CN109194905A - Video conference connects encryption, method for building up, terminal, server and system - Google Patents
Video conference connects encryption, method for building up, terminal, server and system Download PDFInfo
- Publication number
- CN109194905A CN109194905A CN201811308480.2A CN201811308480A CN109194905A CN 109194905 A CN109194905 A CN 109194905A CN 201811308480 A CN201811308480 A CN 201811308480A CN 109194905 A CN109194905 A CN 109194905A
- Authority
- CN
- China
- Prior art keywords
- conference
- key
- terminal
- web
- login password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/14—Systems for two-way working
- H04N7/15—Conference systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Telephonic Communication Services (AREA)
Abstract
This application discloses a kind of video conference connection encryption method, method for building up, Web conference controlling terminal, web back-end server and control systems, applied to Web conference controlling terminal, include: to be encrypted using preset Encryption Algorithm and key pair login password, obtains communication ciphertext;Communication ciphertext is sent to web back-end server, so that web back-end server obtains login password, and login password is sent to conference terminal to communication ciphertext decryption, for conference terminal login;Wherein, key is what web back-end server dynamic random generated;The application is encrypted using dynamic key pair login password; the key constantly changed, which increases, cracks difficulty; in the case where even if generation key single is stolen; new key after generating with dynamic random can also be cracked to avoid login password, further strengthen the protection to login password.
Description
Technical field
The present invention relates to field of communication technology, in particular to a kind of video conference connects encryption method, method for building up, network
Conference control terminal, web back-end server and control system.
Background technique
National height of the associated mechanisms based on national security and long-range strategy in recent years proposes the implementation for pushing national secret algorithm
Using the controllable requirement of industrial security is reinforced in realization, and the security context of construction industry network enhances the " peace of trade information system
Property is particularly important entirely controllably ".
Video conference terminal system is extended to, transferring content is encrypted using the algorithm for meeting the close requirement of state, guaranteed to pass
The safety of defeated content is also extremely urgent.
Therefore, it is necessary to a kind of video conference connection encryption methods can further increase safety.
Summary of the invention
In view of this, the purpose of the present invention is to provide a kind of video conferences to connect encryption method, method for building up, network meeting
Controlling terminal, web back-end server and control system are discussed, safety is improved.Its concrete scheme is as follows:
A kind of video conference connection encryption method, is applied to Web conference controlling terminal, comprising:
It is encrypted using preset Encryption Algorithm and key pair login password, obtains communication ciphertext, wherein the login
Password logs in the close of conference service for conference terminal by what the web terminal in the Web conference controlling terminal inputted for user
Code;
The communication ciphertext is sent to web back-end server, so that the web back-end server is to the communication ciphertext
Decryption, obtains the login password, and the login password is sent to conference terminal, for conference terminal login;
Wherein, key is what the web back-end server dynamic random generated.
Optionally, described to be encrypted using preset Encryption Algorithm and key pair login password, obtain communication ciphertext
Process, comprising:
It is encrypted using login password described in SM4 Encryption Algorithm and key pair, obtains the communication ciphertext.
It is optionally, described that the communication ciphertext is sent to after web back-end server, further includes:
Receive the connection result for the conference terminal that the web back-end server is sent.
Optionally, described to be encrypted using preset Encryption Algorithm and key pair login password, obtain communication ciphertext it
Before, further includes:
Receive the basic information of the conference terminal of user's input;
Authentication document is generated using basic information, so that certificate agency generates certification certificate using the authentication document;
The certification certificate is received, sends the certification certificate to the web back-end server, for the rear end web
Server saves, and so that the web back-end server sends the certification certificate to the conference terminal, so as to the meeting
Terminal saves.
The invention also discloses a kind of video conferences to connect encryption method for building up, is applied to web back-end server, comprising:
Generate key;
Key is sent to Web conference controlling terminal;
Receive the communication ciphertext that the Web conference controlling terminal is encrypted using key and Encryption Algorithm;
Using decipherment algorithm corresponding with the communication ciphertext, the communication ciphertext is decrypted, login password is obtained;
The login password is sent to conference terminal, so that the conference terminal is logged in using the login password;
Wherein, key is what dynamic random generated.
Optionally, the process for generating key, comprising:
Generate key and private key corresponding with key;
It is described to utilize decipherment algorithm corresponding with the communication ciphertext, to the process that the communication ciphertext is decrypted, packet
It includes:
Using private key corresponding with the communication ciphertext and decipherment algorithm, the communication ciphertext is decrypted;
Wherein, private key is what dynamic random generated.
Optionally, before the generation key, further includes:
Receive and save the certification certificate that the Web conference controlling terminal is sent;
The certification certificate is sent to the conference terminal, so as to conference terminal preservation.
The invention also discloses a kind of Web conference controlling terminals, comprising:
Encrypting module obtains communication ciphertext for being encrypted using preset Encryption Algorithm and key pair login password,
Wherein, the login password is that user is stepped on by what the web terminal in the Web conference controlling terminal inputted for conference terminal
Record the password of conference service;
Ciphertext sending module, for the communication ciphertext to be sent to web back-end server, so that the rear end web takes
Business device decrypts the communication ciphertext, the login password is obtained, and the login password is sent to conference terminal, for institute
State conference terminal login;
Wherein, key is what the web back-end server dynamic random generated.
The invention also discloses a kind of web back-end servers, comprising:
Key production module, for generating key;
Key sending module, for sending key to Web conference controlling terminal;
Ciphertext receiving module is encrypted using key and Encryption Algorithm for receiving the Web conference controlling terminal
Communicate ciphertext;
Ciphertext deciphering module carries out the communication ciphertext for utilizing decipherment algorithm corresponding with the communication ciphertext
Decryption, obtains login password;
Password sending module, for sending the login password to conference terminal, for described in conference terminal utilization
Login password logs in;
Wherein, key is what dynamic random generated.
The invention also discloses a kind of Video Conference Controlling System, including Web conference controlling terminal as the aforementioned, such as before
Web back-end server, videoconferencing platform and the conference terminal stated.
In the present invention, video conference connects encryption method, is applied to Web conference controlling terminal, comprising: utilizes preset
Encryption Algorithm and key pair login password are encrypted, and communication ciphertext is obtained, wherein the login password is user described in
The password that conference service is logged in for conference terminal of web terminal input in Web conference controlling terminal;Communication ciphertext is sent
To web back-end server, so that web back-end server obtains login password, and login password is sent to communication ciphertext decryption
To conference terminal, for conference terminal login;Wherein, key is what web back-end server dynamic random generated.
The present invention is encrypted using dynamic key pair login password, and the key constantly changed, which increases, cracks difficulty
Degree, even if new key after generating with dynamic random can also be close to avoid logging in the case where generation key single is stolen
Code is cracked, and further strengthens the protection to login password.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is that a kind of video conference provided in an embodiment of the present invention connects encryption method flow diagram;
Fig. 2 is that a kind of video conference provided in an embodiment of the present invention connects method for building up flow diagram;
Fig. 3 is a kind of Web conference controlling terminal structural schematic diagram provided in an embodiment of the present invention;
Fig. 4 is a kind of web back-end server structural schematic diagram provided in an embodiment of the present invention;
Fig. 5 is a kind of Video Conference Controlling System structural schematic diagram provided in an embodiment of the present invention;
Fig. 6 is a kind of webmtc control flow schematic diagram provided in an embodiment of the present invention;
Fig. 7 is a kind of webmtc data transmission flow figure provided in an embodiment of the present invention;
Fig. 8 is that the close certificate of a kind of quotient provided in an embodiment of the present invention uploads schematic diagram;
Fig. 9 is a kind of close certificates constructing schematic diagram of quotient provided in an embodiment of the present invention;
Figure 10 is a kind of webmtc communication scheme provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The embodiment of the invention discloses a kind of video conferences to connect encryption method, shown in Figure 1, this method comprises:
S11: being encrypted using preset Encryption Algorithm and key pair login password, obtains communication ciphertext.
Specifically, using Encryption Algorithm and working as when needing to control conference terminal foundation and the connection of videoconferencing platform
Preceding key, the login password needed for logging in conference terminal encrypt, and obtain communication ciphertext, wherein key is the rear end web
The key that server timing dynamic random generates, when using rivest, shamir, adelman, web back-end server can also be preserved
Private key corresponding with key can also generate private key corresponding with key while generating key, for example, every mistake 1 minute certainly
Regenerating key and corresponding private key, therefore, even if quilt during will communicate ciphertext and be sent to web back-end server
It intercepts, can not also obtain private key, simultaneously as key and private key dynamic random generate, it, also can be because of key even if private key leaks
Dynamic change causes stolen private key to fail, and further improves safety;Wherein, Encryption Algorithm can be encrypted using SM4
Algorithm.
S12: being sent to web back-end server for communication ciphertext, so that web back-end server obtains communication ciphertext decryption
It is sent to conference terminal to login password, and by login password, for conference terminal login.
Specifically, the above method of the embodiment of the present invention is used for Web conference controlling terminal, the Web conference controlling terminal
It can refer to dedicated controlling terminal, be also possible to the terminal that can be realized network connection, log in web back-end server, user
The long-range control to conference terminal can be directly realized by web terminal.Web conference terminal can will add after completing encryption
The communication ciphertext of close mistake is sent to web back-end server, and web back-end server, will be according to depositing after receiving communication ciphertext
Store up web back-end server local private key corresponding with the key used when coded communication ciphertext and identical Encryption Algorithm into
Row decryption obtains the login password of plaintext in communication ciphertext, then login password is sent to terminal, to enable the terminals to utilize
Login password logs in videoconferencing platform, completes Telnet control.
As it can be seen that the embodiment of the present invention is encrypted using dynamic key pair login password, the key constantly changed and
Private key, which increases, cracks difficulty, even if the new key in the case where generation private key single is stolen, after generating with dynamic random
It can also be cracked with new private key to avoid login password, further strengthen the protection to login password.
Further, it for that the login situation of conference terminal can be fed back to Web conference controlling terminal in time, improves and uses
Family experience can also receive the meeting of web back-end server transmission after it will communicate ciphertext and be sent to web back-end server
The connection result of terminal, and connection result is shown to user, so that user be enabled to learn whether conference terminal successfully logs in.
Further, the conference terminal before video conference to ensure to be added meeting is authorized conference terminal, is needed
Check whether conference terminal has legal certification certificate, for this purpose, close using preset Encryption Algorithm and key pair login in S11
Code is encrypted, and can also include S13 to S15 before obtaining communication ciphertext;Wherein,
S13: the basic information of the conference terminal of user's input is received.
S14: generating authentication document using basic information, so that certificate agency generates authentication proof using the authentication document
Book.
Specifically, basic information can be the information such as the essential information, such as Termination ID, IP address of conference terminal, utilize
The authentication document of .csr format can be generated in basic information, and this document itself does not include certificate content, mainly to for certificate machine
Structure is authenticated, and generates corresponding certification certificate by the certificate agency.The certification certificate is mainly used for for meeting platform to meeting
The certification of terminal, to authenticate the legitimacy of conference terminal, which may include one of: standard TLS certificate, the close TLS of state
Certificate and CA certificate.
S15: receiving the certification certificate, sends the certification certificate to the web back-end server, for the web
Back-end server saves, and so that the web back-end server sends the certification certificate to the conference terminal, so as to described
Conference terminal saves.
Specifically, certification certificate can be the file of .pem format, certificate may include standard TLS certificate, the close TLS card of state
Book and CA certificate, the close card insertion of quotient can be entered network Conference control terminal by user by certification certificate, so that Web conference controls
Terminal receives certification certificate, and after receiving certification certificate, to make conference terminal preserve certification certificate, certification certificate is sent to
Web back-end server, web back-end server are saved after obtaining certification certificate, and web back-end server simultaneously will authenticate certificate
It is sent to conference terminal, so that conference terminal obtains certification certificate and is able to carry out video conference.
The embodiment of the invention also discloses a kind of video conferences to connect encryption method for building up, shown in Figure 2, is applied to
Web back-end server, this method comprises:
S21: key is generated;
S22: key is sent to Web conference controlling terminal;
S23: the communication ciphertext that Web conference controlling terminal is encrypted using key and Encryption Algorithm is received;
S24: using decipherment algorithm corresponding with communication ciphertext, communication ciphertext is decrypted, login password is obtained;
S25: login password is sent to conference terminal, so that conference terminal is logged in using login password.
Specifically, when using symmetric encipherment algorithm only key can be generated for encrypting and decrypting by dynamic random, and will
Key is regularly sent to Web conference controlling terminal, to enable Web conference controlling terminal can be in web back-end server more Xinmi City
Local key is updated after key, can utilize newest key encrypted login password, wherein key can be periodically generated, for example,
It was generated at interval of 15 seconds primary.
Specifically, after receiving the communication ciphertext that Web conference controlling terminal is obtained using Encryption Algorithm and key, benefit
Communication ciphertext is decrypted with corresponding decipherment algorithm, obtains the login password of plaintext, Encryption Algorithm and decipherment algorithm can be identical, example
It such as, is SM4 Encryption Algorithm;After obtaining login password, login password can be sent to conference terminal, to enable conference terminal energy
Enough videoconferencing platform is logged in using login password.
Further, cipher mode can use symmetric key encryption algorithm, can also be calculated using asymmetric-key encryption
Method, therefore the key generated in above-mentioned S21 can also include private key corresponding with key.
Wherein, decipherment algorithm corresponding with the communication ciphertext is utilized described in S24, and the communication ciphertext is decrypted
Process can be specially to utilize private key corresponding with the communication ciphertext and decipherment algorithm, the communication ciphertext is decrypted;
Wherein, private key is that dynamic random generates simultaneously with corresponding key.
Specifically, can also include S26 and S27 before the generation key, meeting end be sent to for certificate will to be authenticated
End: where
S26: the certification certificate that the Web conference controlling terminal is sent is received and saved;
S27: the certification certificate is sent to the conference terminal, so as to conference terminal preservation.
In addition, the embodiment of the invention discloses a kind of Web conference controlling terminal, it is shown in Figure 3, comprising:
Encrypting module 11 obtains communicating close for being encrypted using preset Encryption Algorithm and key pair login password
Text;
Ciphertext sending module 12 is sent to web back-end server for that will communicate ciphertext, so that web back-end server pair
Ciphertext decryption is communicated, obtains login password, and login password is sent to conference terminal, for conference terminal login;
Wherein, key is what web back-end server dynamic random generated, and web back-end server is preserved answers with key pair
Private key.
Wherein, above-mentioned encrypting module 11, specifically for being encrypted using SM4 Encryption Algorithm and key pair login password,
Obtain communication ciphertext.
Further, Web conference controlling terminal can also include result receiving module;Wherein,
As a result receiving module, the connection result of the conference terminal for receiving the transmission of web back-end server.
Specifically, can also include authentication document generation module and certificate receiving module;Wherein,
Authentication document generation module, the basic information of the conference terminal for receiving user's input;Believed using basis
Breath generates authentication document, so that certificate agency generates certification certificate using the authentication document;
Certificate receiving module is authenticated, for receiving the certification certificate, the certification certificate to the rear end web is sent and takes
It is engaged in device, for web back-end server preservation, and so that the web back-end server sends the certification certificate to described
Conference terminal, so as to conference terminal preservation.
In addition, the embodiment of the invention also discloses a kind of web back-end server, it is shown in Figure 4, comprising:
Key production module 21, for generating key;
Key sending module 22, for sending key to Web conference controlling terminal;
Ciphertext receiving module 23 is led to for receiving Web conference controlling terminal using what key and Encryption Algorithm encrypted
Believe ciphertext;
Ciphertext deciphering module 24, for being decrypted, obtaining to communication ciphertext using decipherment algorithm corresponding with communication ciphertext
To login password;
Password sending module 25, for sending login password to conference terminal, so that conference terminal is stepped on using login password
Record;
Wherein, key is what dynamic random generated.
Specifically, above-mentioned key production module 21, can be specifically used for generating key and private key corresponding with key.
Above-mentioned ciphertext deciphering module 24 can be specifically used for calculating using private key corresponding with the communication ciphertext and decryption
The communication ciphertext is decrypted in method;Wherein, private key is what dynamic random generated.
Specifically, can also include certificate receiving module and certificate sending module;Wherein,
Certificate receiving module, the certification certificate sent for receiving and saving the Web conference controlling terminal;
Certificate sending module, for sending the certification certificate to the conference terminal, so as to conference terminal preservation.
Further, the embodiment of the invention also discloses a kind of Video Conference Controlling Systems, shown in Figure 5 including preceding
Web conference controlling terminal 31, web back-end server 32 above-mentioned, videoconferencing platform 33 and the conference terminal 34 stated.
Specifically, Web conference controlling terminal 31 can be by using webmtc (webmtc, Web Meeting
TerminalControl, Web conference terminal control), remotely to control conference terminal 34, Web conference controlling terminal 31 passes through
Webmtc carries out the functions such as basic configuration and the control meeting of conference terminal 34 to conference terminal 34, as long as user has browser net
Network is logical, so that it may control conference terminal 34 on a web browser by terminal i p, not need user and download program occupancy computer
Space, does not need user yet and connects output to be just able to achieve and check the contents such as 34 concrete configuration of conference terminal, and it is necessary to solve user
The problem of 34 side of conference terminal just can control conference terminal 34, the long-range control of terminal may be implemented.
Shown in Figure 6, the webpage of the front end webmtc of webmtc operates in Web conference controlling terminal 31, webmtc
Rear end operates on web back-end server 32, the interface provided using the webpage of the front end webmtc and the rear end webmtc, when with
After the front end webmtc of the family on webpage is operated, the interface of rear end can be called, rear end is judged by different parameters
Any function should be carried out, data processing is finally then reached conference terminal using a series of intermediate transmission later
34, conference terminal 34 is controlled by instructing.
Shown in Figure 7, webservice is the backend services for operating in webmtc on web back-end server 32,
Webservice in entire webmtc in Web FCGI layers (FCGI, Fast Common Gateway Interface, fastly
Fast CGI(Common gateway interface)) and MTAPI layers of (MTAPI, the Api interface that terminal provides) centre, it plays and this two-layer message intercommunication
Function served as bridge, message includes all message transmitted between Web conference controlling terminal 31 and conference terminal 34, for example,
Webservice receives the communication ciphertext that Web conference controlling terminal 31 is sent by Web FCGI layers, and communication ciphertext is passed through
MTAPI layers are sent to conference terminal 34, and webservice receives the connection result that conference terminal 34 is sent by MTAPI layers, will
Connection result is sent to Web conference controlling terminal 31 by Web FCGI layers.Webservice receives the message from FCGI,
MTAPI is transmitted to after being processed;The message from MTAPI is received simultaneously, and FCGI is transmitted to after being processed, then
WEBUI is transmitted to by FCGI.
It include the close card of quotient before conference terminal 34 establishes the connection with videoconferencing platform 33 referring to shown in Fig. 8 and Fig. 9
The close terminal, that is, conference terminal 34 of quotient, to hold the video conference of encription algorithms approved by the State Password Administration Committee Office, main will exhale protocol switching is Session Initiation Protocol, so
It is registered afterwards in the close platform of quotient for having encryption function, whether platform can verify certificate possessed by present terminal legal, certificate
Including standard TLS certificate, the close TLS certificate of state and CA certificate, cloud service i.e. platform can successfully be logged in by being proved to be successful, and be had
There is the permission held a meeting in the platform;Wherein, TLS certificate needs imported into the close terminal of quotient in advance, and the quotient including TLS certificate is close
TLS certificate can be imported Web conference controlling terminal 31, Web conference control by being inserted into Web conference controlling terminal 31 by card
TLS certificate is directed into the close terminal of quotient i.e. conference terminal 34 by web back-end server 32 again by terminal 31.
Wherein, the generation of TLS certificate is to need to generate an entitled .csr of suffix according to the essential information of webmtc typing
File, this document is free from certificate content, the file of the .csr taken associated mechanisms and goes to authenticate and then obtain suffix
It include the information of certificate for the file of .pem, inside the .pem file of generation, after importeding into terminal, terminal, which just has, be can be used
Certificate, the effect of certificate are for doing authentication, and in not effective certificate, the relevant many functions of meeting are can not
With what is used.
Specifically, key when encrypted login password can be the front end webmtc and the rear end webmtc web back-end server
The 32 dynamic random numbers negotiated, it is every time different.
It is shown in Figure 10, it is to be transmitted with ciphertext between the front end webmtc and the rear end webmtc, after webmtc
End is decrypted again after taking, and is then attached in bottom.The encryption of this process is dynamically, to have one every time
Random number is as encryption key, even if being intercepted in connection procedure, the data of transmission are also non-serviceable ciphertext, the company of ensure that
The safety connect.
Encryption Algorithm can also use SM1 in addition to SM4, can choose terminal data transmission by the security setting of webmtc
Encryption Algorithm.
Encription algorithms approved by the State Password Administration Committee Office meeting, and benefit can be created between videoconferencing platform 33 and conference terminal 34 using Session Initiation Protocol
Data are transmitted with tls protocol.
Finally, it is to be noted that, herein, relational terms such as first and second and the like be used merely to by
One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning
Covering non-exclusive inclusion, so that the process, method, article or equipment for including a series of elements not only includes that
A little elements, but also including other elements that are not explicitly listed, or further include for this process, method, article or
The intrinsic element of equipment.In the absence of more restrictions, the element limited by sentence "including a ...", is not arranged
Except there is also other identical elements in the process, method, article or apparatus that includes the element.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure
And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These
Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession
Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered
Think beyond the scope of this invention.
A kind of video conference connection encryption method provided by the present invention, method for building up, Web conference are controlled eventually above
End, web back-end server and control system are described in detail, and specific case used herein is to the principle of the present invention
And embodiment is expounded, the above embodiments are only used to help understand, and method and its core of the invention is thought
Think;At the same time, for those skilled in the art, according to the thought of the present invention, in specific embodiments and applications
There will be changes, in conclusion the contents of this specification are not to be construed as limiting the invention.
Claims (10)
1. a kind of video conference connects encryption method, which is characterized in that be applied to Web conference controlling terminal, comprising:
It is encrypted using preset Encryption Algorithm and key pair login password, obtains communication ciphertext, wherein the login password
The password that conference service is logged in for conference terminal inputted for user by the web terminal in the Web conference controlling terminal;
The communication ciphertext is sent to web back-end server, so that the web back-end server is to the communication ciphertext solution
It is close, the login password is obtained, and the login password is sent to the conference terminal, for conference terminal login;
Wherein, key is what the web back-end server dynamic random generated.
2. video conference according to claim 1 connects encryption method, which is characterized in that described to be calculated using preset encryption
Method and key pair login password are encrypted, and the process of communication ciphertext is obtained, comprising:
It is encrypted using login password described in SM4 Encryption Algorithm and key pair, obtains the communication ciphertext.
3. video conference according to claim 1 connects encryption method, which is characterized in that described to send out the communication ciphertext
It send to web back-end server, further includes:
Receive the connection result for the conference terminal that the web back-end server is sent.
4. video conference according to any one of claims 1 to 3 connects encryption method, which is characterized in that described using pre-
If Encryption Algorithm and key pair login password encrypted, obtain communication ciphertext before, further includes:
Receive the basic information of the conference terminal of user's input;
Authentication document is generated using basic information, so that certificate agency generates certification certificate using the authentication document;
The certification certificate is received, sends the certification certificate to the web back-end server, for the web back-end services
Device saves, and so that the web back-end server sends the certification certificate to the conference terminal, so as to the conference terminal
It saves.
5. a kind of video conference connection encryption method for building up, which is characterized in that be applied to web back-end server, comprising:
Generate key;
Key is sent to Web conference controlling terminal;
Receive the communication ciphertext that the Web conference controlling terminal is encrypted using key and Encryption Algorithm;
Using decipherment algorithm corresponding with the communication ciphertext, the communication ciphertext is decrypted, login password is obtained;
The login password is sent to conference terminal, so that the conference terminal is logged in using the login password;
Wherein, key is what dynamic random generated.
6. video conference connection encryption method for building up according to claim 5, which is characterized in that the mistake for generating key
Journey, comprising:
Generate key and private key corresponding with key;
The process described to utilize decipherment algorithm corresponding with the communication ciphertext, that the communication ciphertext is decrypted, comprising:
Using private key corresponding with the communication ciphertext and decipherment algorithm, the communication ciphertext is decrypted;
Wherein, private key is what dynamic random generated.
7. video conference connection encryption method for building up according to claim 5 or 6, which is characterized in that the generation key
Before, further includes:
Receive and save the certification certificate that the Web conference controlling terminal is sent;
The certification certificate is sent to the conference terminal, so as to conference terminal preservation.
8. a kind of Web conference controlling terminal characterized by comprising
Encrypting module obtains communication ciphertext for being encrypted using preset Encryption Algorithm and key pair login password,
In, the login password is that user is logged in by what the web terminal in the Web conference controlling terminal inputted for conference terminal
The password of conference service;
Ciphertext sending module, for the communication ciphertext to be sent to web back-end server, so that the web back-end server
The communication ciphertext is decrypted, the login password is obtained, and the login password is sent to conference terminal, for the meeting
Terminal is discussed to log in;
Wherein, key is what the web back-end server dynamic random generated.
9. a kind of web back-end server characterized by comprising
Key production module, for generating key;
Key sending module, for sending key to Web conference controlling terminal;
Ciphertext receiving module, the communication encrypted for receiving the Web conference controlling terminal using key and Encryption Algorithm
Ciphertext;
Ciphertext deciphering module, for using decipherment algorithm corresponding with the communication ciphertext, the communication ciphertext to be decrypted,
Obtain login password;
Password sending module, for sending the login password to conference terminal, so that the conference terminal utilizes the login
Password login;
Wherein, key is what dynamic random generated.
10. a kind of Video Conference Controlling System, which is characterized in that including Web conference controlling terminal as claimed in claim 8,
Web back-end server, videoconferencing platform and conference terminal as claimed in claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811308480.2A CN109194905B (en) | 2018-11-05 | 2018-11-05 | Video conference connection encryption and establishment method, terminal, server and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811308480.2A CN109194905B (en) | 2018-11-05 | 2018-11-05 | Video conference connection encryption and establishment method, terminal, server and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109194905A true CN109194905A (en) | 2019-01-11 |
| CN109194905B CN109194905B (en) | 2021-09-10 |
Family
ID=64941927
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811308480.2A Active CN109194905B (en) | 2018-11-05 | 2018-11-05 | Video conference connection encryption and establishment method, terminal, server and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109194905B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112449143A (en) * | 2021-01-28 | 2021-03-05 | 北京电信易通信息技术股份有限公司 | Implementation method and implementation system of secure video |
| CN113746801A (en) * | 2021-07-30 | 2021-12-03 | 佛山市青松科技股份有限公司 | Communication method, sending terminal, receiving terminal and system based on temporary secret key |
Citations (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6002768A (en) * | 1996-05-07 | 1999-12-14 | International Computer Science Institute | Distributed registration and key distribution system and method |
| CN1913461A (en) * | 2006-08-30 | 2007-02-14 | 北京天地互连信息技术有限公司 | Remote vedio monitoring system based on next generation interconnection network and its implementing method |
| CN1992593A (en) * | 2005-12-27 | 2007-07-04 | 中兴通讯股份有限公司 | H.323 protocol-based terminal access method for packet network |
| CN101094394A (en) * | 2007-07-17 | 2007-12-26 | 中国科学院软件研究所 | Method for guaranteeing safe transmission of video data, and video monitoring system |
| JP2011175522A (en) * | 2010-02-25 | 2011-09-08 | Osaka Gas Co Ltd | Meeting schedule adjustment supporting device |
| CN102547688A (en) * | 2012-02-13 | 2012-07-04 | 江苏博智软件科技有限公司 | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel |
| CN103607409A (en) * | 2013-11-29 | 2014-02-26 | 中国科学院深圳先进技术研究院 | Method for protecting cloud storage data and cloud server |
| CN103780617A (en) * | 2014-01-21 | 2014-05-07 | 北京淦蓝润和信息技术有限公司 | Method and device for processing video conference data |
| JP2014149644A (en) * | 2013-01-31 | 2014-08-21 | Sharp Corp | Electronic meeting system |
| US20150046581A1 (en) * | 2013-08-09 | 2015-02-12 | Takeru Inoue | Communication system, management apparatus, communication method and computer-readable recording medium |
| CN104735068A (en) * | 2015-03-24 | 2015-06-24 | 江苏物联网研究发展中心 | SIP security authentication method based on commercial passwords |
| WO2015143900A1 (en) * | 2014-03-26 | 2015-10-01 | 华为技术有限公司 | Method, apparatus and system for data sharing in network conference |
| CN105025247A (en) * | 2015-07-30 | 2015-11-04 | 国网山东阳信县供电公司 | Video conference forwarding system |
| CN105847238A (en) * | 2016-03-16 | 2016-08-10 | 杭州狮说教育科技有限公司 | Safe data transmission method based on Real-Time Messaging Protocol (RTMP) connections |
| CN106850520A (en) * | 2016-04-18 | 2017-06-13 | 中国科学院信息工程研究所 | A kind of implementation method for encrypting voice conferencing |
| CN107124266A (en) * | 2017-03-07 | 2017-09-01 | 苏州科达科技股份有限公司 | Video communication system and method based on quantum cryptography |
| CN107181763A (en) * | 2017-07-22 | 2017-09-19 | 江苏省鸿源招标代理股份有限公司 | Bid video conference and monitoring system |
| CN107612931A (en) * | 2017-10-20 | 2018-01-19 | 苏州科达科技股份有限公司 | Multipoint session method and multipoint session system |
| CN107948676A (en) * | 2017-12-08 | 2018-04-20 | 苏州科达科技股份有限公司 | Method of transmitting video data and device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100433626C (en) * | 2004-01-08 | 2008-11-12 | 华为技术有限公司 | Multimedia conference convening method |
| CN1964475A (en) * | 2006-12-06 | 2007-05-16 | 杭州华为三康技术有限公司 | A realization method for video conference, control device and user terminal |
| CN101257395B (en) * | 2007-02-27 | 2010-12-08 | 中国移动通信集团公司 | System and method for supporting multimedia conference booking |
| CN106993151A (en) * | 2017-03-23 | 2017-07-28 | 中国南方电网有限责任公司 | A kind of Videoconference Management System and method |
| CN107302679A (en) * | 2017-06-13 | 2017-10-27 | 成都全云科技有限公司 | A kind of video conference accesses access system |
-
2018
- 2018-11-05 CN CN201811308480.2A patent/CN109194905B/en active Active
Patent Citations (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6002768A (en) * | 1996-05-07 | 1999-12-14 | International Computer Science Institute | Distributed registration and key distribution system and method |
| CN1992593A (en) * | 2005-12-27 | 2007-07-04 | 中兴通讯股份有限公司 | H.323 protocol-based terminal access method for packet network |
| CN1913461A (en) * | 2006-08-30 | 2007-02-14 | 北京天地互连信息技术有限公司 | Remote vedio monitoring system based on next generation interconnection network and its implementing method |
| CN101094394A (en) * | 2007-07-17 | 2007-12-26 | 中国科学院软件研究所 | Method for guaranteeing safe transmission of video data, and video monitoring system |
| JP2011175522A (en) * | 2010-02-25 | 2011-09-08 | Osaka Gas Co Ltd | Meeting schedule adjustment supporting device |
| CN102547688A (en) * | 2012-02-13 | 2012-07-04 | 江苏博智软件科技有限公司 | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel |
| JP2014149644A (en) * | 2013-01-31 | 2014-08-21 | Sharp Corp | Electronic meeting system |
| US20150046581A1 (en) * | 2013-08-09 | 2015-02-12 | Takeru Inoue | Communication system, management apparatus, communication method and computer-readable recording medium |
| CN103607409A (en) * | 2013-11-29 | 2014-02-26 | 中国科学院深圳先进技术研究院 | Method for protecting cloud storage data and cloud server |
| CN103780617A (en) * | 2014-01-21 | 2014-05-07 | 北京淦蓝润和信息技术有限公司 | Method and device for processing video conference data |
| WO2015143900A1 (en) * | 2014-03-26 | 2015-10-01 | 华为技术有限公司 | Method, apparatus and system for data sharing in network conference |
| CN104735068A (en) * | 2015-03-24 | 2015-06-24 | 江苏物联网研究发展中心 | SIP security authentication method based on commercial passwords |
| CN105025247A (en) * | 2015-07-30 | 2015-11-04 | 国网山东阳信县供电公司 | Video conference forwarding system |
| CN105847238A (en) * | 2016-03-16 | 2016-08-10 | 杭州狮说教育科技有限公司 | Safe data transmission method based on Real-Time Messaging Protocol (RTMP) connections |
| CN106850520A (en) * | 2016-04-18 | 2017-06-13 | 中国科学院信息工程研究所 | A kind of implementation method for encrypting voice conferencing |
| CN107124266A (en) * | 2017-03-07 | 2017-09-01 | 苏州科达科技股份有限公司 | Video communication system and method based on quantum cryptography |
| CN107181763A (en) * | 2017-07-22 | 2017-09-19 | 江苏省鸿源招标代理股份有限公司 | Bid video conference and monitoring system |
| CN107612931A (en) * | 2017-10-20 | 2018-01-19 | 苏州科达科技股份有限公司 | Multipoint session method and multipoint session system |
| CN107948676A (en) * | 2017-12-08 | 2018-04-20 | 苏州科达科技股份有限公司 | Method of transmitting video data and device |
Non-Patent Citations (3)
| Title |
|---|
| WENBIN JIANG等: "Design of network management system for optical terminal based on embedded web server", 《2011 INTERNATIONAL CONFERENCE ON ELECTRIC INFORMATION AND CONTROL ENGINEERING,WUHAN,CHINA,15-17 APRIL,2011》 * |
| 曹杨雄: "一种基于Web_Service的可扩展视频网关设计研究", 《计算机技术与发展》 * |
| 杨成编著: "《互动视频业务保护技术与应用》", 31 March 2014, 北京:中国传媒大学出版社 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112449143A (en) * | 2021-01-28 | 2021-03-05 | 北京电信易通信息技术股份有限公司 | Implementation method and implementation system of secure video |
| CN113746801A (en) * | 2021-07-30 | 2021-12-03 | 佛山市青松科技股份有限公司 | Communication method, sending terminal, receiving terminal and system based on temporary secret key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109194905B (en) | 2021-09-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108599925B (en) | Improved AKA identity authentication system and method based on quantum communication network | |
| CN104618110B (en) | A kind of VoIP security conferences session key transmission method | |
| US20170201382A1 (en) | Secure Endpoint Devices | |
| CN102547688B (en) | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel | |
| CN102868665A (en) | Method and device for data transmission | |
| CN104506534A (en) | Safety communication secret key negotiation interaction scheme | |
| CN109728909A (en) | Identity identifying method and system based on USBKey | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN103763631A (en) | Authentication method, server and television | |
| CN103763356A (en) | Establishment method, device and system for connection of secure sockets layers | |
| CN104702611A (en) | Equipment and method for protecting session key of secure socket layer | |
| CN104486077A (en) | End-to-end secret key negotiation method for VoIP (Voice Over Internet Protocol) real-time data safety transmission | |
| CN108400867A (en) | A kind of authentication method based on public encryption system | |
| CN103684798B (en) | Authentication method used in distributed user service | |
| CN102404347A (en) | Mobile internet access authentication method based on public key infrastructure | |
| CN106936788A (en) | A kind of cryptographic key distribution method suitable for VOIP voice encryptions | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| EP3360279A1 (en) | Public key infrastructure&method of distribution | |
| US7971234B1 (en) | Method and apparatus for offline cryptographic key establishment | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| CN101202630A (en) | Method and system for adding decipher in TR069 integrative terminal management platform | |
| CN101710900A (en) | Method for interacting signaling safely in session ignition protocol (SIP) registration domain | |
| CN101827106A (en) | DHCP safety communication method, device and system | |
| CN101562519A (en) | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network | |
| CN109194905A (en) | Video conference connects encryption, method for building up, terminal, server and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |