CN101583131B - Service key transmission method and system - Google Patents
Service key transmission method and system Download PDFInfo
- Publication number
- CN101583131B CN101583131B CN2009102037442A CN200910203744A CN101583131B CN 101583131 B CN101583131 B CN 101583131B CN 2009102037442 A CN2009102037442 A CN 2009102037442A CN 200910203744 A CN200910203744 A CN 200910203744A CN 101583131 B CN101583131 B CN 101583131B
- Authority
- CN
- China
- Prior art keywords
- business
- key
- management system
- cipher key
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
Abstract
The invention discloses a service key transmission method and a system, comprising a service center and a service key management system. The method comprises the following steps: before the service center pushes a new service key to a movable multi-media terminal UE, if a plurality of services are checked to be lack of updated service key marks, then the service center initiatively requests for obtaining the updated service key marks of the services to the service key management system; when the service center receives the request of the UE to one service, if the corresponding service key cannot be obtained from the service key management system according to the service key mark of the service carried in the request, then the service center requests for obtaining the corresponding service key to the service key management system and returns the service key to the UE according to the service mark of the service requested by the UE. The service key transmission method and the system enhance the reliability and safety of the whole service key management system, and ensure that customers fully enjoy the services which shall be enjoyed.
Description
Technical field
The present invention relates to the mobile multi-media broadcasting data safe practice, relate in particular to the transmission method and the system of business cipher key.
Background technology
It (is user equipment (UE) that the key management system of mobile phone TV services relates to mobile multi-media terminal; User Equipment), service center (is network application function entity NAF; Network ApplicationFunction) and three nodes of business cipher key management system (being condition receiving system CAS, Conditional AccessSystem).Wherein, Mobile multi-media terminal and service center are through universal guiding structure (GBA; Generic Bootstrapping Architecture) can produce the user key of subscriber identity authentication; Service center uses user key to come the secure service key, and through mobile communications network the business cipher key of encrypting is transferred to mobile multi-media terminal.Mobile phone TV services one-way transmission multimedia programming content in radio network based on broadcast mode; The business cipher key management system uses business cipher key that program current cipher key is encrypted, and the program current cipher key of encryption is followed and used the multimedia programming content of encrypting program stream keys to broadcast together.
As shown in Figure 1; It is the signal flow graph of business cipher key management system transport service key; The business cipher key that mobile multi-media terminal UE use is obtained from service center NAF comes the program current cipher key of enabling decryption of encrypted; And use program current cipher key to come the programme content of enabling decryption of encrypted, thereby can watch the broadcasted content of encryption.
What Fig. 2 represented is that the business cipher key management system realizes the flow process that business cipher key pushes, and comprising:
Step 201: business cipher key management system CAS is that new business generates new business cipher key, and is already present professional regular update business cipher key;
Step 202:CAS gives service center NAF with business key label through Network Transmission;
Step 203:NAF preserves after receiving business key label;
Step 204: the business cipher key of new business pushes period by the time, and NAF pushes new business cipher key through network to mobile multi-media terminal UE to the business of having upgraded business key label, and the sign that also is about to new business cipher key sends to UE.
Fig. 3 representes is that the mobile multi-media terminal user will use a flow process of obtaining business cipher key when professional, comprising:
Step 301:UE is to the business cipher key of a business of service center NAF request;
Step 302:NAF is according to the sign of the business cipher key of UE request, to this professional business cipher key of key management system CAS request;
If step 303:CAS inquires business cipher key according to the sign of this business cipher key, then return the success response message of the business cipher key that contains request to NAF; Otherwise, send failure response message to NAF;
The result that step 304:NAF returns according to CAS encrypts the back with the business cipher key that returns and gives UE through the success response transmission of messages; Otherwise send failure response message to UE.
Prior art through above is passable; If business cipher key management system CAS unpredictable mistake occurred to service center NAF transport service key identification process; The business key label that causes service center not have or preserve and the business key label of business cipher key management system have deviation; Can make mobile multi-media terminal UE can't obtain business cipher key, thereby can not make the consumer enjoy the business that it should be enjoyed.
Summary of the invention
Technical problem to be solved by this invention provides a kind of transmission method and system of business cipher key, can avoid causing UE to obtain the result less than business cipher key because of the mistake that transport service key identification process occurs.
In order to solve the problems of the technologies described above, the invention provides a kind of transmission method of business cipher key, relate to service center and business cipher key management system, this method comprises:
Service center if be checked through some professional business key label of upgrading that lacks, then initiatively obtained these professional business key label of upgrading to the business cipher key management system requested before pushing new business cipher key to mobile multi-media terminal UE.
Further, this method also comprises:
Service center sent to UE with all professional business key label of upgrading before new business cipher key uses after the professional business key label of upgrading of completion.
Further, whether have in the service center inspection before the business key label of professional shortage renewal, also comprise:
There have been professional business cipher key in business cipher key and/or regular update that the business cipher key management system regularly generates new business, and new business key label is sent to service center, are preserved by the new business key label that service center will be received.
Further, this method also comprises:
When service center receives the request of UE to a business; According to this professional business key label of carrying in this request; If obtain less than the corresponding business key from professional key management system, then the service identification according to this UE requested service returns to UE to affair key management system acquisition request to the corresponding business key.
Further, service center according to this service identification to the key management system request should business business key label, and this business key label of returning according to the business cipher key management system to affair key management system acquisition request to the corresponding business key; Perhaps, service center directly gets access to this professional business cipher key to the business cipher key management system requested according to this service identification.
In order to solve the problems of the technologies described above, the invention provides a kind of transmission system of business cipher key, comprise business cipher key management system and service center, wherein:
Service center was used for before pushing new business cipher key to mobile multi-media terminal UE, if check some professional business key label of upgrading that lacks, then initiatively obtained these professional business key label of upgrading to the business cipher key management system requested;
The business cipher key management system is used for according to the request of service center the business key label of upgrading being sent to service center.
Further,
Service center also is used for after the professional business key label of upgrading of completion, before new business cipher key uses, all professional business key label of upgrading being sent to UE.
Further,
The business cipher key management system also is used for regularly generating the business cipher key of new business and/or the business cipher key that there has been business in regular update, and new business key label is sent to service center;
Service center also is used for the new business key label of receiving is preserved.
Further,
Service center; Also be used for receiving the request of UE to a business; According to this professional business key label of carrying in this request; If obtain less than the corresponding business key from professional key management system, then the service identification according to this UE requested service returns to UE to affair key management system acquisition request to the corresponding business key;
The business cipher key management system is used for discovering and seizing the corresponding business key identification and/or the corresponding business key returns to service center according to this service identification.
Further,
Service center, according to this service identification to the key management system request should business business key label, and the business key label of returning according to the business cipher key management system to affair key management system acquisition request to the corresponding business key; Perhaps, service center directly gets access to this professional business cipher key to the business cipher key management system requested according to this service identification.
The present invention since can service center find professional business key label and business cipher key management system not simultaneously; Perhaps in new key when more the new period is not received the new business key identification that the business cipher key management system upgrades, initiatively to the new business key label of business cipher key management system requested.Thereby solved the inconsistent situation of key identification between service center and the business cipher key management system, strengthened reliability, the fail safe of whole service key management system, and guaranteed that the consumer can enjoy the business that it should be enjoyed to the full.
Description of drawings
Fig. 1 is the signal flow graph of existing business cipher key management system transport service key;
Fig. 2 is that existing business cipher key management system realizes the flow chart that business cipher key pushes;
Fig. 3 is that existing UE will use a flow chart that obtains business cipher key when professional;
Fig. 4 is that the business cipher key management system of the embodiment of the invention realizes the flow chart that business cipher key pushes;
The UE of Fig. 5 embodiment of the invention obtains the flow chart of business cipher key when using business.
Embodiment
The transmission method of business cipher key provided by the invention and system; Its inventive concept is; Service center NAF is before pushing new business cipher key to mobile multi-media terminal UE; Check whether all business all possess the business key label of renewal; If there is some professional business key label of upgrading that lacks, then,, new business cipher key pushes all professional new business cipher keys before using then to UE initiatively to these professional business key label of upgrading of business cipher key management system CAS acquisition request.The UE request is used professional; Through NAF when the CAS requested service key; If the NAF request less than the business cipher key of this business key label, is then asked this professional business key label to CAS according to the service identification of UE requested service again, return to UE thereby get access to the corresponding service key.
Below in conjunction with accompanying drawing and preferred embodiment technical scheme of the present invention is at length set forth.Following examples only are used for explanation and explain the present invention, and do not constitute the restriction to technical scheme of the present invention.
As shown in the figure, represented that the business cipher key management system of the embodiment of the invention realizes the flow process that business cipher key pushes, comprise step:
Step 401: business cipher key management system CAS regularly generates the business cipher key of new business or upgrades and had professional business cipher key;
In CAS, need regularly upgrade business cipher key, be used to guarantee the fail safe of key.
Step 402:CAS gives service center NAF with new business key label through Network Transmission;
Step 403:NAF preserves after receiving the new business key label that CAS sends;
New business key label waits until that new period of key begins just to use, and the general business key all generates before next period of key, with the real-time that guarantees that business cipher key uses.
Step 404:NAF is before pushing new business key label to mobile multi-media terminal UE, and whether all business have all been upgraded business key label in inspection, is execution in step 406 then, otherwise execution in step 405;
Step 405:NAF finds to have and exists professional its business key label not upgrade, to the CAS acquisition request should business new key identification;
Through this step, avoided receiving certain professional business cipher key updating message or other unpredictalbe new business cipher key of this business that causes unusually that CAS sends and not getting access to because of missing.
Step 406:NAF pushes all professional new business cipher keys to UE in advance, and the sign that also is about to the new business cipher key of all business sends to UE.
As shown in Figure 5, be the flow process that the mobile multi-media terminal UE of the embodiment of the invention obtains business cipher key, comprising:
Step 501: mobile multi-media terminal UE sends the professional request message that uses to service center NAF, carries the business key label of requested service in the message;
The business navigation (SG, Service Guide) that UE provides according to NAF, selection needs the business of use, and sends a request message to NAF.NAF can carry out authentification of user to the request of this UE, and operations such as order if said process is all handled success, are just sent this professional business cipher key that obtains through CAS to this UE, and wherein business cipher key is through the user key encrypted transmission.
Step 502:NAF carries out after subscription authentication and subscription process pass through the request of UE, according to the business key label of user's requested service to business cipher key management system CAS requested service key;
Step 503:CAS then sends the request failure response to NAF if do not find this business key label corresponding service key, carries out otherwise change step 507;
CAS inquiry is less than the business key label corresponding service key that NAF sends, and explain that this professional business key label changes, and the business key label after the change is inconsistent with the business key label of NAF transmission.
Step 504:NAF sends to CAS with the service identification of UE requested service, to this professional business key label of CAS request;
Step 505:CAS returns the new business key identification of requested service to NAF;
NAF is updated to this new business key label with old business key label after receiving the new business key identification of CAS transmission.
Step 506:NAF according to the new business key label of this business to CAS requested service key again;
Step 507:CAS searches the corresponding business key according to the business key label of request, and is carried at business cipher key in the success response message and sends to NAF through network;
After step 508:NAF uses user key to encrypt the business cipher key that gets access to, send the success response message of the business cipher key of encrypting through the mobile network to UE.
Perhaps, in step 504, NAF sends to CAS with the service identification of UE requested service, directly to this professional business cipher key of CAS request; In step 505, CAS discovers and seizes business key label according to service identification, and further discovers and seizes the corresponding business key according to this business key label of discovering and seizing, thereby returns the new business key of requested service to NAF in step 506.
After UE receives the business cipher key of encryption, use user key to decipher, here, user key be UE and NAF when carrying out GBA both sides obtain alternately.UE preserves the business cipher key of deciphering.
The embodiment of the invention correspondingly also proposes the transmission system of business cipher key to said method, comprises the business cipher key management system, service center and the mobile multi-media terminal UE that connect successively, wherein:
The business cipher key management system; The business key label that has professional business cipher key of the business cipher key of the new business that is used for regularly generating and/or renewal is transferred to service center, or according to the request of service center new business key label is sent to service center;
Service center is used for after the sign that receives new business cipher key, preserving; Before pushing new business cipher key to UE; If check some professional business key label of upgrading that lacks; Then initiatively get access to these professional business key label of upgrading, and before new business cipher key uses, all professional new business key label are sent to UE to the business cipher key management system requested; When UE requested service and business cipher key thereof; If the sign according to the business cipher key of asking is obtained less than the corresponding business key from professional key management system; Then the service identification according to requested service gets access to this professional business key label to the business cipher key management system again, and gets access to the corresponding business key thus and send to UE.
Mobile multi-media terminal UE is used for when business is used in request, obtaining this professional business cipher key according to the business key label of receiving from service center and through service center to the business cipher key management system requested.
In sum; The present invention is because the business key label between service center and business cipher key management system occurs inconsistent; Perhaps do not upgrade in time at the business cipher key reproducting periods; Service center initiatively obtains up-to-date business key label to the business cipher key management system; Thereby the UE that causes unusually that solves between service center and the business cipher key management system can't obtain business cipher key when enjoying business, strengthened business cipher key management system self-repairing capability, thereby guaranteed business cipher key management system reliability, fail safe.
Claims (7)
1. the transmission method of a business cipher key relates to service center and business cipher key management system, and this method comprises:
Said service center if be checked through some professional business key label of upgrading that lacks, then initiatively obtained these professional business key label of upgrading to said business cipher key management system requested before pushing new business cipher key to mobile multi-media terminal UE;
Said service center sent to UE with all professional business key label of upgrading before said new business cipher key uses after the said professional business key label of upgrading of completion;
Said method also comprises:
When said service center receives the request of UE to a business; The business key label that this that carries in the described request is professional; If this professional business key label of carrying in the request of said service center through said business is obtained less than the corresponding business key from said business cipher key management system; Then get access to corresponding new business key label to said business cipher key management system requested and upgrade preservation, and obtain the corresponding business key and return to UE according to the service identification of said UE requested service.
2. according to the described method of claim 1, it is characterized in that, before whether said service center inspection has the business key label of professional shortage renewal, also comprise:
There have been professional business cipher key in business cipher key and/or regular update that said business cipher key management system regularly generates new business; And new business key label sent to said service center, preserve by the said new business key label that said service center will be received.
3. according to the described method of claim 1; It is characterized in that; Said service center according to said service identification to said key management system request should business business key label, and get access to the corresponding business key to said business cipher key management system requested according to the said business key label that said business cipher key management system is returned; Perhaps, said service center directly gets access to this professional business cipher key to said business cipher key management system requested according to said service identification.
4. the transmission system of a business cipher key comprises business cipher key management system and service center, wherein:
Said service center; Be used for before pushing new business cipher key to mobile multi-media terminal UE; If check some professional business key label of upgrading that lacks, then initiatively obtain these professional business key label of upgrading to said business cipher key management system requested;
Said business cipher key management system is used for according to the request of said service center the business key label of upgrading being sent to said service center;
Said service center also is used for after the said professional business key label of upgrading of completion, before said new business cipher key uses, all professional business key label of upgrading being sent to UE;
Said service center; Also be used for receiving the request of UE to a business; The business key label that this that carries in the described request is professional; If obtain less than the corresponding business key, then get access to the corresponding business key identification to said business cipher key management system requested and upgrade to preserve and obtain the corresponding business key and return to UE according to the service identification of said UE requested service from professional key management system.
5. according to the described system of claim 4, it is characterized in that,
Said business cipher key management system also is used for regularly generating the business cipher key of new business and/or the business cipher key that there has been business in regular update, and new business key label is sent to said service center;
Said service center also is used for the said new business key label of receiving is preserved.
6. according to the described system of claim 4, it is characterized in that,
Said business cipher key management system is used for discovering and seizing the corresponding business key identification and/or the corresponding business key returns to said service center according to said service identification.
7. according to the described system of claim 6, it is characterized in that,
Said service center; According to said service identification to said key management system request should business business key label, and get access to the corresponding business key to said business cipher key management system requested according to the said business key label that said business cipher key management system is returned; Perhaps, said service center directly gets access to this professional business cipher key to said business cipher key management system requested according to said service identification.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102037442A CN101583131B (en) | 2009-06-10 | 2009-06-10 | Service key transmission method and system |
| PCT/CN2010/072888 WO2010142193A1 (en) | 2009-06-10 | 2010-05-18 | Method, system and service center for transmitting service key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102037442A CN101583131B (en) | 2009-06-10 | 2009-06-10 | Service key transmission method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101583131A CN101583131A (en) | 2009-11-18 |
| CN101583131B true CN101583131B (en) | 2012-05-09 |
Family
ID=41365033
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102037442A Expired - Fee Related CN101583131B (en) | 2009-06-10 | 2009-06-10 | Service key transmission method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101583131B (en) |
| WO (1) | WO2010142193A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101583131B (en) * | 2009-06-10 | 2012-05-09 | 中兴通讯股份有限公司 | Service key transmission method and system |
| CN102387500B (en) * | 2011-10-25 | 2015-10-28 | 中兴通讯股份有限公司 | A kind of business cipher key management method and system |
| CN107733639B (en) * | 2017-08-24 | 2020-08-04 | 深圳壹账通智能科技有限公司 | Key management method, device and readable storage medium |
| CN112671534B (en) * | 2020-12-18 | 2022-02-01 | 北京深思数盾科技股份有限公司 | Service key management method, service terminal and system based on biological characteristics |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101090513A (en) * | 2006-06-13 | 2007-12-19 | 华为技术有限公司 | Method for getting service key |
| CN101102552A (en) * | 2007-08-16 | 2008-01-09 | 中兴通讯股份有限公司 | Update method and system for service secret key |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1758593A (en) * | 2004-10-10 | 2006-04-12 | 大唐移动通信设备有限公司 | Service key updating method of multimedium playing service |
| JP4727353B2 (en) * | 2005-09-06 | 2011-07-20 | 株式会社Kddi研究所 | Identification information generation management device, system, and program |
| CN101583131B (en) * | 2009-06-10 | 2012-05-09 | 中兴通讯股份有限公司 | Service key transmission method and system |
-
2009
- 2009-06-10 CN CN2009102037442A patent/CN101583131B/en not_active Expired - Fee Related
-
2010
- 2010-05-18 WO PCT/CN2010/072888 patent/WO2010142193A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101090513A (en) * | 2006-06-13 | 2007-12-19 | 华为技术有限公司 | Method for getting service key |
| CN101102552A (en) * | 2007-08-16 | 2008-01-09 | 中兴通讯股份有限公司 | Update method and system for service secret key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101583131A (en) | 2009-11-18 |
| WO2010142193A1 (en) | 2010-12-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101981864B (en) | Method and apparatus for providing broadcast service using encryption key in a communication system | |
| US8412942B2 (en) | Method and system for seamless SSID creation, authentication and encryption | |
| CN1845599B (en) | Method for obtaining and updating service key in mobile television service | |
| US20070171871A1 (en) | Secure distributed handover signaling | |
| JP5489301B2 (en) | Encryption key distribution method in mobile broadcast system, method for receiving distribution of encryption key, and system therefor | |
| KR101257191B1 (en) | File decryption interface | |
| CN101529380A (en) | Method for loading and managing an application in a mobile equipment | |
| CN105409234A (en) | Systems and methods for performing transport I/O | |
| CN101167070A (en) | Domain management method and apparatus | |
| CN101583131B (en) | Service key transmission method and system | |
| JP2008523766A (en) | Authority in cellular communication systems | |
| JP2008537862A (en) | Security method and device for managing access to multimedia content | |
| US9161098B2 (en) | Method and apparatus for reporting audience measurement in content transmission system | |
| CN101729176B (en) | Method, system and device for synchronizing authentication information in broadcasting service | |
| CN101588237A (en) | Method, device and system for encrypting terminal communication based on active network technology | |
| KR101346623B1 (en) | Contents service providing method and authentication method between device and device using broadcast encryption, display device and device for low resource | |
| US8848920B2 (en) | Method and apparatus for delivering keys | |
| CN101267590B (en) | Service unsubscription method and system, mobile terminal, card and service server | |
| EP2668776B1 (en) | Cascading dynamic crypto periods | |
| US20130024497A1 (en) | Communication device management over a telecommunications network | |
| CN101267294B (en) | Secret key distribution method | |
| CN1863045B (en) | Method for receiving and deleting media data key | |
| CN102123390B (en) | Method, device and terminal for processing service keys | |
| CN107770130B (en) | Multimedia content acquisition method and device | |
| US20090208021A1 (en) | Method and apparatus for managing encryption keys by mobile communication terminal connected with smartcard |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170901 Address after: Xinyang City, Henan province 465200 Gushi County Xu Ji Xiang Wen TA Cun Nantou group Co-patentee after: Jiang Zhaohong Patentee after: Ji Chunjing Co-patentee after: Jiang Binghui Co-patentee after: Jiao Hongtao Address before: 518057 Nanshan District high tech Industrial Park, Guangdong, South Road, science and technology, ZTE building, legal department Patentee before: ZTE Corporation Effective date of registration: 20170901 Address after: Xinyang City, Henan province 465200 Gushi County Xu Ji Xiang Wen TA Cun Nantou group Co-patentee after: Jiang Zhaohong Patentee after: Ji Chunjing Co-patentee after: Jiang Binghui Co-patentee after: Jiao Hongtao Address before: 518057 Nanshan District high tech Industrial Park, Guangdong, South Road, science and technology, ZTE building, legal department Patentee before: ZTE Corporation |
|
| TR01 | Transfer of patent right | ||
| CB03 | Change of inventor or designer information |
Inventor after: Ji Chunjing Inventor after: Jiang Zhaohong Inventor after: Jiang Binghui Inventor after: Jiao Hongtao Inventor before: Chen Wenning Inventor after: Ji Chunjing Inventor after: Jiang Zhaohong Inventor after: Jiang Binghui Inventor after: Jiao Hongtao Inventor before: Chen Wenning |
|
| CB03 | Change of inventor or designer information | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120509 Termination date: 20190610 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |