CN115086754A - Method for uniformly and safely accessing external network for smart television system - Google Patents
Method for uniformly and safely accessing external network for smart television system Download PDFInfo
- Publication number
- CN115086754A CN115086754A CN202210874114.3A CN202210874114A CN115086754A CN 115086754 A CN115086754 A CN 115086754A CN 202210874114 A CN202210874114 A CN 202210874114A CN 115086754 A CN115086754 A CN 115086754A
- Authority
- CN
- China
- Prior art keywords
- external network
- intelligent television
- party app
- server
- functional program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000012790 confirmation Methods 0.000 claims abstract description 15
- 230000006854 communication Effects 0.000 claims abstract description 14
- 238000004891 communication Methods 0.000 claims abstract description 13
- 230000006870 function Effects 0.000 claims description 12
- 230000000007 visual effect Effects 0.000 claims description 7
- 238000004519 manufacturing process Methods 0.000 claims description 4
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/436—Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4627—Rights management associated to the content
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a method for uniformly and safely accessing an external network by an intelligent television system, which comprises the following steps: after the intelligent television is started and network connection is successful, isolating a functional program in the intelligent television and communication between a third party APP and an external network, and only allowing a message middleware to communicate with a server; the intelligent television logs in the server through the message middleware, and after the login is successful, the server returns confirmation information to the intelligent television; acquiring a functional program allowing communication with an external network and a third party APP according to the confirmation information; adding the obtained functional program and the third party APP into a white list, and communicating the functional program in the smart television and the third party APP with an external network according to the white list; the leakage or property loss of the privacy of the user is prevented, and the use safety of the intelligent television is guaranteed.
Description
Technical Field
The invention relates to the field of intelligent televisions, in particular to a method for uniformly and safely accessing an external network by an intelligent television system.
Background
At present, with the popularization of smart televisions, more and more functions are provided, so that not only can a television be watched, but also some models are provided with cameras, and the functions of video call, home monitoring and the like are realized; the use of a large variety of third party APPs. Media and security forums at home and abroad frequently explode the information security problem of the smart television, and lawless persons can use various potential safety hazards of the smart television to carry out: remote control of the television, remote installation of malicious software, remote monitoring of the home, and the like, cause leakage of user privacy or loss of property.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a method for uniformly and safely accessing an external network to an intelligent television system, so that the leakage of user privacy or property loss is prevented, and the use safety of the intelligent television is ensured.
The invention provides a method for uniformly and safely accessing an external network by an intelligent television system, which comprises the following steps:
step 1, after the intelligent television is started and network connection is successful, isolating communication between a functional program and a third-party APP in the intelligent television and an external network, and only allowing a message middleware to communicate with a server;
step 2, the intelligent television logs in a server through message middleware, and after the login is successful, the server returns confirmation information to the intelligent television;
step 3, acquiring a functional program allowing communication with an external network and a third-party APP according to the confirmation information;
and 4, adding the obtained functional program and the third party APP into a white list, and communicating the functional program and the third party APP in the smart television with the external network according to the white list.
Further, in the step 1, the communication between the functional program in the smart television and the third party APP and the external network is isolated through IPtable.
Further, a DP Center is arranged in the server; the DP Center comprises a DP service platform and a DP management background;
the DP service platform is used for providing an interface service function, supporting the access management of the message middleware and releasing an API (application program interface) interface;
the DP management background is used for configuring and managing data and providing a visual management interface;
the step 2 is further specifically as follows: the intelligent television logs in a DP Center of the server through the message middleware, the DP service platform receives equipment login information transmitted by the message middleware, and after the logging is successful, the DP service platform returns confirmation information to the intelligent television.
Further, the device login information includes: unique identification EUI64, type identification, production serial number, currently set country and language used, and current system software version; whether the intelligent television is legal or not is confirmed through the equipment login information; and the DP Center prestores the equipment login information for comparison.
Further, the confirmation information includes: SSL certificates, keys, a list of service URLs, and parameter information.
Further, an SP Center is arranged in the server; the SP Center comprises an SP service platform and an SP management background;
the SP service platform is used for managing the switch of the corresponding functional program of the smart television and presetting application data of a third-party APP library;
the SP management background is used for configuring and managing data, providing a visual management interface, and adding or deleting a functional program and a third-party APP;
the step 3 is further specifically as follows: the message middleware logs in to the SP Center through a confirmation message, and transmits a function program allowing communication with the external network and the third party APP to the message middleware through the SP Center.
Further, the step 4 is further specifically: and adding the obtained functional program and the third party APP into a white list, wherein the white list is arranged in IPtable, and the functional program and the third party APP in the smart television are communicated with the external network according to the white list.
One or more technical solutions provided in the embodiments of the present invention have at least the following technical effects or advantages:
through keeping apart smart TV and network, later will let smart TV pass through message middleware and server lug connection, set up its whitelist that corresponds through the server for lawless persons even if have changed smart TV's APP, but also can't carry out the networking and use, greatly increased user's safety in utilization.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
The invention will be further described with reference to the following examples with reference to the accompanying drawings.
FIG. 1 is a flow chart of the present invention.
Detailed Description
The technical scheme in the embodiment of the application has the following general idea:
device Portal service platform: an interface service function is provided, access management of the DPClient (DP Client is provided in an SDK form and can be used by other third-party systems, such as an android platform) is supported, and meanwhile, an API (application program interface) interface can be released, so that integration of the third-party systems is facilitated;
device Portal management background: the DP data comprises an equipment serial number and is used for login and equipment login verification; the server can carry out corresponding setting and management through the Device Portal management background;
the Service Portal Service platform provides Service for managing the Homepgae product of the intelligent television, and is a product background management system. The method mainly provides a switch with corresponding functions for the Homepgae product and presets application data of a third-party APP library;
service Portal management background: the data configuration and management center platform provides a visual management interface and can provide function settings: managing services such as Vod columns and CuTv columns of Homepage, switches of advertisement modules, management of third-party APP and the like; the Service Portal management background is used for carrying out corresponding setting and management;
message middleware: the intelligent television is safely accessed to a data channel of an external network, and simultaneously supports a data channel only realizing a message forwarding agent and a data channel supporting a docking private protocol (such as DPClient-SDK).
The method specifically comprises the following steps:
step 1, connecting a network, isolating other functional programs and a third party APP from communicating with an external network after the intelligent television is started and the network connection is successful, and only allowing a message middleware integrated with a DP Client SDK to communicate with a Device Portal service platform; and network isolation is realized through IPtable.
And 2, initiating by the intelligent television equipment firmware, communicating with the DP Server through the DP Client to obtain a Signon result, and returning the Signon result to the equipment firmware in a message notification mode, wherein the DP Signon result is mainly used for verifying whether the visiting equipment is legal or not, and after the verification is passed, returning the equipment to obtain information such as URL (uniform resource locator) addresses and parameters of available services, SSL (security socket layer) certificates and keys.
In the DP sign phase, the device needs to provide the following information to the DPServer through DPClient:
unique identifier EUI64, type identifier, production serial number, currently set country and language used, current system software version;
if the DPServer passes the check, the following information is returned:
the SSL certificate and the secret key used by the equipment end are used for encryption and decryption in the communication process;
a list of available service URLs, comprising:
a、SP signon URL,SP homepage URL
b、IP-EPG(Electronic Program Guide) Signon URL,IP-EPG URL
c、TOU(Terms Of Use) URL;
d. other services such as advertising screensavers, etc.;
a parameter list for signon to SP comprising:
a. basic information such as equipment group, manufacturer, brand, etc.,
b. a TOU (terms Of use) state,
c. other parameters are set for the purpose of setting,
d. a parameter digital signature;
and 3, acquiring a function program list allowing communication with an external network, and acquiring the SP URL address, the certificate and the parameter information from the step 2 to communicate with the SP Server through a message proxy channel of the message middleware so as to acquire the function program list allowed to be used by the corresponding intelligent television equipment.
And 4, acquiring a preset third-party APP, and communicating with the SP Server through the message agent channel of the message middleware by acquiring the SP URL address, the certificate and the parameter information from the step 2, so as to acquire the third-party APP allowed to be used by the corresponding intelligent television equipment.
And 5, adding the functional program and the third-party APP allowed to be used by the intelligent television equipment into a white list, and allowing the functional program and the third-party APP to communicate with an external network.
Example one
As shown in fig. 1, this embodiment provides a method for uniformly and securely accessing an external network to an intelligent television system, where an SP Center and a DP Center are provided in a server; the DP Center comprises a DP service platform and a DP management background; the SP Center comprises an SP service platform and an SP management background; the SP Center and the DP Center are arranged in the server, so that a white list and login of the intelligent television are managed separately in the server, the safety is achieved, and the data are separated, so that the safety is improved; the separation of the service is more beneficial to development and maintenance;
the DP service platform is used for providing an interface service function, supporting the access management of the message middleware and releasing an API (application program interface) interface;
the DP management background is used for configuring and managing data and providing a visual management interface; the DP management background can enable an administrator to manage login data and is used for managing equipment login information pre-stored in the DP management background;
the SP service platform is used for managing the switch of the corresponding functional program of the smart television and presetting application data of a third-party APP library;
the SP management background is used for configuring and managing data, providing a visual management interface, and adding or deleting a functional program and a third-party APP; the device is used for managing the pre-stored confirmation information, and adding or deleting the functional program and the third-party APP;
the method comprises the following steps:
step 1, after the intelligent television is started and network connection is successful, isolating a functional program in the intelligent television and communication between a third party APP and an external network through IPtable, and only allowing a message middleware to communicate with a server;
step 2, the intelligent television logs in a DP Center of the server through the message middleware, the DP service platform receives equipment login information transmitted by the message middleware, and after the logging is successful, the DP service platform returns confirmation information to the intelligent television, wherein the equipment login information comprises: unique identification EUI64, type identification, production serial number, currently set country and language used, and current system software version; whether the intelligent television is legal or not is confirmed through the equipment login information; the DP Center prestores the device login information for comparison, and the confirmation information includes: SSL certificate, secret key, service URL list and parameter information;
step 3, the message middleware logs in the SP Center through the confirmation message, and the functional program allowing communication with the external network and the third-party APP are sent to the message middleware through the SP Center;
and 4, adding the acquired functional program and the third party APP into a white list, wherein the white list is arranged in IPtable, and the functional program in the smart television and the third party APP communicate with the external network according to the white list.
Although specific embodiments of the invention have been described above, it will be understood by those skilled in the art that the specific embodiments described are illustrative only and are not limiting upon the scope of the invention, and that equivalent modifications and variations can be made by those skilled in the art without departing from the spirit of the invention, which is to be limited only by the appended claims.
Claims (7)
1. A method for uniformly and safely accessing an external network by an intelligent television system is characterized by comprising the following steps:
step 1, after the intelligent television is started and network connection is successful, isolating communication between a functional program and a third-party APP in the intelligent television and an external network, and only allowing a message middleware to communicate with a server;
step 2, the intelligent television logs in the server through the message middleware, and after the login is successful, the server returns confirmation information to the intelligent television;
step 3, acquiring a functional program allowing communication with an external network and a third-party APP according to the confirmation information;
and 4, adding the obtained functional program and the third-party APP into a white list, and communicating the functional program in the smart television and the third-party APP with an external network according to the white list.
2. The method according to claim 1, wherein in step 1, the communication between the external network and the functional programs in the smart tv and the third party APP is isolated by IPTable.
3. The method for unified secure access to external network of smart tv system as claimed in claim 1, wherein the server has a DP Center; the DP Center comprises a DP service platform and a DP management background;
the DP service platform is used for providing an interface service function, supporting the access management of the message middleware and releasing an API (application program interface) interface;
the DP management background is used for configuring and managing data and providing a visual management interface;
the step 2 is further specifically as follows: the intelligent television logs in a DP Center of the server through the message middleware, the DP service platform receives equipment login information transmitted by the message middleware, and after the logging is successful, the DP service platform returns confirmation information to the intelligent television.
4. The method for unified secure access to external network of smart tv system as claimed in claim 3, wherein the device login information comprises: unique identification EUI64, type identification, production serial number, currently set country and language used, and current system software version; whether the intelligent television is legal or not is confirmed through the equipment login information; and the DP Center prestores the equipment login information for comparison.
5. The method according to claim 3, wherein the confirmation message comprises: SSL certificates, keys, a list of service URLs, and parameter information.
6. The method according to claim 3, wherein the server has an SP Center; the SP Center comprises an SP service platform and an SP management background;
the SP service platform is used for managing the switch of the corresponding functional program of the smart television and presetting application data of a third-party APP library;
the SP management background is used for configuring and managing data, providing a visual management interface, and adding or deleting a functional program and a third-party APP;
the step 3 is further specifically as follows: the message middleware logs in to the SP Center by confirming the message, and transmits a function program allowing communication with the external network and the third party APP to the message middleware through the SP Center.
7. The method according to claim 1, wherein the step 4 further specifically comprises: and adding the obtained functional program and the third party APP into a white list, wherein the white list is arranged in IPtable, and the functional program and the third party APP in the smart television are communicated with the external network according to the white list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210874114.3A CN115086754B (en) | 2022-07-25 | 2022-07-25 | Method for uniformly and safely accessing external network for smart television system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210874114.3A CN115086754B (en) | 2022-07-25 | 2022-07-25 | Method for uniformly and safely accessing external network for smart television system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115086754A true CN115086754A (en) | 2022-09-20 |
| CN115086754B CN115086754B (en) | 2022-11-22 |
Family
ID=83242035
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210874114.3A Active CN115086754B (en) | 2022-07-25 | 2022-07-25 | Method for uniformly and safely accessing external network for smart television system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115086754B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003024107A1 (en) * | 2001-09-12 | 2003-03-20 | Icareus Oy | Method and service paltform for a digital television system |
| CN101600086A (en) * | 2008-06-02 | 2009-12-09 | 中国联合网络通信集团有限公司 | Internet television service implementation method, equipment and system |
| US20120036440A1 (en) * | 2008-12-19 | 2012-02-09 | Openpeak Inc. | Supervisory portal systems and methods of operation of same |
| CN105530255A (en) * | 2015-12-16 | 2016-04-27 | 网宿科技股份有限公司 | Method and device for verifying request data |
| CN105763899A (en) * | 2016-01-29 | 2016-07-13 | 四川长虹电器股份有限公司 | Intelligent set top box application management system and method |
| CN106874037A (en) * | 2017-01-13 | 2017-06-20 | 北京奇虎科技有限公司 | application program installation method, device and mobile terminal |
| CN106899547A (en) * | 2015-12-18 | 2017-06-27 | 阿里巴巴集团控股有限公司 | A kind of apparatus operation method and server based on Internet of Things |
| CN109995718A (en) * | 2017-12-29 | 2019-07-09 | 中移(杭州)信息技术有限公司 | A kind of Verification System, method and device |
| US10659434B1 (en) * | 2019-09-24 | 2020-05-19 | Pribit Technology, Inc. | Application whitelist using a controlled node flow |
| US20200285752A1 (en) * | 2019-03-07 | 2020-09-10 | Lookout, Inc. | Quarantine of software based on analysis of updated device data |
-
2022
- 2022-07-25 CN CN202210874114.3A patent/CN115086754B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003024107A1 (en) * | 2001-09-12 | 2003-03-20 | Icareus Oy | Method and service paltform for a digital television system |
| CN101600086A (en) * | 2008-06-02 | 2009-12-09 | 中国联合网络通信集团有限公司 | Internet television service implementation method, equipment and system |
| US20120036440A1 (en) * | 2008-12-19 | 2012-02-09 | Openpeak Inc. | Supervisory portal systems and methods of operation of same |
| CN105530255A (en) * | 2015-12-16 | 2016-04-27 | 网宿科技股份有限公司 | Method and device for verifying request data |
| CN106899547A (en) * | 2015-12-18 | 2017-06-27 | 阿里巴巴集团控股有限公司 | A kind of apparatus operation method and server based on Internet of Things |
| CN105763899A (en) * | 2016-01-29 | 2016-07-13 | 四川长虹电器股份有限公司 | Intelligent set top box application management system and method |
| CN106874037A (en) * | 2017-01-13 | 2017-06-20 | 北京奇虎科技有限公司 | application program installation method, device and mobile terminal |
| CN109995718A (en) * | 2017-12-29 | 2019-07-09 | 中移(杭州)信息技术有限公司 | A kind of Verification System, method and device |
| US20200285752A1 (en) * | 2019-03-07 | 2020-09-10 | Lookout, Inc. | Quarantine of software based on analysis of updated device data |
| US10659434B1 (en) * | 2019-09-24 | 2020-05-19 | Pribit Technology, Inc. | Application whitelist using a controlled node flow |
Non-Patent Citations (3)
| Title |
|---|
| 赵长春: ""广电网络多终端视频服务平台的设计与实现"", 《广播与电视技术》 * |
| 陈卫平: ""一种面向融合媒体的PGC移动终端安全防护方法"", 《网络空间安全》 * |
| 陈大炜: ""IPTV及其门户平台解决方案"", 《电视技术》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115086754B (en) | 2022-11-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2291581C2 (en) | Method for equal connection of devices in dynamically operating home networks | |
| CN101517975B (en) | By IPTV and home network being connected to each other the method and apparatus that send/receive content | |
| EP1955481B1 (en) | Device management method using broadcast channel | |
| CN107682238B (en) | Intelligent household platform equipment and terminal electronic equipment | |
| US20160352751A1 (en) | Method for controlling access to a service | |
| CN102986239B (en) | For the system and method using the information obtained from subscriber device to authorize the access to network service | |
| US20060143295A1 (en) | System, method, mobile station and gateway for communicating with a universal plug and play network | |
| CN106685947B (en) | Access method and system for private cloud equipment of smart television | |
| CN105682253A (en) | Method and equipment for communication establishment, terminal and computer readable storage medium | |
| EP2408140B1 (en) | Method, control point, apparatus and communication system for configuring access right | |
| US20190089693A1 (en) | Systems and methods for authenticating internet-of-things devices | |
| CN111601306A (en) | Secure wireless communication between a controller and an accessory | |
| CN102177676A (en) | System and method for setting up security for controlled device by control point in a home network | |
| CN104601589A (en) | Method of accessing broadcast television system, terminal and network side server | |
| EP1624622A1 (en) | Inter-device authentication system, inter-device authentication method, communication device, and computer program | |
| CN101788918A (en) | Method and device for managing television Widget | |
| US11582104B2 (en) | Configuration settings management in a network environment | |
| CN115086754B (en) | Method for uniformly and safely accessing external network for smart television system | |
| CN111492358B (en) | Device authentication | |
| CN103686232A (en) | Resource address processing method and device, and authentication server and intelligent television | |
| JP7416481B2 (en) | Establishing a connection between a first application on a first device and a second application on a second device | |
| KR100912537B1 (en) | System and Method for remote control of IPTV terminal | |
| KR101499547B1 (en) | Method and apparatus for ensuring security of user interface session using out of band communication | |
| WO2024037227A1 (en) | Method and apparatus for displaying application program, and electronic device and computer-readable storage medium | |
| US20240163293A1 (en) | Communication protocols over internet protocol (ip) networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |