CN101009553A - Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system - Google Patents
Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system Download PDFInfo
- Publication number
- CN101009553A CN101009553A CNA200610172266XA CN200610172266A CN101009553A CN 101009553 A CN101009553 A CN 101009553A CN A200610172266X A CNA200610172266X A CN A200610172266XA CN 200610172266 A CN200610172266 A CN 200610172266A CN 101009553 A CN101009553 A CN 101009553A
- Authority
- CN
- China
- Prior art keywords
- key
- business
- cipher key
- program
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/601—Broadcast encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Abstract
The invention provides a method to realize the key security inosculating mobile multimedia broadcasting system that includes: (a) the generation and storage of the broadcasting system network, and refresh the key of program, the generation of mobile communication system network, storage and refresh the business key, and the business key and label are transmitted to the user terminal by the mobile communication system network; (b) the program key is transmitted to the business platform of mobile communication system network by the broadcasting system network, the key is secreted by the business platform, and the secreted control information is returned; (c) the scrambler of broadcasting system network uses the program flow corresponding to the encrypted code, the program flow and the cipher key information are sent by the radio; (d) the user terminal receives the program flow and secreted control information to find the corresponding business key label, and the business key is the parameter, decipher the key of program flow, and decipher the program flow data using the obtained key of program flow.
Description
Technical field
The present invention relates to mobile network communication and China mobile multi-media broadcasting technology.Relate in particular under mobile multimedia broadcast system network and the multiple mobile communication system network fusion situation, the method and system of secret key safety is provided for user terminal.
Background technology
Along with people constantly increase the demand of mobile communication, a large amount of multimedia services emerge along with era development.Wherein, a plurality of users of some application requirements can receive the identical media data simultaneously, and are as video request program, television broadcasting etc., typical in mobile phone TV services.
Simple mobile multimedia broadcast system MMB network is realized Mobile Multimedia Broadcasting or mobile TV etc. professional (DMB, DAB, DVB equifrequent addressable broadcast network system, unification illustrates with MMB), is faced with some geneogenous defectives.Because the one-way of its transmission promptly has only down going channel, all brought inconvenience for interactive service, system's billing flexibility and system safety, make the mobile network's that some are ripe technology can't be applied to this field.
Simple MMB system is mutual in order to realize, charging and safety, has under unpredictable situation, and that wheel is broadcast is mutual, charge and the content of safety, for extensive commercial system, these data volumes are very big, particularly charge information, greatly influence overhead, brought very big systematicness burden.Be compared to two-way mobile communication system network, the broadcast system network will be realized same function, bear very big cost.Even if realized, business, use flexibility are also had a greatly reduced quality.And these have obtained ripe carrier class application already at mobile communication system network.
But, the wireless bandwidth utilization ratio height of radio network, data capacity is much bigger than the mobile network.For the large scale multimedia transmission provides better carrying.For this reason, the demand that MMB and mobile network (GSM, CDMA or 3G etc.) are merged has been proposed.
3GPP and 3GPP2 have proposed corresponding multimedia broadcast/group broadcast service, and so-called broadcast/group broadcast class business is meant: a bit to the unidirectional bearer service of multiple spot, data are sent to a plurality of receiving entities by a source entity.These business will be put the thought of multiple spot and introduce mobile communication system, and it can provide the point-to-multipoint service of a data source to a plurality of users send data in the mobile network, share and improve the purpose of network resource utilization to reach Internet resources.
Each program stream quilt has been divided into the plurality of sections programme content according to the time period in the business guide, is called for short program.Need carry out safeguard protection to each program.At present, the safety of multimedia broadcast/group broadcast service realizes by three layers of key code system in the 3GPP mobile communication system: ground floor: user key, cipher key shared MUK between single multimedia broadcast/group broadcast service user terminal and the data source; The second layer: business cipher key, all multimedia broadcast/group broadcast service user terminals and data source cipher key shared MSK; The 3rd layer: program current cipher key, the multicast transmission data encryption key MTK that all multimedia broadcast/group broadcast service user terminals and data source are shared.
MUK is used to MSK is sent to service-user safely, and MSK is used to the service-user that sends to MTK safety, and MTK is real multicast transmission data encryption key.In order to guarantee the safety of multimedia broadcast/group broadcast service, MSK and MTK need to upgrade regularly, avoid validated user leakage MSK or MTK to give the disabled user, obtain the influence that the cast communication content causes service security to reduce the disabled user.Protection has only signatory this professional user terminal, just can legally enjoy business.For there not being the contracted user, the user who countermands after perhaps contracting will be considered as the disabled user.
After broadcast/multicast server is upgraded business cipher key, send the new key efficient message to user terminal, this message represents that new business cipher key is effective; After user terminal is received this message, can send the request key message, ask a new business cipher key to broadcast/multicast server; After broadcast/multicast server is received the request key message, corresponding new business key is sent to initiation requesting users terminal; After described user terminal is successfully received new business cipher key, this business cipher key is preserved and use afterwards.
In the 3GPP2 mobile communication system, also with 3GPP to the key of layering should be arranged.Concretely, ground floor: user key TK; The second layer: business cipher key BAK; The 3rd layer: program current cipher key SK.
In the UNE, program stream issues (for example broadcasting and TV radio network) from radio network, and promptly the broadcast channel by CHINA RFTCOM Co Ltd transmits the program Business Stream; Realize the programme content encryption by broadcasting and TV mobile TV system; Finish subscription authentication and service billing by the mobile communication system network of mobile operator; By the mobile communication system network of mobile operator as interactive channel transport service key with realize service subscription, service interaction etc.
But with respect to 3GPP, 3GPP2 has used different encryption methods.And generally both are present in independently network system, have the key management system of incoherent broadcasting/packet service platform.How does the broadcast system network merge the key management of the business platform of different mobile communication grid?
Therefore, under mobile multimedia broadcast system network and multiple mobile communication system network fusion situation, the broadcast system network integration business platform of different mobile communication grid, a kind of method of secret key safety need be provided for mobile subscriber terminal, realize three grades of key updatings and secret key safety.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of method that realizes multi-network integration mobile multi-media broadcast system secret key safety, make mobile multimedia broadcast system can merge multiple or a plurality of mobile communication system network business platforms, for mobile subscriber terminal provides secret key safety with different key management functions.
In order to address the above problem, the present invention proposes a kind of method that realizes multi-network integration mobile multi-media broadcast system secret key safety, be applied to the system that broadcast system network and a plurality of mobile communication system network merge, described broadcast system network has a scrambler, described mobile communication system network has a business platform, and this method may further comprise the steps:
(a) scrambler of broadcast system network is by setting rule generation, storage and upgrading program current cipher key, the business platform of each mobile communication system network is by setting rule generation, storage and upgrading business cipher key, business cipher key is corresponding to unique business key label, and each mobile communication system network is distributed to the user terminal of having ordered corresponding service with business cipher key and sign thereof respectively;
(b) scrambler of broadcast system network sends to program current cipher key the business platform of each mobile communication system network, each business platform is that parameter is to encrypting program stream keys with the corresponding service key, and ciphering control message returned described scrambler, comprising the identification parameter of encrypted program stream keys, business key label and mobile communication system network, scrambler is stored the ciphering control message of receiving;
(c) scrambler of broadcast system network uses the corresponding program stream after encrypting program stream keys is encoded, and program stream and ciphered program stream secrete key information exported in the lump, multiplexing back broadcast transmission, described ciphered program stream secrete key information comprise each program stream sign and at the ciphering control message of each mobile communication system network;
(d) behind the user terminal selecting program, receive corresponding program stream and ciphering control message thereof, sign according to affiliated mobile communication system network finds the corresponding service key identification, definite local service key that should use, with this business cipher key is parameter, program current cipher key behind the enabling decryption of encrypted is again with the program current cipher key deciphering program stream data that obtains.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, in the step (a), described user terminal generates user key and reporting service platform when authentication, described business platform is that the user of order business generates user key by same rule, and whether checking is consistent with the user key of this user terminal to send up, in this way, be parameter secure service key with this user key again, then encrypted service key and sign thereof sent to this user terminal storage;
In the step (d), user terminal finds the encrypted service key of storage earlier after having determined the business cipher key that should use, and is that the parameter deciphering obtains business cipher key with the user key of this locality, again with the program current cipher key behind this business cipher key enabling decryption of encrypted.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, step (b) is further divided into following steps: (b1) scrambler of broadcast system network is according to the rule of configuration, by with the interface of the business platform of a plurality of mobile communication system networks, send the encrypting program stream keys request to it, carry session identification, program stream sign, program current cipher key sign and program current cipher key data; (b2) after the business platform of each mobile communication system network is received the request of encryption,, use this business cipher key, encrypt the control word data, and generate the ciphering control message of this program stream as parameter according to the marking matched corresponding service key that finds of program stream; (b3) each mobile communication system network business platform sends the encrypting program stream keys response message to scrambler, use session identification the same and program stream sign with request, and, comprise the identification parameter of encrypted program stream keys, business key label and mobile communication system network with going up the ciphering control message that generates; (b4) business platform is stored the ciphering control message of the program stream that each mobile communication system network returns.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, step (d) is further divided into following steps: (d1) user starts the client of the mobile multimedia broadcast system on the terminal, and client-side program is started working; (d2) client need be obtained electron service instruction as judging, then obtains electron service instruction data and displaying alternately with described business platform, as not needing, then directly shows; (d3) user selects to watch effective TV programme according to the electron service instruction of client shows, need order as this program, then finishes the service order process alternately with described business platform; (d4) terminal is selected the current business used according to the user, receives the corresponding program stream of encrypting according to the service identification demultiplexing, can receive ciphered program stream secrete key information simultaneously; (d5) terminal obtains the ciphering control message of a plurality of networks from ciphered program stream secrete key information, according to the identification parameter of the mobile communication system network of terminal storage, selects to use the ciphering control message of this mobile communication system network; (d6) terminal is according to the business key label in the ciphering control message, judge whether terminal has stored corresponding effectively business cipher key, as denying, then initiate the business cipher key request to the mobile communication system network business platform, obtain business cipher key with this program stream after the user key encryption of this terminal, in this way, carry out next step; (d7) terminal uses local user key that encrypted service key is deciphered, and utilizes the business cipher key and the corresponding decipherment algorithm that obtain to come encrypted program stream keys in the enabling decryption of encrypted control information, again with the program current cipher key deciphering program stream data that obtains.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, described terminal is obtained Ks from business platform in initialization procedure, generate user key, and the identification parameter of the mobile communication system network of acquisition user key ownership, during authentification of user, the key of user key index and oneself generation on the terminal authentication request band, the basis that the authentication that the mobile communication system network business platform obtains from HLR is polynary group finds or generates Ks, generate user key according to this Ks again, business platform is verified the same user's of local and terminal to report user key, as identical, to use this user key as parameter, cryptographic algorithm with regulation is encrypted the ordered professional business cipher key of this user, otherwise, return error code and give terminal.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, parameter in the described encrypting program stream keys request message also comprises following a kind of or its combination in several: encryption period begins sequence number, and the encryption period that the program current cipher key data of representing this time transmission are used for ciphered program stream begins sequence number; The absolute time that encryption period begins; Encrypt the amount of cycles of duration length, represent that this program current cipher key is about to be used to the lasting encryption period quantity of ciphered program stream; And the mobile communication system network coding, be used to identify different mobile communication system networks; And/or the parameter in the described encrypting program stream keys response message comprises that also encryption period begins sequence number.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, the identification parameter of described mobile communication system network is mobile communication system network business platform coding, characterize specific mobile communication system network business platform, comprised mobile communication system network coding, multimedia service platform coding and business cipher key system coding; The mobile communication system network coding is the sign of mobile communication system network, unique mobile communication system network of having distinguished; Multimedia service platform coding unique identification the mobile communication system network business platform; Business cipher key system coding is used for the algorithm of business cipher key encryption and decryption program current cipher key of differentiated service platform.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, business platform is distributed to terminal information except that business cipher key and business key label described in the step (a), also comprises program current cipher key ordered sequence interval; The program current cipher key that terminal deciphering obtains in the step (d) is a time cycle sequence number, and whether this sequence number of checking is in described program current cipher key ordered sequence interval range earlier for terminal, and in this way, then key is effective; Be used for deciphering program data stream again with obtaining effective program current cipher key again.
Further, the method of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, in the step (a), described business cipher key has Home Network key identification uniqueness, and separately the term of validity is arranged, term of validity management is used to instruct key updating and validation verification.
A kind of system that realizes multi-network integration mobile multi-media broadcast system secret key safety comprises mobile communication system network, user terminal and broadcast system network, wherein,
Mobile communication system network is used to realize the mobile multimedia broadcasting service platform function, and mobile network's bearing function, and is mutual with user terminal, generates, stores or the renewal user key, finishes generation, storage, renewal and the distribution of business cipher key; With the broadcast system network interaction, finish the encryption of business cipher key to program current cipher key;
User terminal is used to obtain user key, receives the program stream and the ciphering control message of broadcast system network, and decipher corresponding program stream, and and the mobile communication system network of corresponding types, position is mutual separately, finish the authentication of user key, storage or upgrade business cipher key;
The broadcast system network is used for generating, stores and the renewal program current cipher key, program current cipher key is sent to each mobile communication system network, and the ciphering control message that receives is stored; Use the corresponding program stream after encrypting program stream keys is encoded, and with broadcast transmission behind program stream and the ciphered program stream secrete key information multiplexing.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, user terminal further comprises with lower module: initialization module is used for the mobile communication system network business platform coding in initialization procedure acquisition user key and ownership; User key is used for the secure service key and deciphers the business cipher key that obtains, and each user's user key has nothing in common with each other; User authentication module is used for finishing alternately with mobile communication system network the verification process of terminal, and the key of user key index and own generation on terminal authentication request band, verifies for the mobile communication system network side; The business cipher key administrative unit is used to receive current business key, business key label and the program current cipher key ordered sequence interval thereof of mobile communication system network business platform for user's distribution of order business, is stored or upgrades; The program stream receiver module is used for receiving respective program stream according to the program stream sign of current program, comprises the ciphered program stream secrete key information that receives; The program stream deciphering module, from program stream, select to use the program stream ciphering control message of present networks correspondence according to mobile network's business platform coding, obtain the corresponding business key identification, business cipher key after the encryption of selecting to store on the use terminal according to this sign, with the user key of this locality is that parameter is deciphered and obtained business cipher key, use program current cipher key behind this business cipher key enabling decryption of encrypted again, according to program current cipher key ordered sequence number interval authentication secret validity, again with the effective program current cipher key deciphering program data stream that obtains.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, the business cipher key administrative unit, as when bringing into use business, effective business cipher key is not stored in this locality, then initiates active request and obtains this professional business cipher key from the mobile communication corresponding grid; Different mobile communication grid business platform and terminal thereof are established one's own system, and terminal receives only the business cipher key of the mobile communication system network business platform distribution of being contracted, and by the relative users secret key encryption.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, the business platform of mobile communication system network further comprises with lower module: service center, key management module, wherein: service center, the business interface with user terminal is provided, and the service logic control that realizes business platform, scheduling and interior or other business platform functional modules of use business platform comprise the distribution service key; Key management module is used for generating, stores or upgrades user key, and generates business cipher key according to effective user key, finishes the encryption of business cipher key to program current cipher key.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, key management module, further comprise: user key administrative unit, business cipher key administrative unit, business cipher key Dispatching Unit, encrypting program stream keys unit, wherein: the user key administrative unit is used to generate user key, and stores or upgrade; Obtain Ks from business platform during terminal initial, generate user key, when business platform is received comprising user key index and terminal and generating the authentication request of key of terminal, arrive or generate Ks according to index search, by business platform the same user's of terminal to report user key is verified again, as identical, then with this message informing business cipher key administrative unit, otherwise, return error code and give terminal; The business cipher key administrative unit, be used for after business configuration, as receive the user key confirmation that the user key administrative unit sends, and can this user key be parameter then, with the cryptographic algorithm of regulation business cipher key is encrypted, generate, store the corresponding business key, and the one-to-one relationship of foundation and business key label, business cipher key is associated with the program stream sign by service identification, business cipher key has Home Network key identification uniqueness, and the term of validity is separately arranged; The business cipher key Dispatching Unit is used for by service center distribution service key, and business platform is according to user's order relations, sends user key encrypted service key with this user to the user of order business; In network active push mode, perhaps when the request of receiving terminal to acquire service cipher key, find the corresponding business key, send to terminal after encrypting by user key; The encrypting program stream keys unit, refer to that business platform receives the program current cipher key that broadcast system network scrambler sends, after the corresponding service secret key encryption, program current cipher key, program current cipher key sign and other encryption parameters of having encrypted are packaged into program key stream message by the specific data form, return to scrambler.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety can also have following characteristics, and the broadcast system network comprises: the program source coding module, be used for the audio-video frequency content of each original access is carried out compressed encoding, export to scrambler; Scrambler is used for generating, stores and the renewal program current cipher key, program current cipher key is sent to each mobile communication system network, and the ciphering control message that receives is stored; By the program stream of encrypting behind the program current cipher key control word scrambled of back, and described program stream and ciphering control message outputed to multiplex system; Multiplex system is used for the program stream after a plurality of encryptions and multiplexing at the ciphering control message of a plurality of mobile communication system networks is exported by the broadcast system network.
Further, the system of above-mentioned realization multi-network integration mobile multi-media broadcast system secret key safety, can also have following characteristics, scrambler, further comprise program key administration module and encryption equipment, wherein, the program key administration module, the control word, encryption back control word, encryption period, the encryption duration that are used for program current cipher key manage, and constantly generate, store and the renewal control word; Send the encrypting program stream keys request by interface to this business platform, carry session identification, program stream sign, program current cipher key sign and program current cipher key data with a plurality of mobile communication system network business platforms; And, comprise the identification parameter of encrypted program stream keys, business key label and mobile communication system network from this business platform acquisition program stream ciphering control message and storage; Obtain initial, the temporal information that finishes of corresponding program by interface with the content broadcast control system, the encryption period that the alignment beginning is new, and program current cipher key is as the encryption period scope of encrypting, as the foundation synchronous with the program current cipher key of business platform; Encryption equipment uses the program stream after encrypted program stream keys is come scrambled, and the ciphering control message of multiplexing a plurality of networks and outputs to multiplex system in output stream.
Compared with prior art, under the situation of mobile multimedia broadcast system network and the fusion of multiple or a plurality of mobile communication system network business platform, design and proposed the method for secret key safety.Make the mobile multimedia broadcast system network can merge multiple or a plurality of mobile communication system network business platforms with different key management functions, a program stream of mobile multimedia broadcast system can be served these mobile communication system network business platforms simultaneously, has greatly saved frequency spectrum resource and the complexity that has reduced emerging system.
Description of drawings
Fig. 1 is the schematic diagram that broadcast system network and multiple mobile communication system network merge among the embodiment.
Fig. 2 is the schematic diagram that broadcast system network and certain mobile communication system network merge among the embodiment.
Fig. 3 is the professional schematic diagram that uses flow process of mobile subscriber terminal among the embodiment.
Fig. 4 is the sequence chart of encrypting program stream keys process among the embodiment.
Embodiment
Below in conjunction with accompanying drawing, concrete enforcement of the present invention is described.
Fig. 1 is the structure chart that mobile multimedia broadcast system network and multiple mobile communication system network merge, comprise multiple or a plurality of mobile communication system networks (MN) 101,104, a plurality of user terminals (UE) 102,103 and mobile multimedia broadcast system network (BN) 105 are example with broadcasting and TV mobile multimedia broadcast system network.
Mobile communication system network MN101 and 104 is used to realize the mobile multimedia broadcasting service platform function, and mobile network's bearing function.Mutual with user terminal, finish service discovering, order/quit the subscription of, business guide service and management, business information configuration, audit management, authentication, key generation and distribution, charging and statistics etc.; Mutual with broadcast system network 105, it is synchronous etc. to encryption, the program content information of program current cipher key to finish business cipher key;
User terminal UE102,103 has comprised the function of cell phone apparatus and card, the machine of not differentiation here engaging one, still separates.Be used to receive the program stream that broadcast system network 105 is encrypted, and and the mobile communication system network 101,104 of corresponding types, position is mutual separately, further comprise following main modular:
Initialization module is used for obtaining ks at initialization procedure from business platform and generates user key, and the mobile communication system network business platform coding (MNSP_Code) that obtains ownership; User key is used for the secure service key and deciphering obtains business cipher key, and each user's user key has nothing in common with each other.
User authentication module is used for finishing alternately with mobile communication system network the verification process of terminal, and on terminal authentication request band user key index (user name) and the key (password) that oneself generates, verify for the mobile communication system network side.
The business cipher key administrative unit is used to receive current business key, business key label and the program current cipher key ordered sequence interval thereof of mobile communication system network business platform for user's distribution of order business, is stored or upgrades; As when bringing into use business, effective business cipher key is not stored in this locality, then initiates active request and obtains this professional business cipher key from the mobile communication corresponding grid.Different mobile communication grid business platform and terminal thereof are established one's own system, and terminal receives only the information such as business cipher key of the mobile communication system network business platform distribution of being contracted, and by the relative users secret key encryption.
The program stream receiver module is used for receiving respective program stream according to the Stream ID of current program, comprises receiving ciphered program stream secrete key information.
The program stream deciphering module, from program stream, select to use the program stream ciphering control message of present networks correspondence according to MNSP_Code, obtain corresponding business key identification SK_ID, business cipher key after the encryption of selecting to store on the use terminal according to this sign, with the user key of this locality is that parameter is deciphered and obtained business cipher key, use program current cipher key (CW) behind this business cipher key enabling decryption of encrypted again, authentication secret validity obtains effective program current cipher key and is used for deciphering program data stream again.Described program current cipher key ID value is a time cycle sequence number, if this sequence number in program current cipher key ordered sequence interval range, then key is effective.
In addition, the client that provides mobile multi-media broadcasting service to use also is provided terminal; The service discovering module is used to obtain and show the information of electronic program guides (ESG); Service order and quit the subscription of module; Program is selected module, is used for the selected program of being watched for the user, and according to the Stream_ID that obtains current program in the programme information; And be used for a plurality of functional modules such as demultiplexing, decoding broadcast program stream, multimedia show, authentication and charging.
Broadcast system network (BN) 105 is mainly used in program stream coding, encryption, multiplexing and broadcasting, and BN and MN have content information sync cap and program stream encipher interface.
Fig. 2 is broadcast system network and the schematic diagram that merges of certain mobile communication system network wherein, and more refinement has illustrated the business platform functional module of mobile communication system network, and the functional module of broadcast system network.
The mobile network 202, i.e. PDSN network element of CDMA1x or CDMA2000 type network, or GSM/GPRS or WCDMA type network GGSN network element provide the packet domain core network critical function system with the business platform interface;
WAP gateway system 203 is that mobile subscriber terminal and business platform carry out the mutual agency of HTTP in this business network.Not essential equipment, special network for CDMA1x or CDMA2000 type;
The business platform of mobile communication system network further comprises with lower module: service center 204, key management module 205, ESG service module 206 and service management module 207, wherein:
The user key administrative unit is used for finding or generate Ks according to the basis of polynary group of the authentication of obtaining from HLR, generates user key according to this Ks again, and stores or upgrade.When business platform is received comprising user key index and terminal and generating the authentication request of key of terminal, user key to the same user of terminal to report is verified, as identical, then with this message informing business cipher key administrative unit, otherwise, return error code and give terminal.
The business cipher key administrative unit, be used for after business configuration, as receive the user key confirmation that the user key administrative unit sends, and can this user key be parameter then, with the cryptographic algorithm of regulation business cipher key is encrypted, generate, store the corresponding back business cipher key of encrypting, and the one-to-one relationship of foundation and business key label, business cipher key is associated with the program stream sign by service identification, business cipher key has Home Network key identification uniqueness, and the term of validity is separately arranged.This module is also carried out term of validity management, is used to instruct key updating and validation verification etc.For the monthly payment type service, every month regular update business cipher key.
The business cipher key Dispatching Unit, be used for by service center distribution service key, business platform should be able to be according to user's order relations, sends user key encrypted service key, business key label and program current cipher key ordered sequence interval thereof with this user to the user of order business.In network active push mode, also can when the request of receiving terminal to acquire service cipher key, find the corresponding business key, encrypt back and business key label and program current cipher key ordered sequence interval thereof by user key and send to terminal together.
The encrypting program stream keys unit, refer to that business platform can receive the program current cipher key that broadcast system network scrambler sends, after the corresponding service secret key encryption, program current cipher key, program current cipher key sign and other encryption parameters of having encrypted are packaged into program key stream message by the specific data form, return to scrambler.
The business platform of each mobile communication system network MN has incoherent broadcasting/packet service platform key management system, even can use different encryption methods according to self needs.
The broadcast system network comprises:
Scrambler further comprises:
Program key administration module 210, be used for to program current cipher key control word (CW), encrypt back CW, encryption period CP, encrypt duration etc. and manage, constantly generate, storage and upgrade CW.Send information such as CW to this business platform by interface, and obtain to encrypt back CW program stream encryption control informations (ECM) such as (being scrambling CW), offer encryption equipment 209 from this business platform with a plurality of mobile communication system network business platforms; And, obtaining initial, the information such as time that finish of corresponding program by interface with the content broadcast control system, the CP that the alignment beginning is new, and CW is as the CP scope of encrypting is with as the foundation synchronous with the program current cipher key of business platform.
Program source coding module 211 is used for the audio-video frequency content of each original access is carried out compressed encoding, exports to scrambler;
Content Broadcast Control administration module 212 is used for the program stream layout, generates nonoverlapping program cells of each time period; Also have the information with scrambler and mobile communication system network business platform interface and the synchronous programme content of mobile communication system network business platform, this information does not contain program stream data itself;
Fig. 3 is that teleservice uses schematic flow sheet, may further comprise the steps:
Step 302 comprehensively judges whether to get ESG, if, execution in step 303, otherwise, execution in step 304;
Judge that content comprises: whether each start all must obtain ESG again, and whether this locality has ESG, and whether local ESG is expired or be not up-to-date.
When running into interruption, can change 312, whether inquiry withdraws from processing, if withdraw from, finishes; Otherwise, continue processing procedure, the back execution in step 304 of finishing dealing with; The interruption situation breaks down above predetermined number of times user's interrupt operation etc. when comprising reception.
The user can operate and select to use business.For current ongoing program, can order immediately, watch; For professional in the future, can order earlier, then watch.
Step 305 judges whether the user needs first order, if, execution in step 306, otherwise, execution in step 307;
When running into interruption, can change 312, whether inquiry withdraws from processing, if withdraw from, finishes; Otherwise, continue processing procedure, execution in step 307 then after finishing dealing with;
When running into interruption, this step can change 312, and whether inquiry withdraws from processing, if withdraw from, finishes; Otherwise, continue processing procedure, execution in step 310 then after finishing dealing with;
Its process is: terminal obtains a plurality of network ECM from program stream, according to the MNSP_Code information of terminal storage, selects to use ECM.According to business key label among the ECM, business cipher key after the encryption of selection terminal storage, after terminal uses the user key on it that it is deciphered, business cipher key that utilization obtains and corresponding decipherment algorithm are deciphered encrypted program stream keys among the ECM, judge its validity, as effectively, again with the effective program current cipher key deciphering program stream data that obtains.
When running into interruption, can change 312, whether inquiry withdraws from processing, if withdraw from, finishes; Otherwise, continue processing procedure, execution in step 311 then after finishing dealing with.
Step 311 shows execution in step 313 to decoding of the program stream data after the deciphering and broadcast;
When running into interruption, can change 312, whether inquiry withdraws from processing, if withdraw from, finishes; Otherwise, continue processing procedure, execution in step 313 then after finishing dealing with;
Step 313 withdraws from client.Generally be because user's operation is withdrawed from.
Fig. 4 is the schematic diagram of encrypting program stream keys process, may further comprise the steps:
Step 407 after encryption equipment 209 receives ECM, is returned response to the program key administration module.
In addition, business platform should be able to be according to user's order relations, sends user key encrypted service key, business key label and program current cipher key ordered sequence interval thereof with this user to the user of order business.In network active push mode, also can when the request of receiving terminal to acquire service cipher key, find the corresponding business key, be after parameter is encrypted with the user key and business key label and program current cipher key ordered sequence interval thereof send to terminal together.
At the broadcast system network, behind the coding of finishing the broadcast program flow data, use the program stream after the program current cipher key of this program comes scrambled, program stream after encrypting and ciphered program stream secrete key information synchronization are outputed to the multiplexing back of multiplex system broadcast transmission.This ciphered program stream secrete key information comprises the sign of each program stream and at the ECM of each mobile communication system network.
Encrypting program stream keys request message data parameters in the above-mentioned flow process comprises:
Session identification Session_ID is used to connect the session of program key administration module 210 and key management 205, the sign of certain conversation message of unique identification;
Program stream sign Stream_ID is that program key administration module 210 and business platform are used for the sign of a program stream of unique identification;
Encryption period begins sequence number CP_Index, represents the CW data of this time transmission, and the CP that is used for ciphered program stream begins sequence number;
The absolute time CP_Timestamp that encryption period begins, corresponding with CP_Index, this parameter is optional;
Encrypt the amount of cycles CP_Duration of duration length, be used to represent that this CW is about to be used to the lasting CP quantity (duration) of ciphered program stream;
Control word (program current cipher key) sign CW_ID;
Control word (program current cipher key) data CW_Data is used to represent that CW is encrypted original CW data before by business cipher key;
Mobile communication system network coding BN_Code is used to identify different mobile multimedia broadcast systems, keeps for expansion usefulness, and this parameter is optional.
Above parameter is not limited to its order, and is had other supplementary parameters as the request message parameter.Wherein Session_ID, Stream_ID, CW_ID, CW_Data are indispensable important parameters.
Data parameters in the encrypting program stream keys response message in the above-mentioned flow process comprises:
Session identification Session_ID connects the session of program key administration module 210 and key management 205, the sign of certain conversation message of unique identification, the session identification parameter matching of this parameter and request message;
Program stream sign Stream_ID is that program key administration module 210 and business platform are used for the sign of a program stream of unique identification, and the program stream identification parameter of this parameter and request message mates;
Encryption period begins sequence number CP_Index, represents the CW data of this time transmission, and the CP that is used to ciphered program stream is begun sequence number; And
The composition information of ECM: encrypted control word CW_Edata, i.e. ciphered program stream secrete key; Business key label SK_ID; Mobile communication system network business platform coding MNSP_Code.
Mobile communication system network business platform coding MNSP_Code has characterized certain particular network business platform among the ECM, comprises MN coding MNC, multimedia service platform coding MSP and business cipher key system coding.MNC is the sign of mobile communication system network, unique mobile communication system network of having distinguished; MSP coding unique identification certain mobile communication system network business platform; The business platform of business cipher key system coding is used for the algorithm of business cipher key encryption and decryption program current cipher key of differentiated service platform, can ignore the use default algorithm.
Above parameter is not limited to its order, and has other supplementary parameters.It is optional that encryption period begins sequence number CP_Index.
Following table is the syntactic structure of the ciphered program stream secrete key information broadcasted simultaneously with program stream data:
| The parameter numbering | Grammer | Parameter declaration |
| 701 | Stream_Count for(i=0;i<N;i++) { Stream_ID MNSP_Count for(i=0;i<M;i++) { CW_EData SK_ID MNSP_Code } } | Program stream quantity |
| 702 | The program stream sign | |
| 703 | Mobile communication system network business platform quantity | |
| 704 | Encrypted control word (program current cipher key) | |
| 705 | Business key label | |
| 706 | Mobile communication system network business platform coding | |
As can be seen, the parameter that comprises in this structure has: program stream quantity 701 to each program stream, comprises following information: the ECM of program stream sign 702, mobile communication system network business platform quantity 703 and each mobile communication system network.The syntactic structure of parameter 701-706 has represented that the mobile multimedia broadcast system program stream is applied mechanically how tame different Mobile Network Operator business cipher key, comes the ciphered program stream secrete key in the ciphered program stream, realizes the method for secret key safety.So that broadcasting and TV control program current cipher key, the business cipher key of each mobile operator control and management oneself.Guarantee the safe and secret while, made things convenient for the professional application of carrying out again.
Claims (16)
1, a kind of method that realizes multi-network integration mobile multi-media broadcast system secret key safety, be applied to the system that broadcast system network and a plurality of mobile communication system network merge, described broadcast system network has a scrambler, described mobile communication system network has a business platform, and this method may further comprise the steps:
(a) scrambler of broadcast system network is by setting rule generation, storage and upgrading program current cipher key, the business platform of each mobile communication system network is by setting rule generation, storage and upgrading business cipher key, business cipher key is corresponding to unique business key label, and each mobile communication system network is distributed to the user terminal of having ordered corresponding service with business cipher key and sign thereof respectively;
(b) scrambler of broadcast system network sends to program current cipher key the business platform of each mobile communication system network, each business platform is that parameter is to encrypting program stream keys with the corresponding service key, and ciphering control message returned described scrambler, comprising the identification parameter of encrypted program stream keys, business key label and mobile communication system network, scrambler is stored the ciphering control message of receiving;
(c) scrambler of broadcast system network uses the corresponding program stream after encrypting program stream keys is encoded, and program stream and ciphered program stream secrete key information exported in the lump, multiplexing back broadcast transmission, described ciphered program stream secrete key information comprise each program stream sign and at the ciphering control message of each mobile communication system network;
(d) behind the user terminal selecting program, receive corresponding program stream and ciphering control message thereof, sign according to affiliated mobile communication system network finds the corresponding service key identification, definite local service key that should use, with this business cipher key is parameter, program current cipher key behind the enabling decryption of encrypted is again with the program current cipher key deciphering program stream data that obtains.
2, the method for realization multi-network integration mobile multi-media broadcast system secret key safety as claimed in claim 1 is characterized in that:
In the step (a), described user terminal generates user key and reporting service platform when authentication, described business platform is that the user of order business generates user key by same rule, and whether checking is consistent with the user key of this user terminal to send up, in this way, be parameter secure service key with this user key again, then encrypted service key and sign thereof sent to this user terminal storage;
In the step (d), user terminal finds the encrypted service key of storage earlier after having determined the business cipher key that should use, and is that the parameter deciphering obtains business cipher key with the user key of this locality, again with the program current cipher key behind this business cipher key enabling decryption of encrypted.
3, the method for realization multi-network integration mobile multi-media broadcast system secret key safety as claimed in claim 1 is characterized in that:
Step (b) is further divided into following steps:
(b1) scrambler of broadcast system network is according to the rule of configuration, by with the interface of the business platform of a plurality of mobile communication system networks, send the encrypting program stream keys request to it, carry session identification, program stream sign, program current cipher key sign and program current cipher key data;
(b2) after the business platform of each mobile communication system network is received the request of encryption,, use this business cipher key, encrypt the control word data, and generate the ciphering control message of this program stream as parameter according to the marking matched corresponding service key that finds of program stream;
(b3) each mobile communication system network business platform sends the encrypting program stream keys response message to scrambler, use session identification the same and program stream sign with request, and, comprise the identification parameter of encrypted program stream keys, business key label and mobile communication system network with going up the ciphering control message that generates;
(b4) business platform is stored the ciphering control message of the program stream that each mobile communication system network returns.
4, the method for realization multi-network integration mobile multi-media broadcast system secret key safety as claimed in claim 1 is characterized in that:
Step (d) is further divided into following steps:
(d1) user starts the client of the mobile multimedia broadcast system on the terminal, and client-side program is started working;
(d2) client need be obtained electron service instruction as judging, then obtains electron service instruction data and displaying alternately with described business platform, as not needing, then directly shows;
(d3) user selects to watch effective TV programme according to the electron service instruction of client shows, need order as this program, then finishes the service order process alternately with described business platform;
(d4) terminal is selected the current business used according to the user, receives the corresponding program stream of encrypting according to the service identification demultiplexing, can receive ciphered program stream secrete key information simultaneously;
(d5) terminal obtains the ciphering control message of a plurality of networks from ciphered program stream secrete key information first, according to the identification parameter of the mobile communication system network of terminal storage, selects to use the ciphering control message of this mobile communication system network;
(d6) terminal is according to the business key label in the ciphering control message, judge whether terminal has stored corresponding effectively business cipher key, as denying, then initiate the business cipher key request to the mobile communication system network business platform, obtain business cipher key with this program stream after the user key encryption of this terminal, in this way, carry out next step;
(d7) terminal uses local user key that encrypted service key is deciphered, and utilizes the business cipher key and the corresponding decipherment algorithm that obtain to come encrypted program stream keys in the enabling decryption of encrypted control information, again with the program current cipher key deciphering program stream data that obtains.
5, the method for realization multi-network integration mobile multi-media broadcast system secret key safety as claimed in claim 2 is characterized in that:
Described terminal is obtained Ks from business platform in initialization procedure, generate user key, and the identification parameter of the mobile communication system network of acquisition user key ownership, during authentification of user, the key of user key index and oneself generation on the terminal authentication request band, the basis that the authentication that the mobile communication system network business platform obtains from HLR is polynary group finds or generates Ks, generate user key according to this Ks again, business platform is verified the same user's of local and terminal to report user key, as identical, to use this user key as parameter, cryptographic algorithm with regulation is encrypted the ordered professional business cipher key of this user, otherwise, return error code and give terminal.
6, the method for realization multi-network integration mobile multi-media broadcast system secret key safety as claimed in claim 3 is characterized in that:
Parameter in the described encrypting program stream keys request message also comprises following a kind of or its combination in several: encryption period begins sequence number, and the encryption period that the program current cipher key data of representing this time transmission are used for ciphered program stream begins sequence number; The absolute time that encryption period begins; Encrypt the amount of cycles of duration length, represent that this program current cipher key is about to be used to the lasting encryption period quantity of ciphered program stream; And the mobile communication system network coding, be used to identify different mobile communication system networks; And/or
Parameter in the described encrypting program stream keys response message comprises that also encryption period begins sequence number.
7, realize the method for multi-network integration mobile multi-media broadcast system secret key safety according to claim 1, it is characterized in that:
The identification parameter of described mobile communication system network is mobile communication system network business platform coding, characterize specific mobile communication system network business platform, comprised mobile communication system network coding, multimedia service platform coding and business cipher key system coding; The mobile communication system network coding is the sign of mobile communication system network, unique mobile communication system network of having distinguished; Multimedia service platform coding unique identification the mobile communication system network business platform; Business cipher key system coding is used for the algorithm of business cipher key encryption and decryption program current cipher key of differentiated service platform.
8, realize the method for multi-network integration mobile multi-media broadcast system secret key safety according to claim 1, it is characterized in that:
Business platform is distributed to terminal information except that business cipher key and business key label described in the step (a), also comprises program current cipher key ordered sequence interval;
The program current cipher key that terminal deciphering obtains in the step (d) is a time cycle sequence number, and whether this sequence number of checking is in described program current cipher key ordered sequence interval range earlier for terminal, and in this way, then key is effective; Be used for deciphering program data stream again with obtaining effective program current cipher key again.
9, realize the method for multi-network integration mobile multi-media broadcast system secret key safety according to claim 1, it is characterized in that:
In the step (a), described business cipher key has Home Network key identification uniqueness, and the term of validity is separately arranged, and term of validity management is used to instruct key updating and validation verification.
10, a kind of system that realizes multi-network integration mobile multi-media broadcast system secret key safety comprises mobile communication system network, user terminal and broadcast system network, wherein,
Mobile communication system network is used to realize the mobile multimedia broadcasting service platform function, and mobile network's bearing function, and is mutual with user terminal, generates, stores or the renewal user key, finishes generation, storage, renewal and the distribution of business cipher key; With the broadcast system network interaction, finish the encryption of business cipher key to program current cipher key;
User terminal is used to obtain user key, receives the program stream and the ciphering control message of broadcast system network, and decipher corresponding program stream, and and the mobile communication system network of corresponding types, position is mutual separately, finish the authentication of user key, storage or upgrade business cipher key;
The broadcast system network is used for generating, stores and the renewal program current cipher key, program current cipher key is sent to each mobile communication system network, and the ciphering control message that receives is stored; Use the corresponding program stream after encrypting program stream keys is encoded, and with broadcast transmission behind program stream and the ciphered program stream secrete key information multiplexing.
11, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 10, it is characterized in that:
User terminal further comprises with lower module:
Initialization module is used for the mobile communication system network business platform coding in initialization procedure acquisition user key and ownership; User key is used for the secure service key and deciphers the business cipher key that obtains, and each user's user key has nothing in common with each other;
User authentication module is used for finishing alternately with mobile communication system network the verification process of terminal, and the key of user key index and own generation on terminal authentication request band, verifies for the mobile communication system network side;
The business cipher key administrative unit is used to receive current business key, business key label and the program current cipher key ordered sequence interval thereof of mobile communication system network business platform for user's distribution of order business, is stored or upgrades;
The program stream receiver module is used for receiving respective program stream according to the program stream sign of current program, comprises the ciphered program stream secrete key information that receives;
The program stream deciphering module, from program stream, select to use the program stream ciphering control message of present networks correspondence according to mobile network's business platform coding, obtain the corresponding business key identification, business cipher key after the encryption of selecting to store on the use terminal according to this sign, with the user key of this locality is that parameter is deciphered and obtained business cipher key, use program current cipher key behind this business cipher key enabling decryption of encrypted again, according to program current cipher key ordered sequence number interval authentication secret validity, again with the effective program current cipher key deciphering program data stream that obtains.
12, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 11, it is characterized in that:
The business cipher key administrative unit, as when bringing into use business, effective business cipher key is not stored in this locality, then initiates active request and obtains this professional business cipher key from the mobile communication corresponding grid; Different mobile communication grid business platform and terminal thereof are established one's own system, and terminal receives only the business cipher key of the mobile communication system network business platform distribution of being contracted, and by the relative users secret key encryption.
13, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 10, it is characterized in that:
The business platform of mobile communication system network further comprises with lower module: service center, key management module, wherein:
Service center provides the business interface with user terminal, and the service logic control that realizes business platform, and scheduling and use in the business platform or other business platform functional modules comprises the distribution service key;
Key management module is used for generating, stores or upgrades user key, and generates business cipher key according to effective user key, finishes the encryption of business cipher key to program current cipher key.
14, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 13, it is characterized in that:
Key management module further comprises: user key administrative unit, business cipher key administrative unit, business cipher key Dispatching Unit, encrypting program stream keys unit, wherein:
The user key administrative unit is used to generate user key, and stores or upgrade; Obtain Ks from business platform during terminal initial, generate user key, when business platform is received comprising user key index and terminal and generating the authentication request of key of terminal, arrive or generate Ks according to index search, by business platform the same user's of terminal to report user key is verified again, as identical, then with this message informing business cipher key administrative unit, otherwise, return error code and give terminal;
The business cipher key administrative unit, be used for after business configuration, as receive the user key confirmation that the user key administrative unit sends, and can this user key be parameter then, with the cryptographic algorithm of regulation business cipher key is encrypted, generate, store the corresponding business key, and the one-to-one relationship of foundation and business key label, business cipher key is associated with the program stream sign by service identification, business cipher key has Home Network key identification uniqueness, and the term of validity is separately arranged;
The business cipher key Dispatching Unit is used for by service center distribution service key, and business platform is according to user's order relations, sends user key encrypted service key with this user to the user of order business; In network active push mode, perhaps when the request of receiving terminal to acquire service cipher key, find the corresponding business key, send to terminal after encrypting by user key;
The encrypting program stream keys unit, refer to that business platform receives the program current cipher key that broadcast system network scrambler sends, after the corresponding service secret key encryption, program current cipher key, program current cipher key sign and other encryption parameters of having encrypted are packaged into program key stream message by the specific data form, return to scrambler.
15, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 10, it is characterized in that:
The broadcast system network comprises:
The program source coding module is used for the audio-video frequency content of each original access is carried out compressed encoding, exports to scrambler;
Scrambler is used for generating, stores and the renewal program current cipher key, program current cipher key is sent to each mobile communication system network, and the ciphering control message that receives is stored; By the program stream of encrypting behind the program current cipher key control word scrambled of back, and described program stream and ciphering control message outputed to multiplex system;
Multiplex system is used for the program stream after a plurality of encryptions and multiplexing at the ciphering control message of a plurality of mobile communication system networks is exported by the broadcast system network.
16, as the system of realization multi-network integration mobile multi-media broadcast system secret key safety as described in the claim 15, it is characterized in that:
Scrambler further comprises program key administration module and encryption equipment,
The program key administration module, the control word, encryption back control word, encryption period, the encryption duration that are used for program current cipher key manage, and constantly generate, store and the renewal control word; Send the encrypting program stream keys request by interface to this business platform, carry session identification, program stream sign, program current cipher key sign and program current cipher key data with a plurality of mobile communication system network business platforms; And, comprise the identification parameter of encrypted program stream keys, business key label and mobile communication system network from this business platform acquisition program stream ciphering control message and storage; Obtain initial, the temporal information that finishes of corresponding program by interface with the content broadcast control system, the encryption period that the alignment beginning is new, and program current cipher key is as the encryption period scope of encrypting, as the foundation synchronous with the program current cipher key of business platform;
Encryption equipment uses the program stream after encrypted program stream keys is come scrambled, and the ciphering control message of multiplexing a plurality of networks and outputs to multiplex system in output stream.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA200610172266XA CN101009553A (en) | 2006-12-30 | 2006-12-30 | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system |
| PCT/CN2007/003922 WO2008086714A1 (en) | 2006-12-30 | 2007-12-29 | A method and system for realizing safety of cipher key in multi-network fusion mobile multi-media broadcasting system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA200610172266XA CN101009553A (en) | 2006-12-30 | 2006-12-30 | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101009553A true CN101009553A (en) | 2007-08-01 |
Family
ID=38697728
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA200610172266XA Pending CN101009553A (en) | 2006-12-30 | 2006-12-30 | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101009553A (en) |
| WO (1) | WO2008086714A1 (en) |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008086714A1 (en) * | 2006-12-30 | 2008-07-24 | Zte Corporation | A method and system for realizing safety of cipher key in multi-network fusion mobile multi-media broadcasting system |
| WO2009039692A1 (en) * | 2007-09-26 | 2009-04-02 | Zte Corporation | A method and system for encrypting a program stream key in the mobile multimedia broadcast service |
| WO2009039784A1 (en) * | 2007-09-20 | 2009-04-02 | Zte Corporation | Method and system for encrypting program stream key in broadcast-mode mobile tv service |
| WO2009039691A1 (en) * | 2007-09-28 | 2009-04-02 | Zte Corporation | A method and system for encrypting the content key in a mobile multimedia broadcast service |
| WO2009106007A1 (en) * | 2008-02-27 | 2009-09-03 | 华为技术有限公司 | Method, system and equipment for realizing media security of iptv multicast service |
| CN101267533B (en) * | 2007-03-14 | 2010-05-19 | 中国移动通信集团公司 | Method, system and mobile terminal for playing program stream at different platform terminals |
| CN101860406A (en) * | 2010-04-09 | 2010-10-13 | 北京创毅视讯科技有限公司 | Central processor and mobile multimedia broadcasting device, system and method |
| WO2010115333A1 (en) * | 2009-04-07 | 2010-10-14 | 中兴通讯股份有限公司 | Method, system and terminal for transmitting continuous service multiplexing configuration information |
| CN101399960B (en) * | 2007-09-25 | 2010-12-01 | 中兴通讯股份有限公司 | Program stream key encryption method and system in broadcast type mobile television service |
| CN101924907A (en) * | 2009-06-12 | 2010-12-22 | 北京视博数字电视科技有限公司 | Method for realizing condition receiving, terminal equipment and front end thereof |
| CN101931780A (en) * | 2009-06-22 | 2010-12-29 | 中兴通讯股份有限公司 | Method and terminal for sharing mobile multimedia broadcasting program |
| CN101953111A (en) * | 2007-12-21 | 2011-01-19 | 科库数据控股有限公司 | System and method for securing data |
| CN101415104B (en) * | 2007-10-15 | 2011-04-06 | 中兴通讯股份有限公司 | Method and system for implementing program current cipher key of mobile multimedia broadcast service |
| CN101521794B (en) * | 2009-03-31 | 2011-04-20 | 中兴通讯股份有限公司 | Mobile TV terminal and local program encrypting method thereof |
| CN102056161A (en) * | 2009-10-28 | 2011-05-11 | 上海摩波彼克半导体有限公司 | Method for realizing layered key management in wireless mobile communication network |
| CN101184274B (en) * | 2007-12-12 | 2011-05-25 | 中兴通讯股份有限公司 | Method of implementing mobile terminal condition reception |
| CN101577595B (en) * | 2008-05-09 | 2011-07-13 | 中兴通讯股份有限公司 | Method and system for encrypting program stream keys in multi-media broadcast service |
| CN101499901B (en) * | 2008-02-01 | 2011-08-17 | 中国移动通信集团公司 | Method, terminal and television broadcast server for sending request from triggering terminal to mobile server |
| WO2011097877A1 (en) * | 2010-02-11 | 2011-08-18 | 中兴通讯股份有限公司 | Terminal and television service playing method thereof |
| CN101626568B (en) * | 2008-07-11 | 2011-11-16 | 中国移动通信集团公司 | Method and device for acquiring service key |
| CN101499866B (en) * | 2008-02-01 | 2011-12-07 | 中兴通讯股份有限公司 | Service cipher key transmitting method in multimedia broadcast service |
| CN102300154A (en) * | 2010-06-25 | 2011-12-28 | 中兴通讯股份有限公司 | Method and device for updating key in multimedia broadcast system |
| CN101478544B (en) * | 2009-01-15 | 2012-01-11 | 中兴通讯股份有限公司 | Implementation method and apparatus for multimedia broadcast multiple ciphering and deciphering |
| CN102355598A (en) * | 2011-10-08 | 2012-02-15 | 北京视博数字电视科技有限公司 | Operating system drive layer-based scrambling method and device |
| CN102404629A (en) * | 2010-09-17 | 2012-04-04 | 中国移动通信有限公司 | Method and device for processing television program data |
| CN101714904B (en) * | 2008-10-08 | 2012-05-09 | 中兴通讯股份有限公司 | Key management system and method |
| CN101729269B (en) * | 2008-10-16 | 2012-05-23 | 中兴通讯股份有限公司 | Method and system for implementing multimedia broadcast/multicast service, and bearer selection method |
| CN101656583B (en) * | 2008-08-21 | 2012-07-04 | 中兴通讯股份有限公司 | Key management system and key management method |
| CN101651509B (en) * | 2008-08-15 | 2012-08-15 | 威盛电子(中国)有限公司 | Terminal and method for securely playing multimedia broadcast content |
| CN103763586A (en) * | 2014-01-16 | 2014-04-30 | 北京酷云互动科技有限公司 | Television program interaction method and device and server |
| CN104205863A (en) * | 2012-03-27 | 2014-12-10 | 三菱电机株式会社 | Digital broadcast receiver device and digital broadcast receiving method |
| CN104410828A (en) * | 2014-11-26 | 2015-03-11 | 北京视博数字电视科技有限公司 | Home monitoring method and apparatus |
| CN104661051A (en) * | 2015-03-09 | 2015-05-27 | 深圳市九洲电器有限公司 | Streaming media pushing method and system |
| CN105515768A (en) * | 2016-01-08 | 2016-04-20 | 腾讯科技(深圳)有限公司 | Method, device and system for updating secret key |
| CN105828186A (en) * | 2016-03-23 | 2016-08-03 | 福建新大陆通信科技股份有限公司 | Set top box recorded program secondary encryption method |
| CN103686251B (en) * | 2012-09-05 | 2017-02-22 | 中国移动通信集团公司 | System, method and device for playing program stream in multimedia broadcasting service |
| CN107707514A (en) * | 2017-02-08 | 2018-02-16 | 贵州白山云科技有限公司 | A kind of method and system for being used between CDN node encrypt and device |
| CN110890968A (en) * | 2019-10-24 | 2020-03-17 | 成都卫士通信息产业股份有限公司 | Instant messaging method, device, equipment and computer readable storage medium |
| CN111901101A (en) * | 2020-06-24 | 2020-11-06 | 烽火通信科技股份有限公司 | Key updating method and system |
| WO2021196960A1 (en) * | 2020-03-31 | 2021-10-07 | 百果园技术(新加坡)有限公司 | Encrypted video call method and apparatus, and device and storage medium |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102387500B (en) * | 2011-10-25 | 2015-10-28 | 中兴通讯股份有限公司 | A kind of business cipher key management method and system |
| CN111597394B (en) * | 2020-04-24 | 2023-08-08 | 云南电网有限责任公司电力科学研究院 | Multi-dimensional, multi-layer and multi-granularity multi-network fusion modeling method |
| CN114679689B (en) * | 2020-12-09 | 2023-10-31 | 中国联合网络通信集团有限公司 | Method and device for forwarding multimedia message |
| CN117714216A (en) * | 2024-02-06 | 2024-03-15 | 杭州城市大脑有限公司 | Data unauthorized access control method based on encryption of multidimensional unique identification |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1764274A (en) * | 2004-10-23 | 2006-04-26 | 四川长虹电器股份有限公司 | Digital videocast system capable of mobile reception |
| CN1867066A (en) * | 2005-05-20 | 2006-11-22 | 中国移动通信集团公司 | Digital television program broadcasting system and method |
| CN100548044C (en) * | 2006-04-27 | 2009-10-07 | 中国移动通信集团公司 | Mobile TV playing control system and playing network and broadcasting method |
| CN101009553A (en) * | 2006-12-30 | 2007-08-01 | 中兴通讯股份有限公司 | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system |
-
2006
- 2006-12-30 CN CNA200610172266XA patent/CN101009553A/en active Pending
-
2007
- 2007-12-29 WO PCT/CN2007/003922 patent/WO2008086714A1/en active Application Filing
Cited By (58)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008086714A1 (en) * | 2006-12-30 | 2008-07-24 | Zte Corporation | A method and system for realizing safety of cipher key in multi-network fusion mobile multi-media broadcasting system |
| CN101267533B (en) * | 2007-03-14 | 2010-05-19 | 中国移动通信集团公司 | Method, system and mobile terminal for playing program stream at different platform terminals |
| CN101127596B (en) * | 2007-09-20 | 2012-04-11 | 中兴通讯股份有限公司 | A method and system for program stream secret key encryption in broadcast mobile TV service |
| WO2009039784A1 (en) * | 2007-09-20 | 2009-04-02 | Zte Corporation | Method and system for encrypting program stream key in broadcast-mode mobile tv service |
| CN101399960B (en) * | 2007-09-25 | 2010-12-01 | 中兴通讯股份有限公司 | Program stream key encryption method and system in broadcast type mobile television service |
| CN101146209B (en) * | 2007-09-26 | 2011-05-25 | 中兴通讯股份有限公司 | A method and system for program stream secret key encryption in mobile multi-media broadcasting service |
| WO2009039692A1 (en) * | 2007-09-26 | 2009-04-02 | Zte Corporation | A method and system for encrypting a program stream key in the mobile multimedia broadcast service |
| WO2009039691A1 (en) * | 2007-09-28 | 2009-04-02 | Zte Corporation | A method and system for encrypting the content key in a mobile multimedia broadcast service |
| CN101415104B (en) * | 2007-10-15 | 2011-04-06 | 中兴通讯股份有限公司 | Method and system for implementing program current cipher key of mobile multimedia broadcast service |
| CN101184274B (en) * | 2007-12-12 | 2011-05-25 | 中兴通讯股份有限公司 | Method of implementing mobile terminal condition reception |
| CN101953111A (en) * | 2007-12-21 | 2011-01-19 | 科库数据控股有限公司 | System and method for securing data |
| US8806207B2 (en) | 2007-12-21 | 2014-08-12 | Cocoon Data Holdings Limited | System and method for securing data |
| CN101499901B (en) * | 2008-02-01 | 2011-08-17 | 中国移动通信集团公司 | Method, terminal and television broadcast server for sending request from triggering terminal to mobile server |
| CN101499866B (en) * | 2008-02-01 | 2011-12-07 | 中兴通讯股份有限公司 | Service cipher key transmitting method in multimedia broadcast service |
| WO2009106007A1 (en) * | 2008-02-27 | 2009-09-03 | 华为技术有限公司 | Method, system and equipment for realizing media security of iptv multicast service |
| CN101577595B (en) * | 2008-05-09 | 2011-07-13 | 中兴通讯股份有限公司 | Method and system for encrypting program stream keys in multi-media broadcast service |
| CN101626568B (en) * | 2008-07-11 | 2011-11-16 | 中国移动通信集团公司 | Method and device for acquiring service key |
| CN101651509B (en) * | 2008-08-15 | 2012-08-15 | 威盛电子(中国)有限公司 | Terminal and method for securely playing multimedia broadcast content |
| CN101656583B (en) * | 2008-08-21 | 2012-07-04 | 中兴通讯股份有限公司 | Key management system and key management method |
| CN101714904B (en) * | 2008-10-08 | 2012-05-09 | 中兴通讯股份有限公司 | Key management system and method |
| CN101729269B (en) * | 2008-10-16 | 2012-05-23 | 中兴通讯股份有限公司 | Method and system for implementing multimedia broadcast/multicast service, and bearer selection method |
| CN101478544B (en) * | 2009-01-15 | 2012-01-11 | 中兴通讯股份有限公司 | Implementation method and apparatus for multimedia broadcast multiple ciphering and deciphering |
| CN101521794B (en) * | 2009-03-31 | 2011-04-20 | 中兴通讯股份有限公司 | Mobile TV terminal and local program encrypting method thereof |
| US8472345B2 (en) | 2009-04-07 | 2013-06-25 | Zte Corporation | Terminals, systems and methods for transmitting continual service multiplex configuration information |
| WO2010115333A1 (en) * | 2009-04-07 | 2010-10-14 | 中兴通讯股份有限公司 | Method, system and terminal for transmitting continuous service multiplexing configuration information |
| CN101924907A (en) * | 2009-06-12 | 2010-12-22 | 北京视博数字电视科技有限公司 | Method for realizing condition receiving, terminal equipment and front end thereof |
| CN101931780A (en) * | 2009-06-22 | 2010-12-29 | 中兴通讯股份有限公司 | Method and terminal for sharing mobile multimedia broadcasting program |
| CN102056161B (en) * | 2009-10-28 | 2015-04-22 | 上海摩波彼克半导体有限公司 | Method for realizing layered key management in wireless mobile communication network |
| CN102056161A (en) * | 2009-10-28 | 2011-05-11 | 上海摩波彼克半导体有限公司 | Method for realizing layered key management in wireless mobile communication network |
| WO2011097877A1 (en) * | 2010-02-11 | 2011-08-18 | 中兴通讯股份有限公司 | Terminal and television service playing method thereof |
| CN101860406B (en) * | 2010-04-09 | 2014-05-21 | 北京创毅视讯科技有限公司 | Central processor and mobile multimedia broadcasting device, system and method |
| CN101860406A (en) * | 2010-04-09 | 2010-10-13 | 北京创毅视讯科技有限公司 | Central processor and mobile multimedia broadcasting device, system and method |
| CN102300154A (en) * | 2010-06-25 | 2011-12-28 | 中兴通讯股份有限公司 | Method and device for updating key in multimedia broadcast system |
| WO2011160350A1 (en) * | 2010-06-25 | 2011-12-29 | 中兴通讯股份有限公司 | Method and apparatus for key updating in multimedia broadcast system |
| CN102300154B (en) * | 2010-06-25 | 2015-07-22 | 中兴通讯股份有限公司 | Method and device for updating key in multimedia broadcast system |
| CN102404629B (en) * | 2010-09-17 | 2014-08-06 | 中国移动通信有限公司 | Method and device for processing television program data |
| CN102404629A (en) * | 2010-09-17 | 2012-04-04 | 中国移动通信有限公司 | Method and device for processing television program data |
| CN102355598A (en) * | 2011-10-08 | 2012-02-15 | 北京视博数字电视科技有限公司 | Operating system drive layer-based scrambling method and device |
| CN104205863A (en) * | 2012-03-27 | 2014-12-10 | 三菱电机株式会社 | Digital broadcast receiver device and digital broadcast receiving method |
| CN104205863B (en) * | 2012-03-27 | 2017-10-27 | 三菱电机株式会社 | Digital broacast receiver and digital broadcast receiving method |
| CN103686251B (en) * | 2012-09-05 | 2017-02-22 | 中国移动通信集团公司 | System, method and device for playing program stream in multimedia broadcasting service |
| CN103763586A (en) * | 2014-01-16 | 2014-04-30 | 北京酷云互动科技有限公司 | Television program interaction method and device and server |
| CN103763586B (en) * | 2014-01-16 | 2017-05-10 | 北京酷云互动科技有限公司 | Television program interaction method and device and server |
| CN104410828A (en) * | 2014-11-26 | 2015-03-11 | 北京视博数字电视科技有限公司 | Home monitoring method and apparatus |
| CN104661051A (en) * | 2015-03-09 | 2015-05-27 | 深圳市九洲电器有限公司 | Streaming media pushing method and system |
| CN105515768A (en) * | 2016-01-08 | 2016-04-20 | 腾讯科技(深圳)有限公司 | Method, device and system for updating secret key |
| WO2017118412A1 (en) * | 2016-01-08 | 2017-07-13 | 腾讯科技(深圳)有限公司 | Method, apparatus and system for updating key |
| CN105515768B (en) * | 2016-01-08 | 2017-07-21 | 腾讯科技(深圳)有限公司 | A kind of methods, devices and systems of more new key |
| US11088836B2 (en) | 2016-01-08 | 2021-08-10 | Tencent Technology (Shenzhen) Company Limited | Key updating method, apparatus, and system |
| CN105828186A (en) * | 2016-03-23 | 2016-08-03 | 福建新大陆通信科技股份有限公司 | Set top box recorded program secondary encryption method |
| CN105828186B (en) * | 2016-03-23 | 2018-09-28 | 福建新大陆通信科技股份有限公司 | A kind of set-top box recording secondary encrypted method of program |
| CN107707514A (en) * | 2017-02-08 | 2018-02-16 | 贵州白山云科技有限公司 | A kind of method and system for being used between CDN node encrypt and device |
| CN107707514B (en) * | 2017-02-08 | 2018-08-21 | 贵州白山云科技有限公司 | One kind is for encrypted method and system and device between CDN node |
| US11252133B2 (en) | 2017-02-08 | 2022-02-15 | Guizhou Baishancloud Technology Co., Ltd. | Method, device, medium and apparatus for CDN inter-node encryption |
| CN110890968A (en) * | 2019-10-24 | 2020-03-17 | 成都卫士通信息产业股份有限公司 | Instant messaging method, device, equipment and computer readable storage medium |
| CN110890968B (en) * | 2019-10-24 | 2022-08-23 | 成都卫士通信息产业股份有限公司 | Instant messaging method, device, equipment and computer readable storage medium |
| WO2021196960A1 (en) * | 2020-03-31 | 2021-10-07 | 百果园技术(新加坡)有限公司 | Encrypted video call method and apparatus, and device and storage medium |
| CN111901101A (en) * | 2020-06-24 | 2020-11-06 | 烽火通信科技股份有限公司 | Key updating method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2008086714A1 (en) | 2008-07-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101009553A (en) | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system | |
| CN101166259B (en) | Mobile phone TV service protection method, system, mobile phone TV server and terminal | |
| CN101513011B (en) | Method and system for the continuous transmission of encrypted data of a broadcast service to a mobile terminal | |
| CN100548044C (en) | Mobile TV playing control system and playing network and broadcasting method | |
| CA2496677C (en) | Method and apparatus for secure data transmission in a mobile communication system | |
| US8718279B2 (en) | Apparatus and method for a secure broadcast system | |
| CN100442839C (en) | Information transmitting method and apparatus for interactive digital broadcast television system | |
| CN207166680U (en) | Authorize TV receiving system | |
| CN101447841A (en) | Hybrid network encrypt/decrypt scheme | |
| KR101123598B1 (en) | Method and apparatus for security in a data processing system | |
| CN101119200A (en) | Method, network unit, terminal and system for providing broadcast/multicast service | |
| CN101582730B (en) | Method, system, corresponding device and communication terminal for providing MBMS service | |
| CN100364332C (en) | Method for protecting broadband video-audio broadcasting content | |
| CN100551034C (en) | A kind of mobile multi-media service implementation method and condition receiving system | |
| CN101656583B (en) | Key management system and key management method | |
| CN100544429C (en) | A kind of mobile phone TV services content protecting method | |
| CN101425862B (en) | Mobile multimedia broadcast service operation management system and method | |
| CN100505906C (en) | An access method for integrating mobile multi-media broadcast channel in the network | |
| CN101383673B (en) | Controlling method and system for mobile multimedia broadcast service | |
| CN101448256A (en) | Method for managing mobile multimedia broadcasting service operation and system thereof | |
| CN101267590B (en) | Service unsubscription method and system, mobile terminal, card and service server | |
| CN101262589A (en) | Mobile TV playing control system and playing control network of mobile TV | |
| CN101212641A (en) | Encryption and authorization method for DTV conditional receiving system | |
| CN101499866B (en) | Service cipher key transmitting method in multimedia broadcast service | |
| CN101087188A (en) | MBS authentication secret key management method and system in wireless network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20070801 |