WO2021109998A1 - Media content transmission method and apparatus, and storage medium - Google Patents

Media content transmission method and apparatus, and storage medium Download PDF

Info

Publication number
WO2021109998A1
WO2021109998A1 PCT/CN2020/133132 CN2020133132W WO2021109998A1 WO 2021109998 A1 WO2021109998 A1 WO 2021109998A1 CN 2020133132 W CN2020133132 W CN 2020133132W WO 2021109998 A1 WO2021109998 A1 WO 2021109998A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
server
public key
media content
request signaling
Prior art date
Application number
PCT/CN2020/133132
Other languages
French (fr)
Chinese (zh)
Inventor
卢正宇
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2021109998A1 publication Critical patent/WO2021109998A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/14Systems for two-way working
    • H04N7/15Conference systems
    • H04N7/152Multipoint control units therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/14Systems for two-way working
    • H04N7/15Conference systems

Definitions

  • the embodiments of the present disclosure relate to the field of communication technologies, and in particular, to a method for transmitting media content.
  • Video conference usually refers to a real-time, two-way or multi-party visual communication conference based on terminal equipment and a conference multipoint control unit MCU (Multipoint Control Unit).
  • MCU Multipoint Control Unit
  • video conferencing has gradually realized technical solutions such as large-capacity user access, high bandwidth occupancy, and one-key conference.
  • video conferencing is widely used in remote meetings, training and teaching.
  • the current video conferencing solutions in the industry have security risks.
  • the commonly used scheme is that the server sends the URL address to the terminal, and the terminal requests media content from the server through the URL address.
  • the illegal terminal can obtain the URL address of the media content through network packet interception or other means, and make an illegal media content request to the server through the URL address.
  • the existing solutions cannot meet the security requirements of the video conference.
  • the purpose of the embodiments of the present disclosure is to provide a media content transmission method, so that illegal terminals cannot learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
  • the embodiments of the present disclosure provide a media content transmission method, including: generating a server public key private key pair, wherein the server public key private key pair includes a server public key and a server public key. Private key; send the server public key to the terminal, and receive the terminal public key generated by the terminal; use the terminal public key to encrypt the media address to obtain the encrypted media address, and send the encrypted media address to all The terminal; obtain the encryption request signaling sent by the terminal, where the encryption request signaling is the media content request signaling encrypted by the terminal using the server public key; the server private key is used to decrypt the The encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
  • Embodiments of the present disclosure also provide a method for transmitting media content, including: generating a terminal public key private key pair, wherein the terminal public key private key pair includes a terminal public key and a terminal private key; and sending the terminal public key and private key to the server.
  • Terminal public key and receiving the server public key generated by the server obtaining the encrypted media address sent by the server, where the encrypted media address is the media address encrypted by the server using the terminal public key;
  • the terminal private key decrypts the encrypted media address to generate media content request signaling for requesting media content from the media address; encrypts the media content request signaling by using the server public key to obtain an encryption request message Command, and send the encryption request signaling to the server; receive the media content pushed by the server.
  • Embodiments of the present disclosure also provide a media content delivery device, including: at least one processor; and, a memory communicatively connected with the at least one processor; wherein the memory stores the memory that can be processed by the at least one processor; The instructions are executed by the at least one processor, so that the at least one processor can execute the aforementioned media content delivery method.
  • the embodiment of the present disclosure also provides a media content transmission method, including: the server generates a server public key private key pair, and the terminal generates a terminal public key private key pair, wherein the server public key private key pair includes The server public key and the server private key, the terminal public key-private key pair includes the terminal public key and the terminal private key; the server sends the server public key to the terminal, and the terminal sends the terminal public key to the terminal The server; the server uses the terminal public key to encrypt the media address to obtain the encrypted media address, and sends the encrypted media address to the terminal; the terminal obtains the encrypted media address sent by the server and uses the terminal private Key to decrypt the encrypted media address, generate media content request signaling for requesting media content from the media address, encrypt the media content request signaling by using the server public key to obtain the encryption request signaling, and The encryption request signaling is sent to the server; the server obtains the encryption request signaling sent by the terminal, decrypts the encryption request signaling using the server private key, and encrypts the encryption
  • the embodiments of the present disclosure also provide a computer-readable storage medium that stores a computer program, and when the computer program is executed by a processor, the media content transmission method described above is implemented.
  • the embodiment of the present disclosure uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring the transfer process of the media address from the server to the terminal
  • the media address will not be illegally intercepted;
  • the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is transmitted from the terminal to the server Not to be monitored; so that illegal terminals can neither learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
  • Fig. 1 is a flowchart of a media content delivery method according to a first embodiment of the present disclosure
  • FIG. 2 is a schematic diagram of the process of the server sending the server public key to the terminal according to the first embodiment of the present disclosure
  • FIG. 3 is a schematic diagram of the process of receiving the public key of the terminal by the server according to the first embodiment of the present disclosure
  • FIG. 4 is a schematic diagram of the process of sending a media address from a server to a terminal according to the first embodiment of the present disclosure
  • FIG. 5 is a schematic diagram of the process of decrypting the encrypted request signaling by the server according to the first embodiment of the present disclosure
  • Fig. 6 is a flowchart of a media content delivery method according to a second embodiment of the present disclosure.
  • FIG. 7 is a structural block diagram of a media content delivery apparatus according to a third embodiment of the present disclosure.
  • FIG. 8 is a flowchart of a media content delivery method according to a fourth embodiment of the present disclosure.
  • FIG. 9 is a schematic diagram of a process of sending a terminal public key to a server by a terminal according to a fourth embodiment of the present disclosure.
  • FIG. 10 is a schematic diagram of a process of decrypting an encrypted media address by a terminal according to a fourth embodiment of the present disclosure.
  • FIG. 11 is a schematic flowchart of a request signaling sent by a terminal according to a fourth embodiment of the present disclosure.
  • FIG. 12 is a flowchart of a media content delivery method according to a fifth embodiment of the present disclosure.
  • FIG. 13 is a structural block diagram of a media content transmission device according to a sixth embodiment of the present disclosure.
  • FIG. 14 is a flowchart of a media content delivery method according to a seventh embodiment of the present disclosure.
  • Fig. 15 is a network structure diagram of a video live broadcast system according to a seventh embodiment of the present disclosure.
  • the first embodiment of the present disclosure relates to a media content transmission method, including: generating a server public key private key pair, wherein the server public key private key pair includes the server public key and the server private key; sending to the terminal The server public key and receive the terminal public key generated by the terminal; use the terminal public key to encrypt the media address to obtain the encrypted media address, and send the encrypted media address to the terminal; obtain the The encryption request signaling sent by the terminal, where the encryption request signaling is media content request signaling encrypted by the terminal using the server public key; the encryption request signaling is decrypted using the server private key, And after the decryption is completed, the media content requested by the encryption request signaling is pushed to the terminal.
  • the media content delivery method in this embodiment is applied to the server. As shown in Figure 1, the method specifically includes the following steps:
  • Step 101 Generate a server-side public key and private key pair.
  • the server in this step, the server generates a server public key private key pair.
  • the public key private key pair is a key pair (that is, a public key and a private key) obtained through an algorithm.
  • the public is called the public key; the other reserved is called the private key.
  • the key pair obtained by this algorithm can be guaranteed to be unique in the world.
  • the server When using this key pair, if a piece of data is encrypted with a public key, to obtain this piece of data, it must be decrypted with a private key.
  • the server generates a server public key private key pair through a preset algorithm, and the public key private key pair includes the server public key and the server private key.
  • Step 102 Send the server public key to the terminal, and receive the terminal public key.
  • the received terminal public key is generated by the terminal, and the server uses the terminal public key to encrypt the data of the sending terminal, ensuring that only the terminal can obtain the data by decrypting with the corresponding terminal private key.
  • the process of the server sending the server public key to the terminal is shown in Figure 2.
  • the server and the terminal use TR069 (Technical Report-069) communication protocol to communicate. After the server generates the server public key, it sends the server public key to the terminal through a TR069 message. After the terminal successfully receives the server public key, it returns the successful reception through the TR069 message.
  • TR069 Technical Report-069
  • the server receives the registration information of the terminal, where the registration information carries the terminal public key; verifies whether the registration information is legal, and if so, records the terminal public key and feeds back the registration success information to the terminal.
  • the server and the terminal establish communication with the SIP (Session Initiation Protocol).
  • the terminal encapsulates the terminal public key in the SIP registration message sent to the server.
  • the server verifies whether the SIP registration message is legal. If it is, save the SIP registration message.
  • the public key of the terminal and feedback the successful registration message to the terminal.
  • Step 103 Use the terminal public key to encrypt the media address, and send the encrypted media address to the terminal.
  • the transmitted media content is the live media of the video conference
  • the server encrypts the media address and sends the media address to the terminal as shown in Figure 4.
  • the server includes a live broadcast platform and a service platform.
  • the live broadcast platform sends the media address to the service platform.
  • the service then uses the terminal public key to encrypt the media address and sends the encrypted media address to the terminal.
  • Step 104 Obtain the encryption request signaling sent by the terminal.
  • the encryption request signaling is obtained by the terminal encrypting the request signaling by using the server public key.
  • the media content requested by the request signaling is the media content requested by the encrypted media address sent by the server to the terminal in step 103.
  • Step 105 Use the private key of the server to decrypt the encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
  • the received encryption request signaling is encrypted by the server public key, and the server uses the server private key to decrypt the request signaling.
  • the server uses the server private key to decrypt the request signaling.
  • the server live broadcast platform receives the encryption After the request signaling, the server private key is used to decrypt the request signaling, and the media content is sent to the terminal after the decryption is successful.
  • the transmitted media content is the live content of the video conference.
  • the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal.
  • the media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server.
  • the second embodiment of the present disclosure relates to a media content transmission method.
  • the second embodiment is roughly the same as the first embodiment, except that, before generating the server public key and private key pair, the method further includes: The terminal performs key agreement.
  • a media content transmission method in this embodiment is shown in FIG. 6. It includes the following steps:
  • Step 201 Perform key negotiation with the terminal.
  • the method provided in this embodiment is suitable for terminals that support key agreement through signaling.
  • the server and the terminal conduct key agreement through signaling.
  • Step 202 Generate a server public key and private key pair.
  • Step 203 Send the server public key to the terminal, and receive the terminal public key.
  • Step 204 Use the terminal public key to encrypt the media address, and send the encrypted media address to the terminal.
  • Step 205 Obtain the encryption request signaling sent by the terminal.
  • Step 206 Use the server private key to decrypt the encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
  • Steps 202 to 206 are substantially the same as steps 101 to 105 in the first embodiment, respectively, and in order to avoid repetition, they will not be repeated here.
  • the server performs key agreement with the terminal before generating the public key key pair, and establishes the session key together. Both the server and the terminal affect the result, and there is no need for any Trusted third party.
  • the third embodiment of the present disclosure relates to a media content transmission device. As shown in FIG. 7, it includes at least one processor 301; and a memory 302 communicatively connected with at least one processor 301; An instruction executed by one processor 301 is executed by at least one processor 301, so that at least one processor 301 can execute the media content transmission method in the first embodiment or the second embodiment.
  • the memory 302 and the processor 301 are connected in a bus manner, and the bus may include any number of interconnected buses and bridges, and the bus connects one or more various circuits of the processor 301 and the memory 302 together.
  • the bus can also connect various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all well-known in the art, and therefore, no further description will be given herein.
  • the bus interface provides an interface between the bus and the transceiver.
  • the transceiver may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on the transmission medium.
  • the data processed by the processor 301 is transmitted on the wireless medium through the antenna, and further, the antenna also receives the data and transmits the data to the processor 301.
  • the processor 301 is responsible for managing the bus and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions.
  • the memory 302 may be configured to store data used by the processor 301 when performing operations.
  • the fourth embodiment of the present disclosure relates to yet another media content transmission method, including: generating a terminal public key private key pair, wherein the terminal public key private key pair includes the terminal public key and the terminal private key; The terminal public key and receiving the server public key generated by the server; obtaining an encrypted media address sent by the server, where the encrypted media address is a media address encrypted by the server using the terminal public key; Use the terminal private key to decrypt the encrypted media address to generate media content request signaling for requesting media content from the media address; use the server public key to encrypt the media content request signaling to obtain an encryption request And send the encryption request signaling to the server; receive the media content pushed by the server.
  • the media content transmission method in this embodiment is applied to a terminal device. As shown in FIG. 8, the method specifically includes the following steps:
  • Step 401 Generate a terminal public key and private key pair.
  • Step 402 Send the terminal public key to the server, and receive the server public key.
  • the terminal and the server establish communication through the SIP protocol.
  • the terminal includes a key processing module and a protocol processing module.
  • the key processing module generates a terminal public key, and then sends the terminal public key to the protocol processing module.
  • the protocol processing module encapsulates the terminal public key in a SIP registration message and carries the terminal.
  • the SIP registration message of the public key is sent to the server, and the server receives the SIP registration message and extracts the terminal public key in the message, and then feeds back a message that the terminal is registered successfully.
  • Step 403 Obtain the encrypted media address sent by the server.
  • the encrypted media address is obtained by encrypting the media address by the server using the terminal public key.
  • Step 404 Decrypt the encrypted media address by using the private key of the terminal, and generate a request signaling for the media content of the media address.
  • the terminal uses the terminal private key to decrypt the encrypted media address as shown in Figure 10.
  • the key processing module of the terminal uses the private key of the terminal to decrypt the media address encrypted by the public key of the terminal, and sends the decrypted media address to the protocol processing module, and the protocol processing module generates a media content request message according to the media address. make.
  • Step 405 Use the server public key to encrypt the media content request signaling, and send the encrypted request signaling to the server.
  • the process in which the terminal uses the server public key to encrypt the media content request signaling is shown in Figure 11.
  • the key processing module of the terminal encrypts the media request signaling by using the server public key, and then sends the encrypted media request signaling to the protocol processing module, and the protocol processing module sends the encrypted media request signaling to the protocol processing module.
  • Media address the process in which the terminal uses the server public key to encrypt the media content request signaling.
  • Step 406 Receive media content pushed by the server.
  • the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal.
  • the media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server.
  • the fifth embodiment of the present disclosure relates to a media content transmission method.
  • the fifth embodiment is substantially the same as the fourth embodiment, except that, before generating a terminal public key private key pair, it also includes: The end performs key agreement.
  • a media content transmission method in this embodiment is shown in FIG. 12. It includes the following steps:
  • Step 501 Perform key negotiation with the server.
  • the method provided in this embodiment is suitable for terminals that support key agreement through signaling.
  • the server and the terminal conduct key agreement through signaling.
  • Step 502 Generate a terminal public key and private key pair.
  • Step 503 Send the terminal public key to the server, and receive the server public key.
  • Step 504 Obtain the encrypted media address sent by the server.
  • Step 505 Use the private key of the terminal to decrypt the encrypted media address, and generate a request signaling for the media content of the media address.
  • Step 506 Use the server public key to encrypt the media content request signaling, and send the encrypted request signaling to the server.
  • Step 507 Receive media content pushed by the server.
  • Steps 502 to 507 are substantially the same as steps 401 to 406 in the fourth embodiment, respectively. To avoid repetition, they will not be repeated here.
  • the terminal conducts key agreement with the terminal before generating the public key key pair, and establishes the session key together. Both the server and the terminal affect the result, and there is no need for any data. Third party of the letter.
  • the sixth embodiment of the present disclosure relates to a media content transmission device. As shown in FIG. 13, it includes at least one processor 601; and, a memory 602 communicatively connected with at least one processor 601; An instruction executed by one processor 601 is executed by at least one processor 601, so that the at least one processor 601 can execute the media content transmission method in the fourth embodiment or the fifth embodiment.
  • the memory 602 and the processor 601 are connected in a bus manner.
  • the bus may include any number of interconnected buses and bridges, and the bus connects one or more various circuits of the processor 601 and the memory 602 together.
  • the bus can also connect various other circuits such as peripheral devices, voltage regulators, and power management circuits, etc., which are all known in the art, so they will not be further described in this article.
  • the bus interface provides an interface between the bus and the transceiver.
  • the transceiver may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on the transmission medium.
  • the data processed by the processor 601 is transmitted on the wireless medium through the antenna, and further, the antenna also receives the data and transmits the data to the processor 601.
  • the processor 601 is responsible for managing the bus and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions.
  • the memory 602 may be configured to store data used by the processor 601 when performing operations.
  • the seventh embodiment of the present disclosure relates to a media content transmission method, including: the server generates a server public key private key pair, and the terminal generates a terminal public key private key pair, wherein the server public key private key pair includes the service The terminal public key and the server private key, the terminal public key-private key pair includes the terminal public key and the terminal private key; the server sends the server public key to the terminal, and the terminal sends the terminal public key to the terminal Server; the server uses the terminal public key to encrypt the media address to obtain the encrypted media address, and sends the encrypted media address to the terminal; the terminal obtains the encrypted media address sent by the server and uses the terminal private key Decrypt the encrypted media address, generate media content request signaling for requesting media content from the media address, encrypt the media content request signaling by using the server public key to obtain the encryption request signaling, and combine all The encryption request signaling is sent to the server; the server obtains the encryption request signaling sent by the terminal, uses the server private key to decrypt the encryption request signaling, and sends
  • the media content transmission method in this embodiment is applied to a video conference system including a server and a terminal. As shown in FIG. 14, the method specifically includes the following steps:
  • Step 701 The server generates a server public key private key pair, and the terminal generates a terminal public key private key pair.
  • the server public key and private key pair includes the server public key and the server private key
  • the terminal public key and private key pair includes the terminal public key and the terminal private key
  • Step 702 The server sends the server public key to the terminal, and the terminal sends the terminal public key to the server.
  • Step 703 The server encrypts the media address using the terminal public key, and sends the encrypted media address to the terminal.
  • Step 704 The terminal obtains the encrypted media address, and decrypts the media address by using the private key of the terminal.
  • Step 705 The terminal generates the request signaling for the media content of the media address, encrypts the request signaling with the server public key, and sends it to the server.
  • Step 706 The server obtains the encrypted request signaling, decrypts the request signaling using the server private key, and then pushes the media content to the terminal.
  • Step 707 The terminal receives the media content pushed by the server.
  • Step 704 and step 706 are roughly the same as step 103 and step 105 in the first embodiment, respectively.
  • Step 704, step 705, and step 707 are roughly the same as step 404, step 405, and step 406 in the fourth embodiment, respectively. To avoid repetition, I will not repeat them one by one here.
  • the server generates the server public key and private key pair. Before the terminal generates the terminal public key and private key pair, it may also include: the server and the terminal perform key negotiation. For terminals that support the negotiation of secret keys through signaling, the server and terminal conduct key negotiation with the terminal before generating a public key key pair to jointly establish a session key. Both the server and the terminal affect the result, and there is no need Any trusted third party.
  • the media content transmitted in this embodiment is the live content of the video conference.
  • the server and multiple terminals constitute a video conference system.
  • the network structure of the system is shown in FIG. 15.
  • the server includes two modules, a live broadcast platform and a service platform.
  • One server establishes communication with multiple terminals, and each terminal transmits live media content to the server through the above-mentioned embodiment.
  • the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal.
  • the media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server.
  • the eighth embodiment of the present disclosure relates to a computer-readable storage medium storing a computer program.
  • the computer program is executed by the processor, any one of the foregoing media content transmission method embodiments is implemented.
  • the program is stored in a storage medium and includes several instructions to enable a device ( It may be a single-chip microcomputer, a chip, etc.) or a processor (processor) to execute all or part of the steps of the methods described in the various embodiments of the present disclosure.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks and other media that can store program codes. .

Abstract

Embodiments of the present disclosure relate to the technical field of communications. Disclosed is a media content transmission method, comprising: generating a server public key-private key pair, the server public key-private key pair comprising a server public key and a server private key; sending the server public key to a terminal, and receiving a terminal public key generated by the terminal; encrypting a media address using the terminal public key to obtain an encrypted media address, and sending the encrypted media address to the terminal; obtaining encrypted request signaling sent from the terminal, the encrypted request signaling being media content request signaling encrypted by the terminal using the server public key; decrypting the encrypted request signaling using the server private key, and pushing to the terminal the media content requested by the encrypted request signaling after the decryption is completed. The present disclosure also provides a media content transmission apparatus and a storage medium. The media content transmission method and apparatus as well as the storage medium provided by the present disclosure can improve the security of media content network interaction.

Description

媒体内容传送方法、装置和存储介质Media content transmission method, device and storage medium 技术领域Technical field
本公开实施例涉及通信技术领域,特别涉及一种媒体内容传送方法。The embodiments of the present disclosure relate to the field of communication technologies, and in particular, to a method for transmitting media content.
背景技术Background technique
视频会议,通常指基于终端设备和会议多点控制单元MCU(Multipoint Control Unit)来召开的实时、双向或多方的可视通讯会议。随着视频直播技术的快速发展,视频会议逐渐实现了大容量用户接入、高带宽占用和一键入会等技术方案。目前,视频会议广泛用于异地会议、培训和教学当中。Video conference usually refers to a real-time, two-way or multi-party visual communication conference based on terminal equipment and a conference multipoint control unit MCU (Multipoint Control Unit). With the rapid development of live video technology, video conferencing has gradually realized technical solutions such as large-capacity user access, high bandwidth occupancy, and one-key conference. At present, video conferencing is widely used in remote meetings, training and teaching.
然而,当前业界中视频会议的方案存在安全隐患。现在常用的方案都是服务端将URL地址发送给终端,终端通过URL地址向服务端请求媒体内容。非法终端可以通过网络截包或其他手段获取媒体内容URL地址,并通过该URL地址向服务端提出非法的媒体内容请求,现有方案无法满足视频会议的安全性需求。However, the current video conferencing solutions in the industry have security risks. Nowadays, the commonly used scheme is that the server sends the URL address to the terminal, and the terminal requests media content from the server through the URL address. The illegal terminal can obtain the URL address of the media content through network packet interception or other means, and make an illegal media content request to the server through the URL address. The existing solutions cannot meet the security requirements of the video conference.
发明内容Summary of the invention
本公开实施方式的目的在于提供一种媒体内容传送方法,使非法终端既无法获悉媒体内容的地址,也无法向服务端提出非法的媒体内容请求,满足媒体内容网络交互的安全性需求。The purpose of the embodiments of the present disclosure is to provide a media content transmission method, so that illegal terminals cannot learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
为解决上述技术问题,本公开的实施方式提供了一种媒体内容传送方法,包括:生成服务端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥;向终端发送所述服务端公钥,并接收所述终端生成的终端公钥;利用所述终端公钥对媒体地址加密,得到加密媒体地址,并将所述加密媒体地址发送给所述终端;获取所述终端发送的加密请求信令,其中,所述加密请求信令为所述终端利用所述服务端公钥加密的媒体 内容请求信令;利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端。In order to solve the above technical problems, the embodiments of the present disclosure provide a media content transmission method, including: generating a server public key private key pair, wherein the server public key private key pair includes a server public key and a server public key. Private key; send the server public key to the terminal, and receive the terminal public key generated by the terminal; use the terminal public key to encrypt the media address to obtain the encrypted media address, and send the encrypted media address to all The terminal; obtain the encryption request signaling sent by the terminal, where the encryption request signaling is the media content request signaling encrypted by the terminal using the server public key; the server private key is used to decrypt the The encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
本公开的实施方式还提供了一种媒体内容传送方法,包括:生成终端公钥私钥对,其中,所述终端公钥私钥对包括终端公钥和终端私钥;向服务端发送所述终端公钥、并接收所述服务端生成的服务端公钥;获取服务端发送的加密媒体地址,其中,所述加密媒体地址为所述服务端利用所述终端公钥加密的媒体地址;利用所述终端私钥解密所述加密后的媒体地址,生成向所述媒体地址请求媒体内容的媒体内容请求信令;利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;接收所述服务端推送的媒体内容。Embodiments of the present disclosure also provide a method for transmitting media content, including: generating a terminal public key private key pair, wherein the terminal public key private key pair includes a terminal public key and a terminal private key; and sending the terminal public key and private key to the server. Terminal public key and receiving the server public key generated by the server; obtaining the encrypted media address sent by the server, where the encrypted media address is the media address encrypted by the server using the terminal public key; The terminal private key decrypts the encrypted media address to generate media content request signaling for requesting media content from the media address; encrypts the media content request signaling by using the server public key to obtain an encryption request message Command, and send the encryption request signaling to the server; receive the media content pushed by the server.
本公开的实施方式还提供了一种媒体内容传送装置,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使所述至少一个处理器能够执行上述的媒体内容传送方法。Embodiments of the present disclosure also provide a media content delivery device, including: at least one processor; and, a memory communicatively connected with the at least one processor; wherein the memory stores the memory that can be processed by the at least one processor; The instructions are executed by the at least one processor, so that the at least one processor can execute the aforementioned media content delivery method.
本公开的实施方式还提供了一种媒体内容传送方法,包括:服务端生成服务端公钥私钥对、终端生成生成终端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥,所述终端公钥私钥对包括终端公钥和终端私钥;服务端将所述服务端公钥发送给终端,终端将所述终端公钥发送给所述服务端;服务端利用所述终端公钥对媒体地址加密,得到加密媒体地址,并将所述加密媒体地址发送给所述终端;终端获取服务端发送的加密媒体地址、利用所述终端私钥解密所述加密后的媒体地址、生成向所述媒体地址请求媒体内容的媒体内容请求信令、利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;服务端获取所述终端发送的加密请求信令、利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端;终端接收所述服务端推送的媒体内容。The embodiment of the present disclosure also provides a media content transmission method, including: the server generates a server public key private key pair, and the terminal generates a terminal public key private key pair, wherein the server public key private key pair includes The server public key and the server private key, the terminal public key-private key pair includes the terminal public key and the terminal private key; the server sends the server public key to the terminal, and the terminal sends the terminal public key to the terminal The server; the server uses the terminal public key to encrypt the media address to obtain the encrypted media address, and sends the encrypted media address to the terminal; the terminal obtains the encrypted media address sent by the server and uses the terminal private Key to decrypt the encrypted media address, generate media content request signaling for requesting media content from the media address, encrypt the media content request signaling by using the server public key to obtain the encryption request signaling, and The encryption request signaling is sent to the server; the server obtains the encryption request signaling sent by the terminal, decrypts the encryption request signaling using the server private key, and encrypts the encryption request signaling after the decryption is completed The media content requested by the request signaling is pushed to the terminal; the terminal receives the media content pushed by the server.
本公开的实施方式还提供了一种计算机可读存储介质,存储有计算机程序,所述计算机程序被处理器执行时实现上所述的媒体内容传送方法。The embodiments of the present disclosure also provide a computer-readable storage medium that stores a computer program, and when the computer program is executed by a processor, the media content transmission method described above is implemented.
本公开实施方式相对于现有技术而言,服务端使用终端公钥对媒体地址进行加密,使得终端需要使用终端私钥进行解密才能获取媒体地址,从而保证媒体地址自服务端至终端的传送过程中媒体地址不会被非法截获;终端使用服务端公钥对请求信令进行加密,使得服务端使用服务端私钥进行解密才能获取请求信令,保证请求信令自终端至服务端的传送过程中不被监听;使非法终端既无法获悉媒体内容的地址、也无法向服务端提出非法的媒体内容请求,满足媒体内容网络交互的安全性需求。Compared with the prior art, the embodiment of the present disclosure uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring the transfer process of the media address from the server to the terminal The media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is transmitted from the terminal to the server Not to be monitored; so that illegal terminals can neither learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
附图说明Description of the drawings
一个或多个实施例通过与之对应的附图中的图片进行示例性说明,这些示例性说明并不构成对实施例的限定。One or more embodiments are exemplified by the pictures in the corresponding drawings, and these exemplified descriptions do not constitute a limitation on the embodiments.
图1是根据本公开第一实施方式的媒体内容传送方法的流程图;Fig. 1 is a flowchart of a media content delivery method according to a first embodiment of the present disclosure;
图2是根据本公开第一实施方式的服务端向终端发送服务端公钥的流程示意图;FIG. 2 is a schematic diagram of the process of the server sending the server public key to the terminal according to the first embodiment of the present disclosure;
图3是根据本公开第一实施方式的服务端接收终端公钥的流程示意图;FIG. 3 is a schematic diagram of the process of receiving the public key of the terminal by the server according to the first embodiment of the present disclosure;
图4是根据本公开第一实施方式的服务端向终端发送媒体地址的流程示意图;4 is a schematic diagram of the process of sending a media address from a server to a terminal according to the first embodiment of the present disclosure;
图5是根据本公开第一实施方式的服务端对加密请求信令进行解密的流程示意图;FIG. 5 is a schematic diagram of the process of decrypting the encrypted request signaling by the server according to the first embodiment of the present disclosure;
图6是根据本公开第二实施方式的媒体内容传送方法的流程图;Fig. 6 is a flowchart of a media content delivery method according to a second embodiment of the present disclosure;
图7是根据本公开第三实施方式的媒体内容传送装置的结构方框图;FIG. 7 is a structural block diagram of a media content delivery apparatus according to a third embodiment of the present disclosure;
图8是根据本公开第四实施方式的媒体内容传送方法的流程图;FIG. 8 is a flowchart of a media content delivery method according to a fourth embodiment of the present disclosure;
图9是根据本公开第四实施方式的终端向服务器发送终端公钥的流程示意图;FIG. 9 is a schematic diagram of a process of sending a terminal public key to a server by a terminal according to a fourth embodiment of the present disclosure;
图10是根据本公开第四实施方式的终端对加密媒体地址进行解密的流程示意图;FIG. 10 is a schematic diagram of a process of decrypting an encrypted media address by a terminal according to a fourth embodiment of the present disclosure;
图11是根据本公开第四实施方式的终端发送请求信令的流程示意图;FIG. 11 is a schematic flowchart of a request signaling sent by a terminal according to a fourth embodiment of the present disclosure;
图12是根据本公开第五实施方式的媒体内容传送方法的流程图;FIG. 12 is a flowchart of a media content delivery method according to a fifth embodiment of the present disclosure;
图13是根据本公开第六实施方式的媒体内容传送装置的结构框图;FIG. 13 is a structural block diagram of a media content transmission device according to a sixth embodiment of the present disclosure;
图14是根据本公开第七实施方式的媒体内容传送方法的流程图;FIG. 14 is a flowchart of a media content delivery method according to a seventh embodiment of the present disclosure;
图15是根据本公开第七实施方式的视频直播系统的组网结构图。Fig. 15 is a network structure diagram of a video live broadcast system according to a seventh embodiment of the present disclosure.
具体实施方式Detailed ways
为使本公开实施例的目的、技术方案和优点更加清楚,下面将结合附图对本公开的各实施方式进行详细的阐述。然而,本领域的普通技术人员可以理解,在本公开各实施方式中,为了使读者更好地理解本公开而提出了许多技术细节。但是,即使没有这些技术细节和基于以下各实施方式的种种变化和修改,也可以实现本公开所要求保护的技术方案。以下各个实施例的划分是为了描述方便,不应对本公开的具体实现方式构成任何限定,各个实施例在不矛盾的前提下可以相互结合相互引用。In order to make the objectives, technical solutions, and advantages of the embodiments of the present disclosure clearer, the various embodiments of the present disclosure will be described in detail below with reference to the drawings. However, a person of ordinary skill in the art can understand that in each embodiment of the present disclosure, many technical details are proposed for the reader to better understand the present disclosure. However, even without these technical details and various changes and modifications based on the following embodiments, the technical solution claimed by the present disclosure can be realized. The following divisions of the various embodiments are for convenience of description, and should not constitute any limitation on the specific implementation of the present disclosure, and the various embodiments may be combined with each other without contradiction.
本公开第一实施方式涉及一种媒体内容传送方法,包括:生成服务端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥;向终端发送所述服务端公钥,并接收所述终端生成的终端公钥;利用所述终端公钥对媒体地址加密,得到加密媒体地址,并将所述加密媒体地址发送给所述终端;获取所述终端发送的加密请求信令,其中,所述加密请求信令为所述终端利用所述服务端公钥加密的媒体内容请求信令;利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端。The first embodiment of the present disclosure relates to a media content transmission method, including: generating a server public key private key pair, wherein the server public key private key pair includes the server public key and the server private key; sending to the terminal The server public key and receive the terminal public key generated by the terminal; use the terminal public key to encrypt the media address to obtain the encrypted media address, and send the encrypted media address to the terminal; obtain the The encryption request signaling sent by the terminal, where the encryption request signaling is media content request signaling encrypted by the terminal using the server public key; the encryption request signaling is decrypted using the server private key, And after the decryption is completed, the media content requested by the encryption request signaling is pushed to the terminal.
下面对本实施方式的一种媒体内容传送方法的实现细节进行具体的说明,以下内容仅为方便理解提供的实现细节,并非实施本方案的必须。The following specifically describes the implementation details of a media content transmission method of this embodiment. The following content is only provided for ease of understanding and is not necessary for implementing this solution.
本实施方式中的媒体内容传送方法应用于服务端,如图1所示,该方 法具体包括以下步骤:The media content delivery method in this embodiment is applied to the server. As shown in Figure 1, the method specifically includes the following steps:
步骤101:生成服务端公钥私钥对。Step 101: Generate a server-side public key and private key pair.
具体地说,在本步骤中,服务端生成服务端公钥私钥对,公钥私钥对是通过一种算法得到的一个密钥对(即一个公钥和一个私钥)其中的一个向外界公开,称为公钥;另一个保留,称为私钥。通过这种算法得到的密钥对能保证在世界范围内是唯一的。使用这个密钥对的时候,如果用公钥加密一段数据,要获取这段数据,则必须用私钥解密。在本步骤中,服务端通过预设算法生成服务端公钥私钥对,公钥私钥对包括服务端公钥和服务端私钥。Specifically, in this step, the server generates a server public key private key pair. The public key private key pair is a key pair (that is, a public key and a private key) obtained through an algorithm. The public is called the public key; the other reserved is called the private key. The key pair obtained by this algorithm can be guaranteed to be unique in the world. When using this key pair, if a piece of data is encrypted with a public key, to obtain this piece of data, it must be decrypted with a private key. In this step, the server generates a server public key private key pair through a preset algorithm, and the public key private key pair includes the server public key and the server private key.
步骤102:向终端发送服务端公钥,并接收终端公钥。Step 102: Send the server public key to the terminal, and receive the terminal public key.
具体地说,接收的终端公钥由终端生成,服务端利用终端公钥对发送终端的数据进行加密,保证只有终端利用对应的终端私钥进行解密才能获取该数据。Specifically, the received terminal public key is generated by the terminal, and the server uses the terminal public key to encrypt the data of the sending terminal, ensuring that only the terminal can obtain the data by decrypting with the corresponding terminal private key.
在本步骤中,服务端向终端发送服务端公钥的过程如图2所示。该服务端与终端利用TR069(Technical Report-069)通信协议进行通信。服务端在生成服务端公钥之后,通过TR069消息将服务端公钥发送给终端,终端在成功接收服务端公钥后再通过TR069消息反馈接收成功。In this step, the process of the server sending the server public key to the terminal is shown in Figure 2. The server and the terminal use TR069 (Technical Report-069) communication protocol to communicate. After the server generates the server public key, it sends the server public key to the terminal through a TR069 message. After the terminal successfully receives the server public key, it returns the successful reception through the TR069 message.
在本步骤中,服务端接收终端的注册信息,其中,所述注册信息携带有所述终端公钥;验证注册信息是否合法,若是,则记录终端公钥并向终端反馈注册成功信息。如图3所示。服务器与终端利用会话发起协议SIP(Session Initiation Protocol,会话初始协议)建立通信。终端将终端公钥封装于向服务端发送的SIP注册消息中,服务端在接收到携带有终端公钥的SIP注册消息后,验证SIP注册消息是否合法,如果是,则保存SIP注册消息中携带的终端公钥,并向终端反馈注册成功的消息。In this step, the server receives the registration information of the terminal, where the registration information carries the terminal public key; verifies whether the registration information is legal, and if so, records the terminal public key and feeds back the registration success information to the terminal. As shown in Figure 3. The server and the terminal establish communication with the SIP (Session Initiation Protocol). The terminal encapsulates the terminal public key in the SIP registration message sent to the server. After receiving the SIP registration message carrying the terminal public key, the server verifies whether the SIP registration message is legal. If it is, save the SIP registration message. The public key of the terminal and feedback the successful registration message to the terminal.
步骤103:利用终端公钥对媒体地址进行加密,并将加密媒体地址发送给终端。Step 103: Use the terminal public key to encrypt the media address, and send the encrypted media address to the terminal.
在本步骤中,传送的媒体内容为视频会议的直播媒体,服务端对媒体 地址进行加密并将媒体地址发送给终端的过程如图4所示。本实施方式中,服务端包括直播平台和业务平台,直播平台将媒体地址发送给业务平台,业务再利用终端公钥对媒体地址进行加密,并将加密的媒体地址发送给终端。In this step, the transmitted media content is the live media of the video conference, and the server encrypts the media address and sends the media address to the terminal as shown in Figure 4. In this embodiment, the server includes a live broadcast platform and a service platform. The live broadcast platform sends the media address to the service platform. The service then uses the terminal public key to encrypt the media address and sends the encrypted media address to the terminal.
步骤104:获取终端发送的加密请求信令。Step 104: Obtain the encryption request signaling sent by the terminal.
在实际的应用场景下,所述加密请求信令为终端利用服务端公钥对请求信令进行加密得到的。该请求信令所请求的媒体内容为步骤103中服务端发送给终端的加密媒体地址请求的媒体内容。In an actual application scenario, the encryption request signaling is obtained by the terminal encrypting the request signaling by using the server public key. The media content requested by the request signaling is the media content requested by the encrypted media address sent by the server to the terminal in step 103.
步骤105:利用服务端私钥解密该加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给终端。Step 105: Use the private key of the server to decrypt the encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
具体地说,接收到的加密请求信令是经由服务器公钥加密过的,服务端使用服务端私钥可对该请求信令进行解密,如图5所示,服务端的直播平台在接收到加密的请求信令后,利用服务器私钥对该请求信令进行解密,并在解密成功后发送媒体内容给终端。在本步骤中,传送的媒体内容为视频会议的直播内容。Specifically, the received encryption request signaling is encrypted by the server public key, and the server uses the server private key to decrypt the request signaling. As shown in Figure 5, the server’s live broadcast platform receives the encryption After the request signaling, the server private key is used to decrypt the request signaling, and the media content is sent to the terminal after the decryption is successful. In this step, the transmitted media content is the live content of the video conference.
本实施方式相对于现有技术而言,服务端使用终端公钥对媒体地址进行加密,使得终端需要使用终端私钥进行解密才能获取媒体地址,从而保证媒体地址自服务端至终端的传送过程中媒体地址不会被非法截获;终端使用服务端公钥对请求信令进行加密,使得服务端使用服务端私钥进行解密才能获取请求信令,保证请求信令自终端至服务端的传送过程中不被监听;使非法终端既无法获悉媒体内容的地址、也无法向服务端提出非法的媒体内容请求,满足媒体内容网络交互的安全性需求。Compared with the prior art, the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal. The media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server. Being monitored; so that illegal terminals cannot learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
本公开的第二实施方式涉及一种媒体内容传送方法,第二实施方式与第一实施方式大致相同,不同之处在于,所述生成服务端公钥私钥对之前,还包括:与所述终端进行密钥协商。The second embodiment of the present disclosure relates to a media content transmission method. The second embodiment is roughly the same as the first embodiment, except that, before generating the server public key and private key pair, the method further includes: The terminal performs key agreement.
本实施方式中的一种媒体内容传送方法如图6所示。具体包括以下步 骤:A media content transmission method in this embodiment is shown in FIG. 6. It includes the following steps:
步骤201:与终端进行密钥协商。Step 201: Perform key negotiation with the terminal.
具体地说,本实施方式提供的方法适用于支持通过信令进行密钥协商的终端,在此步骤中,服务端与终端通过信令进行密钥协商。Specifically, the method provided in this embodiment is suitable for terminals that support key agreement through signaling. In this step, the server and the terminal conduct key agreement through signaling.
步骤202:生成服务端公钥私钥对。Step 202: Generate a server public key and private key pair.
步骤203:向终端发送服务端公钥,并接收终端公钥。Step 203: Send the server public key to the terminal, and receive the terminal public key.
步骤204:利用终端公钥对媒体地址进行加密,并将加密媒体地址发送给终端。Step 204: Use the terminal public key to encrypt the media address, and send the encrypted media address to the terminal.
步骤205:获取终端发送的加密请求信令。Step 205: Obtain the encryption request signaling sent by the terminal.
步骤206:利用服务端私钥解密该加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给终端。Step 206: Use the server private key to decrypt the encryption request signaling, and push the media content requested by the encryption request signaling to the terminal after the decryption is completed.
步骤202至步骤206分别与第一实施方式中步骤101至步骤105大致相同,为避免重复,在此不再一一赘述。 Steps 202 to 206 are substantially the same as steps 101 to 105 in the first embodiment, respectively, and in order to avoid repetition, they will not be repeated here.
本实施方式相对于第一实施方式而言,服务端在生成公钥密钥对之前与终端进行进行密钥协商,共同建立会话密钥,服务端和终端均对结果产生影响,并且不需要任何可信的第三方。In this embodiment, compared with the first embodiment, the server performs key agreement with the terminal before generating the public key key pair, and establishes the session key together. Both the server and the terminal affect the result, and there is no need for any Trusted third party.
本公开第三实施方式涉及一种媒体内容传送装置,如图7所示,包括至少一个处理器301;以及,与至少一个处理器301通信连接的存储器302;其中,存储器302存储有可被至少一个处理器301执行的指令,指令被至少一个处理器301执行,以使至少一个处理器301能够执行第一实施方式或第二实施方式中的媒体内容传送方法。The third embodiment of the present disclosure relates to a media content transmission device. As shown in FIG. 7, it includes at least one processor 301; and a memory 302 communicatively connected with at least one processor 301; An instruction executed by one processor 301 is executed by at least one processor 301, so that at least one processor 301 can execute the media content transmission method in the first embodiment or the second embodiment.
其中,存储器302和处理器301采用总线方式连接,总线可以包括任意数量的互联的总线和桥,总线将一个或多个处理器301和存储器302的各种电路连接在一起。总线还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路连接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口在总线和收发机之间提供接口。 收发机可以是一个元件,也可以是多个元件,比如多个接收器和发送器,提供用于在传输介质上与各种其他装置通信的单元。经处理器301处理的数据通过天线在无线介质上进行传输,进一步,天线还接收数据并将数据传送给处理器301。The memory 302 and the processor 301 are connected in a bus manner, and the bus may include any number of interconnected buses and bridges, and the bus connects one or more various circuits of the processor 301 and the memory 302 together. The bus can also connect various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all well-known in the art, and therefore, no further description will be given herein. The bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on the transmission medium. The data processed by the processor 301 is transmitted on the wireless medium through the antenna, and further, the antenna also receives the data and transmits the data to the processor 301.
处理器301负责管理总线和通常的处理,还可以提供各种功能,包括定时、外围接口、电压调节、电源管理以及其他控制功能。而存储器302可以被设置为存储处理器301在执行操作时所使用的数据。The processor 301 is responsible for managing the bus and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions. The memory 302 may be configured to store data used by the processor 301 when performing operations.
本公开的第四实施方式涉及又一种媒体内容传送方法,包括:生成终端公钥私钥对,其中,所述终端公钥私钥对包括终端公钥和终端私钥;向服务端发送所述终端公钥、并接收所述服务端生成的服务端公钥;获取服务端发送的加密媒体地址,其中,所述加密媒体地址为所述服务端利用所述终端公钥加密的媒体地址;利用所述终端私钥解密所述加密后的媒体地址,生成向所述媒体地址请求媒体内容的媒体内容请求信令;利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;接收所述服务端推送的媒体内容。The fourth embodiment of the present disclosure relates to yet another media content transmission method, including: generating a terminal public key private key pair, wherein the terminal public key private key pair includes the terminal public key and the terminal private key; The terminal public key and receiving the server public key generated by the server; obtaining an encrypted media address sent by the server, where the encrypted media address is a media address encrypted by the server using the terminal public key; Use the terminal private key to decrypt the encrypted media address to generate media content request signaling for requesting media content from the media address; use the server public key to encrypt the media content request signaling to obtain an encryption request And send the encryption request signaling to the server; receive the media content pushed by the server.
具体的,本实施方式中的媒体内容传送方法应用于终端设备,如图8所示,该方法具体包括以下步骤:Specifically, the media content transmission method in this embodiment is applied to a terminal device. As shown in FIG. 8, the method specifically includes the following steps:
步骤401:生成终端公钥私钥对。Step 401: Generate a terminal public key and private key pair.
步骤402:向服务端发送终端公钥,并接收服务端公钥。Step 402: Send the terminal public key to the server, and receive the server public key.
在本步骤中,终端向服务端发送终端公钥的过程如图9所示。终端与服务端通过SIP协议建立通信。终端包括密钥处理模块和协议处理模块,密钥处理模块生成终端公钥,再将终端公钥发送给协议处理模块,协议处理模块将终端公钥封装于SIP注册消息中,并将携带有终端公钥的SIP注册消息发送给服务端,服务端接收SIP注册消息并提取消息中的终端公钥,然后反馈终端注册成功的消息。In this step, the process of the terminal sending the terminal public key to the server is shown in Figure 9. The terminal and the server establish communication through the SIP protocol. The terminal includes a key processing module and a protocol processing module. The key processing module generates a terminal public key, and then sends the terminal public key to the protocol processing module. The protocol processing module encapsulates the terminal public key in a SIP registration message and carries the terminal The SIP registration message of the public key is sent to the server, and the server receives the SIP registration message and extracts the terminal public key in the message, and then feeds back a message that the terminal is registered successfully.
步骤403:获取服务端发送的加密媒体地址。Step 403: Obtain the encrypted media address sent by the server.
在实际的应用场景下,所述加密媒体地址为服务端利用终端公钥对媒体地址进行加密得到的。In an actual application scenario, the encrypted media address is obtained by encrypting the media address by the server using the terminal public key.
步骤404:利用终端私钥解密加密媒体地址,生成该媒体地址媒体内容的请求信令。Step 404: Decrypt the encrypted media address by using the private key of the terminal, and generate a request signaling for the media content of the media address.
在本步骤中,终端利用终端私钥对加密的媒体地址的解密过程如图10所示。终端的密钥处理模块利用终端私钥对经由终端公钥加密的媒体地址进行解密,并将解密后的得到的媒体地址发送至协议处理模块,协议处理模块再根据该媒体地址生成媒体内容请求信令。In this step, the terminal uses the terminal private key to decrypt the encrypted media address as shown in Figure 10. The key processing module of the terminal uses the private key of the terminal to decrypt the media address encrypted by the public key of the terminal, and sends the decrypted media address to the protocol processing module, and the protocol processing module generates a media content request message according to the media address. make.
步骤405:利用服务端公钥加密媒体内容请求信令,并将加密请求信令发送给服务端。Step 405: Use the server public key to encrypt the media content request signaling, and send the encrypted request signaling to the server.
在本步骤中,终端利用服务端公钥加密媒体内容请求信令的过程如图11所示。终端的密钥处理模块利用服务端公钥加密媒体请求信令,再将加密后的媒体请求信令发送至协议处理模块,协议处理模块将加密后的媒体请求信令发送至通过上述步骤中获取到的媒体地址。In this step, the process in which the terminal uses the server public key to encrypt the media content request signaling is shown in Figure 11. The key processing module of the terminal encrypts the media request signaling by using the server public key, and then sends the encrypted media request signaling to the protocol processing module, and the protocol processing module sends the encrypted media request signaling to the protocol processing module. Media address.
步骤406:接收服务端推送的媒体内容。Step 406: Receive media content pushed by the server.
本实施方式相对于现有技术而言,服务端使用终端公钥对媒体地址进行加密,使得终端需要使用终端私钥进行解密才能获取媒体地址,从而保证媒体地址自服务端至终端的传送过程中媒体地址不会被非法截获;终端使用服务端公钥对请求信令进行加密,使得服务端使用服务端私钥进行解密才能获取请求信令,保证请求信令自终端至服务端的传送过程中不被监听;使非法终端既无法获悉媒体内容的地址、也无法向服务端提出非法的媒体内容请求,满足媒体内容网络交互的安全性需求。Compared with the prior art, the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal. The media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server. Being monitored; so that illegal terminals cannot learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
本公开的第五实施方式涉及一种媒体内容传送方法,第五实施方式与第四实施方式大致相同,不同之处在于,所述生成终端公钥私钥对之前,还包括:与所述服务端进行密钥协商。The fifth embodiment of the present disclosure relates to a media content transmission method. The fifth embodiment is substantially the same as the fourth embodiment, except that, before generating a terminal public key private key pair, it also includes: The end performs key agreement.
本实施方式中的一种媒体内容传送方法如图12所示。具体包括以下 步骤:A media content transmission method in this embodiment is shown in FIG. 12. It includes the following steps:
步骤501:与服务端进行密钥协商。Step 501: Perform key negotiation with the server.
具体地说,本实施方式提供的方法适用于支持通过信令进行密钥协商的终端,在此步骤中,服务端与终端通过信令进行密钥协商。Specifically, the method provided in this embodiment is suitable for terminals that support key agreement through signaling. In this step, the server and the terminal conduct key agreement through signaling.
步骤502:生成终端公钥私钥对。Step 502: Generate a terminal public key and private key pair.
步骤503:向服务端发送终端公钥,并接收服务端公钥。Step 503: Send the terminal public key to the server, and receive the server public key.
步骤504:获取服务端发送的加密媒体地址。Step 504: Obtain the encrypted media address sent by the server.
步骤505:利用终端私钥解密加密媒体地址,生成该媒体地址媒体内容的请求信令。Step 505: Use the private key of the terminal to decrypt the encrypted media address, and generate a request signaling for the media content of the media address.
步骤506:利用服务端公钥加密媒体内容请求信令,并将加密请求信令发送给服务端。Step 506: Use the server public key to encrypt the media content request signaling, and send the encrypted request signaling to the server.
步骤507:接收服务端推送的媒体内容。Step 507: Receive media content pushed by the server.
步骤502至步骤507分别与第四实施方式中步骤401至步骤406大致相同,为避免重复,在此不再一一赘述。 Steps 502 to 507 are substantially the same as steps 401 to 406 in the fourth embodiment, respectively. To avoid repetition, they will not be repeated here.
本实施方式相对于第四实施方式而言,终端在生成公钥密钥对之前与终端进行进行密钥协商,共同建立会话密钥,服务端和终端均对结果产生影响,并且不需要任何可信的第三方。Compared with the fourth embodiment, the terminal conducts key agreement with the terminal before generating the public key key pair, and establishes the session key together. Both the server and the terminal affect the result, and there is no need for any data. Third party of the letter.
本公开第六实施方式涉及一种媒体内容传送装置,如图13所示,包括至少一个处理器601;以及,与至少一个处理器601通信连接的存储器602;其中,存储器602存储有可被至少一个处理器601执行的指令,指令被至少一个处理器601执行,以使至少一个处理器601能够执行第四实施方式或第五实施方式中的媒体内容传送方法。The sixth embodiment of the present disclosure relates to a media content transmission device. As shown in FIG. 13, it includes at least one processor 601; and, a memory 602 communicatively connected with at least one processor 601; An instruction executed by one processor 601 is executed by at least one processor 601, so that the at least one processor 601 can execute the media content transmission method in the fourth embodiment or the fifth embodiment.
其中,存储器602和处理器601采用总线方式连接,总线可以包括任意数量的互联的总线和桥,总线将一个或多个处理器601和存储器602的各种电路连接在一起。总线还可以将诸如外围设备、稳压器和功率管理电 路等之类的各种其他电路连接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口在总线和收发机之间提供接口。收发机可以是一个元件,也可以是多个元件,比如多个接收器和发送器,提供用于在传输介质上与各种其他装置通信的单元。经处理器601处理的数据通过天线在无线介质上进行传输,进一步,天线还接收数据并将数据传送给处理器601。The memory 602 and the processor 601 are connected in a bus manner. The bus may include any number of interconnected buses and bridges, and the bus connects one or more various circuits of the processor 601 and the memory 602 together. The bus can also connect various other circuits such as peripheral devices, voltage regulators, and power management circuits, etc., which are all known in the art, so they will not be further described in this article. The bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on the transmission medium. The data processed by the processor 601 is transmitted on the wireless medium through the antenna, and further, the antenna also receives the data and transmits the data to the processor 601.
处理器601负责管理总线和通常的处理,还可以提供各种功能,包括定时、外围接口、电压调节、电源管理以及其他控制功能。而存储器602可以被设置为存储处理器601在执行操作时所使用的数据。The processor 601 is responsible for managing the bus and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions. The memory 602 may be configured to store data used by the processor 601 when performing operations.
本公开的第七实施方式涉及一种媒体内容传送方法,包括:服务端生成服务端公钥私钥对、终端生成终端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥,所述终端公钥私钥对包括终端公钥和终端私钥;服务端将所述服务端公钥发送给终端,终端将所述终端公钥发送给所述服务端;服务端利用所述终端公钥对媒体地址加密,得到加密媒体地址,并将所述加密媒体地址发送给所述终端;终端获取服务端发送的加密媒体地址、利用所述终端私钥解密所述加密后的媒体地址、生成向所述媒体地址请求媒体内容的媒体内容请求信令、利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;服务端获取所述终端发送的加密请求信令、利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端;终端接收所述服务端推送的媒体内容。The seventh embodiment of the present disclosure relates to a media content transmission method, including: the server generates a server public key private key pair, and the terminal generates a terminal public key private key pair, wherein the server public key private key pair includes the service The terminal public key and the server private key, the terminal public key-private key pair includes the terminal public key and the terminal private key; the server sends the server public key to the terminal, and the terminal sends the terminal public key to the terminal Server; the server uses the terminal public key to encrypt the media address to obtain the encrypted media address, and sends the encrypted media address to the terminal; the terminal obtains the encrypted media address sent by the server and uses the terminal private key Decrypt the encrypted media address, generate media content request signaling for requesting media content from the media address, encrypt the media content request signaling by using the server public key to obtain the encryption request signaling, and combine all The encryption request signaling is sent to the server; the server obtains the encryption request signaling sent by the terminal, uses the server private key to decrypt the encryption request signaling, and sends the encryption request after the decryption is completed The media content requested by the signaling is pushed to the terminal; the terminal receives the media content pushed by the server.
本实施方式中的媒体内容传送方法应用于包括服务端、终端的视频会议系统,如图14所示,该方法具体包括以下步骤:The media content transmission method in this embodiment is applied to a video conference system including a server and a terminal. As shown in FIG. 14, the method specifically includes the following steps:
步骤701:服务端生成服务端公钥私钥对,终端生成终端公钥私钥对。Step 701: The server generates a server public key private key pair, and the terminal generates a terminal public key private key pair.
具体地说,服务端公钥私钥对包括服务器公钥和服务器私钥,终端公钥私钥对包括终端公钥和终端私钥。Specifically, the server public key and private key pair includes the server public key and the server private key, and the terminal public key and private key pair includes the terminal public key and the terminal private key.
步骤702:服务端将服务端公钥发送给终端,终端将终端公钥发送给服务端。Step 702: The server sends the server public key to the terminal, and the terminal sends the terminal public key to the server.
步骤703:服务端利用终端公钥加密媒体地址,并将加密后媒体地址发送至终端。Step 703: The server encrypts the media address using the terminal public key, and sends the encrypted media address to the terminal.
步骤704:终端获取加密后媒体地址,利用终端私钥对该媒体地址进行解密。Step 704: The terminal obtains the encrypted media address, and decrypts the media address by using the private key of the terminal.
步骤705:终端生成该媒体地址媒体内容的请求信令,利用服务端公钥加密请求信令并发送至服务端。Step 705: The terminal generates the request signaling for the media content of the media address, encrypts the request signaling with the server public key, and sends it to the server.
步骤706:服务端获取加密后的请求信令,利用服务端私钥解密该请求信令,再向终端推送媒体内容。Step 706: The server obtains the encrypted request signaling, decrypts the request signaling using the server private key, and then pushes the media content to the terminal.
步骤707:终端接收服务端推送的媒体内容。Step 707: The terminal receives the media content pushed by the server.
步骤704和步骤706分别与第一实施方式中步骤103和步骤105大致相同,步骤704、步骤705和步骤707分别与第四实施方式中步骤404、步骤405和步骤406大致相同,为避免重复,在此不再一一赘述。Step 704 and step 706 are roughly the same as step 103 and step 105 in the first embodiment, respectively. Step 704, step 705, and step 707 are roughly the same as step 404, step 405, and step 406 in the fourth embodiment, respectively. To avoid repetition, I will not repeat them one by one here.
值得一提的是,服务端生成服务端公钥私钥对,终端生成终端公钥私钥对之前,还可以包括:服务端与终端进行密钥协商。对于支持通过信令协商秘钥的终端,服务端和终端在生成公钥密钥对之前与终端进行进行密钥协商,共同建立会话密钥,服务端和终端均对结果产生影响,并且不需要任何可信的第三方。It is worth mentioning that the server generates the server public key and private key pair. Before the terminal generates the terminal public key and private key pair, it may also include: the server and the terminal perform key negotiation. For terminals that support the negotiation of secret keys through signaling, the server and terminal conduct key negotiation with the terminal before generating a public key key pair to jointly establish a session key. Both the server and the terminal affect the result, and there is no need Any trusted third party.
在本步骤中,本实施方式传送的媒体内容为视频会议的直播内容,服务端和多个终端构成视频会议系统,系统的组网结构如图15所示。服务端包括直播平台和业务平台两个模块,一个服务端与多个终端建立通信,每个终端通过上述实施例与服务器进行直播媒体内容的传送。In this step, the media content transmitted in this embodiment is the live content of the video conference. The server and multiple terminals constitute a video conference system. The network structure of the system is shown in FIG. 15. The server includes two modules, a live broadcast platform and a service platform. One server establishes communication with multiple terminals, and each terminal transmits live media content to the server through the above-mentioned embodiment.
本实施方式相对于现有技术而言,服务端使用终端公钥对媒体地址进行加密,使得终端需要使用终端私钥进行解密才能获取媒体地址,从而保证媒体地址自服务端至终端的传送过程中媒体地址不会被非法截获;终端使用服务端公钥对请求信令进行加密,使得服务端使用服务端私钥进行解 密才能获取请求信令,保证请求信令自终端至服务端的传送过程中不被监听;使非法终端既无法获悉媒体内容的地址、也无法向服务端提出非法的媒体内容请求,满足媒体内容网络交互的安全性需求。Compared with the prior art, the server uses the terminal public key to encrypt the media address, so that the terminal needs to use the terminal private key for decryption to obtain the media address, thereby ensuring that the media address is transmitted from the server to the terminal. The media address will not be illegally intercepted; the terminal uses the server public key to encrypt the request signaling, so that the server uses the server private key to decrypt the request signaling to ensure that the request signaling is not transmitted from the terminal to the server. Being monitored; so that illegal terminals cannot learn the address of the media content, nor can they make illegal media content requests to the server, so as to meet the security requirements of media content network interaction.
本公开第八实施方式涉及一种计算机可读存储介质,存储有计算机程序。计算机程序被处理器执行时实现上述任一媒体内容传送方法实施例。The eighth embodiment of the present disclosure relates to a computer-readable storage medium storing a computer program. When the computer program is executed by the processor, any one of the foregoing media content transmission method embodiments is implemented.
即,本领域技术人员可以理解,实现上述实施例方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序存储在一个存储介质中,包括若干指令用以使得一个设备(可以是单片机,芯片等)或处理器(processor)执行本公开各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。That is, those skilled in the art can understand that all or part of the steps in the method of the foregoing embodiments can be implemented by instructing relevant hardware through a program. The program is stored in a storage medium and includes several instructions to enable a device ( It may be a single-chip microcomputer, a chip, etc.) or a processor (processor) to execute all or part of the steps of the methods described in the various embodiments of the present disclosure. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks and other media that can store program codes. .
本领域的普通技术人员可以理解,上述各实施方式是实现本公开的具体实施例,而在实际应用中,可以在形式上和细节上对其作各种改变,而不偏离本公开的精神和范围。A person of ordinary skill in the art can understand that the above-mentioned embodiments are specific examples for realizing the present disclosure, and in practical applications, various changes can be made to them in form and details without departing from the spirit and spirit of the present disclosure. range.

Claims (11)

  1. 一种媒体内容传送方法,包括:A media content transmission method, including:
    生成服务端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥;Generating a server public key private key pair, wherein the server public key private key pair includes a server public key and a server private key;
    向终端发送所述服务端公钥,并接收所述终端生成的终端公钥;Sending the server public key to the terminal, and receiving the terminal public key generated by the terminal;
    利用所述终端公钥对媒体地址加密,得到加密媒体地址,将所述加密媒体地址发送给所述终端;Encrypt the media address by using the terminal public key to obtain an encrypted media address, and send the encrypted media address to the terminal;
    获取所述终端发送的加密请求信令,其中,所述加密请求信令为所述终端利用所述服务端公钥加密的媒体内容请求信令;Acquiring the encryption request signaling sent by the terminal, where the encryption request signaling is media content request signaling encrypted by the terminal using the server public key;
    利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端。The server private key is used to decrypt the encryption request signaling, and after the decryption is completed, the media content requested by the encryption request signaling is pushed to the terminal.
  2. 根据权利要求1所述的媒体内容传送方法,其中,所述生成服务端公钥私钥对之前,还包括:与所述终端进行密钥协商。The media content delivery method according to claim 1, wherein before said generating the server public key private key pair, the method further comprises: conducting key agreement with the terminal.
  3. 根据权利要求1所述的媒体内容传送方法,其中,所述接收所述终端生成的终端公钥,具体包括:The media content delivery method according to claim 1, wherein the receiving the terminal public key generated by the terminal specifically includes:
    接收所述终端的注册信息,其中,所述注册信息携带有所述终端公钥;Receiving registration information of the terminal, where the registration information carries the terminal public key;
    在所述注册信息合法的情况下,记录所述终端公钥并向所述终端反馈注册信息。In the case that the registration information is legal, the terminal public key is recorded and the registration information is fed back to the terminal.
  4. 一种媒体内容提供装置,包括:A media content providing device includes:
    至少一个处理器;以及,At least one processor; and,
    与所述至少一个处理器通信连接的存储器;其中,A memory communicatively connected with the at least one processor; wherein,
    所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被 所述至少一个处理器执行,以使所述至少一个处理器能够执行如权利要求1至3中任一所述的媒体内容传送方法。The memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor, so that the at least one processor can execute any one of claims 1 to 3 Media content delivery method.
  5. 一种媒体内容传送方法,包括:A media content transmission method, including:
    生成终端公钥私钥对,其中,所述终端公钥私钥对包括终端公钥和终端私钥;Generating a terminal public key and private key pair, where the terminal public key and private key pair includes a terminal public key and a terminal private key;
    向服务端发送所述终端公钥、并接收所述服务端生成的服务端公钥;Sending the terminal public key to the server and receiving the server public key generated by the server;
    获取服务端发送的加密媒体地址,其中,所述加密媒体地址为所述服务端利用所述终端公钥加密的媒体地址;Acquiring an encrypted media address sent by a server, where the encrypted media address is a media address encrypted by the server using the terminal public key;
    利用所述终端私钥解密所述加密后的媒体地址,生成向所述媒体地址请求媒体内容的媒体内容请求信令;Using the terminal private key to decrypt the encrypted media address, and generate media content request signaling for requesting media content from the media address;
    利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;Encrypt the media content request signaling by using the server public key to obtain encryption request signaling, and send the encryption request signaling to the server;
    接收所述服务端推送的媒体内容。Receiving the media content pushed by the server.
  6. 根据权利要求5所述的媒体内容传送方法,其中,所述生成终端公钥私钥对之前,还包括:与所述服务端进行密钥协商。The media content delivery method according to claim 5, wherein before said generating a terminal public key private key pair, the method further comprises: conducting key agreement with the server.
  7. 根据权利要求5所述的媒体内容传送方法,其中,所述向服务端发送所述终端公钥,具体包括:向发送注册信息,其中,所述注册信息携带有所述终端公钥。The media content delivery method according to claim 5, wherein the sending the terminal public key to the server specifically includes: sending registration information to the server, wherein the registration information carries the terminal public key.
  8. 一种媒体内容获取装置,包括:A device for acquiring media content includes:
    至少一个处理器;以及,At least one processor; and,
    与所述至少一个处理器通信连接的存储器;其中,A memory communicatively connected with the at least one processor; wherein,
    所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使所述至少一个处理器能够执行如权利要求5至7中任一所述的媒体内容传送方法。The memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor, so that the at least one processor can execute any one of claims 5 to 7 Media content delivery method.
  9. 一种计算机可读存储介质,存储有计算机程序,所述计算机程序被处理器执行时实现如权利要求1至3中任一所述的媒体内容传送方法,或如权利要求5至7中任一所述的媒体内容传送方法。A computer-readable storage medium that stores a computer program that, when executed by a processor, implements the media content transmission method according to any one of claims 1 to 3, or any one of claims 5 to 7 The described media content transmission method.
  10. 一种媒体内容传送方法,包括:A media content transmission method, including:
    服务端生成服务端公钥私钥对、终端生成终端公钥私钥对,其中,所述服务端公钥私钥对包括服务端公钥和服务端私钥,所述终端公钥私钥对包括终端公钥和终端私钥;The server generates a server public key private key pair, and the terminal generates a terminal public key private key pair, wherein the server public key private key pair includes the server public key and the server private key, and the terminal public key private key pair Including terminal public key and terminal private key;
    服务端将所述服务端公钥发送给终端,终端将所述终端公钥发送给所述服务端;The server sends the server public key to the terminal, and the terminal sends the terminal public key to the server;
    服务端利用所述终端公钥对媒体地址加密,得到加密媒体地址,并将所述加密媒体地址发送给所述终端;The server encrypts the media address by using the terminal public key to obtain the encrypted media address, and sends the encrypted media address to the terminal;
    终端获取服务端发送的加密媒体地址、利用所述终端私钥解密所述加密后的媒体地址、生成向所述媒体地址请求媒体内容的媒体内容请求信令、利用所述服务端公钥加密所述媒体内容请求信令,得到加密请求信令,并将所述加密请求信令发送给所述服务端;The terminal obtains the encrypted media address sent by the server, uses the terminal private key to decrypt the encrypted media address, generates media content request signaling for requesting media content from the media address, and uses the server public key to encrypt the encrypted media address. The media content request signaling, obtain the encryption request signaling, and send the encryption request signaling to the server;
    服务端获取所述终端发送的加密请求信令、利用所述服务端私钥解密所述加密请求信令,并在解密完成后将所述加密请求信令所请求的媒体内容推送给所述终端;The server obtains the encryption request signaling sent by the terminal, decrypts the encryption request signaling using the server private key, and pushes the media content requested by the encryption request signaling to the terminal after the decryption is completed ;
    终端接收所述服务端推送的所述媒体内容。The terminal receives the media content pushed by the server.
  11. 根据权利要求10所述的媒体内容传送方法,其中,所述服务端生 成服务端公钥私钥对、终端生成终端公钥私钥对之前,还包括:The media content delivery method according to claim 10, wherein before the server generates the server public key private key pair and the terminal generates the terminal public key private key pair, the method further comprises:
    服务端与终端进行密钥协商。The server and the terminal negotiate a key.
PCT/CN2020/133132 2019-12-05 2020-12-01 Media content transmission method and apparatus, and storage medium WO2021109998A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911233173.7A CN112929593A (en) 2019-12-05 2019-12-05 Media content transmission method, device and storage medium
CN201911233173.7 2019-12-05

Publications (1)

Publication Number Publication Date
WO2021109998A1 true WO2021109998A1 (en) 2021-06-10

Family

ID=76160978

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/133132 WO2021109998A1 (en) 2019-12-05 2020-12-01 Media content transmission method and apparatus, and storage medium

Country Status (2)

Country Link
CN (1) CN112929593A (en)
WO (1) WO2021109998A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007066994A1 (en) * 2005-12-07 2007-06-14 Electronics And Telecommunications Research Institute Apparatus and method for providing personal information sharing service using signed callback url message
CN103281312A (en) * 2013-05-10 2013-09-04 金硕澳门离岸商业服务有限公司 Information filtering method
CN106792009A (en) * 2016-11-30 2017-05-31 深圳前海弘稼科技有限公司 A kind of plant image transmission method and device based on cultivation box
KR20170084802A (en) * 2016-01-13 2017-07-21 크루셜텍 (주) Methdo and system for transmitting secure data in a terminal
CN109787947A (en) * 2018-04-03 2019-05-21 中建材信息技术股份有限公司 The cloud security encryption system and method and storage medium of public cloud
CN109788002A (en) * 2019-03-12 2019-05-21 北京首汽智行科技有限公司 A kind of Http request encryption and decryption method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007066994A1 (en) * 2005-12-07 2007-06-14 Electronics And Telecommunications Research Institute Apparatus and method for providing personal information sharing service using signed callback url message
CN103281312A (en) * 2013-05-10 2013-09-04 金硕澳门离岸商业服务有限公司 Information filtering method
KR20170084802A (en) * 2016-01-13 2017-07-21 크루셜텍 (주) Methdo and system for transmitting secure data in a terminal
CN106792009A (en) * 2016-11-30 2017-05-31 深圳前海弘稼科技有限公司 A kind of plant image transmission method and device based on cultivation box
CN109787947A (en) * 2018-04-03 2019-05-21 中建材信息技术股份有限公司 The cloud security encryption system and method and storage medium of public cloud
CN109788002A (en) * 2019-03-12 2019-05-21 北京首汽智行科技有限公司 A kind of Http request encryption and decryption method and system

Also Published As

Publication number Publication date
CN112929593A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
US9923877B2 (en) External indexing and search for a secure cloud collaboration system
RU2417532C2 (en) Delivering policy updates for protected content
US20150281185A1 (en) Cloud Collaboration System With External Cryptographic Key Management
CN113612605B (en) Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology
US8738910B2 (en) Method and arrangement for enabling play-out of media
US20100005183A1 (en) Method, System and Apparatus for Converting Media Contents
JP2005510184A (en) Key management protocol and authentication system for secure Internet protocol rights management architecture
EP4184821A1 (en) Ims data channel-based communication method and device
CN111355921A (en) Video conference encryption method and system
CN102905199B (en) A kind of multicast service realizing method and equipment thereof
CN109981271B (en) Network multimedia safety protection encryption method
US10673629B2 (en) Data transmission and reception method and system
CN109474667B (en) Unmanned aerial vehicle communication method based on TCP and UDP
CN101222612A (en) Method and system for safely transmitting media stream
KR101880999B1 (en) End to end data encrypting system in internet of things network and method of encrypting data using the same
WO2021109998A1 (en) Media content transmission method and apparatus, and storage medium
EP2713576B1 (en) Method and device for processing streaming media content
CN112235320B (en) Cipher-based video networking multicast communication method and device
WO2008029853A1 (en) Encryption key delivery device and encryption key delivery method
CN113596004A (en) Identity authentication method and device in multi-party security computing
CN116709325B (en) Mobile equipment security authentication method based on high-speed encryption algorithm
CN116782210B (en) Dynamic encryption key generation method of high-speed encryption algorithm
KR101215802B1 (en) Method of providing a contents service in a p2p network
CN107070912B (en) Network security verification method and system for distributed system
CN116032559A (en) Information encryption method, cloud video conference system and information encryption equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20896811

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20896811

Country of ref document: EP

Kind code of ref document: A1