless communication networks have been applied to various aspects of people's daily lives. For example, digital televisions can be authorized and managed through a wireless communication network, which brings great convenience to users.
The current digital television generally comprises two authorization modes, namely a smart card fixed authorization and a digital television set top box authorization. The fixed authorization mode of the intelligent card is as follows: a set-top box is placed in a user house, an intelligent card is inserted, an operator server authorizes the intelligent card of the user, and the set-top box can play television programs after receiving authorization information; however, the way of the fixed authorization of the smart card limits the authorization of the user to only use the set top box and the smart card at home, and if the user goes to other places, such as other houses of the user, friends and family, hotels and the like, the user cannot watch the ordered television programs. The authorization mode of the digital television set top box is as follows: an interactive network Television (IPTV) or an application service (OTT) digital Television set-Top box provided through The Internet performs authentication login through an account and a password of a user, and The user needs to input The account and The password if The user wants to watch a Television program ordered by The user at other places, so that security risk exists.
In summary, the authorization method for digital tv in the prior art generally has the problem that it is difficult for the user to watch the subscribed authorized program at any time due to the single authorization method, and the problem of poor security due to the authorization method.
Disclosure of Invention
In order to solve the above technical problems, embodiments of the present invention provide an authorization management method, an authorization management apparatus, and an authorization management system, so as to solve the problems that in the prior art, an authorization manner for a digital television is generally single, so that a user cannot easily view a subscribed authorized program at any time, and a security is poor due to the authorization manner.
In a first aspect, an embodiment of the present invention provides an authorization management method, including:
the mobile terminal acquires account number code ID information and identification information of an authorization terminal;
and the mobile terminal sends encrypted authentication information formed by the account ID information and the identification information of the authorization terminal to an operator server, wherein the encrypted authentication information is used for indicating the operator server to generate authorization information of the authorization terminal and sending the authorization information to the authorization terminal.
In a first possible implementation manner of the first aspect, before the sending, by the mobile terminal, encrypted authentication information formed by the account ID information and the identification information of the authorized terminal to an operator server, the method includes:
the mobile terminal forms an authentication information string according to the account ID information and the identification information of the authorization terminal;
and the mobile terminal encrypts the authentication information string to form the encrypted authentication information.
In a second possible implementation manner of the first aspect, the method further includes:
the mobile terminal selects a first authorization terminal, and determines an authorization time period and/or an authorization item of the first authorization terminal;
the mobile terminal sends an updating authorization instruction to the operator server, wherein the updating authorization instruction is used for indicating the operator server to carry out authorization change on the authorization time period and/or the authorization item of the first authorization terminal.
In a third possible implementation manner of the first aspect, the method further includes:
the mobile terminal selects a second authorized terminal;
and the mobile terminal sends an authorization canceling instruction to the operator server, wherein the authorization canceling instruction is used for indicating the operator server to cancel the authorization of the second authorization terminal.
In a fourth possible implementation manner of the first aspect, the method further includes:
the mobile terminal selects a charging authorization item;
the mobile terminal sends an application authorization instruction to the operator server, and the application authorization instruction is used for indicating the operator server to authorize the charging authorization project.
According to the first aspect and any one of the first to fourth possible implementation manners of the first aspect, in a fifth possible implementation manner, before the mobile terminal acquires the account number ID information and the identification information of the authorized terminal, the method further includes:
the mobile terminal sends an authentication request message to the operator server when logging in a registered account for the first time;
the mobile terminal receives an authentication response message sent by the operator server, wherein the authentication response message comprises verification information;
and the mobile terminal completes login according to the verification information.
In a second aspect, an embodiment of the present invention provides an authorization management method, including:
the operator server acquires account number code ID information and identification information of an authorized terminal according to the encrypted authentication information received from the mobile terminal;
the operator server generates authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal;
and the operator server sends the authorization information to the authorization terminal.
In a first possible implementation manner of the second aspect, the obtaining, by the operator server, account number code ID information and identification information of an authorized terminal according to encrypted authentication information received from a mobile terminal includes:
the operator server decrypts the encrypted authentication information to obtain an authentication information string;
and the operator server acquires the account ID information and the identification information of the authorized terminal according to the authentication information string.
In a second possible implementation manner of the second aspect, the method further includes:
the operator server receives an updating authorization instruction sent by the mobile terminal, wherein the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal, an authorization time period and/or an authorization item;
and the operator server carries out authorization change on the authorization time period and/or the authorization item of the first authorization terminal according to the updating authorization instruction.
In a third possible implementation manner of the second aspect, the method further includes:
the operator server receives an authorization canceling instruction sent by the mobile terminal, wherein the authorization canceling instruction comprises a second authorization terminal selected by the mobile terminal;
and the operator server cancels the authorization of the second authorization terminal according to the authorization canceling instruction.
In a fourth possible implementation manner of the second aspect, the method further includes:
the operator server receives an application authorization instruction sent by the mobile terminal, wherein the application authorization instruction comprises a charging authorization item selected by the mobile terminal;
and the operator server authorizes the charging authorization project according to the application authorization instruction.
In a fifth possible implementation manner, before the operator server obtains the account number code ID information and the identification information of the authorized terminal, the method further includes:
the operator server receives an authentication request message sent by the mobile terminal;
the operator server carries out safety authentication on the mobile terminal according to the authentication request message;
and the operator server sends an authentication response message carrying verification information to the mobile terminal, wherein the verification information is used for indicating the mobile terminal to finish login.
In a third aspect, an embodiment of the present invention provides an authorization management apparatus, where the apparatus is disposed in a mobile terminal, and the apparatus includes:
the acquisition module is used for acquiring account code ID information and identification information of the authorization terminal;
and the sending module is used for sending encrypted authentication information formed by the account ID information and the identification information of the authorized terminal, which are acquired by the acquiring module, to an operator server, and the encrypted authentication information is used for indicating the operator server to generate authorization information of the authorized terminal and sending the authorization information to the authorized terminal.
In a first possible implementation manner of the third aspect, the apparatus further includes:
the first forming module is used for forming an authentication information string according to the account ID information and the identification information of the authorized terminal acquired by the acquiring module before the transmitting module transmits the encrypted authentication information to an operator server;
and the second forming module is used for encrypting the authentication information string formed by the first forming module to form the encrypted authentication information.
In a second possible implementation manner of the third aspect, the apparatus further includes:
the device comprises a selection module, a first authorization module and a second authorization module, wherein the selection module is used for selecting a first authorization terminal and determining an authorization time period and/or an authorization item of the first authorization terminal;
the sending module is further configured to send an update authorization instruction to the operator server, where the update authorization instruction is used to instruct the operator server to perform authorization change on an authorization time period and/or an authorization item of the first authorization terminal.
In a third possible implementation manner of the third aspect, the apparatus further includes:
the selection module is used for selecting a second authorization terminal;
the sending module is further configured to send an authorization canceling instruction to the operator server, where the authorization canceling instruction is used to instruct the operator server to cancel authorization of the second authorized terminal.
In a fourth possible implementation manner of the third aspect, the apparatus further includes:
the selection module is used for selecting the charging authorization item;
the sending module is further used for sending an application authorization instruction to the operator server, and the application authorization instruction is used for indicating the operator server to authorize the charging authorization project.
According to the third aspect and any one of the first to fourth possible implementation manners of the third aspect, in a fifth possible implementation manner,
the sending module is further configured to send an authentication request message to the vendor server before the obtaining module obtains the account ID information and the identification information of the authorized terminal and when the mobile terminal logs in a registered account for the first time;
the device further comprises:
the receiving module is used for receiving an authentication response message sent by the operator server, wherein the authentication response message comprises verification information;
and the login module is used for completing login according to the verification information received by the receiving module.
In a fourth aspect, an embodiment of the present invention provides an authorization management apparatus, where the apparatus is disposed in an operator server, and the apparatus includes:
the acquisition module is used for acquiring account code ID information and identification information of the authorized terminal according to the encrypted authentication information received from the mobile terminal;
the generating module is used for generating the authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal acquired by the acquiring module;
and the sending module is used for sending the authorization information generated by the generating module to the authorization terminal.
In a first possible implementation manner of the fourth aspect, the obtaining module includes:
the decryption unit is used for decrypting the encrypted authentication information to obtain an authentication information string;
and the obtaining unit is used for obtaining the account ID information and the identification information of the authorized terminal according to the authentication information string obtained by the decryption unit.
In a second possible implementation manner of the fourth aspect, the apparatus further includes:
the mobile terminal comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving an updating authorization instruction sent by the mobile terminal, and the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal, an authorization time period and/or an authorization item;
and the authorization module is used for carrying out authorization change on the authorization time period and/or the authorization items of the first authorization terminal according to the updating authorization instruction received by the receiving module.
In a third possible implementation manner of the fourth aspect, the apparatus further includes:
a receiving module, configured to receive an authorization cancellation instruction sent by the mobile terminal, where the authorization cancellation instruction includes a second authorization terminal selected by the mobile terminal;
and the authorization module is used for canceling the authorization of the second authorization terminal according to the authorization canceling instruction received by the receiving module.
In a fourth possible implementation manner of the fourth aspect, the apparatus further includes:
a receiving module, configured to receive an application authorization instruction sent by the mobile terminal, where the application authorization instruction includes a charging authorization item selected by the mobile terminal;
and the authorization module is used for authorizing the charging authorization project according to the application authorization instruction received by the receiving module.
According to the fourth aspect and any one of the first to fourth possible implementation manners of the fourth aspect, in a fifth possible implementation manner, the apparatus further includes:
a receiving module, configured to receive an authentication request message sent by the mobile terminal before the obtaining module obtains the account ID information and the identification information of the authorized terminal;
the authentication module is used for carrying out security authentication on the mobile terminal according to the authentication request message received by the receiving module;
the sending module is further configured to send an authentication response message carrying verification information to the mobile terminal, where the verification information is used to instruct the mobile terminal to complete login.
In a fifth aspect, an embodiment of the present invention provides an authorization management system, including: the system comprises a mobile terminal, an operator server and at least one authorization terminal;
wherein the mobile terminal is provided with the authorization management device according to any one of the third aspect, and the operator server is provided with the authorization management device according to any one of the fourth aspect;
and the authorization terminal is used for receiving the authorization information sent by the operator server and playing the corresponding authorization item according to the authorization information.
According to the authorization management method, the device and the authorization management system provided by the embodiment of the invention, the account ID information and the identification information of the authorization terminal are obtained through the mobile terminal, the encrypted authentication information formed by the account ID information and the identification information of the authorization terminal is sent to the operator server, the encrypted authentication information is used for indicating the operator server to generate the authorization information of the authorization terminal, and the authorization information is sent to the authorization terminal, so that the authorization terminal can watch the television program ordered by the corresponding account, wherein the authorization terminal receiving the authorization information is the authorization terminal uniquely indicated by the identification information of the authorization terminal; the technical scheme provided by the embodiment of the invention solves the problems that the authorization mode of the digital television in the prior art is generally single, so that a user is difficult to watch the subscribed authorized program at any time, and the security is poor due to the authorization mode.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention and not to limit the invention.
Fig. 1 is a flowchart of an authorization management method according to an embodiment of the present invention;
fig. 2 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 3 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 4 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 5 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 6 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 7 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 8 is a flowchart of another authorization management method according to an embodiment of the present invention;
fig. 9 is a schematic view of an application scenario in the authorization management method according to the embodiment of the present invention;
fig. 10 is a schematic view of another application scenario in the authorization management method according to the embodiment of the present invention;
fig. 11 is a schematic view of another application scenario in the authorization management method according to the embodiment of the present invention;
fig. 12 is a schematic structural diagram of an authorization management apparatus according to an embodiment of the present invention;
fig. 13 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention;
FIG. 14 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention;
fig. 15 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention;
fig. 16 is a schematic structural diagram of another authorization management apparatus according to an embodiment of the present invention;
fig. 17 is a schematic structural diagram of another authorization management apparatus according to an embodiment of the present invention;
fig. 18 is a schematic structural diagram of an authorization management system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
The steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
The following describes a technical solution of the present invention in detail through a specific embodiment, and the present invention relates to a mobile terminal, an operator server and an authorization terminal, where the mobile terminal is, for example, a smart phone, a Personal Digital Assistant (PDA), a tablet computer, or the like, the operator server is, for example, a broadcast television network or a server of a unicom network, and the authorization terminal is, for example, a set-top box of an IPTV or an OTT Digital television. The following specific embodiments of the present invention may be combined, and the same or similar concepts or processes may not be described in detail in some embodiments.
Fig. 1 is a flowchart of an authorization management method according to an embodiment of the present invention. The authorization management method provided by the embodiment is suitable for the condition that the mobile terminal provides television program authorization for the set top box of the digital television, the method can be executed by an authorization management device, the authorization management device is realized by combining hardware and software, and the device can be integrated in a processor of the mobile terminal and used by the processor. As shown in fig. 1, the method of this embodiment may include:
s110, the mobile terminal acquires the account ID information and the identification information of the authorized terminal.
The authorization management method provided by the embodiment of the invention is a mode for providing television program authorization for a set top box of a digital television through a mobile terminal. In practical application, a mobile terminal may first obtain account number code (ID) information and Identification information of an authorization terminal, where the account number ID information is an account number registered by a user at a server side of an operator, the account number ID information may include content such as user identity information, an account number name, and a password, the Identification information of the authorization terminal is unique Identification information of the authorization terminal, for example, a unique code of a set top box, and the mobile terminal may establish a link with the authorization terminal through a Universal Serial Bus (USB) interface on the authorization terminal, a local network, or a bluetooth connection, so as to obtain the Identification information of the authorization terminal, and the mobile terminal may further obtain the Identification information of the authorization terminal through a history record selection mode. In addition, the account registration mode of the user at the operator server side can be that the user registers the account at the operator server side through a wireless communication network, and can also transact the account application business at the operator service center for the user, and obtain the registered account.
It should be noted that, the embodiment of the present invention does not limit the mobile terminal to be a fixed mobile terminal, and also does not limit the authorization terminal to be authorized (for example, a set top box) to be a fixed set top box, and a user may change the mobile terminal and the set top box at any time according to a requirement, for example, when the user watches a television program at home, the user may authorize the set top box at home using a PAD, and when the user does not carry the PAD at home, the user may log in a registered account using a smart phone, and authorize the set top box at home of the friend.
And S120, the mobile terminal sends encrypted authentication information formed by the account ID information and the identification information of the authorized terminal to the operator server, wherein the encrypted authentication information is used for indicating the operator server to generate the authorization information of the authorized terminal and sending the authorization information to the authorized terminal.
In the embodiment of the invention, after the mobile terminal acquires the account ID information and the identification information of the authorization terminal, an authentication information string can be formed according to the account ID information, the identification information of the authorization terminal and a preset rule, and the authentication information string is used for authentication on the server side of an operator. In practical applications, the authentication information string cannot be normally transmitted in a clear text form in consideration of security of account and authorization, and therefore, the mobile terminal may also encrypt the authentication information string to form encrypted authentication information, and then transmit the encrypted authentication information to the operator server. On the operator server side, after receiving the encrypted authentication information, it can be decrypted, the encryption and decryption modes can be that the two parties predetermine in advance so as to obtain the authentication information string, the operator server can know the account information requesting authorization and the authorization terminal requesting authorization according to the authentication information string obtained by decryption, on condition that the account number is eligible for authorization, the operator server may generate authorization information for the authorized terminal, the authorized terminal is the authorized terminal indicated by the identification information of the authorized terminal, then the operator server sends the generated authorization information to the corresponding authorized terminal through the digital television network or the wireless communication network, after the authorized terminal receives the authorization information, the authorization information can be stored and the code stream can be descrambled by utilizing the authorization information, so that the television program ordered by the registration account of the user can be played.
As described in the above background art, the following problems exist in the prior art authorization method for digital tv: firstly, the smart card fixed authorization mode limits the authorization of a user to only use a specific set top box and the smart card, if the set top box and the smart card are replaced, the user cannot watch the ordered television programs, so that the user cannot watch the ordered television programs anytime and anywhere, the intelligence and flexibility are poor, and the user experience effect is reduced; secondly, although the digital television set-top box authorization mode can watch the television programs ordered by the user in different places compared with the smart card fixed authorization mode, because the user needs to input an account and a password through the set-top box for authentication login, certain potential safety hazards are brought to the user, the account and the password of the user can be leaked, and loss is caused. Compared with the authorization method in the prior art, the authorization management method provided by the embodiment of the invention has higher safety and reliability as long as the user has the authenticated account, and the user only needs to authorize the corresponding set top box through the mobile terminal without paying extra cost by going to other houses of the user, family of relatives and friends, hotel and the like and wants to watch the ordered television programs, as long as the user does not have the authenticated account.
The authorization management method provided by the embodiment of the invention comprises the steps that account ID information and identification information of an authorization terminal are obtained through a mobile terminal, and encrypted authentication information formed by the account ID information and the identification information of the authorization terminal is sent to an operator server, wherein the encrypted authentication information is used for indicating the operator server to generate authorization information of the authorization terminal and sending the authorization information to the authorization terminal, so that the authorization terminal can watch television programs ordered by corresponding accounts, and the authorization terminal receiving the authorization information is the authorization terminal uniquely indicated by the identification information of the authorization terminal; the method provided by the embodiment of the invention solves the problems that the authorization mode of the digital television in the prior art is generally single, so that the user is difficult to watch the subscribed authorized program at any time, and the security is poor due to the authorization mode.
Optionally, fig. 2 is a flowchart of another authorization management method according to an embodiment of the present invention. On the basis of the embodiment shown in fig. 1, after S120, the method provided in this embodiment may further include:
s130, the mobile terminal selects a first authorization terminal and determines an authorization time period and/or an authorization item of the first authorization terminal;
s140, the mobile terminal sends an update authorization instruction to the operator server, wherein the update authorization instruction is used for indicating the operator server to carry out authorization change on the authorization time period and/or the authorization item of the first authorization terminal.
In the embodiment of the present invention, it has been described above that the authorization terminal is not limited to a specific authorization terminal, and in addition, within the scope of the authority of the registered account, one or more authorization terminals may be authorized through the mobile terminal. For example, the authority of the account 1 registered by the user is as follows: only one authorized terminal can be authorized at the same time, after the mobile terminal logs in the account number 1, only one authorized terminal can be requested to be authorized from the operator server in the same time period, and if other authorized terminals need to be authorized, the authorization of the authorized terminal needs to be cancelled; for another example, the authority of the account 2 registered by the user is as follows: and simultaneously, authorizing at most 5 authorized terminals, namely, 5 authorized terminals can be requested to the operator server in the same time period after the mobile terminal logs in the account 2.
After one or more authorization terminals are authorized by the mobile terminal, the authorization content of the appointed authorization terminal can be selected by the mobile terminal, in practical application, after the mobile terminal selects a first authorization terminal, the content such as the authorization time period and/or the authorization item of the first authorization terminal can be determined, after the information is determined, the information is carried in an update authorization instruction and sent to an operator server, the operator server performs authorization change on the first authorization terminal, and the changed content is the determined content such as the authorization time period and/or the authorization item. For example, when the user is no longer at home, the authorized time period and the authorized program of the set-top box at home can be selected through the wireless communication network, so that the time and the content of watching the television program by children at home can be controlled, and the purposes of intelligent management and flexible management of the television program are achieved.
Optionally, fig. 3 is a flowchart of another authorization management method according to an embodiment of the present invention. On the basis of the embodiment shown in fig. 1, after S120, the method provided in this embodiment may further include:
s150, the mobile terminal selects a second authorization terminal;
and S160, the mobile terminal sends an authorization canceling instruction to the operator server, wherein the authorization canceling instruction is used for indicating the operator server to cancel the authorization of the second authorized terminal.
In the embodiment of the invention, after one or more authorization terminals are authorized by the mobile terminal, the authorization of the appointed authorization terminal can be cancelled by the mobile terminal, in practical application, after the mobile terminal selects a second authorization terminal, an authorization cancelling instruction carrying the identification information of the second authorization terminal can be sent to the operator server, and the operator server can purposefully cancel the authorization of the second authorization terminal according to the second authorization terminal indicated by the authorization cancelling instruction. For example, when a user goes out, after the mobile terminal authorizes the set top box of the hotel, when the user no longer needs to use the set top box of the hotel to watch television programs, the authorization of the set top box can be cancelled at any time through the mobile terminal, and therefore economic loss caused by forgetting to cancel the authorization when the user leaves the hotel can be avoided.
Optionally, fig. 4 is a flowchart of another authorization management method according to an embodiment of the present invention. On the basis of the embodiment shown in fig. 1, after S120, the method provided in this embodiment may further include:
s170, the mobile terminal selects a charging authorization item;
s180, the mobile terminal sends an application authorization instruction to the operator server, and the application authorization instruction is used for indicating the operator server to authorize the charging authorization project.
In the embodiment of the invention, after logging in the registered account number and authorizing the authorized terminal through the mobile terminal, other authorized items can be applied, usually charge authorized items, for example, some television programs can not be directly watched after logging in the account number, and can be watched after a user applies and pays corresponding fees, after selecting the charge authorized items, the mobile terminal can send an application authorization instruction carrying the charge authorized items to an operator server, and the operator server can authorize according to the charge authorized items indicated by the application authorization instruction, so that the set top box can play corresponding charge programs, and the charge authorized items applied by the user through the mobile terminal can be usually applied for a certain account, and the corresponding charge programs can be watched as long as logging in through the account.
Further, after the user applies for the charging authorization item through the mobile terminal, the user may also specify an authorization terminal, for example, if it is specified that some or some authorization terminals can watch the charging program, the identification information of the authorization terminal is carried in the application authorization instruction, and the operator server is instructed to open the charging program only for the specified authorization terminal.
Optionally, on the basis of the foregoing embodiment of the present invention, before S110, the method provided in this embodiment may further include the following steps, that is, S1 to S3:
s1, when the mobile terminal logs in the registered account for the first time, the mobile terminal sends an authentication request message to the operator server;
s2, the mobile terminal receives an authentication response message sent by the operator server, wherein the authentication response message comprises verification information;
and S3, the mobile terminal completes login according to the authentication information.
In the embodiment of the invention, after a user registers an account at an operator server side, the user can log in the account through any mobile terminal, if the user logs in a registered account for the first time by using a certain mobile terminal, bidirectional authentication is needed, in the authentication process, after the operator server receives an authentication request message, authentication operation can be carried out, then, verification information is carried in an authentication response message and sent to the mobile terminal, the verification information is a verification code for example, and the user inputs the verification information and a password in the mobile terminal to complete logging in; if the user forgets the password in the login process, the password can be retrieved through a password retrieving button in a software interface of the mobile terminal, and after login is successful, the software in the mobile terminal can extract the ID information of the account for later use. Therefore, the safety of the registered account is ensured, and even if the user changes the login account of the mobile terminal, the safety of the account can be ensured.
Fig. 5 is a flowchart of another authorization management method according to an embodiment of the present invention. The authorization management method provided by the embodiment is suitable for the condition that the mobile terminal provides television program authorization for the set top box of the digital television, the method can be executed by an authorization management device, the authorization management device is realized by combining hardware and software, and the device can be integrated in a processor of an operator server for the processor to call. As shown in fig. 5, the method of this embodiment may include:
s210, the operator server obtains the account ID information and the identification information of the authorized terminal according to the encryption authentication information received from the mobile terminal.
The authorization management method provided by the embodiment of the invention is a mode for providing television program authorization for a set top box of a digital television through a mobile terminal, and the method provided by the embodiment of the invention does not directly authorize the set top box or an intelligent card inserted into the set top box, but authorizes through the mobile terminal, namely, an operator server receives encrypted authentication information sent by the mobile terminal, and thus, the encrypted authentication information obtains account ID information and identification information of an authorization terminal, namely, the mobile terminal plays a key role in the authorization process. In practical application, the account ID information obtained by the operator server is an account registered by the user at the operator server side, and the account ID information may include content such as user identity information, an account name, a password, and the like, the identification information of the authorization terminal is unique identification information of the authorization terminal, for example, a unique code of the set top box, the mobile terminal may establish a link with the authorization terminal through a USB interface, a local network, a bluetooth connection, and the like on the authorization terminal, so as to obtain the identification information of the authorization terminal, and the mobile terminal may further obtain the identification information of the authorization terminal through a history record selection manner. In addition, the account registration mode of the user at the operator server side can be that the user registers the account at the operator server side through a wireless communication network, and can also transact the account application business at the operator service center for the user, and obtain the registered account.
In the embodiment of the invention, after receiving the encrypted authentication information sent by the mobile terminal, the operator service can decrypt the encrypted authentication information to obtain the authentication information string, so as to obtain the account ID information and the identification information of the authorization terminal according to the authentication information string and the preset rule. In practical applications, the mobile terminal is generally unable to send the authentication information string in a clear text form in consideration of security of account and authorization, so the mobile terminal encrypts the authentication information string to form encrypted authentication information, and then sends the encrypted authentication information to the operator server, wherein the encryption and decryption may be performed in a manner predetermined by both parties.
It should be noted that, the embodiment of the present invention does not limit the mobile terminal to be a fixed mobile terminal, and also does not limit the authorization terminal to be authorized (for example, a set top box) to be a fixed set top box, and a user may change the mobile terminal and the set top box at any time according to a requirement, for example, when the user watches a television program at home, the user may authorize the set top box at home using a PAD, and when the user does not carry the PAD at home, the user may log in a registered account using a smart phone, and authorize the set top box at home of the friend.
And S220, the operator server generates authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal.
And S230, the operator server sends the authorization information to the authorization terminal.
In the embodiment of the invention, after acquiring the ID information of the account and the identification information of the authorization terminal, the operator server can know the account information requesting authorization and the authorization terminal requesting authorization, and can generate the authorization information aiming at the authorization terminal under the condition that the account accords with authorization, wherein the authorization terminal is the authorization terminal indicated by the identification information of the authorization terminal, and then the operator server sends the generated authorization information to the corresponding authorization terminal through a digital television network or a wireless communication network, and after receiving the authorization information, the authorization terminal can store the authorization information and descramble a code stream by using the authorization information, so that the television program ordered by the registered account of the user can be played.
In the above embodiments, the disadvantages and problems of the prior art authorization method for digital tv have been described, and therefore are not described herein again. Compared with the authorization method in the prior art, the authorization management method provided by the embodiment of the invention has higher safety and reliability as long as the user has the authenticated account, and the user only needs to authorize the corresponding set top box through the mobile terminal without paying extra cost by going to other houses of the user, family of relatives and friends, hotel and the like and wants to watch the ordered television programs, as long as the user does not have the authenticated account.
In the authorization management method provided by the embodiment of the invention, an operator server acquires account ID information and identification information of an authorization terminal according to encrypted authentication information received from a mobile terminal, generates authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal, and then sends the generated authorization information to the authorization terminal, so that the authorization terminal can watch a television program ordered by a corresponding account, wherein the authorization terminal receiving the authorization information is an authorization terminal uniquely indicated by the identification information of the authorization terminal; the method provided by the embodiment of the invention solves the problems that the authorization mode of the digital television in the prior art is generally single, so that the user is difficult to watch the subscribed authorized program at any time, and the security is poor due to the authorization mode.
Optionally, fig. 6 is a flowchart of another authorization management method provided in the embodiment of the present invention. On the basis of the embodiment shown in fig. 5, after S230, the method provided in this embodiment may further include:
s240, the operator server receives an updating authorization instruction sent by the mobile terminal, wherein the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal, an authorization time period and/or an authorization item;
and S250, the operator server carries out authorization change on the authorization time period and/or the authorization item of the first authorization terminal according to the updating authorization instruction.
In the embodiment of the present invention, it has been described above that the authorization terminal is not limited to a specific authorization terminal, and in addition, within the scope of authority of the registered account, one or more authorization terminals may be authorized by the operator server through the mobile terminal.
In practical application, the operator server receives an updating authorization instruction sent by the mobile terminal, wherein the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal and content such as a selected authorization time period and/or an authorization item to the first authorization terminal, and the operator server carries out authorization change on the first authorization terminal according to information in the updating authorization instruction, and the changed content is the content such as the authorization time period and/or the authorization item. For example, when the user is no longer at home, the authorized time period and the authorized program of the set-top box at home can be selected through the wireless communication network, so that the time and the content of watching the television program by children at home can be controlled, and the purposes of intelligent management and flexible management of the television program are achieved.
Optionally, fig. 7 is a flowchart of another authorization management method according to an embodiment of the present invention. On the basis of the embodiment shown in fig. 5, after S230, the method provided in this embodiment may further include:
s260, the operator server receives an authorization canceling instruction sent by the mobile terminal, wherein the authorization canceling instruction comprises a second authorization terminal selected by the mobile terminal;
and S270, the operator server cancels the authorization of the second authorization terminal according to the authorization canceling instruction.
In the embodiment of the invention, after the operator server authorizes one or more authorized terminals, the operator server can also cancel the authorization of the appointed authorized terminal, in practical application, the operator server receives an authorization canceling instruction sent by the mobile terminal, the authorization canceling instruction carries the mobile terminal to select the second authorized terminal, and the operator server can purposefully cancel the authorization of the second authorized terminal according to the second authorized terminal indicated by the authorization canceling instruction. For example, when a user goes out, after the operator server authorizes the set top box of the hotel, when the set top box of the hotel is no longer needed to watch television programs, the operator server can cancel authorization of the set top box by receiving an authorization canceling instruction of the mobile terminal, and therefore economic loss caused by forgetting to cancel authorization when the user leaves the hotel can be avoided.
Optionally, fig. 8 is a flowchart of another authorization management method according to an embodiment of the present invention. On the basis of the embodiment shown in fig. 5, after S230, the method provided in this embodiment may further include:
s280, an operator server receives an application authorization instruction sent by a mobile terminal, wherein the application authorization instruction comprises a charging authorization item selected by the mobile terminal;
s290, the operator server authorizes the charging authorization item according to the application authorization instruction.
In the embodiment of the invention, after the operator server authenticates the registered account and authorizes the authorized terminal, other authorization items, typically toll authorization items, for example, some television programs cannot be watched directly after registering an account number, and can be watched after a user applies and pays a corresponding fee, an operator server receives an application authorization instruction sent by a mobile terminal, the application authorization instruction carries the charging authorization item selected by the mobile terminal, the operator server can authorize according to the charging authorization item indicated by the application authorization instruction, the set-top box can play corresponding charged programs, the charging authorization items applied by the user through the mobile terminal are usually applied to a certain account, and the corresponding charged programs can be watched only by logging in through the account.
Further, after the user applies for the charging authorization item through the mobile terminal, the user may also specify an authorization terminal through the mobile terminal, for example, a certain authorization terminal or certain authorization terminals may be specified to watch the charging program, and the application authorization instruction received by the operator server also carries the identification information of the authorization terminal, that is, the operator server may open the charging program to the specified authorization terminal.
Optionally, on the basis of the foregoing embodiment of the present invention, before S210, the method provided in this embodiment may further include the following steps, i.e., S1 to S3:
s1, the operator server receives the authentication request message sent by the mobile terminal;
s2, the operator server carries out safety certification to the mobile terminal according to the certification request message;
s3, the operator server sends the authentication response message carrying the verification information to the mobile terminal, and the verification information is used for indicating the mobile terminal to complete the login.
In the embodiment of the invention, after a user registers an account at an operator server side, the user can log in the account through any mobile terminal, if the user logs in a registered account for the first time by using a certain mobile terminal, bidirectional authentication is needed, in the authentication process, after the operator server receives an authentication request message, authentication operation can be carried out, namely, safety authentication is realized, then, verification information is carried in an authentication response message and is sent to the mobile terminal, the verification information is a verification code for example, and the user inputs the verification information and the password in the mobile terminal to complete logging in; if the user forgets the password in the login process, the password can be retrieved through a password retrieving button in a software interface of the mobile terminal, and after login is successful, the software in the mobile terminal can extract the ID information of the account for later use. Therefore, the safety of the registered account is ensured, and even if the user changes the login account of the mobile terminal, the safety of the account can be ensured.
Fig. 9 is a schematic view of an application scenario in the authorization management method according to the embodiment of the present invention. The application scenario shown in fig. 9 is a unidirectional broadcast system in the prior art, an authorization terminal is, for example, a unidirectional network set top box, and the authorization management method in the application scenario shown in fig. 9 may include:
step 1, the mobile terminal acquires the unique identification information of the set top box.
In the application scenario, the manner of acquiring the unique identification information of the set top box of the unidirectional network may be, for example, a manner in which the mobile terminal searches for a two-dimensional code or other coded information of the set top box through a remote controller, an interface ID, and a USB interface of the set top box.
And 2, the unidirectional network set top box provides the unique identification information of the set top box through a USB interface or a two-dimensional code.
In the application scenario, the mobile terminal may further obtain account ID information according to the account that the user has logged in.
And 3, the mobile terminal encrypts the unique identification information and the account ID information of the set top box and then sends the encrypted information and the encrypted information to the operator server through the network, and then the operator server can decrypt the ciphertext, acquire the unique identification information and the account ID information of the set top box and generate the authorization code.
And 4, the operator server sends the authorization code to a specified one-way network set top box through a broadcast television network, and then the one-way network set top box can play the television program ordered by the corresponding account according to the authorization code.
Fig. 10 is a schematic view of another application scenario in the authorization management method according to the embodiment of the present invention. The application scenario shown in fig. 10 is remote authorization management, that is, the authorization condition of the set top box can be remotely managed through the mobile terminal, and the authorization management method in the application scenario shown in fig. 10 may include:
step 1, after a mobile terminal logs in an account, selecting a historical authorization record; that is, the unique identification information of the set-top box is obtained through the history.
In the application scenario, when the mobile terminal is located in other places and needs to authorize a specific historical set top box, the unique identification information of the set top box can be searched in a historical authorization list, and then authorization is applied to an operator server; in addition, the mobile terminal can also acquire account ID information according to the account number which the user logs in.
And 2, the mobile terminal encrypts the unique identification information and the account ID information of the set top box and then sends the encrypted information and the encrypted information to the operator server through the network, and then the operator server can decrypt the ciphertext, acquire the unique identification information and the account ID information of the set top box and generate the authorization code.
And 3, the operator server sends the authorization code to a specified set top box through a broadcast television network, and then the set top box can play the television program ordered by the corresponding account according to the authorization code.
In the application scenario, when a household is not at home, the authorized time period of the television program and the program which can be watched by children can be flexibly controlled through the mobile terminal, so that the children are prevented from watching the television for a long time, that is, the authorized time period and/or the authorized item of the set top box can be remotely changed through the mobile terminal, and the actual operation can include the following steps:
and 4, selecting the appointed set top box by the mobile terminal, and determining an authorization time period and/or an authorization item.
And 5, the mobile terminal carries the selected information of the appointed set top box, the authorization time period and/or the authorization item and the like in an updating authorization instruction and sends the updating authorization instruction to the operator server.
And 6, the operator server sends an updating authorization instruction to the appointed set top box so as to carry out authorization change on the authorization time period and/or the authorization item of the appointed set top box.
In the application scenario, if the user does not want a certain set top box authorized by the user to watch the program, the authorization can be cancelled through the mobile terminal at any time.
Fig. 11 is a schematic view of another application scenario in the authorization management method according to the embodiment of the present invention. In the case that the application scenario shown in fig. 11 is an IPTV private network or a public OTT service, the application scenario is a bidirectional network, the authorization terminal is, for example, a bidirectional network set top box, and the authorization management method in the application scenario shown in fig. 11 may include:
step 1, the mobile terminal acquires the unique identification information of the set top box through the local network.
In the application scenario, the mobile terminal may request to acquire the unique identification information of the set top box by sending a request message.
And 2, the bidirectional network set top box provides the unique identification information of the set top box through the local network.
In the application scenario, the bidirectional network set top box can carry the unique identification information thereof in a response message and send the response message to the mobile terminal; in addition, the mobile terminal can also acquire account ID information according to the account number which the user logs in.
It should be noted that, the manner of acquiring the unique identification information of the set top box in the application scenario may also adopt step 1 and step 2 in the application scenario shown in fig. 9.
And 3, the mobile terminal encrypts the unique identification information and the account ID information of the set top box and then sends the encrypted information and the encrypted information to the operator server through the network, and then the operator server can decrypt the ciphertext, acquire the unique identification information and the account ID information of the set top box and generate the authorization code.
And 4, the operator server sends the authorization code to a specified bidirectional network set top box through a broadcast television network, and then the bidirectional network set top box can play the television program ordered by the corresponding account according to the authorization code.
In the application scenario, in the process of implementing the login authentication of the set top box by using the mobile terminal, the login on any IPTV or any OTT set top box is supported, the non-local watching of the charged program or the non-local authorization of the charged program is implemented, that is, the authorization of the charged program can be selected by the mobile terminal, and the actual operation can include the following steps:
and 5, the mobile terminal selects the charged program to be watched, carries the charged program in an authorization application instruction and sends the charged program to the operator server, namely, applies for authorization of the charged program to the operator server.
And 6, the operator server sends a charging program authorization instruction to the bidirectional network set top box, wherein the charging program selected by the mobile terminal is appointed so as to authorize the charging program.
Fig. 12 is a schematic structural diagram of an authorization management device according to an embodiment of the present invention. The authorization management device provided by the embodiment is suitable for the condition that the mobile terminal provides television program authorization for the set top box of the digital television, and is realized in a mode of combining hardware and software, and the device can be integrated in a processor of the mobile terminal and used for being called by the processor. As shown in fig. 12, the authorization management device of the present embodiment may include: an acquisition module 11 and a sending module 12.
The obtaining module 11 is configured to obtain account ID information and identification information of an authorized terminal.
The authorization management device provided by the embodiment of the invention is a mode for providing television program authorization for a set top box of a digital television through a mobile terminal. In practical application, the obtaining module 11 may obtain account ID information and identification information of the authorization terminal, where the account ID information is an account registered by a user at a server side of an operator, the account ID information may include content such as user identity information, an account name, and a password, the identification information of the authorization terminal is unique identification information of the authorization terminal, for example, a unique code of a set top box, and the mobile terminal may establish a link with the authorization terminal through a USB interface, a local network, or a bluetooth connection on the authorization terminal, so as to obtain the identification information of the authorization terminal, and the obtaining module 11 may further obtain the identification information of the authorization terminal through a history record selection mode. In addition, the account registration mode of the user at the operator server side can be that the user registers the account at the operator server side through a wireless communication network, and can also transact the account application business at the operator service center for the user, and obtain the registered account.
It should be noted that, the embodiment of the present invention does not limit the mobile terminal to be a fixed mobile terminal, and also does not limit the authorization terminal to be authorized (for example, a set top box) to be a fixed set top box, and a user may change the mobile terminal and the set top box at any time according to a requirement, for example, when the user watches a television program at home, the user may authorize the set top box at home using a PAD, and when the user does not carry the PAD at home, the user may log in a registered account using a smart phone, and authorize the set top box at home of the friend.
And a sending module 12, configured to send, to the operator server, encrypted authentication information formed by the account ID information and the identification information of the authorized terminal, which are acquired by the acquiring module 11, the encrypted authentication information being used to instruct the operator server to generate authorization information of the authorized terminal, and send the authorization information to the authorized terminal.
In the embodiment of the present invention, after the obtaining module 11 obtains the account ID information and the identification information of the authorized terminal, the first forming module of the mobile terminal may form an authentication information string according to the account ID information, the identification information of the authorized terminal, and a preset rule, where the authentication information string is used for authentication on the operator server side. In practical applications, the authentication information string cannot be normally transmitted in the clear in view of the security of the account number and the authorization, and therefore, the second forming module of the mobile terminal may encrypt the authentication information string to form encrypted authentication information, and then, the encrypted authentication information is transmitted to the operator server by the transmitting module 12. On the operator server side, after receiving the encrypted authentication information, it can be decrypted, the encryption and decryption modes can be that the two parties predetermine in advance so as to obtain the authentication information string, the operator server can know the account information requesting authorization and the authorization terminal requesting authorization according to the authentication information string obtained by decryption, on condition that the account number is eligible for authorization, the operator server may generate authorization information for the authorized terminal, the authorized terminal is the authorized terminal indicated by the identification information of the authorized terminal, then the operator server sends the generated authorization information to the corresponding authorized terminal through the digital television network or the wireless communication network, after the authorized terminal receives the authorization information, the authorization information can be stored and the code stream can be descrambled by utilizing the authorization information, so that the television program ordered by the registration account of the user can be played.
In the above embodiments, the disadvantages and problems of the prior art authorization method for digital tv have been described, and therefore are not described herein again. Compared with the authorization mode in the prior art, the authorization management device provided by the embodiment of the invention has higher safety and reliability as long as the user has the authenticated account, and the user only needs to authorize the corresponding set top box through the mobile terminal without paying extra cost by going to other houses of the user, family of relatives and friends, hotel and the like and wants to watch the ordered television programs, as long as the user does not have the authenticated account.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 1 of the present invention, and has corresponding functional modules, which implement similar principles and technical effects, and are not described herein again.
Optionally, fig. 13 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention. On the basis of the structure of the apparatus shown in fig. 12, the apparatus provided in this embodiment may further include:
a selection module 13, configured to select a first authorized terminal, and determine an authorization time period and/or an authorization item of the first authorized terminal;
the sending module 12 is further configured to send an update authorization instruction to the operator server, where the update authorization instruction is used to instruct the operator server to perform authorization change on an authorization time period and/or an authorization item of the first authorization terminal.
In the embodiment of the present invention, it has been described above that the authorization terminal is not limited to a specific authorization terminal, and in addition, within the scope of the authority of the registered account, one or more authorization terminals may be authorized through the mobile terminal.
After one or more authorized terminals are authorized by the mobile terminal, the authorized content of the designated authorized terminal can be selected by the mobile terminal, in practical application, after the selection module 13 selects a first authorized terminal, the content of an authorized time period and/or an authorized item and the like of the first authorized terminal can be determined, after the information is determined, the sending module 12 can carry the information in an updating authorization instruction and send the information to the operator server, and the operator server performs authorization change on the first authorized terminal, wherein the changed content is the content of the determined authorized time period and/or authorized item and the like. For example, when the user is no longer at home, the authorized time period and the authorized program of the set-top box at home can be selected through the wireless communication network, so that the time and the content of watching the television program by children at home can be controlled, and the purposes of intelligent management and flexible management of the television program are achieved.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 2 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Alternatively, in the authorization management device provided in the embodiment shown in fig. 13,
the selection module 13 is further configured to select a second authorized terminal;
the sending module 12 is further configured to send an authorization cancellation instruction to the operator server, where the authorization cancellation instruction is used to instruct the operator server to cancel authorization of the second authorized terminal.
In the embodiment of the present invention, after one or more authorized terminals are authorized by the mobile terminal, the authorization of the designated authorized terminal can be cancelled by the mobile terminal, in practical applications, after the selection module 13 selects the second authorized terminal, the sending module 12 can send an authorization cancellation instruction carrying the identification information of the second authorized terminal to the operator server, and the operator server can cancel the authorization of the second authorized terminal in a targeted manner according to the second authorized terminal indicated by the authorization cancellation instruction. For example, when a user goes out, after the mobile terminal authorizes the set top box of the hotel, when the user no longer needs to use the set top box of the hotel to watch television programs, the authorization of the set top box can be cancelled at any time through the mobile terminal, and therefore economic loss caused by forgetting to cancel the authorization when the user leaves the hotel can be avoided.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 3 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Alternatively, in the authorization management device provided in the embodiment shown in fig. 13,
the selection module 13 is also used for selecting a charging authorization item;
the sending module 12 is further configured to send an application authorization instruction to the operator server, where the application authorization instruction is used to instruct the operator server to authorize the charging authorization item.
In the embodiment of the invention, after logging in a registered account and authorizing an authorized terminal through a mobile terminal, other authorized items can be applied, usually charge authorized items, for example, some television programs cannot be directly watched after logging in the account, and can be watched after a user applies and pays corresponding fees, after the selection module 13 selects the charge authorized items, the transmission module 12 can transmit an application authorization instruction carrying the charge authorized items to an operator server, the operator server can authorize according to the charge authorized items indicated by the application authorization instruction, so that a set top box can play corresponding charge programs, the charge authorized items applied by the user through the mobile terminal, usually applied for a certain account, and the corresponding charge programs can be watched as long as the user logs in through the account.
Further, after the user applies for the charging authorization item through the mobile terminal, the user may also specify an authorization terminal, for example, if it is specified that some or some authorization terminals can watch the charging program, the identification information of the authorization terminal is carried in the application authorization instruction, and the operator server is instructed to open the charging program only for the specified authorization terminal.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 4 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Optionally, fig. 14 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention. On the basis of the structure of the apparatus shown in fig. 12, the apparatus provided in this embodiment may further include a receiving module 14 and a login module 15.
In this embodiment, the sending module 12 is further configured to send an authentication request message to the vendor server before the obtaining module 11 obtains the account ID information and the identification information of the authorized terminal and when the mobile terminal logs in the registered account for the first time;
a receiving module 14, configured to receive an authentication response message sent by a provider server, where the authentication response message includes verification information;
and the login module 15 is used for completing login according to the authentication information received by the receiving module 14.
In the embodiment of the invention, after a user registers an account at an operator server side, the user can log in the account through any mobile terminal, if the user logs in a registered account for the first time by using a certain mobile terminal, bidirectional authentication is needed, in the authentication process, after the operator server receives an authentication request message, authentication operation can be carried out, then, verification information is carried in an authentication response message and sent to the mobile terminal, the verification information is a verification code for example, and the user inputs the verification information and a password in the mobile terminal to complete logging in; if the user forgets the password in the login process, the password can be retrieved through a password retrieving button in a software interface of the mobile terminal, and after login is successful, the software in the mobile terminal can extract the ID information of the account for later use. Therefore, the safety of the registered account is ensured, and even if the user changes the login account of the mobile terminal, the safety of the account can be ensured.
In practical applications, the sending module 12 and the receiving module 14 in the embodiments shown in fig. 12 to fig. 14 of the present invention are implemented by a transceiver of a mobile terminal, and the obtaining module 11, the selecting module 13 and the logging module 15 may be implemented by a processor of the mobile terminal, where the processor may be, for example, a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits that implement the embodiments of the present invention.
Fig. 15 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention. The authorization management device provided by the embodiment is suitable for the condition that the mobile terminal provides television program authorization for the set top box of the digital television, and is realized in a mode of combining hardware and software, and the device can be integrated in a processor of an operator server for the processor to call. As shown in fig. 15, the authorization management device of the present embodiment may include: an acquisition module 21, a generation module 22 and a sending module 23.
The obtaining module 21 is configured to obtain account ID information and identification information of an authorized terminal according to encrypted authentication information received from the mobile terminal.
The authorization management device provided by the embodiment of the invention is a mode for providing television program authorization for a set top box of a digital television through a mobile terminal, when the device provided by the embodiment of the invention executes authorization, the authorization is not directly performed on the set top box or an intelligent card inserted into the set top box, but performed through the mobile terminal, namely, an operator server receives encrypted authentication information sent by the mobile terminal, and an obtaining module 21 obtains account ID information and identification information of an authorization terminal from the encrypted authentication information, namely, the mobile terminal plays a key role in the authorization process. In practical application, the account ID information obtained by the obtaining module 21 is an account registered by a user at a server side of an operator, and the account ID information may include content such as user identity information, an account name, a password, and the like, the identification information of the authorization terminal is unique identification information of the authorization terminal, for example, a unique code of a set top box, the mobile terminal may establish a link with the authorization terminal through a USB interface, a local network, a bluetooth connection, and the like on the authorization terminal, so as to obtain the identification information of the authorization terminal, and the mobile terminal may further obtain the identification information of the authorization terminal through a history record selecting manner. In addition, the account registration mode of the user at the operator server side can be that the user registers the account at the operator server side through a wireless communication network, and can also transact the account application business at the operator service center for the user, and obtain the registered account.
In the embodiment of the present invention, after receiving the encrypted authentication information sent by the mobile terminal, the operator service may decrypt the encrypted authentication information by the decryption unit to obtain the authentication information string, so that the obtaining unit obtains the account ID information and the identification information of the authorized terminal according to the authentication information string obtained by the decryption unit and a preset rule. In practical applications, the mobile terminal is generally unable to send the authentication information string in a clear text form in consideration of security of account and authorization, so the mobile terminal encrypts the authentication information string to form encrypted authentication information, and then sends the encrypted authentication information to the operator server, wherein the encryption and decryption may be performed in a manner predetermined by both parties.
It should be noted that, the embodiment of the present invention does not limit the mobile terminal to be a fixed mobile terminal, and also does not limit the authorization terminal to be authorized (for example, a set top box) to be a fixed set top box, and a user may change the mobile terminal and the set top box at any time according to a requirement, for example, when the user watches a television program at home, the user may authorize the set top box at home using a PAD, and when the user does not carry the PAD at home, the user may log in a registered account using a smart phone, and authorize the set top box at home of the friend.
A generating module 22, configured to generate authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal acquired by the acquiring module 21;
a sending module 23, configured to send the authorization information generated by the generating module 22 to an authorization terminal.
In the embodiment of the present invention, after the obtaining module 21 obtains the account ID information and the identification information of the authorization terminal, it may know the account information requesting authorization and the authorization terminal requesting authorization, and under the condition that the account conforms to authorization, the generating module 22 may generate authorization information for the authorization terminal, which is the authorization terminal indicated by the identification information of the authorization terminal, and then the sending module 23 sends the generated authorization information to the corresponding authorization terminal through a digital television network or a wireless communication network, and after receiving the authorization information, the authorization terminal may store the authorization information and descramble a code stream by using the authorization information, so as to play a television program ordered by the registered account of the user.
In the above embodiments, the disadvantages and problems of the prior art authorization method for digital tv have been described, and therefore are not described herein again. Compared with the authorization mode in the prior art, the authorization management device provided by the embodiment of the invention has higher safety and reliability as long as the user has the authenticated account, and the user only needs to authorize the corresponding set top box through the mobile terminal without paying extra cost by going to other houses of the user, family of relatives and friends, hotel and the like and wants to watch the ordered television programs, as long as the user does not have the authenticated account.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 5 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Optionally, fig. 16 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention. On the basis of the structure of the apparatus shown in fig. 15, the apparatus provided in this embodiment may further include:
a receiving module 24, configured to receive an update authorization instruction sent by a mobile terminal, where the update authorization instruction includes a first authorization terminal selected by the mobile terminal, an authorization time period, and/or an authorization item;
and the authorization module 25 is configured to perform authorization change on the authorization time period and/or the authorization item of the first authorization terminal according to the update authorization instruction received by the receiving module 25.
In the embodiment of the present invention, it has been described above that the authorization terminal is not limited to a specific authorization terminal, and in addition, within the scope of authority of the registered account, one or more authorization terminals may be authorized by the operator server through the mobile terminal.
In practical application, the receiving module 24 receives an update authorization instruction sent by the mobile terminal, where the update authorization instruction includes a first authorization terminal selected by the mobile terminal and a selected authorization time period and/or authorization item for the first authorization terminal, and the authorization module 25 performs authorization change on the first authorization terminal according to information in the update authorization instruction, where the changed content is the authorization time period and/or authorization item. For example, when the user is no longer at home, the authorized time period and the authorized program of the set-top box at home can be selected through the wireless communication network, so that the time and the content of watching the television program by children at home can be controlled, and the purposes of intelligent management and flexible management of the television program are achieved.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 6 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Alternatively, in the authorization management device provided in the embodiment shown in fig. 16,
a receiving module 24, configured to receive an authorization canceling instruction sent by a mobile terminal, where the authorization canceling instruction includes a second authorization terminal selected by the mobile terminal;
and an authorization module 25, configured to cancel authorization of the second authorized terminal according to the cancellation authorization instruction received by the receiving module 24.
In the embodiment of the present invention, after the operator server authorizes one or more authorized terminals, the operator server may also cancel the authorization of the designated authorized terminal, in practical applications, the receiving module 24 receives an authorization canceling instruction sent by the mobile terminal, and the authorization canceling instruction carries the mobile terminal to select the second authorized terminal, so that the authorization module 25 may specifically cancel the authorization of the second authorized terminal according to the second authorized terminal indicated by the authorization canceling instruction. For example, when a user goes out, after the operator server authorizes the set top box of the hotel, when the set top box of the hotel is no longer needed to watch television programs, the operator server can cancel authorization of the set top box by receiving an authorization canceling instruction of the mobile terminal, and therefore economic loss caused by forgetting to cancel authorization when the user leaves the hotel can be avoided.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment of fig. 7 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects and are not described herein again.
Alternatively, in the authorization management device provided in the embodiment shown in fig. 16,
a receiving module 24, configured to receive an application authorization instruction sent by a mobile terminal, where the application authorization instruction includes a charging authorization item selected by the mobile terminal;
and the authorization module 25 is used for authorizing the charging authorization item according to the application authorization instruction received by the receiving module 24.
In the embodiment of the present invention, after the operator server authenticates the registered account and authorizes the authorized terminal, the operator server may also authorize other authorization items, which are usually charging authorization items, for example, some television programs cannot be directly watched after the account is registered, and can be watched only after the user applies and pays a corresponding fee, the receiving module 24 receives an application authorization instruction sent by the mobile terminal, where the application authorization instruction carries a charging authorization item selected by the mobile terminal, and then the authorization module 25 may authorize according to the charging authorization item indicated by the application authorization instruction, so that the set-top box may play a corresponding charging program, and the charging authorization item applied by the user through the mobile terminal, which is usually applied for an account, may be watched as long as the user logs in through the account.
Further, after the user applies for the charging authorization item through the mobile terminal, the user may also specify an authorization terminal through the mobile terminal, for example, a certain authorization terminal or certain authorization terminals may be specified to watch the charging program, and the application authorization instruction received by the operator server also carries the identification information of the authorization terminal, that is, the operator server may open the charging program to the specified authorization terminal.
The authorization management device provided in the embodiment of the present invention is used to execute the authorization management method provided in the embodiment shown in fig. 8 of the present invention, and has corresponding functional modules, which have similar implementation principles and technical effects, and are not described herein again.
Optionally, fig. 17 is a schematic structural diagram of another authorization management device according to an embodiment of the present invention. On the basis of the structure of the apparatus shown in fig. 15, the apparatus provided in this embodiment may further include a receiving module 24 and an authenticating module 26.
A receiving module 24, configured to receive an authentication request message sent by the mobile terminal before the obtaining module 21 obtains the account ID information and the identification information of the authorized terminal;
an authentication module 26, configured to perform security authentication on the mobile terminal according to the authentication request message received by the receiving module 24;
the sending module 23 is further configured to send an authentication response message carrying verification information to the mobile terminal, where the verification information is used to instruct the mobile terminal to complete login.
In the embodiment of the present invention, after a user registers an account at an operator server side, the user may log in the account through any mobile terminal, if the user logs in a registered account for the first time by using a certain mobile terminal, bidirectional authentication is required, in the authentication process, after receiving an authentication request message by the receiving module 24, the authentication module 26 may perform authentication operation, that is, secure authentication is achieved, and then the sending module 22 carries verification information, such as a verification code, in an authentication response message and sends the verification information to the mobile terminal, and the user inputs the verification information and the password in the mobile terminal to complete logging in; if the user forgets the password in the login process, the password can be retrieved through a password retrieving button in a software interface of the mobile terminal, and after login is successful, the software in the mobile terminal can extract the ID information of the account for later use. Therefore, the safety of the registered account is ensured, and even if the user changes the login account of the mobile terminal, the safety of the account can be ensured.
In practical applications, the sending module 23 and the receiving module 24 in the embodiments shown in fig. 15 to fig. 17 of the present invention may be implemented by a transceiver of an operator server, and the obtaining module 21, the generating module 22, the authorizing module 25 and the authenticating module 26 may be implemented by a processor of the operator server, which may be, for example, a CPU, an ASIC, or one or more integrated circuits that implement the embodiments of the present invention.
Fig. 18 is a schematic structural diagram of an authorization management system according to an embodiment of the present invention, where the authorization management system includes a mobile terminal 100, an operator server 200, and at least one authorization terminal 300, where the mobile terminal 100 in this embodiment is configured with an authorization management apparatus as in any one of the embodiments shown in fig. 12 to 14, and the operator server 200 is configured with an authorization management apparatus as in any one of the embodiments shown in fig. 15 to 17, and each authorization terminal is configured to receive authorization information sent by the operator server 200 and play a corresponding authorization item according to the authorization information; wherein the operator server 200 is connected with the mobile terminal 100 and each authorized terminal 300, respectively. The embodiment shown in fig. 18 is illustrated by taking an authorization management system including 3 authorization terminals 300 as an example, and in addition, the embodiment of the present invention does not limit the mobile terminal 100 in the system shown in fig. 18 to be a specific mobile terminal, the mobile terminal 100 can be replaced according to the use requirement of a user, and a manner of performing service switching by each network element in the authorization management system is the same as a manner of performing service switching by a corresponding network element in the embodiments shown in fig. 12 to 17, and is also used for performing the authorization management method provided in any embodiment shown in fig. 1 to 11 of the present invention, and the method includes corresponding entity devices, which have similar implementation principles and technical effects, and are not described herein again.
It will be understood by those skilled in the art that all or part of the steps of the above methods may be implemented by a program instructing associated hardware (e.g., a processor) which may be stored in a computer readable storage medium such as a read only memory, a magnetic or optical disk, etc. Alternatively, all or part of the steps of the above embodiments may be implemented using one or more integrated circuits. Accordingly, the modules/units in the above embodiments may be implemented in hardware, for example, by an integrated circuit, or may be implemented in software, for example, by a processor executing programs/instructions stored in a memory to implement the corresponding functions. Embodiments of the invention are not limited to any specific form of hardware or software combination.
Although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (21)

1. An authorization management method, comprising:
the mobile terminal acquires account number code ID information and identification information of an authorization terminal;
the mobile terminal sends encrypted authentication information formed by the account ID information and the identification information of the authorization terminal to an operator server, wherein the encrypted authentication information is used for indicating the operator server to generate authorization information of the authorization terminal and sending the authorization information to the authorization terminal;
the mobile terminal selects a first authorization terminal, and determines an authorization time period and/or an authorization item of the first authorization terminal;
the mobile terminal sends an updating authorization instruction to the operator server, wherein the updating authorization instruction is used for indicating the operator server to carry out authorization change on the authorization time period and/or the authorization item of the first authorization terminal.
2. The authorization management method according to claim 1, wherein before the mobile terminal transmits encrypted authentication information formed by the account ID information and the identification information of the authorized terminal to the operator server, the method comprises:
the mobile terminal forms an authentication information string according to the account ID information and the identification information of the authorization terminal;
and the mobile terminal encrypts the authentication information string to form the encrypted authentication information.
3. The authorization management method according to claim 1, characterized in that the method further comprises:
the mobile terminal selects a second authorized terminal;
and the mobile terminal sends an authorization canceling instruction to the operator server, wherein the authorization canceling instruction is used for indicating the operator server to cancel the authorization of the second authorization terminal.
4. The authorization management method according to claim 1, characterized in that the method further comprises:
the mobile terminal selects a charging authorization item;
the mobile terminal sends an application authorization instruction to the operator server, and the application authorization instruction is used for indicating the operator server to authorize the charging authorization project.
5. The authorization management method according to any of claims 1 to 4, wherein before the mobile terminal acquires the account number ID information and the identification information of the authorization terminal, the method further comprises:
the mobile terminal sends an authentication request message to the operator server when logging in a registered account for the first time;
the mobile terminal receives an authentication response message sent by the operator server, wherein the authentication response message comprises verification information;
and the mobile terminal completes login according to the verification information.
6. An authorization management method, comprising:
the operator server acquires account number code ID information and identification information of an authorized terminal according to the encrypted authentication information received from the mobile terminal;
the operator server generates authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal;
the operator server sends the authorization information to the authorization terminal;
the operator server receives an updating authorization instruction sent by the mobile terminal, wherein the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal, an authorization time period and/or an authorization item;
and the operator server carries out authorization change on the authorization time period and/or the authorization item of the first authorization terminal according to the updating authorization instruction.
7. The authorization management method according to claim 6, wherein the operator server obtains account number code ID information and identification information of the authorized terminal according to the encrypted authentication information received from the mobile terminal, including:
the operator server decrypts the encrypted authentication information to obtain an authentication information string;
and the operator server acquires the account ID information and the identification information of the authorized terminal according to the authentication information string.
8. The authorization management method according to claim 6, characterized in that the method further comprises:
the operator server receives an authorization canceling instruction sent by the mobile terminal, wherein the authorization canceling instruction comprises a second authorization terminal selected by the mobile terminal;
and the operator server cancels the authorization of the second authorization terminal according to the authorization canceling instruction.
9. The authorization management method according to claim 6, characterized in that the method further comprises:
the operator server receives an application authorization instruction sent by the mobile terminal, wherein the application authorization instruction comprises a charging authorization item selected by the mobile terminal;
and the operator server authorizes the charging authorization project according to the application authorization instruction.
10. The authorization management method according to any of claims 6 to 9, characterized in that before the operator server obtains account number code ID information and identification information of an authorized terminal, the method further comprises:
the operator server receives an authentication request message sent by the mobile terminal;
the operator server carries out safety authentication on the mobile terminal according to the authentication request message;
and the operator server sends an authentication response message carrying verification information to the mobile terminal, wherein the verification information is used for indicating the mobile terminal to finish login.
11. An authorization management device, wherein the device is disposed in a mobile terminal, the device comprising:
the acquisition module is used for acquiring account code ID information and identification information of the authorization terminal;
a sending module, configured to send encrypted authentication information formed by the account ID information and the identification information of the authorized terminal, which are obtained by the obtaining module, to an operator server, where the encrypted authentication information is used to instruct the operator server to generate authorization information of the authorized terminal, and send the authorization information to the authorized terminal;
the device comprises a selection module, a first authorization module and a second authorization module, wherein the selection module is used for selecting a first authorization terminal and determining an authorization time period and/or an authorization item of the first authorization terminal;
the sending module is further configured to send an update authorization instruction to the operator server, where the update authorization instruction is used to instruct the operator server to perform authorization change on an authorization time period and/or an authorization item of the first authorization terminal.
12. The authorization management device according to claim 11, characterized in that the device further comprises:
the first forming module is used for forming an authentication information string according to the account ID information and the identification information of the authorized terminal acquired by the acquiring module before the transmitting module transmits the encrypted authentication information to an operator server;
and the second forming module is used for encrypting the authentication information string formed by the first forming module to form the encrypted authentication information.
13. The authorization management device according to claim 11, characterized in that the device further comprises:
the selection module is used for selecting a second authorization terminal;
the sending module is further configured to send an authorization canceling instruction to the operator server, where the authorization canceling instruction is used to instruct the operator server to cancel authorization of the second authorized terminal.
14. The authorization management device according to claim 11, characterized in that the device further comprises:
the selection module is used for selecting the charging authorization item;
the sending module is further used for sending an application authorization instruction to the operator server, and the application authorization instruction is used for indicating the operator server to authorize the charging authorization project.
15. The authorization management device according to any of claims 11 to 14,
the sending module is further configured to send an authentication request message to the vendor server before the obtaining module obtains the account ID information and the identification information of the authorized terminal and when the mobile terminal logs in a registered account for the first time;
the device further comprises:
the receiving module is used for receiving an authentication response message sent by the operator server, wherein the authentication response message comprises verification information;
and the login module is used for completing login according to the verification information received by the receiving module.
16. An authorization management device provided in an operator server, the device comprising:
the acquisition module is used for acquiring account code ID information and identification information of the authorized terminal according to the encrypted authentication information received from the mobile terminal;
the generating module is used for generating the authorization information of the authorization terminal according to the account ID information and the identification information of the authorization terminal acquired by the acquiring module;
a sending module, configured to send the authorization information generated by the generating module to the authorization terminal;
the mobile terminal comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving an updating authorization instruction sent by the mobile terminal, and the updating authorization instruction comprises a first authorization terminal selected by the mobile terminal, an authorization time period and/or an authorization item;
and the authorization module is used for carrying out authorization change on the authorization time period and/or the authorization items of the first authorization terminal according to the updating authorization instruction received by the receiving module.
17. The authorization management device according to claim 16, characterized in that the acquisition module comprises:
the decryption unit is used for decrypting the encrypted authentication information to obtain an authentication information string;
and the obtaining unit is used for obtaining the account ID information and the identification information of the authorized terminal according to the authentication information string obtained by the decryption unit.
18. The authorization management device according to claim 16, characterized in that the device further comprises:
a receiving module, configured to receive an authorization cancellation instruction sent by the mobile terminal, where the authorization cancellation instruction includes a second authorization terminal selected by the mobile terminal;
and the authorization module is used for canceling the authorization of the second authorization terminal according to the authorization canceling instruction received by the receiving module.
19. The authorization management device according to claim 16, characterized in that the device further comprises:
a receiving module, configured to receive an application authorization instruction sent by the mobile terminal, where the application authorization instruction includes a charging authorization item selected by the mobile terminal;
and the authorization module is used for authorizing the charging authorization project according to the application authorization instruction received by the receiving module.
20. The authorization management device according to any of claims 16 to 19, characterized in that the device further comprises:
a receiving module, configured to receive an authentication request message sent by the mobile terminal before the obtaining module obtains the account ID information and the identification information of the authorized terminal;
the authentication module is used for carrying out security authentication on the mobile terminal according to the authentication request message received by the receiving module;
the sending module is further configured to send an authentication response message carrying verification information to the mobile terminal, where the verification information is used to instruct the mobile terminal to complete login.
21. An authorization management system, comprising: the system comprises a mobile terminal, an operator server and at least one authorization terminal;
wherein the mobile terminal is provided with the authorization management device of any one of claims 11-15, and the operator server is provided with the authorization management device of any one of claims 16-20;
and the authorization terminal is used for receiving the authorization information sent by the operator server and playing the corresponding authorization item according to the authorization information.
CN201710045778.8A 2017-01-20 2017-01-20 Authorization management method, device and system Active CN108337540B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710045778.8A CN108337540B (en) 2017-01-20 2017-01-20 Authorization management method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710045778.8A CN108337540B (en) 2017-01-20 2017-01-20 Authorization management method, device and system

Publications (2)

Publication Number Publication Date
CN108337540A CN108337540A (en) 2018-07-27
CN108337540B true CN108337540B (en) 2021-11-23

Family

ID=62922928

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710045778.8A Active CN108337540B (en) 2017-01-20 2017-01-20 Authorization management method, device and system

Country Status (1)

Country Link
CN (1) CN108337540B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111488593A (en) * 2019-11-28 2020-08-04 杭州海康威视系统技术有限公司 Service authorization method, device, electronic equipment and storage medium
CN112148597B (en) * 2020-09-16 2021-12-10 北京基调网络股份有限公司 Method for eliminating iOS device authorization dialog box, test method and storage medium
CN112383577A (en) * 2021-01-19 2021-02-19 北京信安世纪科技股份有限公司 Authorization method, device, system, equipment and storage medium
CN112969091B (en) * 2021-02-19 2023-01-13 江苏省广电有线信息网络股份有限公司无锡分公司 Automatic authorization correction method for set top box
CN114024742A (en) * 2021-11-03 2022-02-08 北京天融信网络安全技术有限公司 Authorization management method, device, equipment and storage medium
TWI788199B (en) * 2022-01-20 2022-12-21 中華電信股份有限公司 Authorizing apparatus and method for video playback and computer program product for executing the method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102821317A (en) * 2012-08-31 2012-12-12 深圳创维-Rgb电子有限公司 Method and system for managing digital television
CN103747300A (en) * 2013-12-02 2014-04-23 中国传媒大学 Conditional access system capable of supporting mobile terminal
CN105141995A (en) * 2015-08-07 2015-12-09 北京思特奇信息技术股份有限公司 Method and system for realizing television cloud remote control based on converged communication technology
CN105681877A (en) * 2014-11-20 2016-06-15 中国移动通信集团公司 Set-top box, television, platform, remote controller and method and apparatus for establishing connection

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003046966A (en) * 2001-07-27 2003-02-14 Yamaura Corp Supervising operation automatic charging method in video conference

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102821317A (en) * 2012-08-31 2012-12-12 深圳创维-Rgb电子有限公司 Method and system for managing digital television
CN103747300A (en) * 2013-12-02 2014-04-23 中国传媒大学 Conditional access system capable of supporting mobile terminal
CN105681877A (en) * 2014-11-20 2016-06-15 中国移动通信集团公司 Set-top box, television, platform, remote controller and method and apparatus for establishing connection
CN105141995A (en) * 2015-08-07 2015-12-09 北京思特奇信息技术股份有限公司 Method and system for realizing television cloud remote control based on converged communication technology

Also Published As

Publication number Publication date
CN108337540A (en) 2018-07-27

Similar Documents

Publication Publication Date Title
CN108337540B (en) Authorization management method, device and system
JP4800377B2 (en) Authentication system, CE device, portable terminal, key certificate issuing authority, and key certificate acquisition method
KR101819556B1 (en) Apparatus and method for supporting family cloud in cloud computing system
KR101098091B1 (en) Method for using contents, method for sharing contents and device based on security level
CN101166261B (en) Pay program providing system and television broadcast reception apparatus
US7424733B2 (en) Device control system
US20120210127A1 (en) Authentication device using true random number generating element or pseudo-random number generating element, authentication apparatus, and authentication method
CN102986239B (en) For the system and method using the information obtained from subscriber device to authorize the access to network service
JP2005323070A (en) Authentication method for home information appliance by portable telephone
CN108023727B (en) Authorization method and system thereof
CN102907114A (en) Controlling access of user to media content
KR20230008695A (en) Password recovery method, system and cloud server and electronic device
JP2006191403A (en) Method for exchanging security information, recorder apparatus and television receiver
CN106658488B (en) Intelligent household appliance and method and device for safely accessing intelligent household appliance
CN114760112A (en) Wireless local area network-oriented intelligent household equipment network access method, system, equipment and storage medium
CN106464664A (en) A method and system to create a secure communication channel between two security modules
CN112751803B (en) Method, apparatus, and computer-readable storage medium for managing objects
JPWO2006068172A1 (en) Digital broadcast receiver
KR101934785B1 (en) Entrance control system
KR101094275B1 (en) Authentication method and apparatus for mobile device in internet protocol television
CN114258685B (en) Methods, systems, and media for presenting media content items using multiple devices
KR100820228B1 (en) User Watching Entitlement Identification System Using One Time Password And Method Thereof
KR20120072030A (en) The apparatus and method for remote authentication
CN101778254A (en) Channel switching authentication device and method
CN103763619A (en) System for uniformly authenticating satellite digital services and application method of system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant