CN114727155B - Multimedia data service processing device, system and method based on I-PON - Google Patents

Multimedia data service processing device, system and method based on I-PON Download PDF

Info

Publication number
CN114727155B
CN114727155B CN202110012960.XA CN202110012960A CN114727155B CN 114727155 B CN114727155 B CN 114727155B CN 202110012960 A CN202110012960 A CN 202110012960A CN 114727155 B CN114727155 B CN 114727155B
Authority
CN
China
Prior art keywords
information
television program
target television
terminal
authentication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110012960.XA
Other languages
Chinese (zh)
Other versions
CN114727155A (en
Inventor
王建波
代尚华
孙毅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jishi Huitong Technology Co ltd
Original Assignee
Beijing Jishi Huitong Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jishi Huitong Technology Co ltd filed Critical Beijing Jishi Huitong Technology Co ltd
Priority to CN202110012960.XA priority Critical patent/CN114727155B/en
Publication of CN114727155A publication Critical patent/CN114727155A/en
Application granted granted Critical
Publication of CN114727155B publication Critical patent/CN114727155B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/61Network physical structure; Signal processing
    • H04N21/6106Network physical structure; Signal processing specially adapted to the downstream path of the transmission network
    • H04N21/6125Network physical structure; Signal processing specially adapted to the downstream path of the transmission network involving transmission via Internet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/61Network physical structure; Signal processing
    • H04N21/6156Network physical structure; Signal processing specially adapted to the upstream path of the transmission network
    • H04N21/6175Network physical structure; Signal processing specially adapted to the upstream path of the transmission network involving transmission via Internet

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present disclosure relates to an I-PON based multimedia data service processing apparatus, system and method, the apparatus including a gateway including a network processor and an IP broadcast receiving module. The method and the system utilize the network processor to receive the first request information for first permission confirmation, when the target television program is determined to have the viewing right, the first authentication information is determined, the first authentication information is sent to the terminal, the second request information is received by the IP broadcast receiving module for second permission confirmation, when the terminal is determined to have the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information, the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network is forwarded to the terminal, single program encryption is realized through the gateway, and the second permission confirmation is carried out, so that the safety, the environmental adaptability and the flexibility can be improved.

Description

Multimedia data service processing device, system and method based on I-PON
Technical Field
The disclosure relates to the technical field of communication, and in particular relates to an I-PON-based multimedia data service processing apparatus, system and method.
Background
In 3 months of 2017, the national news publishing and broadcasting and television headquarter formally releases GY/T306.1-2017, part 1 of the technical Specification of the cable television network fiber-to-the-home system: general technical requirements, wherein the I-PON scheme is included as one of the typical application schemes. The I-PON system scheme is an optical fiber home-to-home technical scheme based on a tera IP broadcasting technology and a bidirectional IP technology, the tera IP broadcasting technology applies a tera Ethernet technology to a unidirectional broadcasting network, the defects caused by the traditional radio frequency technology are eliminated, meanwhile, the problem of space interference is solved, the frequency point limitation is avoided, and the bandwidth can be expanded from 10G to 20G, 40G and 100G along with the continuous upgrading of an IP broadcasting receiving module. The bidirectional IP technology may be EPON/GPON/10G xPON technology, coaxial EOC/DOCSIS technology, wireless communication network or ethernet technology.
In the current broadcast television field, a common CA (conditional access) technology for authorized viewing is adopted, and the principle is that a head end scrambles a video and audio clear stream by using a Control Word (CW), and the scrambled video and audio code stream is transmitted by a broadcast network. And the CW needs to be encrypted by a service key to form ECM (entitlement control message) broadcast transmission, and meanwhile, the entitlement information of each user is encrypted by an entitlement key to form EMM (entitlement management message) broadcast transmission, and a smart card in the terminal set-top box contains the information such as the service key, the entitlement key and the like, and can decrypt to obtain the CW information after receiving the EMM and the ECM, thereby descrambling and restoring the video and audio stream.
However, for a new generation of all-IP broadcast television system such as I-PON, the terminal is not only a broadcast television set-top box, but also includes an intelligent television, a mobile phone, a PAD, etc., and these general IP terminals are unlikely to integrate a high-complexity DVB descrambling function, and for a part of unidirectional broadcast receiving terminals, there is no method for performing bidirectional authentication, so how to provide management of authorized viewing and cover IP general viewing terminals becomes an important problem.
Disclosure of Invention
In view of this, in order to solve the above problems, the present disclosure proposes an I-PON-based multimedia data service processing apparatus, system and method.
According to an aspect of the disclosed embodiments, an I-PON based multimedia data service processing apparatus is provided, the apparatus comprising a gateway including a network processor and an IP broadcast receiving module, wherein,
the network processor is configured to:
acquiring program authority information belonging to the gateway from an authorization server through an IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
receiving first request information, when determining that a target television program has a viewing right according to the first request information and the program authority information, determining first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and sending the first authentication information to a terminal, wherein the first request information is used for requesting the network processor to send the first authentication information, the first request information comprises identification information of the target television program, the first encryption information is generated by the network processor, and the second encryption information is obtained from the IP broadcast receiving module;
The IP broadcast receiving module is electrically connected to the network processor and is used for:
receiving second request information, wherein the second request information comprises the first authentication information and identification information of the target television program, and the second request information is sent by the terminal when the first authentication information is received so as to request data of the target television program;
determining second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program, wherein the first encryption information is obtained from the network processor;
and when the terminal is determined to have the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information, forwarding the data of the target television program acquired from the broadcasting service server through an IP broadcasting unidirectional optical fiber network to the terminal.
In one possible implementation manner, the gateway includes a gateway identifier, and the acquiring, from an authorization server, program rights information belonging to the gateway through an IP bidirectional data network includes:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
In one possible implementation, the network processor is configured to generate the first encryption information based on a random number,
the IP broadcast receiving module is configured to generate the second encryption information based on a random number,
the network processor and the IP broadcast receiving module communicate with each other by using an IIC bus to acquire encryption information of the other party.
In one possible implementation manner, the IP broadcast receiving module is further configured to:
and when the second authentication information is the same as the first authentication information, determining that the terminal has the viewing authority of the target television program.
In one possible implementation, the IP broadcast unidirectional optical fiber network includes an optical fiber cable, an optical amplifier, and an optical splitter;
the terminal comprises an IP set top box, a mobile terminal, an intelligent television and the like.
According to another aspect of the present disclosure, there is provided an I-PON based multimedia data service processing system, the system comprising:
the system comprises a broadcasting service server, an authorization server, an IP broadcasting unidirectional optical fiber network, an IP bidirectional data network and a terminal; and
The multimedia data service processing device based on the I-PON.
According to another aspect of the present disclosure, an I-PON-based multimedia data service processing method is provided, which is applied to a multimedia data service processing apparatus including a gateway, where the gateway includes a network processor and an IP broadcast receiving module, and the method includes:
The network processor acquires program authority information belonging to the gateway from an authorization server through an IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
the network processor receives first request information, when determining that a target television program has a viewing right according to the first request information and the program authority information, determines first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and sends the first authentication information to a terminal, wherein the first request information is used for requesting the network processor to send the first authentication information, the first request information comprises identification information of the target television program, the first encryption information is generated by the network processor, and the second encryption information is obtained from the IP broadcast receiving module;
the IP broadcast receiving module receives second request information, wherein the second request information comprises the first authentication information and identification information of the target television program, and the second request information is sent by the terminal when the first authentication information is received so as to request data of the target television program;
The IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program, wherein the first encryption information is obtained from the network processor;
when the terminal is determined to have the viewing authority of the target television program according to the second authentication information and the first authentication information in the second request information, the IP broadcast receiving module forwards the data of the target television program acquired from the broadcast service server through an IP broadcast unidirectional optical network to the terminal.
In one possible implementation manner, the gateway includes a gateway identifier, and the acquiring, from an authorization server, program rights information belonging to the gateway through an IP bidirectional data network includes:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
In one possible embodiment, the method further comprises:
when the second authentication information is the same as the first authentication information, the IP broadcast receiving module determines that the terminal has the viewing authority of the target television program.
According to another aspect of the present disclosure, an I-PON-based multimedia data service processing method is provided, which is applied to an I-PON-based multimedia data service processing system, the system including a broadcast service server, an authorization server, an IP broadcast unidirectional optical network, an IP bidirectional data network, a terminal, and an I-PON-based multimedia data service processing apparatus, the apparatus including a gateway including a network processor and an IP broadcast receiving module, wherein the method includes:
the network processor acquires program authority information belonging to the gateway from the authorization server through the IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
the network processor acquires second encryption information of the IP broadcast receiving module, and the IP broadcast receiving module acquires first encryption information of the network processor;
the terminal sends first request information, wherein the first request information is used for requesting the network processor to send first authentication information, and the first request information comprises identification information of a target television program;
the network processor receives the first request information, determines the first authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program when determining that the target television program has viewing rights according to the first request information and the program rights information, and sends the first authentication information to the terminal;
The terminal sends second request information under the condition that the first authentication information is received, wherein the second request information is used for requesting the data of the target television program, and the second request information comprises the first authentication information and the identification information of the target television program;
the IP broadcast receiving module receives second request information;
the IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program;
when the terminal is determined to have the viewing authority of the target television program according to the second authentication information and the first authentication information in the second request information, the IP broadcast receiving module forwards the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal.
In various aspects of the embodiments of the present disclosure, a network processor may be used to receive first request information, and perform a first permission confirmation according to the first request information, when it is determined that a target television program has a viewing right according to the first request information and the program permission information, first authentication information is determined by using first encryption information, second encryption information, multicast address information of the target television program, and port information of the target television program, and the first authentication information is sent to a terminal, and an IP broadcast receiving module is used to receive second request information, so as to perform a second permission confirmation, and when it is determined that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information, data of the target television program acquired from the broadcast service server through an IP broadcast unidirectional optical fiber network is forwarded to the terminal.
Other features and aspects of the present disclosure will become apparent from the following detailed description of exemplary embodiments, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate exemplary embodiments, features and aspects of the present disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 shows a schematic diagram of an I-PON based multimedia data service processing apparatus according to an embodiment of the present disclosure.
Fig. 2 shows a schematic diagram of an I-PON based multimedia data service processing system according to an embodiment of the present disclosure.
Fig. 3 shows a flowchart of an I-PON based multimedia data service processing method according to an embodiment of the present disclosure.
Fig. 4 shows a flowchart of an I-PON based multimedia data service processing method according to an embodiment of the present disclosure.
Detailed Description
Various exemplary embodiments, features and aspects of the disclosure will be described in detail below with reference to the drawings. In the drawings, like reference numbers indicate identical or functionally similar elements. Although various aspects of the embodiments are illustrated in the accompanying drawings, the drawings are not necessarily drawn to scale unless specifically indicated.
The word "exemplary" is used herein to mean "serving as an example, embodiment, or illustration. Any embodiment described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.
In addition, numerous specific details are set forth in the following detailed description in order to provide a better understanding of the present disclosure. It will be understood by those skilled in the art that the present disclosure may be practiced without some of these specific details. In some instances, methods, means, elements, and circuits well known to those skilled in the art have not been described in detail in order not to obscure the present disclosure.
Referring to fig. 1, fig. 1 is a schematic diagram illustrating an I-PON-based multimedia data service processing apparatus according to an embodiment of the present disclosure.
As shown in fig. 1, the apparatus 10 includes a gateway 11, the gateway 11 including a network processor (Network Processor, NP) 110 and an IP broadcast receiving module (IP Receiving Module, IPRM) 120, wherein,
the network processor 110 is configured to:
obtaining program rights information from an authorization server 30 through an IP bi-directional data network 50, said program rights information comprising viewing rights of one or more television programs of the gateway 11;
receiving first request information, when it is determined that a target television program has a viewing right according to the first request information and the program authority information, determining first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and transmitting the first authentication information to a terminal 60, wherein the first request information is used for requesting the network processor to transmit the first authentication information, the first request information includes identification information of the target television program, the first encryption information is generated by the network processor 110, and the second encryption information is obtained from the IP broadcast receiving module 120;
The IP broadcast receiving module 120 is electrically connected to the network processor 110, and is configured to:
receiving second request information, wherein the second request information comprises the first authentication information and identification information of the target television program, and the second request information is sent by the terminal when the first authentication information is received so as to request data of the target television program;
determining second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program, and port information of the target television program, wherein the first encryption information is obtained from the network processor 110;
when it is determined that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information, the data of the target television program acquired from the broadcast service server 20 through the IP broadcast unidirectional optical network 40 is forwarded to the terminal 60.
Through the device, the embodiment of the disclosure can receive the first request information by using the network processor, and perform first permission confirmation according to the first request information, when determining that the target television program has the viewing right according to the first request information and the program permission information, determine the first authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, send the first authentication information to the terminal, receive the second request information by using the IP broadcast receiving module, perform second permission confirmation, and forward the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal when determining that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information.
In one possible implementation, the gateway 11 may be an I-PON home gateway, where the gateway may receive all service requests of all the subordinate terminals, and the terminals may be devices capable of sending out all service requests, such as a set-top box, a smart tv set, a mobile terminal (e.g., a smart phone, a tablet computer, etc.), and the disclosure is not limited thereto.
In one possible implementation, the gateway is connected to both the bi-directional IP data network 50 and the IP unidirectional broadcast optical network 40, while being connected to the terminal 60 via a local area network for data transmission.
In one possible embodiment, the terminal 60 may have a terminal identifier by which the gateway may uniquely identify the corresponding terminal and confirm whether its target television program has viewing rights based on the terminal identifier.
In one example, the terminal identification may include an IP address and a MAC address of the terminal 60, and may also include indicia such as a number of the terminal in the gateway, which is not limited by the present disclosure. For example, the terminal identification may be an IP address and a MAC address of the terminal, so that the terminal may be locked based on the IP address and the MAC address. Assuming that 5 terminals can each send a full service request to the gateway, the 5 terminals may be numbered in advance, e.g. 1, 2, 3, 4, 5, respectively, and then it may be determined which of the 5 specific terminals is according to the number. Of course, a person skilled in the art may set the terminal identifier as needed, as long as the corresponding terminal can be uniquely identified by the terminal identifier.
In one possible implementation, the dialog in which the network processor 110 interacts with the authorization server 30 to obtain the program entitlement information may be generated based on the TCP/HTTP protocol.
In a possible implementation manner, the gateway 11 may include a gateway identifier, and the acquiring, from an authorization server, program rights information belonging to the gateway through an IP bidirectional data network may include:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
In one example, the gateway identifier may include a MAC address of the gateway 11 and/or a MAC address of the IP broadcast receiving module 120, and may further include a number or the like that is set by the gateway 11, which is not limited by the present disclosure. For example, the gateway identification may be a MAC address of the IP broadcast receiving module, so that the upper device (e.g., switch, etc.) may lock the gateway based on the MAC address of the IP broadcast receiving module. Assuming that there are 4 gateways that can each send program data requests to the server, the 4 gateways may be numbered in advance, e.g., a, b, c, and d, respectively, then it may be determined which of the 4 specific gateways is based on the number.
Of course, a person skilled in the art may set the gateway identifier according to needs, so long as other devices may uniquely determine the gateway according to the gateway identifier, and the embodiments of the present disclosure are not limited in this regard.
In one possible implementation, the port information of the target television program may include port number information.
In one possible implementation, the bi-directional IP data network 50 may include an optical line terminal (optical line terminal, abbreviated OLT) (not shown in fig. 1) for connecting devices of the fiber optic trunk. The bidirectional data network may be an EPON/GPON/10G xPON bidirectional optical network, a coaxial EOC/DOCSIS bidirectional network, a wireless communication network, or an ethernet network, etc., which is not limited by the embodiments of the present disclosure.
In one possible implementation, the network processor 110 may be further configured to generate the first encryption information based on a random number,
the IP broadcast receiving module 120 may be further configured to generate the second encryption information based on a random number,
the network processor 110 and the IP broadcast receiving module 120 communicate with each other using an IIC bus to acquire encryption information of the other party.
In one example, when the IP broadcast receiving module 120 is powered on, the IP broadcast receiving module 120 may generate a random sequence or a random number as the second encryption information at power-on.
In one example, the network processor 110 may generate a random sequence or random number based on the current time or any timestamp to obtain the first encryption information.
Of course, in generating the encrypted information, the IP broadcast receiving module 120 and the network processor 110 may be performed by a random number generation method in the related art, and thus, the embodiment of the present disclosure is not limited.
In one example, the IP broadcast receiving module 120 and the network processor 110 may be connected through an IIC bus and communicate through the IIC bus, implement interaction, and acquire encryption information of the other party.
In one possible implementation, the IP broadcast receiving module may be further configured to:
and when the second authentication information is the same as the first authentication information, determining that the terminal has the viewing authority of the target television program.
When the IP broadcast receiving module 120 receives the second request information sent by the terminal 60, the first authentication information may be obtained from the second request information, and the first authentication information may be compared with the second authentication information of the terminal itself, and when it is determined that the first authentication information and the second authentication information are consistent, it may be determined that the terminal 60 has the viewing authority of the target television program, in which case the IP broadcast receiving module 120 may forward the program data stream of the target television program to the terminal 60, and the terminal 60 may perform decoding to view the target television program.
Through the above manner, the IP broadcast receiving module in the embodiment of the present disclosure may perform the second authentication after the first authentication by the network processor, so as to improve accuracy of the authority authentication, and when both the two authentications pass, it may be determined that the terminal has the viewing authority of the target television program.
In a possible implementation manner, the device may further include a storage module (not shown in fig. 1), where the storage module may store data generated by the device, for example, intermediate data such as the first encryption information, the second encryption information, the first authentication information, the second authentication information, and the like, may store a result of the performing the judgment, or may store an instruction for performing the step.
In one example, the memory module may include an electrical memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: portable computer disks, hard disks, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static Random Access Memory (SRAM), portable compact disk read-only memory (CD-ROM), digital Versatile Disks (DVD), memory sticks, floppy disks, mechanical coding devices, punch cards or in-groove structures such as punch cards or grooves having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media, as used herein, are not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., optical pulses through fiber optic cables), or electrical signals transmitted through wires.
Referring to fig. 2, fig. 2 is a schematic diagram illustrating an I-PON based multimedia data service processing system according to an embodiment of the present disclosure.
As shown in fig. 2, the system includes:
a broadcasting service server 20, an authorization server 30, an IP broadcasting unidirectional optical network 40, an IP bidirectional data network 50 and a terminal 60; and
The multimedia data service processing apparatus 10 based on the I-PON comprises a gateway 11, wherein the gateway 11 comprises a network processor (Network Processor, NP) 110 and an IP broadcast receiving module (IP Receiving Module, IPRM) 120, and the IP broadcast receiving module comprises a network interface (IP rm),
the network processor 110 is configured to:
obtaining program rights information from an authorization server 30 through an IP bi-directional data network 50, said program rights information comprising viewing rights of one or more television programs of the gateway 11;
receiving first request information, when it is determined that a target television program has a viewing right according to the first request information and the program authority information, determining first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and transmitting the first authentication information to a terminal 60, wherein the first request information is used for requesting the network processor to transmit the first authentication information, the first request information includes identification information of the target television program, the first encryption information is generated by the network processor 110, and the second encryption information is obtained from the IP broadcast receiving module 120;
The IP broadcast receiving module 120 is electrically connected to the network processor 110, and is configured to:
receiving second request information, wherein the second request information comprises the first authentication information and identification information of the target television program, and the second request information is sent by the terminal when the first authentication information is received so as to request data of the target television program;
determining second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program, and port information of the target television program, wherein the first encryption information is obtained from the network processor 110;
when it is determined that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information, the data of the target television program acquired from the broadcast service server 20 through the IP broadcast unidirectional optical network 40 is forwarded to the terminal 60.
Through the device, the embodiment of the disclosure can receive the first request information by using the network processor, and perform first permission confirmation according to the first request information, when determining that the target television program has the viewing right according to the first request information and the program permission information, determine the first authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, send the first authentication information to the terminal, receive the second request information by using the IP broadcast receiving module, perform second permission confirmation, and forward the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal when determining that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information.
To enable interaction of the apparatus 10 with the broadcast services server 20, the authorisation server 30, in one example, a switch 70 may also be provided, as shown in figure 2.
In one example, the switch 70 may implement forwarding of data and manage the gateway.
Referring to fig. 3, fig. 3 shows a flowchart of an I-PON-based multimedia data service processing method according to an embodiment of the present disclosure.
The method is applied to a multimedia data service processing device comprising a gateway, wherein the gateway comprises a network processor and an IP broadcast receiving module, and as shown in fig. 3, the method comprises the following steps:
step S11, the network processor acquires program authority information belonging to the gateway from an authorization server through an IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
step S12, the network processor receives first request information, when it is determined that the target television program has a viewing right according to the first request information and the program authority information, determines first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and sends the first authentication information to a terminal, wherein the first request information is used for requesting the network processor to send the first authentication information, the first request information includes identification information of the target television program, the first encryption information is generated by the network processor, and the second encryption information is obtained from the IP broadcast receiving module
Step S13, the IP broadcast receiving module receives second request information, wherein the second request information comprises the first authentication information and the identification information of the target television program, and the second request information is sent by the terminal when the first authentication information is received so as to request the data of the target television program;
step S14, the IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, wherein the first encryption information is obtained from the network processor;
and step S15, when the terminal is determined to have the audience rating of the target television program according to the second authentication information and the first authentication information in the second request information, forwarding the data of the target television program acquired from the broadcast service server through an IP broadcast unidirectional optical network to the terminal.
Through the method, the embodiment of the disclosure can receive the first request information by using the network processor, and perform first permission confirmation according to the first request information, when determining that the target television program has the viewing right according to the first request information and the program permission information, determine the first authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, send the first authentication information to the terminal, receive the second request information by using the IP broadcast receiving module, perform second permission confirmation, and forward the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal when determining that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information.
In a possible implementation manner, the gateway includes a gateway identifier, and step S11 of acquiring, from an authorization server, program rights information belonging to the gateway through an IP bidirectional data network includes:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
In one possible embodiment, the method further comprises:
when the second authentication information is the same as the first authentication information, the IP broadcast receiving module determines that the terminal has the viewing authority of the target television program.
It should be noted that, the method for processing the I-PON-based multimedia data service is a method corresponding to the foregoing I-PON-based multimedia data service processing apparatus, and the detailed description thereof will refer to the description of the apparatus and will not be repeated herein.
Referring to fig. 4, fig. 4 shows a flowchart of an I-PON-based multimedia data service processing method according to an embodiment of the present disclosure.
The method is applied to a system for processing the multimedia data service based on the I-PON, the system comprises a broadcasting service server, an authorization server, an IP broadcasting unidirectional optical network, an IP bidirectional data network, a terminal and a multimedia data service processing device based on the I-PON, the device comprises a gateway, the gateway comprises a network processor and an IP broadcasting receiving module, wherein as shown in fig. 4, the method comprises the following steps:
Step S21, the network processor acquires program authority information belonging to the gateway from the authorization server through the IP bidirectional data network, wherein the program authority information comprises one or more television program viewing authorities of the gateway;
in one possible implementation, the network processor may send a rights request message through an IP bidirectional data network to obtain program rights information belonging to the gateway from the authorization server.
In one example, the authority request message may carry a gateway identifier of the gateway, and when the authority request message is received by the authorization server, viewing authorities of all television programs of the gateway may be fed back to the network processor through the IP bidirectional data network.
In one possible implementation manner, the acquiring, from an authorization server, program rights information belonging to the gateway through an IP bidirectional data network may include:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
In one example, when the network processor obtains the program entitlement information for the gateway, the program entitlement information for the gateway may be stored in a memory space, e.g., the system may also control a memory module to store the generated data.
Step S22, the network processor acquires the second encryption information of the IP broadcast receiving module, and the IP broadcast receiving module acquires the first encryption information of the network processor;
in one example, interaction between the network processor and the IP broadcast receiving module may be performed, for example, through the IIC bus to obtain encrypted information of the other party.
In one example, the network processor and the IP broadcast receiving module may randomly generate a random sequence or a random number according to a time stamp or other parameters when they are started up or when they are working normally, so as to be used as respective encryption information, and the embodiment of the present disclosure does not limit the implementation of the specific algorithm for generating the encryption information, and those skilled in the art may select as required.
Step S23, the terminal sends first request information, wherein the first request information is used for requesting the network processor to send first authentication information, and the first request information comprises identification information of a target television program;
in one example, the first request information may include a terminal identifier, the terminal identifier may uniquely determine the terminal, and the terminals subordinate to the gateway may include a plurality of terminals, each having a different terminal identifier, to distinguish.
Step S24, the network processor receives the first request information, when the target television program is determined to have the audience rating according to the first request information and the program authority information, the first authentication information is determined by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, and the first authentication information is sent to the terminal;
in one example, since the gateway is subordinate to a plurality of terminals, the gateway needs to verify whether the terminal has the viewing authority of the television program when the terminal requests to play the television program, it should be noted that the viewing authority of the television program of each terminal in the plurality of terminals subordinate to the gateway may be consistent with the viewing authority of the television program of the gateway, where the viewing authority of the television program of the gateway may be determined from the obtained program authority information.
When the network processor receives the first request information, it can verify whether the terminal has the viewing authority of the target television program, when it is determined that the target television program has the viewing authority according to the first request information and the program authority information, it uses the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program to determine the first authentication information, and sends the first authentication information to the terminal
In one example, if the network processor determines that the target television program does not have the viewing authority according to the first request information and the program authority information, a message different from the first authentication information may be sent to the terminal to inform the terminal that the terminal does not have the viewing authority of the target television program (for example, returning a message of requesting to subscribe to the television program without the right to play), and of course, the network processor may ignore the first request information.
The embodiment of the present disclosure is not limited to a specific implementation manner of generating the first authentication information, and those skilled in the art may select the specific implementation manner as needed.
For example, the first encryption information, the second encryption information, the multicast address information of the target television program, and the port information of the target television program may be encoded in a preset encoding manner to obtain the first authentication information.
Step S25, when receiving the first authentication information, the terminal sends second request information, where the second request information is used to request data of the target television program, and the second request information includes the first authentication information and identification information of the target television program;
In one example, when the terminal receives the first authentication information, a second request message may be generated by using the first authentication information and the identification information of the target television program to request data, i.e., a program stream, of the target television program.
Step S26, the IP broadcast receiving module receives second request information;
step S27, the IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program;
in one example, the implementation of the IP broadcast receiving module to generate the second authentication information may be the same as the implementation of the network processor to generate the first authentication information, and of course, the embodiment of the disclosure is not limited to the specific implementation of generating the authentication information.
And step S28, when the terminal is determined to have the audience rating of the target television program according to the second authentication information and the first authentication information in the second request information, forwarding the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal.
In one example, the IP broadcast receiving module may perform a second verification on whether the terminal has the viewing authority of the target television program, and may determine whether the terminal has the viewing authority of the target television program by comparing the second authentication information with the first authentication information.
In one example, when the IP broadcast receiving module determines that the first authentication information and the second authentication information are not identical, the IP broadcast receiving module determines that the terminal does not have the viewing authority of the target television program, in which case the IP broadcast receiving module does not forward the data of the target television program to the terminal.
In one example, when the second authentication information is the same as the first authentication information, the IP broadcast receiving module determines that the terminal has the viewing authority of the target television program, in which case the IP broadcast receiving module forwards data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal.
Through the method, the embodiment of the disclosure can receive the first request information by using the network processor, and perform first permission confirmation according to the first request information, when determining that the target television program has the viewing right according to the first request information and the program permission information, determine the first authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program, send the first authentication information to the terminal, receive the second request information by using the IP broadcast receiving module, perform second permission confirmation, and forward the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal when determining that the terminal has the viewing right of the target television program according to the second authentication information and the first authentication information in the second request information.
It should be noted that, in the application of the above method to the multimedia data service processing system of the I-PON, the alignment description may refer to the previous description of the multimedia data service processing system of the I-PON and the multimedia data service processing apparatus of the I-PON, which are not described herein again.
The foregoing description of the embodiments of the present disclosure has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the various embodiments described. The terminology used herein was chosen in order to best explain the principles of the embodiments, the practical application, or the improvement of technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.

Claims (8)

1. An I-PON-based multimedia data service processing device is characterized in that the device comprises a gateway, the gateway comprises a network processor and an IP broadcast receiving module, wherein,
the network processor is configured to:
acquiring program authority information belonging to the gateway from an authorization server through an IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
Receiving first request information, when determining that a target television program has a viewing right according to the first request information and the program authority information, determining first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and sending the first authentication information to a terminal, wherein the first request information is used for requesting the network processor to send the first authentication information, the first request information comprises identification information of the target television program, the first encryption information is generated by the network processor, and the second encryption information is obtained from the IP broadcast receiving module;
the IP broadcast receiving module is electrically connected to the network processor and is used for:
receiving second request information, wherein the second request information comprises authentication information and identification information of the target television program;
determining second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program, wherein the first encryption information is obtained from the network processor;
When the terminal is determined to have the viewing authority of the target television program according to the second authentication information and the authentication information in the second request information, forwarding the data of the target television program acquired from a broadcast service server through an IP broadcast unidirectional optical network to the terminal, wherein when the authentication information in the second request information is the first authentication information and the second authentication information is consistent with the authentication information in the second request information, the terminal is determined to have the viewing authority of the target television program; when the second authentication information is inconsistent with the authentication information in the second request information, it is determined that the terminal does not have the viewing authority of the target television program, in which case the IP broadcast receiving module does not forward the data of the target television program to the terminal.
2. The apparatus of claim 1, wherein the gateway includes a gateway identification, wherein the obtaining program rights information pertaining to the gateway from an authorization server over an IP bi-directional data network comprises:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
3. The apparatus of claim 2, wherein the device comprises a plurality of sensors,
the network processor is configured to generate the first encryption information based on a random number,
the IP broadcast receiving module is configured to generate the second encryption information based on a random number,
the network processor and the IP broadcast receiving module communicate with each other by using an IIC bus to acquire encryption information of the other party.
4. The apparatus of claim 1, wherein the device comprises a plurality of sensors,
the IP broadcasting unidirectional optical fiber network comprises an optical fiber cable, an optical amplifier and an optical splitter;
the terminal comprises an IP set top box, a mobile terminal and an intelligent television.
5. An I-PON based multimedia data service processing system, comprising:
the system comprises a broadcasting service server, an authorization server, an IP broadcasting unidirectional optical fiber network, an IP bidirectional data network and a terminal; and
The I-PON based multimedia data service processing apparatus according to any one of claims 1 to 4.
6. The method is characterized by being applied to a multimedia data service processing device comprising a gateway, wherein the gateway comprises a network processor and an IP broadcast receiving module, and the method comprises the following steps:
The network processor acquires program authority information belonging to the gateway from an authorization server through an IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
the network processor receives first request information, when determining that a target television program has a viewing right according to the first request information and the program authority information, determines first authentication information by using first encryption information, second encryption information, multicast address information of the target television program and port information of the target television program, and sends the first authentication information to a terminal, wherein the first request information is used for requesting the network processor to send the first authentication information, the first request information comprises identification information of the target television program, the first encryption information is generated by the network processor, and the second encryption information is obtained from the IP broadcast receiving module;
the IP broadcast receiving module receives second request information, wherein the second request information comprises authentication information and identification information of the target television program;
the IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program, wherein the first encryption information is obtained from the network processor;
When the terminal has the viewing authority of the target television program according to the second authentication information and the authentication information in the second request information, the IP broadcast receiving module forwards the data of the target television program acquired from a broadcast service server through an IP broadcast unidirectional optical network to the terminal, wherein when the authentication information in the second request information is the first authentication information and the second authentication information is consistent with the authentication information in the second request information, the terminal is determined to have the viewing authority of the target television program; when the second authentication information is inconsistent with the authentication information in the second request information, it is determined that the terminal does not have the viewing authority of the target television program, in which case the IP broadcast receiving module does not forward the data of the target television program to the terminal.
7. The method of claim 6, wherein the gateway includes a gateway identification, wherein the obtaining program entitlement information pertaining to the gateway from an authorization server over an IP bi-directional data network comprises:
and interacting with the authorization server through the IP bidirectional data network to acquire the program authority information of the gateway by utilizing the gateway identifier.
8. The method is characterized in that the method is applied to a system for processing the multimedia data service based on the I-PON, the system comprises a broadcasting service server, an authorization server, an IP broadcasting unidirectional optical fiber network, an IP bidirectional data network, a terminal and a multimedia data service processing device based on the I-PON, the device comprises a gateway, the gateway comprises a network processor and an IP broadcasting receiving module, and the method comprises the following steps:
the network processor acquires program authority information belonging to the gateway from the authorization server through the IP bidirectional data network, wherein the program authority information comprises viewing authorities of one or more television programs of the gateway;
the network processor acquires second encryption information of the IP broadcast receiving module, and the IP broadcast receiving module acquires first encryption information of the network processor;
the terminal sends first request information, wherein the first request information is used for requesting the network processor to send first authentication information, and the first request information comprises identification information of a target television program;
the network processor receives the first request information, determines the first authentication information by using the first encryption information, the second encryption information, multicast address information of the target television program and port information of the target television program when determining that the target television program has viewing rights according to the first request information and the program rights information, and sends the first authentication information to the terminal;
The terminal sends second request information, wherein the second request information is used for requesting the data of the target television program;
the IP broadcast receiving module receives second request information;
the IP broadcast receiving module determines second authentication information by using the first encryption information, the second encryption information, the multicast address information of the target television program and the port information of the target television program;
when the terminal has the viewing authority of the target television program according to the second authentication information and the authentication information in the second request information, the IP broadcast receiving module forwards the data of the target television program acquired from the broadcast service server through the IP broadcast unidirectional optical network to the terminal, wherein when the authentication information in the second request information is the first authentication information and the second authentication information is consistent with the authentication information in the second request information, the terminal is determined to have the viewing authority of the target television program; when the second authentication information is inconsistent with the authentication information in the second request information, it is determined that the terminal does not have the viewing authority of the target television program, in which case the IP broadcast receiving module does not forward the data of the target television program to the terminal.
CN202110012960.XA 2021-01-06 2021-01-06 Multimedia data service processing device, system and method based on I-PON Active CN114727155B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110012960.XA CN114727155B (en) 2021-01-06 2021-01-06 Multimedia data service processing device, system and method based on I-PON

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110012960.XA CN114727155B (en) 2021-01-06 2021-01-06 Multimedia data service processing device, system and method based on I-PON

Publications (2)

Publication Number Publication Date
CN114727155A CN114727155A (en) 2022-07-08
CN114727155B true CN114727155B (en) 2024-01-26

Family

ID=82234021

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110012960.XA Active CN114727155B (en) 2021-01-06 2021-01-06 Multimedia data service processing device, system and method based on I-PON

Country Status (1)

Country Link
CN (1) CN114727155B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN106911676A (en) * 2017-02-10 2017-06-30 北京吉视汇通科技有限责任公司 Multimedia network data processing system
CN107294927A (en) * 2016-04-05 2017-10-24 北京优朋普乐科技有限公司 Anti-stealing link method, device and system based on the network terminal
CN207166680U (en) * 2017-09-04 2018-03-30 北京吉视汇通科技有限责任公司 Authorize TV receiving system
CN108076071A (en) * 2015-01-30 2018-05-25 青岛海信传媒网络技术有限公司 A kind of method for accessing radio data system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9232268B2 (en) * 2011-02-23 2016-01-05 Broadcom Corporation Unified video delivery system for supporting IP video streaming service

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN108076071A (en) * 2015-01-30 2018-05-25 青岛海信传媒网络技术有限公司 A kind of method for accessing radio data system
CN107294927A (en) * 2016-04-05 2017-10-24 北京优朋普乐科技有限公司 Anti-stealing link method, device and system based on the network terminal
CN106911676A (en) * 2017-02-10 2017-06-30 北京吉视汇通科技有限责任公司 Multimedia network data processing system
CN207166680U (en) * 2017-09-04 2018-03-30 北京吉视汇通科技有限责任公司 Authorize TV receiving system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Kyeong Gon Ham ; Kam Yong Kim ; Seong Gon Choi.A functional architecture for user-centric multimedia service on Mobile Station.《13th International Conference on Advanced Communication Technology (ICACT2011)》.2011,93-98. *
万兆IP广播技术与G/EPON网络融合构建 10G光纤到户宽带综合业务接入网;张海峰;张黎明;欧阳捷;张立杰;李力;秦幸坚;《有线电视技术》(第346期);112-118 *
广电网络全IP光纤化分配接入网建设实践;陈明; 沈励武; 林剑书;《广播电视网络》(第370期);74-76 *

Also Published As

Publication number Publication date
CN114727155A (en) 2022-07-08

Similar Documents

Publication Publication Date Title
US7072865B2 (en) Broadcast receiving method and apparatus and information distributing method and apparatus
US5742677A (en) Information terminal having reconfigurable memory
JP4216534B2 (en) Time verification system
EP2802152B1 (en) Method for secure processing a stream of encrypted digital audio / video data
US8160248B2 (en) Authenticated mode control
US8619983B2 (en) Digital TV conditional access system and method of using the same for transmitting and receiving digital data
KR102004681B1 (en) Method and multimedia unit for processing a digital broadcast transport stream
EP2506590A1 (en) Authentication Certificates
MXPA04009312A (en) Smart card mating protocol.
US8885825B2 (en) Method of establishing a cryptographic key, network head and receiver for this method, and method of transmitting signals
US7937587B2 (en) Communication terminal apparatus and information communication method
JP2008538462A (en) Multimedia content distribution system and method for apartment houses
CN102356640A (en) Delivering secure iptv services to PC platforms
EP1481548B1 (en) Broadcast network access-management system and method for management of receivers operating within broadcast network
CN103596050A (en) Digital television signal reception system and reception method thereof
KR100902999B1 (en) Method for preserving information of broadcasting chip based on alteration mobile in usim unlock and system thereof
CN103581751A (en) System and method for receiving digital television signals
US20170187522A1 (en) Method for secure transfer of messages
US10609448B2 (en) Authorization and authentication of a device using a television receiver
KR20090056651A (en) Apparatus and method for terminal with multiple conditional access applications in broadcast sysetem
CN114727155B (en) Multimedia data service processing device, system and method based on I-PON
KR20100069373A (en) Conditional access system and method exchanging randon value
US20160165279A1 (en) Method of transmitting messages between distributed authorization server and conditional access module authentication sub-system in renewable conditional access system, and renewable conditional access system headend
CN103237245A (en) Vehicle-mounted DVB (Digital Video Broadcasting) conditional access system for identifying set-top-box identity
KR20120072030A (en) The apparatus and method for remote authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant