A kind of transmission method of business cipher key and system
Technical field
The present invention relates to the mobile multi-media broadcasting data safe practice, relate in particular to the transmission method and the system of business cipher key.
Background technology
It (is user equipment (UE) that the key management system of mobile phone TV services relates to mobile multi-media terminal; User Equipment), service center (is network application function entity NAF; Network ApplicationFunction) and three nodes of business cipher key management system (being condition receiving system CAS, Conditional AccessSystem).Wherein, Mobile multi-media terminal and service center are through universal guiding structure (GBA; Generic Bootstrapping Architecture) can produce the user key of subscriber identity authentication; Service center uses user key to come the secure service key, and through mobile communications network the business cipher key of encrypting is transferred to mobile multi-media terminal.Mobile phone TV services one-way transmission multimedia programming content in radio network based on broadcast mode; The business cipher key management system uses business cipher key that program current cipher key is encrypted, and the program current cipher key of encryption is followed and used the multimedia programming content of encrypting program stream keys to broadcast together.
As shown in Figure 1; It is the signal flow graph of business cipher key management system transport service key; The business cipher key that mobile multi-media terminal UE use is obtained from service center NAF comes the program current cipher key of enabling decryption of encrypted; And use program current cipher key to come the programme content of enabling decryption of encrypted, thereby can watch the broadcasted content of encryption.
What Fig. 2 represented is that the business cipher key management system realizes the flow process that business cipher key pushes, and comprising:
Step 201: business cipher key management system CAS is that new business generates new business cipher key, and is already present professional regular update business cipher key;
Step 202:CAS gives service center NAF with business key label through Network Transmission;
Step 203:NAF preserves after receiving business key label;
Step 204: the business cipher key of new business pushes period by the time, and NAF pushes new business cipher key through network to mobile multi-media terminal UE to the business of having upgraded business key label, and the sign that also is about to new business cipher key sends to UE.
Fig. 3 representes is that the mobile multi-media terminal user will use a flow process of obtaining business cipher key when professional, comprising:
Step 301:UE is to the business cipher key of a business of service center NAF request;
Step 302:NAF is according to the sign of the business cipher key of UE request, to this professional business cipher key of key management system CAS request;
If step 303:CAS inquires business cipher key according to the sign of this business cipher key, then return the success response message of the business cipher key that contains request to NAF; Otherwise, send failure response message to NAF;
The result that step 304:NAF returns according to CAS encrypts the back with the business cipher key that returns and gives UE through the success response transmission of messages; Otherwise send failure response message to UE.
Prior art through above is passable; If business cipher key management system CAS unpredictable mistake occurred to service center NAF transport service key identification process; The business key label that causes service center not have or preserve and the business key label of business cipher key management system have deviation; Can make mobile multi-media terminal UE can't obtain business cipher key, thereby can not make the consumer enjoy the business that it should be enjoyed.
Summary of the invention
Technical problem to be solved by this invention provides a kind of transmission method and system of business cipher key, can avoid causing UE to obtain the result less than business cipher key because of the mistake that transport service key identification process occurs.
In order to solve the problems of the technologies described above, the invention provides a kind of transmission method of business cipher key, relate to service center and business cipher key management system, this method comprises:
Service center if be checked through some professional business key label of upgrading that lacks, then initiatively obtained these professional business key label of upgrading to the business cipher key management system requested before pushing new business cipher key to mobile multi-media terminal UE.
Further, this method also comprises:
Service center sent to UE with all professional business key label of upgrading before new business cipher key uses after the professional business key label of upgrading of completion.
Further, whether have in the service center inspection before the business key label of professional shortage renewal, also comprise:
There have been professional business cipher key in business cipher key and/or regular update that the business cipher key management system regularly generates new business, and new business key label is sent to service center, are preserved by the new business key label that service center will be received.
Further, this method also comprises:
When service center receives the request of UE to a business; According to this professional business key label of carrying in this request; If obtain less than the corresponding business key from professional key management system, then the service identification according to this UE requested service returns to UE to affair key management system acquisition request to the corresponding business key.
Further, service center according to this service identification to the key management system request should business business key label, and this business key label of returning according to the business cipher key management system to affair key management system acquisition request to the corresponding business key; Perhaps, service center directly gets access to this professional business cipher key to the business cipher key management system requested according to this service identification.
In order to solve the problems of the technologies described above, the invention provides a kind of transmission system of business cipher key, comprise business cipher key management system and service center, wherein:
Service center was used for before pushing new business cipher key to mobile multi-media terminal UE, if check some professional business key label of upgrading that lacks, then initiatively obtained these professional business key label of upgrading to the business cipher key management system requested;
The business cipher key management system is used for according to the request of service center the business key label of upgrading being sent to service center.
Further,
Service center also is used for after the professional business key label of upgrading of completion, before new business cipher key uses, all professional business key label of upgrading being sent to UE.
Further,
The business cipher key management system also is used for regularly generating the business cipher key of new business and/or the business cipher key that there has been business in regular update, and new business key label is sent to service center;
Service center also is used for the new business key label of receiving is preserved.
Further,
Service center; Also be used for receiving the request of UE to a business; According to this professional business key label of carrying in this request; If obtain less than the corresponding business key from professional key management system, then the service identification according to this UE requested service returns to UE to affair key management system acquisition request to the corresponding business key;
The business cipher key management system is used for discovering and seizing the corresponding business key identification and/or the corresponding business key returns to service center according to this service identification.
Further,
Service center, according to this service identification to the key management system request should business business key label, and the business key label of returning according to the business cipher key management system to affair key management system acquisition request to the corresponding business key; Perhaps, service center directly gets access to this professional business cipher key to the business cipher key management system requested according to this service identification.
The present invention since can service center find professional business key label and business cipher key management system not simultaneously; Perhaps in new key when more the new period is not received the new business key identification that the business cipher key management system upgrades, initiatively to the new business key label of business cipher key management system requested.Thereby solved the inconsistent situation of key identification between service center and the business cipher key management system, strengthened reliability, the fail safe of whole service key management system, and guaranteed that the consumer can enjoy the business that it should be enjoyed to the full.
Description of drawings
Fig. 1 is the signal flow graph of existing business cipher key management system transport service key;
Fig. 2 is that existing business cipher key management system realizes the flow chart that business cipher key pushes;
Fig. 3 is that existing UE will use a flow chart that obtains business cipher key when professional;
Fig. 4 is that the business cipher key management system of the embodiment of the invention realizes the flow chart that business cipher key pushes;
The UE of Fig. 5 embodiment of the invention obtains the flow chart of business cipher key when using business.
Embodiment
The transmission method of business cipher key provided by the invention and system; Its inventive concept is; Service center NAF is before pushing new business cipher key to mobile multi-media terminal UE; Check whether all business all possess the business key label of renewal; If there is some professional business key label of upgrading that lacks, then,, new business cipher key pushes all professional new business cipher keys before using then to UE initiatively to these professional business key label of upgrading of business cipher key management system CAS acquisition request.The UE request is used professional; Through NAF when the CAS requested service key; If the NAF request less than the business cipher key of this business key label, is then asked this professional business key label to CAS according to the service identification of UE requested service again, return to UE thereby get access to the corresponding service key.
Below in conjunction with accompanying drawing and preferred embodiment technical scheme of the present invention is at length set forth.Following examples only are used for explanation and explain the present invention, and do not constitute the restriction to technical scheme of the present invention.
As shown in the figure, represented that the business cipher key management system of the embodiment of the invention realizes the flow process that business cipher key pushes, comprise step:
Step 401: business cipher key management system CAS regularly generates the business cipher key of new business or upgrades and had professional business cipher key;
In CAS, need regularly upgrade business cipher key, be used to guarantee the fail safe of key.
Step 402:CAS gives service center NAF with new business key label through Network Transmission;
Step 403:NAF preserves after receiving the new business key label that CAS sends;
New business key label waits until that new period of key begins just to use, and the general business key all generates before next period of key, with the real-time that guarantees that business cipher key uses.
Step 404:NAF is before pushing new business key label to mobile multi-media terminal UE, and whether all business have all been upgraded business key label in inspection, is execution in step 406 then, otherwise execution in step 405;
Step 405:NAF finds to have and exists professional its business key label not upgrade, to the CAS acquisition request should business new key identification;
Through this step, avoided receiving certain professional business cipher key updating message or other unpredictalbe new business cipher key of this business that causes unusually that CAS sends and not getting access to because of missing.
Step 406:NAF pushes all professional new business cipher keys to UE in advance, and the sign that also is about to the new business cipher key of all business sends to UE.
As shown in Figure 5, be the flow process that the mobile multi-media terminal UE of the embodiment of the invention obtains business cipher key, comprising:
Step 501: mobile multi-media terminal UE sends the professional request message that uses to service center NAF, carries the business key label of requested service in the message;
The business navigation (SG, Service Guide) that UE provides according to NAF, selection needs the business of use, and sends a request message to NAF.NAF can carry out authentification of user to the request of this UE, and operations such as order if said process is all handled success, are just sent this professional business cipher key that obtains through CAS to this UE, and wherein business cipher key is through the user key encrypted transmission.
Step 502:NAF carries out after subscription authentication and subscription process pass through the request of UE, according to the business key label of user's requested service to business cipher key management system CAS requested service key;
Step 503:CAS then sends the request failure response to NAF if do not find this business key label corresponding service key, carries out otherwise change step 507;
CAS inquiry is less than the business key label corresponding service key that NAF sends, and explain that this professional business key label changes, and the business key label after the change is inconsistent with the business key label of NAF transmission.
Step 504:NAF sends to CAS with the service identification of UE requested service, to this professional business key label of CAS request;
Step 505:CAS returns the new business key identification of requested service to NAF;
NAF is updated to this new business key label with old business key label after receiving the new business key identification of CAS transmission.
Step 506:NAF according to the new business key label of this business to CAS requested service key again;
Step 507:CAS searches the corresponding business key according to the business key label of request, and is carried at business cipher key in the success response message and sends to NAF through network;
After step 508:NAF uses user key to encrypt the business cipher key that gets access to, send the success response message of the business cipher key of encrypting through the mobile network to UE.
Perhaps, in step 504, NAF sends to CAS with the service identification of UE requested service, directly to this professional business cipher key of CAS request; In step 505, CAS discovers and seizes business key label according to service identification, and further discovers and seizes the corresponding business key according to this business key label of discovering and seizing, thereby returns the new business key of requested service to NAF in step 506.
After UE receives the business cipher key of encryption, use user key to decipher, here, user key be UE and NAF when carrying out GBA both sides obtain alternately.UE preserves the business cipher key of deciphering.
The embodiment of the invention correspondingly also proposes the transmission system of business cipher key to said method, comprises the business cipher key management system, service center and the mobile multi-media terminal UE that connect successively, wherein:
The business cipher key management system; The business key label that has professional business cipher key of the business cipher key of the new business that is used for regularly generating and/or renewal is transferred to service center, or according to the request of service center new business key label is sent to service center;
Service center is used for after the sign that receives new business cipher key, preserving; Before pushing new business cipher key to UE; If check some professional business key label of upgrading that lacks; Then initiatively get access to these professional business key label of upgrading, and before new business cipher key uses, all professional new business key label are sent to UE to the business cipher key management system requested; When UE requested service and business cipher key thereof; If the sign according to the business cipher key of asking is obtained less than the corresponding business key from professional key management system; Then the service identification according to requested service gets access to this professional business key label to the business cipher key management system again, and gets access to the corresponding business key thus and send to UE.
Mobile multi-media terminal UE is used for when business is used in request, obtaining this professional business cipher key according to the business key label of receiving from service center and through service center to the business cipher key management system requested.
In sum; The present invention is because the business key label between service center and business cipher key management system occurs inconsistent; Perhaps do not upgrade in time at the business cipher key reproducting periods; Service center initiatively obtains up-to-date business key label to the business cipher key management system; Thereby the UE that causes unusually that solves between service center and the business cipher key management system can't obtain business cipher key when enjoying business, strengthened business cipher key management system self-repairing capability, thereby guaranteed business cipher key management system reliability, fail safe.