CN114363721A - HLS-based video playing method, device, equipment and storage medium - Google Patents

HLS-based video playing method, device, equipment and storage medium Download PDF

Info

Publication number
CN114363721A
CN114363721A CN202210061670.9A CN202210061670A CN114363721A CN 114363721 A CN114363721 A CN 114363721A CN 202210061670 A CN202210061670 A CN 202210061670A CN 114363721 A CN114363721 A CN 114363721A
Authority
CN
China
Prior art keywords
video
playing
user
encrypted
format
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210061670.9A
Other languages
Chinese (zh)
Inventor
袁洋洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An International Smart City Technology Co Ltd
Original Assignee
Ping An International Smart City Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An International Smart City Technology Co Ltd filed Critical Ping An International Smart City Technology Co Ltd
Priority to CN202210061670.9A priority Critical patent/CN114363721A/en
Publication of CN114363721A publication Critical patent/CN114363721A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The invention relates to the field of video playing, and discloses a video playing method, a device, equipment and a storage medium based on HLS, wherein the method comprises the following steps: fragmenting a video file to obtain TS format fragments, a TS format fragment directory and an index file; distributing an encryption task to each slave node through a master node in the distributed encryption system to encrypt the TS format fragments; acquiring a video playing request of a user; if the request is played, a session key is generated and sent to the user; if the broadcast is live broadcast, guiding the user to a first broadcast group network, and issuing a first root key to the user; encrypting the index file based on the key to obtain an encrypted index file; and transmitting the encrypted index file to the user so that the user plays the video. Aiming at the technical problems that the HLS-based video playing method is single in encryption mode and low in video encryption degree, the method is different in encryption mode for different playing modes, two layers of encryption are added, and the HLS-based video playing method is safer and more flexible.

Description

HLS-based video playing method, device, equipment and storage medium
Technical Field
The present invention relates to the field of video playing, and in particular, to a video playing method, apparatus, device and storage medium based on HLS.
Background
With the deep development of internet technology, the application of streaming media technology is more and more popular, such as distance education, video conference, internet live broadcast, and the like. However, the transport of streaming media is not separated from the bearer of the protocol. Transport protocols for streaming media can be broadly divided into two categories, one based on the UDP/TCP protocol and the other based on the HTTP protocol. The technology based on the HTTP protocol has the advantages of easiness in deployment, capability of adaptively adjusting code streams, good fire wall penetrability and the like, and is widely applied to live broadcast and on-demand networks of various businesses. The technology supporting streaming media video transmission by using the HTTP protocol is various (the HLS protocol is the most widely used technology in all such protocols), and the basic principle is to fragment data of a video stream, then position the data by means of an index, and enable a user to realize video stream transmission by pulling different video fragments. However, in these protocols, security during transmission is not considered, or only a corresponding interface is defined. How to protect these video fragments with a large number is an urgent problem to be solved, which prevents the video from being stolen and ensures the access of normal users.
Disclosure of Invention
The invention mainly aims to solve the technical problems of single encryption mode and low video encryption degree of the conventional HLS-based video playing method.
The invention provides a video playing method based on HLS in a first aspect, which comprises the following steps: acquiring a video file uploaded to a server by an administrator; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video.
Optionally, in a first implementation manner of the first aspect of the present invention, the distributing, by a master node in a preset distributed encryption system, an encryption task to each slave node in the distributed encryption system to selectively encrypt the TS format fragment to obtain an encrypted fragment and a video key, and storing the encrypted fragment in a server, where storing the video key in the index file includes: obtaining the TS format fragmentation catalogue; the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes; performing video decoding on the obtained TS format fragments through each slave node to obtain I frames; encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key; and storing the encrypted fragments to a server, and storing the video key to an index file.
Optionally, in a second implementation manner of the first aspect of the present invention, after the identifying the video playing form of the video playing request, the method further includes: if the video playing mode is on-demand playing, counting the number of persons on-demand simultaneously playing the video on-demand; judging whether the number of the simultaneously requested persons is higher than a system set value; if yes, setting video playing time according to the number of the simultaneous on-demand persons, establishing a second broadcast group network, generating a second root key, and sending the second root key to the user terminal of the user; after the video playing time is up, updating the number of the simultaneous on-demand persons, and judging whether the number of the simultaneous on-demand persons is higher than a system set value; if not, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user.
Optionally, in a third implementation manner of the first aspect of the present invention, before the acquiring a video playing request sent by a user and identifying a video playing form of the video playing request, the method further includes: acquiring login state verification information of the user, and judging whether a video playing request of the user is legal or not according to the login state verification information; if the login state verification information is illegal, rejecting the video playing request of the user; and if the user login state verification information is legal, waiting for receiving a video playing request sent by the user.
Optionally, in a fourth implementation manner of the first aspect of the present invention, the encrypting, based on the session key or the first root key, the index file corresponding to the TS format fragment, to obtain the encrypted index file includes: analyzing the index file to obtain the video key and a corresponding encryption fragment address; and encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain the encryption index file.
Optionally, in a fifth implementation manner of the first aspect of the present invention, the issuing the encrypted index file to the user terminal of the user, so that the playing of the video by the user terminal includes: the encrypted index file is issued to a user terminal of the user, and the user terminal decrypts the encrypted index file by issuing a key through the server after receiving the encrypted index file to obtain a corresponding encrypted fragment address and a corresponding video key; and downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing.
A second aspect of the present invention provides an HLS-based video playback apparatus, including: the acquisition module is used for acquiring a video file uploaded to the server by an administrator; the fragment module is used for carrying out fragment operation on the video file through an HLS technology to obtain a TS format fragment, a TS format fragment directory and an index file corresponding to the video file; the fragment encryption module is used for distributing encryption tasks to all slave nodes in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; the system comprises a play selection module, a play selection module and a play selection module, wherein the play selection module is used for acquiring a video play request sent by a user and identifying a video play form of the video play request, and the video play form comprises on-demand play and live play; the on-demand playing module is used for generating a session key through an ABE encryption algorithm and issuing the session key to the user terminal of the user if the playing form is on-demand playing; the live broadcast playing module is used for guiding a user to a first broadcast group network of the selected live broadcast and issuing a first root key of the first broadcast group network to a user terminal of the user if the playing form is live broadcast; the index encryption module is used for encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and the index issuing module is used for issuing the encrypted index file to the user terminal of the user so as to enable the user terminal to play the video.
Optionally, in a first implementation manner of the second aspect of the present invention, the fragmentation module is specifically configured to: obtaining the TS format fragmentation catalogue; the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes; performing video decoding on the obtained TS format fragments through each slave node to obtain I frames; encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key; and storing the encrypted fragments to a server, and storing the video key to an index file.
Optionally, in a second implementation manner of the second aspect of the present invention, the video playing apparatus based on HLS further includes an on-demand classification module, where the on-demand classification module is specifically configured to: if the video playing mode is on-demand playing, counting the number of persons on-demand simultaneously playing the video on-demand; judging whether the number of the simultaneously requested persons is higher than a system set value; if yes, setting video playing time according to the number of the simultaneous on-demand persons, establishing a second broadcast group network, generating a second root key, and sending the second root key to the user terminal of the user; after the video playing time is up, updating the number of the simultaneous on-demand persons, and judging whether the number of the simultaneous on-demand persons is higher than a system set value; if not, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user.
Optionally, in a third implementation manner of the second aspect of the present invention, the video playing apparatus based on HLS further includes a login verification module, where the login verification module is specifically configured to: acquiring login state verification information of the user, and judging whether a video playing request of the user is legal or not according to the login state verification information; if the login state verification information is illegal, rejecting the video playing request of the user; and if the user login state verification information is legal, waiting for receiving a video playing request sent by the user.
Optionally, in a fourth implementation manner of the second aspect of the present invention, the index encryption module is specifically configured to: analyzing the index file to obtain the video key and a corresponding encryption fragment address; and encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain the encryption index file.
Optionally, in a fifth implementation manner of the second aspect of the present invention, the index issuing module is specifically configured to: the encrypted index file is issued to a user terminal of the user, and the user terminal decrypts the encrypted index file by issuing a key through the server after receiving the encrypted index file to obtain a corresponding encrypted fragment address and a corresponding video key; and downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing.
A third aspect of the present invention provides a video playback device based on HLS, including: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line; the at least one processor invokes the instructions in the memory to cause the HLS-based video playback device to perform the steps of the HLS-based video playback method described above.
A fourth aspect of the present invention provides a computer-readable storage medium having stored therein instructions, which, when run on a computer, cause the computer to perform the steps of the above-mentioned HLS-based video playback method.
According to the technical scheme, the video file uploaded to the server by an administrator is acquired; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. The method aims at the technical problems that the video playing method based on the HLS is single in encryption mode and low in video encryption degree, the encryption mode is different for different playing modes and different video heat degrees, meanwhile, two layers of encryption are added for the traditional HLS playing method, one layer of encryption is carried out on video fragments, the other layer of encryption is carried out on index files, and the HLS playing method is safer and more flexible.
Drawings
Fig. 1 is a schematic diagram of a first embodiment of a video playing method based on HLS in the embodiment of the present invention;
fig. 2 is a schematic diagram of a second embodiment of the HLS-based video playing method according to the embodiment of the present invention;
fig. 3 is a schematic diagram of a third embodiment of the video playing method based on HLS in the embodiment of the present invention;
fig. 4 is a schematic diagram of a fourth embodiment of the video playing method based on HLS in the embodiment of the present invention;
FIG. 5 is a schematic diagram of an embodiment of an HLS-based video playback device according to an embodiment of the present invention;
fig. 6 is a schematic diagram of another embodiment of an HLS-based video playback device in an embodiment of the present invention;
fig. 7 is a schematic diagram of an embodiment of an HLS-based video playback device in the embodiment of the present invention.
Detailed Description
According to the technical scheme, the video file uploaded to the server by an administrator is acquired; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. The method aims at the technical problems that the video playing method based on the HLS is single in encryption mode and low in video encryption degree, the encryption mode is different for different playing modes and different video heat degrees, meanwhile, two layers of encryption are added for the traditional HLS playing method, one layer of encryption is carried out on video fragments, the other layer of encryption is carried out on index files, and the HLS playing method is safer and more flexible.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," or "having," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of understanding, a detailed flow of an embodiment of the present invention is described below, and referring to fig. 1, a first embodiment of a video playing method based on HLS in an embodiment of the present invention includes:
101, acquiring a video file uploaded to a server by an administrator;
in this embodiment, a video file to be uploaded by an administrator is acquired. The video file may be split into multiple sub-video files, verifying whether the multiple sub-video files already exist at the server. And if the video file does not exist, respectively uploading the plurality of sub-video files to the server so that the server combines the plurality of received sub-video files to obtain a complete video file. The consumption of network bandwidth can be reduced by uploading a plurality of sub-videos, the processing speed of the server is increased, the stability of video transmission can be improved, the reliability of video transmission is enhanced, and the overtime phenomenon caused by overlarge videos is avoided.
In this embodiment, the server includes, but is not limited to, a CDN (content delivery network) streaming media server, and specifically, the CDN central server may be tried, or the CDN edge server may also be tried.
102, performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file;
in the present embodiment, hls (HTTP Live streaming) is a streaming media solution based on HTTP protocol developed by apple for mobile devices such as iPhone, iPod, iTouch and iPad. The basic principle of the technique is to cut a video file or video stream into small pieces (ts) and create an index file. The supported video stream is encoded as h.264 and the audio stream is encoded as AAC.
Specifically, the segmentation strategy of the HLS basically recommends one segment in 10 seconds, and of course, the specific time can be freely adjusted according to the actual duration of the segmented segment.
103, distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments in a server, and storing the video keys in an index file;
in this step, the video slice content generated by the HLS protocol slice is preferably encrypted using a conventional block encryption or stream encryption algorithm.
In particular, a conventional selective video encryption scheme is preferred. Since the video stream format of the HLS protocol slice is ts format, analyzing the video structure of ts format, preferably encrypting the video slice by using I frame or DCT coefficient, and storing the video key in the encryption index file. It should be noted that the video key is not specifically limited in this embodiment, as long as it is ensured to have sufficient randomness.
104, acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing;
in this embodiment, after receiving a play request from a user, a server may include, according to an encrypted index file delivered by a video selected by the user, a URL address of a basic TS format slice and a piece of preset identification information, where the identification information is used to identify a target video and further includes an incremental slice file. Wherein only live broadcast contains the identification information.
And if the terminal finds the identification of the incremental slice file in the index file, the terminal sends a playing request carrying the authority identification information of the terminal to the server.
For example, the terminal can determine whether to continue sending the play request by looking up the field of # EXTINF-addition: < GID > in the index file.
105, if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to a user terminal of a user;
in this embodiment, the play mode is determined to be on-demand play by judging whether the index file identification information exists. When the required video on demand is determined, the server generates a session key through an ABE encryption algorithm, and the key is issued to the user terminal of the user through the established secure channel for subsequent decryption operation.
106, if the playing form is live playing, guiding the user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user;
in this embodiment, in the live broadcast and time shift processes, the server may continuously generate the latest TS format fragments, and the client may periodically request the latest TS format fragments, and the period is set to the fragment duration of one TS format fragment, so that when downloading the latest TS format fragment according to the fragment sequence number of the latest TS format fragment, the client requests the server to download the latest TS format fragment according to the fragment duration of the TS format fragment before the latest TS format fragment; for example, according to the fragment duration of the last fragment of the latest TS format fragment, requesting downloading, for example, if the last fragment of the latest TS format fragment _103.TS is _102.TS, and the fragment duration corresponding to the _102.TS is 6s, requesting downloading before the client plays 6s of the _102. TS; for another example, the client may also request downloading according to the fragment duration of the last TS format fragment of the latest TS format fragment, and if the fragment durations corresponding to _100.TS, _101.TS, _102.TS of the encrypted index file obtained by the client are all 5s, the client requests the server to download the latest TS format fragment _103.TS after 5s corresponding to _101.TS has passed, and requests the server to download the latest TS format fragment _104.TS after 5s of _102.TS has passed, assuming that the fragment duration of _103.TS is 7s, and requests the download the latest TS format fragment _105.TS after 7s of _103.TS has passed.
In some embodiments, assuming that the fragmentation time duration of each TS format fragment (including the TS format fragment in the encrypted index file and the latest TS format fragment) acquired by the client is 5s, the next latest TS format fragment is automatically requested every 5 s.
It is noted that when the client requests the latest TS format fragment, if an error (such as 404) is encountered, the client re-requests after a short time interval, because 404 indicates that the server may not have generated the latest TS format fragment yet, and when the client re-requests for the short time interval, the client does not currently play the last TS format fragment; for example, the encrypted index file includes _100.TS, _101.TS, _102.TS, and after 5s of _101.TS, the server requests to download the latest TS format fragment _103.TS, and when 404 is encountered, the client re-requests every 2s, and at this time, the client currently plays _102.TS, and does not play _102. TS.
In this embodiment, the key is issued to the user terminal of the user through the established secure channel for subsequent decryption operation.
107, encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain an encrypted index file;
in this step, the index file including the video key is preferably encrypted using a conventional block encryption or stream encryption algorithm.
In this embodiment, fine-grained right control on different video files or different time periods of the same video can be achieved by encrypting the index file based on the key pair obtained in step 105 or step 106.
And 108, sending the encrypted index file to the user terminal of the user so that the user terminal plays the video.
In this embodiment, the user initiates a play application, downloads and uses the key obtained in step 107 to analyze the encrypted index file, so as to obtain a decrypted index file. And then, carrying out decryption operation on the encrypted video through the video address and the video key in the index file to obtain the decrypted TS format fragments. And playing the obtained TS format fragments according to the playing sequence of the index files.
In the embodiment, a video file uploaded to a server by an administrator is acquired; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. The video playing method based on the HLS is used for solving the technical problems that the video playing method based on the HLS is single in encryption mode and low in video encryption degree, the encryption mode is different for different playing modes and different video heat degrees, meanwhile, two layers of encryption are added for the traditional HLS playing method, one layer of encryption is carried out on video fragments, the other layer of encryption is carried out on index files, and the HLS playing method is safer and more flexible.
Referring to fig. 2, a second embodiment of the video playing method based on HLS according to the embodiment of the present invention includes:
201, acquiring a video file uploaded to a server by an administrator;
202, performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file;
203, obtaining a TS format fragmentation directory;
in this embodiment, a corresponding TS format fragment directory is obtained by performing a fragment operation on a video file, where the TS format fragment directory includes information of names, sizes, addresses, playing sequences, and the like of all TS format fragments after the current video file fragment operation. E.g., the names of the split files, test01.ts/test02.ts/test03. ts.
204, the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog, and sends the corresponding TS format fragments to the corresponding slave nodes;
in this embodiment, the TS format fragmentation directory corresponding to the index file may be obtained by analyzing the corresponding information in the index file. And distributing the encryption tasks of the TS format fragments to each slave node in the distributed encryption system through the TS format fragment catalog.
205, performing video decoding on the obtained TS format slices through each slave node to obtain an I frame;
in this embodiment, each slave node performs video decoding on the obtained TS format slice to obtain each frame section in inter-frame compression coding, where the frame section includes an I frame B frame and a P frame. And extracting each I frame, namely the key frame, for subsequent encryption processing.
206, encrypting the I frame in the TS format fragment by adopting an AES encryption algorithm, and encapsulating the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key;
specifically, the distributed TS format fragments to be encrypted are obtained by decoding from the nodes, and the I frames in the TS format fragments are selectively encrypted by adopting an AES encryption algorithm, namely a selective encryption algorithm based on a video IPB frame structure. The method has small increase calculation amount and is suitable for various standard video or image compression coding data. And packaging the TS format fragments after encryption is finished to obtain encrypted fragments. And storing the obtained encrypted fragment to a server, and adding an encrypted fragment address and a video key to the index file for subsequent playing and use.
207, storing the encrypted fragments to a server, and storing the video key to an index file;
in this embodiment, the video key of the encrypted slice is saved by indexing the file. By the encryption mode, even if an illegal user obtains a specific address of the encrypted fragment, the encrypted fragment cannot be decrypted by the video key.
208, acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing;
209, counting the number of the on-demand persons simultaneously playing the videos on demand if the video playing form is on-demand playing;
in this embodiment, a threshold of the playing amount in a fixed time period can be preset, and the threshold can be determined empirically, for example, that the number of jukeboxes exceeds 5000 persons within 10 minutes or 30 minutes.
Specifically, the number of times of monitoring the encrypted index file of the video in a fixed time period may be set, and the process may be triggered if the number of times is higher than the set number of times or the CPU occupancy rate of the process of encrypting the index file reaches a threshold.
210, judging whether the number of the on-demand persons is higher than a system set value;
in the embodiment, the recent playing popularity is estimated by judging the number of the simultaneous online users of the videos requested by the users, and when the number of the simultaneous online users reaches the system set threshold value, the videos are regarded as popular videos. In order to reduce the operation pressure of the server, broadcast networking mode playing is adopted within set time, and meanwhile, a group of temporary root keys are adopted to carry out unified encryption on the hot video index file.
If yes, setting video playing time according to the number of the jukeboxes at the same time, establishing a second broadcast group network, generating a second root key, and sending the second root key to a user terminal of a user;
in some embodiments, assuming that the fragmentation time duration of each TS format fragment (including the TS format fragment in the encrypted index file and the latest TS format fragment) acquired by the client is 5s, the next latest TS format fragment is automatically requested every 5 s.
It is noted that when the client requests the latest TS format fragment, if an error (such as 404) is encountered, the client re-requests after a short time interval, because 404 indicates that the server may not have generated the latest TS format fragment yet, and when the client re-requests for the short time interval, the client does not currently play the last TS format fragment; for example, the encrypted index file includes _100.TS, _101.TS, _102.TS, and after 5s of _101.TS, the server requests to download the latest TS format fragment _103.TS, and when 404 is encountered, the client re-requests every 2s, and at this time, the client currently plays _102.TS, and does not play _102. TS.
In this embodiment, the key is issued to the user terminal of the user through the established secure channel for subsequent decryption operation.
212, after the video playing time is up, updating the number of the persons on demand at the same time, and judging whether the number of the persons on demand is higher than a system set value;
in this embodiment, after the set time is exceeded, whether the video is still a hot video is determined again. If yes, the use time of the root key is prolonged.
213, if not, generating a session key by using an ABE encryption algorithm, and issuing the session key to the user terminal of the user;
214, if the playing form is live playing, guiding the user to the first broadcast group network of the selected live broadcast, and issuing the first root key of the first broadcast group network to the user terminal of the user;
215, encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain an encrypted index file;
and 216, sending the encrypted index file to the user terminal of the user so that the user terminal plays the video.
On the basis of the previous embodiment, the present embodiment describes in detail a specific video file slicing process and selects different encryption playing modes based on the number of people playing at the same time. Acquiring a video file uploaded to a server by an administrator; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; obtaining the TS format fragmentation catalogue; the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes; performing video decoding on the obtained TS format fragments through each slave node to obtain I frames; encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key; storing the encrypted fragments to a server, and storing the video key to an index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the video playing mode is on-demand playing, counting the number of persons on-demand simultaneously playing the video on-demand; judging whether the number of the simultaneously requested persons is higher than a system set value; if yes, setting video playing time according to the number of the simultaneous on-demand persons, establishing a second broadcast group network, generating a second root key, and sending the second root key to the user terminal of the user; after the video playing time is up, updating the number of the simultaneous on-demand persons, and judging whether the number of the simultaneous on-demand persons is higher than a system set value; if not, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. Compared with the traditional playing method, the method has the advantages that the safety of the video file is improved, the playing mode is optimized in the online playing process, and the pressure of the server is reduced.
Referring to fig. 3, a third embodiment of the video playing method based on HLS according to the embodiment of the present invention includes:
301, acquiring a video file uploaded to a server by an administrator;
302, performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file;
303, distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and a video key, storing the encrypted fragments in a server, and storing the video key in an index file;
304, obtaining login state verification information of the user, and judging whether the video playing request of the user is legal or not according to the login state verification information;
in this embodiment, the login status verification information of the user needs to be obtained at regular time, and sent to the verification server to determine whether the current login status of the user is legal. If the current login state is illegal login or overdue login, rejecting a video player request initiated by a user and requiring the user to login the server again; and if the current login state of the user from the authentication server is legal, waiting for receiving a video playing request sent by the user.
In practical applications, a set of timers should be set. At a set time, for example every 20 minutes, the legitimate user terminal should have a silent handshake action with the server in the background.
305, if the login state verification information is illegal, rejecting the video playing request of the user;
in practical application, when the verification information is in an illegal state, it is indicated that the current user does not have the authority to play the video, and a prompt box for logging in an account is required to be returned, so that the current user is required to watch the video after logging in the account.
And 306, if the user login state verification information is legal, waiting for receiving a video playing request sent by the user.
In this embodiment, if it is verified that the user login state is legal, the user passes through the silent state, so that the user perception time is reduced, and the video watching experience of a legal user is optimized.
Specifically, a set of timers may be set. At a set time, for example every 20 minutes, the legitimate user terminal should have a silent handshake action with the server in the background.
307, acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing;
308, if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to a user terminal of a user;
309, if the playing form is live playing, guiding the user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user;
310, analyzing the index file to obtain a video key and a corresponding encryption fragment address;
in this embodiment, a user downloads an encrypted index file at a terminal, decrypts the encrypted index file by using a corresponding index key issued by a server, and obtains a storage address of a video key and an encrypted fragment in the server after analyzing the content of the index file.
Specifically, after the index file is analyzed, the user still needs to download the corresponding encrypted fragment video through the encrypted fragment address in the index file, and here, because the network download rates of different users are different, the resolution and the fragment duration of the encrypted fragment are preferably adjusted and selected according to the network download rates of the users.
And 311, encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain an encrypted index file.
In this step, the index file including the video key is preferably encrypted using a conventional block encryption or stream encryption algorithm. Further, this layer prefers the traditional AEB video encryption scheme. And, the layer generates an index key according to the timeline access control policy of the video program corresponding to the video slice.
In this embodiment, a two-layer selective encryption strategy is adopted. When the administrator selects the depth of the encrypted video, different encryption interested areas can be selected in the encryption of the first layer for encryption, and different video stream fragments can be selected in the encryption of the second layer for encryption. The fine-grained control of a single video based on time length or code rate is realized.
312, the encrypted index file is sent to the user terminal of the user, so that the user terminal plays the video.
On the basis of the previous embodiment, the specific process of encrypting the index file is described in detail, and a step of verifying the validity of the user login information before playing the video is added. Acquiring a video file uploaded to a server by an administrator; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring login state verification information of the user, and judging whether a video playing request of the user is legal or not according to the login state verification information; if the login state verification information is illegal, rejecting the video playing request of the user; and if the user login state verification information is legal, waiting for receiving a video playing request sent by the user. Acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; analyzing the index file to obtain the video key and a corresponding encryption fragment address; and encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain the encryption index file. And sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. Compared with the traditional HLS-based playing method, the method increases the user verification link, carefully optimizes the encryption method of the index file, and improves the safety of video playing.
Referring to fig. 4, a fourth embodiment of the video playing method based on HLS according to the embodiment of the present invention includes:
401, acquiring a video file uploaded to a server by an administrator;
402, performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file;
403, distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and a video key, storing the encrypted fragments in a server, and storing the video key in an index file;
404, acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing;
405, if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to a user terminal of a user;
406, if the playing form is live playing, directing the user to the first broadcast group network selected for live playing, and issuing a first root key of the first broadcast group network to the user terminal of the user;
407, encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain an encrypted index file;
408, issuing the encrypted index file to a user terminal of a user, and after receiving the encrypted index file, the user terminal issues a key to decrypt the encrypted index file through a server to obtain a corresponding encrypted fragment address and a corresponding video key;
in this embodiment, after receiving a video request from a user, the server returns an encrypted index file that has been encrypted to the user terminal. And the user terminal decrypts the encrypted index file through the obtained index key to obtain the index file, wherein the index file comprises the encrypted TS format slicing address and the video key. And downloading the encrypted TS format fragments through the address, decrypting the encrypted TS format fragments through a video key to obtain the TS format fragments, and decoding and playing the TS format fragments after sequencing the TS format fragments at the user terminal.
And 409, downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing.
Specifically, a user downloads an encrypted index file, obtains the index file after the index file is aligned and decrypted by an index key, reads a video key and an encrypted TS format fragment address in the index file, downloads TS format fragments based on the encrypted TS format fragment address, decrypts the encrypted TS format fragments by the video key to obtain TS format fragments, and performs playing operation after sequencing the downloaded fragments by a fragment directory. On the basis of the previous embodiment, the specific playing process of the legal user after selecting the video to be played is described in detail, and the video file uploaded to the server by the administrator is obtained; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; the encrypted index file is issued to a user terminal of the user, and the user terminal decrypts the encrypted index file by issuing a key through the server after receiving the encrypted index file to obtain a corresponding encrypted fragment address and a corresponding video key; and downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing. Compared with the traditional playing mode, the method has the advantages that the steps of specifically decrypting the index file and decrypting the video fragment at the user side are added, the risk of video stream stealing link is prevented through the double decryption processes at the user side, and the playing safety of the video file is improved.
In the foregoing, the video playing method based on HLS in the embodiment of the present invention is described, and referring to fig. 5, the video playing device based on HLS in the embodiment of the present invention is described below, where an embodiment of the video playing device based on HLS in the embodiment of the present invention includes:
an obtaining module 501, configured to obtain a video file uploaded to a server by an administrator;
the fragmentation module 502 is configured to perform fragmentation operation on the video file through the HLS technology to obtain a TS format fragment, a TS format fragment directory, and an index file corresponding to the video file;
the fragment encryption module 503 is configured to distribute an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragment, so as to obtain an encrypted fragment and a video key, store the encrypted fragment in a server, and store the video key in the index file;
the play selection module 504 is configured to obtain a video play request sent by a user, and identify a video play form of the video play request, where the video play form includes on-demand play and live play;
the on-demand playing module 505 is configured to generate a session key through an ABE encryption algorithm if the playing form is on-demand playing, and issue the session key to the user terminal of the user;
a live broadcast playing module 506, configured to direct a user to a first broadcast group network of a selected live broadcast if the playing form is a live broadcast, and issue a first root key of the first broadcast group network to a user terminal of the user;
an index encryption module 507, configured to encrypt, based on the session key or the first root key, an index file corresponding to the TS format fragment to obtain the encrypted index file;
an index issuing module 508, configured to issue the encrypted index file to the user terminal of the user, so that the user terminal plays a video.
In the embodiment of the invention, the video playing device based on the HLS runs the video playing method based on the HLS, and comprises the steps of acquiring a video file uploaded to a server by an administrator; performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file; distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file; acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing; if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user; if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user; encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file; and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video. The method aims at the technical problems that the video playing method based on the HLS is single in encryption mode and low in video encryption degree, the encryption mode is different for different playing modes and different video heat degrees, meanwhile, two layers of encryption are added for the traditional HLS playing method, one layer of encryption is carried out on video fragments, the other layer of encryption is carried out on index files, and the HLS playing method is safer and more flexible.
Referring to fig. 6, a second embodiment of the video playback device based on HLS according to the embodiment of the present invention includes:
an obtaining module 501, configured to obtain a video file uploaded to a server by an administrator;
the fragmentation module 502 is configured to perform fragmentation operation on the video file through the HLS technology to obtain a TS format fragment, a TS format fragment directory, and an index file corresponding to the video file;
the fragment encryption module 503 is configured to distribute an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragment, so as to obtain an encrypted fragment and a video key, store the encrypted fragment in a server, and store the video key in the index file;
the play selection module 504 is configured to obtain a video play request sent by a user, and identify a video play form of the video play request, where the video play form includes on-demand play and live play;
the on-demand playing module 505 is configured to generate a session key through an ABE encryption algorithm if the playing form is on-demand playing, and issue the session key to the user terminal of the user;
a live broadcast playing module 506, configured to direct a user to a first broadcast group network of a selected live broadcast if the playing form is a live broadcast, and issue a first root key of the first broadcast group network to a user terminal of the user;
an index encryption module 507, configured to encrypt, based on the session key or the first root key, an index file corresponding to the TS format fragment to obtain the encrypted index file;
an index issuing module 508, configured to issue the encrypted index file to the user terminal of the user, so that the user terminal plays a video.
In this embodiment, the fragmentation module 502 is specifically configured to:
obtaining the TS format fragmentation catalogue;
the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes;
performing video decoding on the obtained TS format fragments through each slave node to obtain I frames; encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key;
and storing the encrypted fragments to a server, and storing the video key to an index file.
In this embodiment, the video playing apparatus based on HLS further includes an on-demand classification module 509, where the on-demand classification module 509 is specifically configured to:
acquiring the number of the simultaneously requested video players and judging whether the number of the simultaneously requested video players is higher than a system set value;
when the number of the on-demand persons is higher than a system set value, a second broadcast group network is established and a second root key is generated within a set time range;
and after the set time range is exceeded, whether the number of the on-demand persons is higher than the set value of the system or not is judged again.
In this embodiment, the video playing apparatus based on HLS further includes a login verification module 510, where the login verification module 510 is specifically configured to:
acquiring login state verification information of the user, and judging whether a video playing request of the user is legal or not according to the login state verification information;
if the login state verification information is illegal, rejecting the video playing request of the user;
and if the user login state verification information is legal, waiting for receiving a video playing request sent by the user.
In this embodiment, the index encryption module 507 is specifically configured to:
analyzing the index file to obtain the video key and a corresponding encryption fragment address;
and encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain the encryption index file.
In this embodiment, the index issuing module 508 is specifically configured to:
the encrypted index file is issued to a user terminal of the user, and the user terminal decrypts the encrypted index file by issuing a key through the server after receiving the encrypted index file to obtain a corresponding encrypted fragment address and a corresponding video key;
and downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing.
On the basis of the previous embodiment, the specific functions of each module and the unit composition of part of the modules are described in detail, a login verification module and an on-demand classification module are added through the newly added modules, and different encryption modes are adjusted according to the timing verification of the login state of a user and different on-demand video heat degrees, so that the encryption mode of a video is more flexible and controllable, the running load of a server is reduced, and the safety of video playing and the convenience of video playing are further improved.
Fig. 5 and fig. 6 describe in detail the video playback apparatus based on HLS in the embodiment of the present invention from the perspective of the modular functional entity, and the video playback device based on HLS in the embodiment of the present invention from the perspective of hardware processing is described in detail below.
Fig. 7 is a schematic structural diagram of an HLS-based video playback device 700 according to an embodiment of the present invention, where the HLS-based video playback device 700 may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPUs) 710 (e.g., one or more processors) and a memory 720, one or more storage media 730 (e.g., one or more mass storage devices) for storing applications 733 or data 732. Memory 720 and storage medium 730 may be, among other things, transient storage or persistent storage. The program stored on the storage medium 730 may include one or more modules (not shown), each of which may include a sequence of instruction operations for the HLS-based video playback device 700. Still further, the processor 710 may be configured to communicate with the storage medium 730, and execute a series of instruction operations in the storage medium 730 on the HLS-based video playback device 700 to implement the steps of the HLS-based video playback method described above.
The HLS based video playback device 700 may also include one or more power supplies 740, one or more wired or wireless network interfaces 750, one or more input-output interfaces 760, and/or one or more operating systems 731, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, and the like. Those skilled in the art will appreciate that the HLS-based video playback device architecture shown in fig. 7 does not constitute a limitation of the HLS-based video playback devices provided herein, and may include more or fewer components than those shown, or some components in combination, or a different arrangement of components.
The present invention also provides a computer-readable storage medium, which may be a non-volatile computer-readable storage medium, and which may also be a volatile computer-readable storage medium, having stored therein instructions, which, when executed on a computer, cause the computer to perform the steps of the HLS-based video playback method.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses, and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A video playing method based on HLS is characterized in that the video playing method based on HLS comprises the following steps:
acquiring a video file uploaded to a server by an administrator;
performing fragmentation operation on the video file through an HLS technology to obtain TS format fragments, a TS format fragment directory and an index file corresponding to the video file;
distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file;
acquiring a video playing request sent by a user, and identifying a video playing form of the video playing request, wherein the video playing form comprises on-demand playing and live playing;
if the playing form is on-demand playing, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user;
if the playing form is live playing, guiding a user to a first broadcast group network of the selected live broadcast, and issuing a first root key of the first broadcast group network to a user terminal of the user;
encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file;
and sending the encrypted index file to a user terminal of the user so that the user terminal plays the video.
2. The HLS-based video playing method according to claim 1, wherein the distributing an encryption task to each slave node in the distributed encryption system through a preset master node in the distributed encryption system selectively encrypts the TS-format fragment to obtain an encrypted fragment and a video key, and storing the encrypted fragment in a server, where storing the video key in the index file includes:
obtaining the TS format fragmentation catalogue;
the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes;
performing video decoding on the obtained TS format fragments through each slave node to obtain I frames;
encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key;
and storing the encrypted fragments to a server, and storing the video key to an index file.
3. The HLS-based video playback method of claim 1, further comprising, after said identifying the video playback form of the video playback request:
if the video playing mode is on-demand playing, counting the number of persons on-demand simultaneously playing the video on-demand;
judging whether the number of the simultaneously requested persons is higher than a system set value;
if yes, setting video playing time according to the number of the simultaneous on-demand persons, establishing a second broadcast group network, generating a second root key, and sending the second root key to the user terminal of the user;
after the video playing time is up, updating the number of the simultaneous on-demand persons, and judging whether the number of the simultaneous on-demand persons is higher than a system set value;
if not, generating a session key through an ABE encryption algorithm, and issuing the session key to the user terminal of the user.
4. The HLS-based video playing method according to claim 1, wherein before the obtaining the video playing request sent by the user and identifying the video playing form of the video playing request, the method further comprises:
acquiring login state verification information of the user, and judging whether a video playing request of the user is legal or not according to the login state verification information;
if the login state verification information is illegal, rejecting the video playing request of the user;
and if the user login state verification information is legal, waiting for receiving a video playing request sent by the user.
5. The HLS-based video playing method according to claim 1, wherein the encrypting the index file corresponding to the TS-format slice based on the key to obtain the encrypted index file comprises:
analyzing the index file to obtain the video key and a corresponding encryption fragment address;
and encrypting the video key and the corresponding encryption fragment address through an AEB encryption algorithm and packaging the video key and the corresponding encryption fragment address into the index file to obtain the encryption index file.
6. The HLS-based video playing method according to claim 1, wherein the sending the encrypted index file to the user terminal of the user so that the user terminal plays the video comprises:
the encrypted index file is issued to a user terminal of the user, and the user terminal decrypts the encrypted index file by issuing a key through the server after receiving the encrypted index file to obtain a corresponding encrypted fragment address and a corresponding video key;
and downloading the encrypted fragments based on the encrypted fragment addresses, and decrypting the encrypted fragments based on the video key to obtain TS format fragments for playing.
7. An HLS-based video playback device, comprising:
the acquisition module is used for acquiring a video file uploaded to the server by an administrator;
the fragment module is used for carrying out fragment operation on the video file through an HLS technology to obtain a TS format fragment, a TS format fragment directory and an index file corresponding to the video file;
the fragment encryption module is used for distributing encryption tasks to all slave nodes in the distributed encryption system through a preset master node in the distributed encryption system to selectively encrypt the TS format fragments to obtain encrypted fragments and video keys, storing the encrypted fragments to a server, and storing the video keys into the index file;
the system comprises a play selection module, a play selection module and a play selection module, wherein the play selection module is used for acquiring a video play request sent by a user and identifying a video play form of the video play request, and the video play form comprises on-demand play and live play;
the on-demand playing module is used for generating a session key through an ABE encryption algorithm and issuing the session key to the user terminal of the user if the playing form is on-demand playing;
the live broadcast playing module is used for guiding a user to a first broadcast group network of the selected live broadcast and issuing a first root key of the first broadcast group network to a user terminal of the user if the playing form is live broadcast;
the index encryption module is used for encrypting the index file corresponding to the TS format fragment based on the session key or the first root key to obtain the encrypted index file;
and the index issuing module is used for issuing the encrypted index file to the user terminal of the user so as to enable the user terminal to play the video.
8. The HLS-based video playback device of claim 7, wherein the slicing module is specifically configured to:
obtaining the TS format fragmentation catalogue;
the main node distributes an encryption task to the slave nodes according to the TS format fragment catalog and sends the corresponding TS format fragments to the corresponding slave nodes;
performing video decoding on the obtained TS format fragments through each slave node to obtain I frames;
encrypting the I frame in the TS format fragment by adopting an AES (advanced encryption standard) encryption algorithm, and packaging the encrypted I frame into the TS format fragment to obtain a corresponding encrypted fragment and a corresponding video key;
and storing the encrypted fragments to a server, and storing the video key to an index file.
9. An HLS-based video playback device, comprising: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line;
the at least one processor invokes the instructions in the memory to cause the HLS-based video playback device to perform the steps of the HLS-based video playback method as recited in any of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the HLS-based video playback method according to any one of claims 1 to 6.
CN202210061670.9A 2022-01-19 2022-01-19 HLS-based video playing method, device, equipment and storage medium Pending CN114363721A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210061670.9A CN114363721A (en) 2022-01-19 2022-01-19 HLS-based video playing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210061670.9A CN114363721A (en) 2022-01-19 2022-01-19 HLS-based video playing method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114363721A true CN114363721A (en) 2022-04-15

Family

ID=81090943

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210061670.9A Pending CN114363721A (en) 2022-01-19 2022-01-19 HLS-based video playing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114363721A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117201873A (en) * 2023-11-07 2023-12-08 湖南博远翔电子科技有限公司 Intelligent analysis method and device for video image

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150180873A1 (en) * 2012-03-23 2015-06-25 Irdeto B.V. Controlling access to ip streaming content
CN106791986A (en) * 2017-01-10 2017-05-31 环球智达科技(北京)有限公司 A kind of live index list encrypted antitheft catenary systems of HLS and method
CN106936770A (en) * 2015-12-30 2017-07-07 玲珑视界科技(北京)有限公司 A kind of HLS index lists encrypted antitheft catenary system and method
CN109874028A (en) * 2017-12-01 2019-06-11 深圳市雷鸟信息科技有限公司 A kind of playback method, system and the storage medium of HLS Streaming Media

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150180873A1 (en) * 2012-03-23 2015-06-25 Irdeto B.V. Controlling access to ip streaming content
CN106936770A (en) * 2015-12-30 2017-07-07 玲珑视界科技(北京)有限公司 A kind of HLS index lists encrypted antitheft catenary system and method
CN106791986A (en) * 2017-01-10 2017-05-31 环球智达科技(北京)有限公司 A kind of live index list encrypted antitheft catenary systems of HLS and method
CN109874028A (en) * 2017-12-01 2019-06-11 深圳市雷鸟信息科技有限公司 A kind of playback method, system and the storage medium of HLS Streaming Media

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117201873A (en) * 2023-11-07 2023-12-08 湖南博远翔电子科技有限公司 Intelligent analysis method and device for video image
CN117201873B (en) * 2023-11-07 2024-01-02 湖南博远翔电子科技有限公司 Intelligent analysis method and device for video image

Similar Documents

Publication Publication Date Title
US10698985B2 (en) Extending data confidentiality into a player application
US9332287B2 (en) System and method for session management of streaming media
US9607132B2 (en) Token-based validation method for segmented content delivery
US9026782B2 (en) Token-based entitlement verification for streaming media decryption
CN107707504B (en) Streaming media playing method and system, server and client
CN108881205B (en) HLS streaming media safe playing system and playing method
WO2011150817A1 (en) Method, system and apparatus for supporting advertising contents in hypertext transfer protocol streaming play mode
US7912218B2 (en) Method of broadcasting multimedia content via distribution network
US20060050697A1 (en) Random access read/write media format for an on-demand distributed streaming system
CN109996095B (en) Method, system and medium for preventing stealing link playing in network video on demand
TW201204011A (en) Systems and methods for securely streaming media content
CN101409713A (en) Content distribution system, distribution server, terminal, and content distributing method
CN113259720B (en) Video encryption method and system based on HLS protocol
US20030217163A1 (en) Method and system for assessing a right of access to content for a user device
EP3391652B1 (en) Controlling retrieval in adaptive streaming
CN108881966B (en) Information processing method and related equipment
CN1964479A (en) Method for realizing management of digital copyright based on stream media broadcast
CN114363721A (en) HLS-based video playing method, device, equipment and storage medium
WO2017207861A1 (en) An arrangement for media stream organization
CN108769748B (en) Information processing method and related equipment
JP2007528140A (en) Multimedia content distribution method via distribution network
CN108400987A (en) A kind of audio play in address protection strategy
Gavankar et al. Secure real time remote video monitoring using selective encryption
CN115643459A (en) Video processing method, system, storage medium and electronic equipment
CN113038196A (en) Sender device and receiver device for transmitting media data in a communication network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination