CN101043337A - Interactive process for content class service - Google Patents
Interactive process for content class service Download PDFInfo
- Publication number
- CN101043337A CN101043337A CN 200710088295 CN200710088295A CN101043337A CN 101043337 A CN101043337 A CN 101043337A CN 200710088295 CN200710088295 CN 200710088295 CN 200710088295 A CN200710088295 A CN 200710088295A CN 101043337 A CN101043337 A CN 101043337A
- Authority
- CN
- China
- Prior art keywords
- service
- management platform
- terminal equipment
- content
- integration management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an interactive mode for the content business which includes: step S102, the terminal device applies for the digital certificate from the certificate center, and the certificate center issues the digital certificate for the user's device after the ID of terminal device has been passed, and the digital certificate includes the public key and private key; step S104, the terminal device logs on the business general management platform, when the two-way ID checking between the business general management platform and the terminal device has been passed, the business general management platform sends out the encrypted property board for the user's device; and the step S106, when the terminal device accesses the content business which is provided by the content provider/service, the two-way ID checking between the content provider/service and the terminal device will be done by the property board. Using the invention, it can assure the safe interactive between the each business entities of the content business and prevent the counterfeit of service web.
Description
Technical field
The present invention relates to the communications field, and especially, relate to a kind of exchange method of content class service.
Background technology
Now, the steady development of value-added service lays the foundation for from now on market gradually.Yet in the value-added service field in future, it is impracticable only relying on advanced technology and network capabilities to win the user.Because, along with every new technology progressively moves towards commercial, the ability of network has been enough to satisfy the requirement of people to existing business, so want to attract the user, must rely on professional content, therefore, can estimate, the business of content class (as, high-quality Streaming Media, film/Music on Demand/download, 3D online game, 3D digital map navigation etc.) will become the emphasis that the next stage value-added service is developed, and the service security problem will be the focus that profit side pays close attention to.
The security threat of operation system roughly can reduce following a few class:
(1) to illegally the obtaining of sensitive data, the confidentiality of system information is attacked, wherein mainly comprise: intercept, camouflage, flow analysis, browse, reveal and exploration etc.;
(2) to the illegal operation of sensitive data, the attack to message integrity wherein mainly comprises: distorting, insert, resetting or deletion etc. message;
(3) to the interference and the abuse of network service, cause system's denial of service or service quality low;
(4) user or network are denied the action that once took place;
(5), be forged into network and user subject comprising: assailant and come that unauthorized access, user or network are carried out in system service and illegally obtain unauthorized services etc. by the abuse access rights to the unauthorized access of service.
At above-mentioned these security threats, an operation system has only confidentiality, integrality, authentication property, controllability and non-repudiation to system that abundant guarantee is arranged, and it is safe that this operation system just can be considered to.
In addition, consider also should fully ensure the interests of each Business Entity professional entity security, security of operation and the information security except comprehensive.
With regard to content class service, although the distribution of unwarranted content can bring mass communication flow income to operator,, with the business income of loss content supplier.Therefore must in security framework, introduce the income that digital publishing rights administrative center ensures content supplier.
With certificate center (CA) is that the Public Key Infrastructure(PKI) mechanism of core can well solve the safety problem in the service application, promptly, the confidentiality of message transmission, the integrality of exchanges data, the non-repudiation that sends information, the certainty of dealer's identity, and can realize in actual applications, user's authentication, service authorization and to the resisting denying of each interests side.
Though there has been the protection scheme of content class service safety in correlation technique, these present protection schemes are only considered the unilateral authentication of service network to the user, and this just makes the forgery service network become possibility, thereby the user is caused economic loss.
At present, do not propose to guarantee the scheme of content class service secure interactive between each Business Entity as yet.
Summary of the invention
Consider the problems referred to above and make the present invention that for this reason, subject matter of the present invention is to provide a kind of interaction mechanism of content class service.
A kind of exchange method of content class service is provided according to one embodiment of present invention.
This method comprises: step S102, terminal equipment are to certificate center application digital certificate, and certificate center is signed and issued digital certificate to subscriber equipment after the identity of terminal is verified, digital certificate comprises PKI and private key; Step S104, terminal equipment registering service comprehensive management platform, after service integration management platform and terminal equipment carried out the bidirectional identification checking, the service integration management platform was the attribute token that subscriber equipment issues encryption; And step S106, when terminal equipment accessed content provider/service provider's content class service, content supplier/service provider and terminal equipment utilize the attribute token to carry out the bidirectional identification checking.
Wherein, in step S104, the process that comprehensive management platform and terminal equipment carry out the bidirectional identification checking comprises following processing: user terminal is used the public key encryption of service integration management platform to the identity information that sends; After the service integration management platform receives identity information, use the private key deciphering of self.
And in step S104, the process that the service integration management platform issues the attribute token comprises following processing: the service integration management platform uses the PKI of subscriber equipment that the attribute token that issues is encrypted; After subscriber equipment receives the attribute token, use the private key deciphering of self.
In addition, in step S106, the process that terminal equipment and content supplier/service provider carry out the bidirectional identification checking comprises following processing: subscriber equipment uses content supplier/service provider's PKI that the attribute token is encrypted; Content supplier/service provider uses the private key deciphering of self after receiving the attribute token; Content supplier/service provider is to subscriber device back attribute token, and the disposable random words and the timestamp of the public key encryption of subscriber equipment are used in transmission; After subscriber equipment receives the disposable random words and timestamp of encryption, use the private key deciphering of self, and reply the disposable random words and the timestamp of the public key encryption that uses content supplier/service provider; Content supplier/service provider receive the disposable random words of encryption and timestamp after, use the private key deciphering of oneself, obtain disposable random words and timestamp.
In step S106, under the situation of terminal equipment by authentication, content supplier/service provider provides service for terminal equipment.
On the other hand, at terminal equipment not under the situation by authentication, after step S106, between payment system, service integration management platform and terminal equipment, carry out the signature of relevant information, and then finish the operation of deducting fees, make content supplier/service provider provide service to terminal equipment.
Particularly, after step S106, may further include following processing: steps A 1: content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and to the service request signature of deducting fees; Step B1: the service integration management platform is to the mandate of digital copyright management center requests; Step C1: digital copyright management center and terminal equipment carry out finishing business/content mandate alternately, and to service integration management platform return authorization request acknowledge message; Step D1: service integration management platform prompt terminal equipment make-up charge information confirms that the make-up charge information was signed when terminal equipment was confirmed; Step e 1: the service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system; Step F 1: after paying successfully, payment system sends the payment affirmation response to the service integration management platform, and step G1: after the service integration management platform is received the payment affirmation response, to send to content supplier/service provider through the information of payment system, service integration management platform and terminal equipment signature, and offer terminal equipment.
After above-mentioned steps S106, can also comprise: steps A 2: content supplier/service provider sends authorization requests to the digital copyright management center; Step B2: digital copyright management center and terminal equipment carry out finishing business/content mandate alternately, and to service integration management platform return authorization request acknowledge message; Step C2: content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and business deducted fees asks for an autograph; Step D2: service integration management platform prompt terminal equipment make-up charge information confirms that the make-up charge information was signed when terminal equipment was confirmed; Step e 2: the service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system; Step F 2: after paying successfully, payment system sends the payment affirmation response to the service integration management platform, and step G2: after the service integration management platform is received the payment affirmation response, to send to content supplier/service provider through the information of payment system, service integration management platform and terminal equipment signature, and offer terminal equipment.
Wherein, between step e 1 and F1, perhaps between step e 2 and the F2, can also comprise following processing: payment system requires terminal equipment input re-authentication information to confirm payment, and confirmation is signed.
By technique scheme of the present invention, can guarantee the secure interactive of content class service between each Business Entity effectively, and prevent the forgery of service network.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart according to the exchange method of the content class service of the inventive method embodiment;
Fig. 2 is the signaling process figure according to the application example 1 of the exchange method of the content class service of the inventive method embodiment; And
Fig. 3 is the signaling process figure according to the application example 2 of the exchange method of the content class service of the inventive method embodiment.
Embodiment
Describe embodiments of the invention below with reference to accompanying drawings in detail.
Method embodiment
A kind of exchange method of content class service is provided in the present embodiment.
Before the method for describing present embodiment, each functional entity in the present embodiment will be described at first:
(1) CP/SP (content supplier/service provider): be responsible for the making of business tine and provide;
(2) service integration management platform: the platform of the multiple services unified management operation of the realization that operator or integrated service provider build;
(3) payment system: finish the professional system that deducts fees that uses, as bank, operator's account system, ideal money center, securities exchange center etc.;
(4) certificate center: be responsible for the applicant's granting to digital certificate, the mechanism that manages, cancels digital certificate, its effect is a legitimacy of checking certificate holder identity, and grant a certificate (signing on certificate), in case certificate is forged or distorts;
(5) digital copyright management center: can provide a safe and reliable application computing environment aspect flow process, the algorithm, and combine the controlled foundation structure of safety of relevant content preparation, content delivery, content distribution, content use etc., the major technique of its application comprises encryption and decryption, public and private key authentication, operation count, rights language description etc.;
(6) user's (terminal equipment): professional client.
The memory location of user certificate can be in terminal intelligent card, terminal operating system and the special encryption chip.
In addition, user certificate can be provided by three kinds of following modes:
(1) user is at the business hall transacting business time, directly by business hall keeper's distributing user certificate; (2) user carried out the download of certificate by available access way before business is used; (3) user went application to use certificate to special service handling department, by service handling department distributing user certificate before the use business.
Describe exchange method below with reference to accompanying drawings in detail according to the content class service of the embodiment of the invention.
As shown in Figure 1, exchange method according to the content class service of present embodiment comprises: step S102, terminal equipment (promptly, the user) to certificate center (CA) application digital certificate, after certificate center is verified the identity of terminal, sign and issue digital certificate to subscriber equipment, digital certificate comprises PKI and private key; Step S104, terminal equipment registering service comprehensive management platform, after service integration management platform and terminal equipment carried out the bidirectional identification checking, the service integration management platform was the attribute token that subscriber equipment issues encryption; And step S106, when terminal equipment accessed content provider/service provider's content class service, content supplier/service provider and terminal equipment utilize the attribute token to carry out the bidirectional identification checking.
Wherein, in step S104, the process that comprehensive management platform and terminal equipment carry out the bidirectional identification checking comprises following processing: user terminal is used the public key encryption of service integration management platform to the identity information that sends; After the service integration management platform receives identity information, use the private key deciphering of self.
And in step S104, the process that the service integration management platform issues the attribute token comprises following processing: the service integration management platform uses the PKI of subscriber equipment that the attribute token that issues is encrypted; After subscriber equipment receives the attribute token, use the private key deciphering of self.
In addition, in step S106, the process that terminal equipment and content supplier/service provider carry out the bidirectional identification checking comprises following processing: subscriber equipment uses content supplier/service provider's PKI that the attribute token is encrypted; Content supplier/service provider uses the private key deciphering of self after receiving the attribute token; Content supplier/service provider is to subscriber device back attribute token, and the disposable random words and the timestamp of the public key encryption of subscriber equipment are used in transmission; After subscriber equipment receives the disposable random words and timestamp of encryption, use the private key deciphering of self, and reply the disposable random words and the timestamp of the public key encryption that uses content supplier/service provider; And content supplier/service provider receive the disposable random words of encryption and timestamp after, use the private key deciphering of oneself, obtain disposable random words and timestamp.
In step S106, under the situation of terminal equipment by authentication, content supplier/service provider provides service for terminal equipment.
On the other hand, at terminal equipment not under the situation by authentication, after step S106, between payment system, service integration management platform and terminal equipment, carry out the signature of relevant information, thus finish deduct fees the operation and make content supplier/service provider provide service to terminal equipment.
Wherein, be to carry out information interaction or carry out information interaction according to the digital publishing rights center with CP/SP with Integrated Service Management Platform, the processing after the step S106 is different, describes relevant treatment below with reference to instantiation.
Example 1
In this example, the digital copyright management center directly and Integrated Service Management Platform carry out information interaction, can alleviate CP/SP provides pressure from various complex interface to the digital copyright management center.
Wherein, after step S106, may further include following processing: steps A 1: content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and to the service request signature of deducting fees; Step B1: the service integration management platform is to the mandate of digital copyright management center requests; Step C1: digital copyright management center and terminal equipment carry out finishing business/content mandate alternately, and to service integration management platform return authorization request acknowledge message; Step D1: service integration management platform prompt terminal equipment make-up charge information confirms that the make-up charge information was signed when terminal equipment was confirmed; Step e 1: the service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system; Step F 1: after paying successfully, payment system sends the payment affirmation response to the service integration management platform, and step G1: after the service integration management platform is received the payment affirmation response, to send to content supplier/service provider through the information of payment system, service integration management platform and terminal equipment signature, and offer terminal equipment.
Wherein, between step e 1 and F1, can also comprise following processing: payment system requires terminal equipment input re-authentication information to confirm payment, and confirmation is signed.
Fig. 2 shows under this situation the flow process according to the method for the embodiment of the invention, as shown in Figure 2, specifically comprises following processing:
Step 202, the user lands the service integration management platform, the comprehensive management platform identifying user identity, for the user issues attribute token (corresponding to above-mentioned steps S104), wherein, preferably, the user is issued the attribute token need adopt the encipherment protection measure to prevent illegal monitoring, the user uses the public key encryption of service integration management platform when sending identity information, the service integration management platform is deciphered with the private key of oneself after receiving information, and because the attribute token is the mutual proof of identification of user and content supplier/service provider, preferably in transmittance process, should transmit with ciphertext, utilize user's private key deciphering deciphering then in terminal, thereby realized two-way authentication between user and the service integration management platform;
Step 203, user capture content supplier/service provider's content class service, content supplier/service provider judges according to token information whether the user has this professional rights of using, if rights of using are arranged, then handles and proceeds to step 213; If no, the processing below then continuing, that is, step 204 is to step 212;
Wherein, preferably, attribute token when user and content supplier/service provider are mutual need be held deciphering with the ciphertext transmission and content supplier/service provider equally, the PKI that the user uses content supplier/service provider is encrypted the attribute token, and content supplier/service provider re-uses the private key that itself has and is decrypted then; Content supplier/service provider need be to user's loopback attribute token when receiving the user property token, and enclose disposable random words and timestamp in addition and use client public key to encrypt, the user receives that the back is decrypted it with the private key of oneself, and utilizing content supplier/disposable random words of service provider's public key encryption and timestamp, content supplier/service provider is given in loopback; After content supplier/service provider receives user's confirmation, use the private key deciphering of oneself to obtain disposable random words and timestamp; Acknowledging time stabs in effective range, and confirms user identity with disposable random words, thereby has realized the two-way authentication between content supplier/service provider and the user;
Step 204, content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and to asking for an autograph;
Step 206, digital copyright management center and user terminal are mutual, finish business/content mandate;
Step 208, service integration management platform prompting user make-up charge information is confirmed (requiring to submit to the secondary confirmation as needs), the user confirms to submit to, and information is signed;
Step 209, the service integration management platform is signed to Transaction Information, and sends the request of deducting fees (corresponding to above-mentioned steps E1) to payment system (Net silver, mobile charge system etc.);
Preferably, can also comprise: step 210, payment system require the user to import re-authentication information, confirm payment, and confirmation is signed;
Step 211, paying successfully, the back sends payment affirmation response (corresponding to above-mentioned steps F1) to the service integration management platform;
After step 212, service integration management platform are subjected to the payment affirmation response, will send to content supplier/service provider through the information behind the tripartite signature, and notify the user this information;
Step 213, content supplier/service provider provides service for the user.
Example 2
In this example, the digital copyright management center directly and content supplier/service provider carry out information interaction.
In this case, after above-mentioned steps S106, can also comprise: steps A 2: content supplier/service provider sends authorization requests to the digital copyright management center; Step B2: digital copyright management center and terminal equipment carry out finishing business/content mandate alternately, and to service integration management platform return authorization request acknowledge message; Step C2: content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and business deducted fees asks for an autograph; Step D2: service integration management platform prompt terminal equipment make-up charge information confirms that the make-up charge information was signed when terminal equipment was confirmed; Step e 2: the service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system; Step F 2: after paying successfully, payment system sends the payment affirmation response to the service integration management platform, and step G2: after the service integration management platform is received the payment affirmation response, to send to content supplier/service provider through the information of payment system, service integration management platform and terminal equipment signature, and offer terminal equipment.
Wherein, between step e 2 and F2, can also comprise following processing: payment system requires terminal equipment input re-authentication information to confirm payment, and confirmation is signed.
Fig. 3 show the digital copyright management center directly and content supplier/service provider when carrying out information interaction according to the flow process of the method for the embodiment of the invention, as shown in Figure 3, specifically comprise following processing:
Step 303, user capture content supplier/service provider's content class service, content supplier/service provider judges according to token information whether the user has this professional rights of using, if this professional rights of using are arranged, then handle and proceed to step 313, otherwise the processing below continuing, that is, step 304 is to step 312;
In this step, similar when user and content supplier/service provider are mutual to the processing of step 203 in processing such as the encryption of attribute token and the example 1;
Step 305, digital copyright management center and user terminal are mutual, finish business/content mandate;
Step 307, content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and to asking for an autograph;
Step 309, the service integration management platform is signed to Transaction Information, and sends the request of deducting fees (corresponding to above-mentioned steps E2) to payment system (Net silver, mobile charge system etc.);
Preferably, can also comprise: step 310, payment system require the user to import re-authentication information, confirm payment, and confirmation is signed;
Step 311, paying successfully, the back sends payment affirmation response (corresponding to above-mentioned steps F2) to the service integration management platform;
After step 312, service integration management platform are subjected to the payment affirmation response, will send to content supplier/service provider through the information behind the tripartite signature, and notify the user this information;
Step 313, content supplier/service provider provides service for the user.
In addition, preferably, the cryptographic operation in the present embodiment can use the calculation resources of terminal intelligent card, terminal self, perhaps special encryption chip.Encryption can adopt unsymmetrical key to carry out key agreement and signature operation, and preferably, rivest, shamir, adelman is also adopted in the encryption to content key in the digital copyright management technology.
Preferably, can set up network entities such as CA center, set up the PKI security management system, professional for internationalization, should consider that also national CA and international CA can carry out cross-certification.
Provide/serve to provide in terminal equipment, content to add TSM Security Agent (comprise DRM agency) in operation system and the service integration management platform, finish the signature of information and test label, digital publishing rights control and manage or the like correlation function.
In addition, preferably, can use in business in the present embodiment increases digital signature, tests safe procedures such as label in the flow process.
In sum, the invention provides a kind of is the PKIX mechanism of core with the certificate center, this mechanism can be by the controllability using and consume of copyright management center realization to content, contents processing, the safety of copyright transmits, and the whole lifetime of content managed and control, use in the flow process in business simultaneously and increase digital signature, test safe procedures such as label, can well solve the safety problem in the content class service, that is: the confidentiality of message transmission, the integrality of exchanges data, the non-repudiation of transmission information, the certainty of dealer's identity; In actual applications, this mechanism can realize user's authentication, service authorization, digital copyright protecting and to user, content supplier/service provider, payment system three parts's resisting denying.The present invention has solved the forgery problem that user and service network may exist by the mutual authentication (two-way authentication) between user and service network, can guarantee the secure interactive of content class service between each Business Entity effectively.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (9)
1. the exchange method of a content class service is characterized in that, comprising:
Step S102, terminal equipment are to certificate center application digital certificate, and described certificate center is signed and issued described digital certificate to described subscriber equipment after the identity of described terminal is verified, described digital certificate comprises PKI and private key;
Step S104, described terminal equipment registering service comprehensive management platform, after described service integration management platform and described terminal equipment carried out the bidirectional identification checking, described service integration management platform was the attribute token that described subscriber equipment issues encryption; And
Step S106, when described terminal equipment accessed content provider/service provider's content class service, described content supplier/service provider and described terminal equipment utilize described attribute token to carry out the bidirectional identification checking.
2. the exchange method of content class service according to claim 1 is characterized in that, in described step S104, the process that described comprehensive management platform and described terminal equipment carry out the bidirectional identification checking comprises following processing:
Described user terminal is to the identity information that the sends public key encryption with described service integration management platform;
After described service integration management platform receives described identity information, use the private key deciphering of self.
3. the exchange method of content class service according to claim 1 is characterized in that, in described step S104, the process that described service integration management platform issues described attribute token comprises following processing:
Described service integration management platform uses the PKI of described subscriber equipment that the described attribute token that issues is encrypted;
After described subscriber equipment receives described attribute token, use the private key deciphering of self.
4. the exchange method of content class service according to claim 1 is characterized in that, in described step S106, the process that described terminal equipment and described content supplier/service provider carry out the bidirectional identification checking comprises following processing:
Described subscriber equipment uses described content supplier/service provider's PKI that described attribute token is encrypted;
Described content supplier/service provider uses the private key deciphering of self after receiving described attribute token;
Described content supplier/service provider is to the described attribute token of described subscriber device back, and the disposable random words and the timestamp of the public key encryption of described subscriber equipment are used in transmission;
After described subscriber equipment receives the disposable random words and timestamp of described encryption, use the private key deciphering of self, and reply the disposable random words and the timestamp of the public key encryption that uses described content supplier/service provider; And
Described content supplier/service provider receive the disposable random words of described encryption and timestamp after, use the private key deciphering of oneself, obtain described disposable random words and timestamp.
5. the exchange method of content service class according to claim 1 is characterized in that, in described step S106, under the situation of described terminal equipment by authentication, described content supplier/service provider provides service for described terminal equipment.
6. the exchange method of content service class according to claim 1, it is characterized in that, in described step S106, at described terminal equipment not under the situation by authentication, after described step S106, between payment system, service integration management platform and described terminal equipment, carry out the signature of relevant information, thus finish deduct fees the operation and make described content supplier/service provider provide service to described terminal equipment.
7. the exchange method of content service class according to claim 6 is characterized in that, after described step S106, further comprises processing:
Steps A 1: described content supplier/service provider is to the request of deducting fees of service integration management platform transmission business, and to the described service request signature of deducting fees;
Step B1: described service integration management platform is to the mandate of digital copyright management center requests;
Step C1: described digital copyright management center and described terminal equipment carry out finishing business/content mandate alternately, and to described service integration management platform return authorization request acknowledge message;
Step D1: described service integration management platform points out described terminal equipment make-up charge information to confirm, when described terminal equipment is confirmed the described information of deducting fees is signed;
Step e 1: described service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system;
Step F 1: after paying successfully, described payment system sends the payment affirmation response to described service integration management platform, and
Step G1: after described service integration management platform is received described payment affirmation response, to send to described content supplier/service provider through the information of described payment system, described service integration management platform and described terminal equipment signature, and offer described terminal equipment.
8. the exchange method of content service class according to claim 6 is characterized in that, after described step S106, further comprises following processing:
Steps A 2: described content supplier/service provider sends authorization requests to the digital copyright management center;
Step B2: described digital copyright management center and described terminal equipment carry out finishing business/content mandate alternately, and to described service integration management platform return authorization request acknowledge message;
Step C2: described content supplier/service provider is to the request of deducting fees of described service integration management platform transmission business, and described business deducted fees asks for an autograph;
Step D2: described service integration management platform points out described terminal equipment make-up charge information to confirm, when described terminal equipment is confirmed the described information of deducting fees is signed;
Step e 2: described service integration management platform is signed to Transaction Information, and sends the request of deducting fees to payment system;
Step F 2: after paying successfully, described payment system sends the payment affirmation response to described service integration management platform, and
Step G2: after described service integration management platform is received described payment affirmation response, to send to described content supplier/service provider through the information of described payment system, described service integration management platform and described terminal equipment signature, and offer described terminal equipment.
9. according to the exchange method of claim 7 or 8 described content service classes, it is characterized in that, between described step e 1 and F1, between perhaps described step e 2 and the F2, further comprise following processing:
Described payment system requires described terminal equipment input re-authentication information to confirm payment, and described confirmation is signed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200710088295 CN101043337A (en) | 2007-03-22 | 2007-03-22 | Interactive process for content class service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200710088295 CN101043337A (en) | 2007-03-22 | 2007-03-22 | Interactive process for content class service |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101043337A true CN101043337A (en) | 2007-09-26 |
Family
ID=38808571
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200710088295 Pending CN101043337A (en) | 2007-03-22 | 2007-03-22 | Interactive process for content class service |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101043337A (en) |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101895847A (en) * | 2010-08-02 | 2010-11-24 | 刘明晶 | Short message service authenticated encryption system and method based on digital certificate |
CN101939963A (en) * | 2007-12-07 | 2011-01-05 | 法国电信公司 | Method of controlling applications installed on a security module associated with a mobile terminal, associated security module, mobile terminal and server |
CN102143184A (en) * | 2011-03-31 | 2011-08-03 | 华为技术有限公司 | Authentication method, authentication device and authentication system for realizing CND (content delivery network) intercommunication |
CN102164128A (en) * | 2011-03-22 | 2011-08-24 | 深圳市酷开网络科技有限公司 | Online payment system and online payment method for Internet television |
CN101673434B (en) * | 2009-09-29 | 2012-07-04 | 上海捷惠达网络科技有限公司 | Secret key management method of IC card terminal |
CN103095704A (en) * | 2013-01-15 | 2013-05-08 | 杭州华三通信技术有限公司 | Trusted medium online validation method and device |
CN103279865A (en) * | 2012-01-12 | 2013-09-04 | 乐金信世股份有限公司 | Payment method and payment gateway server, time certificate issuing server and mobile terminal |
CN103714274A (en) * | 2012-09-28 | 2014-04-09 | 阿瓦亚公司 | System and method for enhancing self-service security applications |
CN103781027A (en) * | 2012-10-19 | 2014-05-07 | 中国电信股份有限公司 | Mobile terminal value-added service application charging realization method and value-added service management platform |
CN103986687A (en) * | 2013-02-07 | 2014-08-13 | 电信科学技术研究院 | Method for realizing authorization management of vehicle networking device, device and systems |
CN104426831A (en) * | 2013-08-27 | 2015-03-18 | 广州星海智慧家庭系统集成有限公司 | Safety-enhanced digital home integrated application platform |
CN105960776A (en) * | 2014-02-04 | 2016-09-21 | 维萨国际服务协会 | Token verification using limited use certificates |
CN106130736A (en) * | 2016-07-06 | 2016-11-16 | 北京元心科技有限公司 | A kind of method and system carrying out certificate issuance in Enterprise Mobile management system |
CN106576041A (en) * | 2014-06-27 | 2017-04-19 | 林建华 | Method of mutual verification between a client and a server |
CN106656992A (en) * | 2016-11-03 | 2017-05-10 | 林锦吾 | Information verification method |
CN106790173A (en) * | 2016-12-29 | 2017-05-31 | 浙江中控技术股份有限公司 | A kind of method and system of SCADA system and its RTU controller bidirectional identity authentications |
CN107743633A (en) * | 2015-04-10 | 2018-02-27 | 万事达卡国际股份有限公司 | Automatic vending machine is merchandised |
CN107925579A (en) * | 2015-08-25 | 2018-04-17 | 索尼公司 | Communication equipment, communication means and communication system |
CN108965250A (en) * | 2018-06-06 | 2018-12-07 | 阿里巴巴集团控股有限公司 | A kind of digital certificate installation method and system |
CN109120408A (en) * | 2017-06-26 | 2019-01-01 | 中国电信股份有限公司 | For authenticating the methods, devices and systems of user identity |
CN109159758A (en) * | 2018-08-31 | 2019-01-08 | 深圳市元征科技股份有限公司 | Equipment authentication method and mobile unit |
-
2007
- 2007-03-22 CN CN 200710088295 patent/CN101043337A/en active Pending
Cited By (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101939963A (en) * | 2007-12-07 | 2011-01-05 | 法国电信公司 | Method of controlling applications installed on a security module associated with a mobile terminal, associated security module, mobile terminal and server |
CN101673434B (en) * | 2009-09-29 | 2012-07-04 | 上海捷惠达网络科技有限公司 | Secret key management method of IC card terminal |
CN101895847A (en) * | 2010-08-02 | 2010-11-24 | 刘明晶 | Short message service authenticated encryption system and method based on digital certificate |
CN102164128A (en) * | 2011-03-22 | 2011-08-24 | 深圳市酷开网络科技有限公司 | Online payment system and online payment method for Internet television |
CN102143184A (en) * | 2011-03-31 | 2011-08-03 | 华为技术有限公司 | Authentication method, authentication device and authentication system for realizing CND (content delivery network) intercommunication |
WO2012129934A1 (en) * | 2011-03-31 | 2012-10-04 | 华为技术有限公司 | Authentication method, apparatus and system for achieving cdn interconnection |
CN102143184B (en) * | 2011-03-31 | 2013-08-28 | 华为技术有限公司 | Authentication method, authentication device and authentication system for realizing CND (content delivery network) intercommunication |
CN103279865A (en) * | 2012-01-12 | 2013-09-04 | 乐金信世股份有限公司 | Payment method and payment gateway server, time certificate issuing server and mobile terminal |
CN103714274B (en) * | 2012-09-28 | 2019-03-22 | 阿瓦亚公司 | System and method for enhancing Self-Service security application |
CN103714274A (en) * | 2012-09-28 | 2014-04-09 | 阿瓦亚公司 | System and method for enhancing self-service security applications |
CN103781027A (en) * | 2012-10-19 | 2014-05-07 | 中国电信股份有限公司 | Mobile terminal value-added service application charging realization method and value-added service management platform |
CN103095704A (en) * | 2013-01-15 | 2013-05-08 | 杭州华三通信技术有限公司 | Trusted medium online validation method and device |
CN103986687A (en) * | 2013-02-07 | 2014-08-13 | 电信科学技术研究院 | Method for realizing authorization management of vehicle networking device, device and systems |
CN103986687B (en) * | 2013-02-07 | 2017-09-15 | 电信科学技术研究院 | A kind of method, equipment and system for realizing the management of car networking device authorization |
CN104426831A (en) * | 2013-08-27 | 2015-03-18 | 广州星海智慧家庭系统集成有限公司 | Safety-enhanced digital home integrated application platform |
CN105960776A (en) * | 2014-02-04 | 2016-09-21 | 维萨国际服务协会 | Token verification using limited use certificates |
CN105960776B (en) * | 2014-02-04 | 2020-04-03 | 维萨国际服务协会 | Token authentication using limited-use credentials |
CN106576041A (en) * | 2014-06-27 | 2017-04-19 | 林建华 | Method of mutual verification between a client and a server |
CN107743633A (en) * | 2015-04-10 | 2018-02-27 | 万事达卡国际股份有限公司 | Automatic vending machine is merchandised |
CN107925579A (en) * | 2015-08-25 | 2018-04-17 | 索尼公司 | Communication equipment, communication means and communication system |
CN106130736A (en) * | 2016-07-06 | 2016-11-16 | 北京元心科技有限公司 | A kind of method and system carrying out certificate issuance in Enterprise Mobile management system |
CN106130736B (en) * | 2016-07-06 | 2019-08-20 | 北京元心科技有限公司 | A kind of method and system carrying out certificate issuance in Enterprise Mobile management system |
CN106656992A (en) * | 2016-11-03 | 2017-05-10 | 林锦吾 | Information verification method |
CN106656992B (en) * | 2016-11-03 | 2020-06-19 | 林锦吾 | Information verification method |
CN106790173A (en) * | 2016-12-29 | 2017-05-31 | 浙江中控技术股份有限公司 | A kind of method and system of SCADA system and its RTU controller bidirectional identity authentications |
CN109120408A (en) * | 2017-06-26 | 2019-01-01 | 中国电信股份有限公司 | For authenticating the methods, devices and systems of user identity |
CN108965250A (en) * | 2018-06-06 | 2018-12-07 | 阿里巴巴集团控股有限公司 | A kind of digital certificate installation method and system |
CN108965250B (en) * | 2018-06-06 | 2020-12-29 | 创新先进技术有限公司 | Digital certificate installation method and system |
CN109159758A (en) * | 2018-08-31 | 2019-01-08 | 深圳市元征科技股份有限公司 | Equipment authentication method and mobile unit |
CN109159758B (en) * | 2018-08-31 | 2019-11-19 | 深圳市元征科技股份有限公司 | Equipment authentication method and mobile unit |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101043337A (en) | Interactive process for content class service | |
CN109478298B (en) | Method and system for realizing block chain | |
US8843415B2 (en) | Secure software service systems and methods | |
Claessens et al. | (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions | |
RU2501081C2 (en) | Multi-factor content protection | |
CN109104281A (en) | Tokenized hardware security module | |
CN1326629A (en) | Method and system for authenticating and utilizing secure resources in computer system | |
CN101662469B (en) | Method and system based on USBKey online banking trade information authentication | |
US20080154782A1 (en) | Apparatus, method and system for protecting personal information | |
CN1689297A (en) | Method of preventing unauthorized distribution and use of electronic keys using a key seed | |
CN1805341A (en) | Network authentication and key allocation method across secure domains | |
CN106888084A (en) | A kind of quantum fort machine system and its authentication method | |
JP2004530222A (en) | Method and apparatus for supporting multiple zones of trust in a digital rights management system | |
TWI241106B (en) | Personal authentication device and system and method thereof | |
CN104767731A (en) | Identity authentication protection method of Restful mobile transaction system | |
WO2023030450A1 (en) | Data sharing method and electronic device | |
CN1897027A (en) | Authentication services using mobile device | |
JP5452192B2 (en) | Access control system, access control method and program | |
CN101335754B (en) | Method for information verification using remote server | |
WO2023005838A1 (en) | Data sharing method and electronic device | |
CN1859149A (en) | Method for realizing stream medium business service | |
CN1601490A (en) | Information security authentication and method for its encrypting device | |
JP2003338816A (en) | Service providing system for verifying personal information | |
Tiwari et al. | Design and Implementation of Enhanced Security Algorithm for Hybrid Cloud using Kerberos | |
CN109600338B (en) | Trusted identity management service method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Open date: 20070926 |