CN102215131B - Management method and device of functional License - Google Patents

Management method and device of functional License Download PDF

Info

Publication number
CN102215131B
CN102215131B CN201110162279.XA CN201110162279A CN102215131B CN 102215131 B CN102215131 B CN 102215131B CN 201110162279 A CN201110162279 A CN 201110162279A CN 102215131 B CN102215131 B CN 102215131B
Authority
CN
China
Prior art keywords
license
ciphertext
plaintext
module
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110162279.XA
Other languages
Chinese (zh)
Other versions
CN102215131A (en
Inventor
王浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201110162279.XA priority Critical patent/CN102215131B/en
Publication of CN102215131A publication Critical patent/CN102215131A/en
Priority to PCT/CN2012/076728 priority patent/WO2012171449A1/en
Application granted granted Critical
Publication of CN102215131B publication Critical patent/CN102215131B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a management method and device of functional License. The management method comprises the following steps of: loading a plaintext License and a corresponding ciphertext License; encrypting the plaintext License and an IP (Internet Protocol) address of network element equipment through a preset encryption algorithm so as to generate a ciphertext; and if the generated ciphertext is matched with the ciphertext License, loading a functional program designated by the plaintext License. According to the invention, only the specific authorized function can be used by a user.

Description

A kind of management method and device of function License
Technical field
The present invention relates to communication network field, more particularly to a kind of method and device of the management of function License.
Background technology
In SDH equipment, in addition to basic function, sometimes for control, whether some specific functions need to carry for equipment vendor For.Such as some orders may need control plane management function, and other orders may not be needed control plane management work( Energy.If all taking all of order and this function is provided, the nothing of some unnecessary wastes and user is likely to result in Repay and use, it is therefore desirable to which a kind of method is provided, user can be allowed only to use the function of its mandate.What is typically taken at present is configuration When the method for file, i.e. equipment start, determined the need for starting some functions according to the content of configuration file, but it is this One unfavorable factor of method is that client can by hand change these configuration files to use itself and undelegated function sometimes. Have plenty of and license is stored in into network management center, loaded again when needing, be a kind of technology of real-time application License, and The generation of License is relevant with device hardware port number, device type, version, and when system upgrade, License has to together Step updates, and realizes extremely complex.
The content of the invention
The technical problem to be solved in the present invention is to provide a kind of management method and device of function License, so that user The specific function for authorizing can only be used.
In order to solve above-mentioned technical problem, the invention provides a kind of license of function(License)Management method, bag Include:
Loading plaintext License and corresponding ciphertext License;
The IP address of the plaintext License and this network element device is encrypted by predetermined AES, Generate a ciphertext;
If the ciphertext for generating is matched with ciphertext License, the function journey that the plaintext License is specified is loaded Sequence.
Further, said method also has following feature:The plaintext License and ciphertext License are pre- First store.
Further, said method also has following feature:The step of the loading plaintext License and ciphertext License Suddenly include:
Download the plaintext License and ciphertext License;
After receiving activation License orders, the plaintext License and ciphertext License for downloading is loaded.
Further, said method also has following feature:The AES is irreversible encryption algorithm.
Further, said method also has following feature:The plaintext License at least includes the specified function journey The number information of sequence.
In order to solve the above problems, the present invention provides a kind of management function license(License)Device, be applied to network element In equipment, including:
First load-on module, for loading plaintext License and corresponding ciphertext License;
Encrypting module, for being entered to the IP address of the plaintext License and the network element by predetermined AES Row encryption, generates a ciphertext;
Second load-on module, the situation that the ciphertext for generating in the encrypting module is matched with ciphertext License Under, load the function program that the plaintext License is specified.
Further, said apparatus also have following feature:Described device also includes:Memory module, for prestoring The plaintext License and ciphertext License.
Further, said apparatus also have following feature:Described device also includes:
Download module, for downloading the plaintext License and ciphertext License;
First load-on module, is after activation License orders are received, to load being stated clearly for the download module download Literary License and ciphertext License.
Further, said apparatus also have following feature:The AES is irreversible encryption algorithm.
Further, said apparatus also have following feature:The plaintext License at least includes the specified function journey The number information of sequence.
In order to solve the above problems, present invention also offers a kind of network element device, including the license of above-mentioned management function (License)Device.
To sum up, the management method and device of a kind of function License that the present invention is provided, can be such that user uses and award The specific function of power.
Description of the drawings
Fig. 1 is the schematic diagram of the device of management function License of the embodiment of the present invention;
Fig. 2 is a kind of flow chart of the management method of function License of the present invention;
Fig. 3 is the flow chart of the management method of function License of the embodiment of the present invention one;
Fig. 4 is the flow chart of the management method of function License of the embodiment of the present invention two.
Specific embodiment
To make the object, technical solutions and advantages of the present invention become more apparent, below in conjunction with accompanying drawing to the present invention Embodiment be described in detail.It should be noted that in the case where not conflicting, in the embodiment and embodiment in the application Feature can mutual combination in any.
Fig. 1 is the schematic diagram of the device of management function License of the embodiment of the present invention, as shown in figure 1, the present embodiment Device includes:
First load-on module, for loading plaintext License and ciphertext License;
Encrypting module, for being entered to the IP address of the plaintext License and the network element by predetermined AES Row encryption, generates a ciphertext;
Second load-on module, the situation that the ciphertext for generating in the encrypting module is matched with ciphertext License Under, load the function program that the plaintext License is specified.
In the present embodiment, described device can also include:
Memory module, for prestoring the plaintext License and ciphertext License.
In the present embodiment, described device can also include:
Download module, for downloading the plaintext License and ciphertext License;
First load-on module, is after activation License orders are received, to load being stated clearly for the download module download Literary License and ciphertext License.
In the present embodiment, the AES is irreversible encryption algorithm, and the plaintext License at least includes the finger Determine the number information of function program.
The present invention also provides a kind of network element device, including the device of above-mentioned management function License.
The device of above-mentioned management function License can be widely used in SDH(SDH)In equipment, also may be used certainly In being adapted to other equipment.
Fig. 2 is a kind of flow chart of the management method of function License of the present invention, as illustrated, including below step:
S10, network element device loading plaintext License and ciphertext License;
S20, network element device are entered by predetermined AES to the IP address of the plaintext License and this network element device Row encryption, generates a ciphertext;
If S30, the ciphertext for generating are matched with ciphertext License, the function that the plaintext License is specified is loaded Program.
Wherein, the plaintext License is at least including the number information of the specified function program.
The method of the present invention allows client that specific function could be used only in the case where being authorized.Certainly it is of the invention Method there is universality, however it is not limited to certain specific function, for it is every kind of need authorize function, can be according to we Method is processed.
The present invention overcomes traditional License functions to need License servers, more complicated shortcoming, there is provided one Individual at one end(Network element device)I.e. enforceable function control method, and realize that simply user is difficult to crack, also, each The License of network element device is unique, and user is difficult to replicate.
Below with SDH(SDH)The method of the present invention is carried out as a example by the License of equipment loading detailed Explanation.
In the present embodiment, License clear text files are stored on the memorizer of SDH equipment, including plaintext License; License cryptograph files, are stored on SDH equipment memorizer, including ciphertext License through encrypting.Ciphertext License by Plaintext License and SDH equipment IP address are generated by AES, each cryptograph files one clear text file of correspondence.
Compared with prior art, License match condition of the present invention according to equipment loading, it is determined whether provide specific Function, it is to avoid the use without compensation of user;Using network element IP address as keyword, the unique of network element License is realized Property, it is to avoid one License of multiple network elements;Implementation method is simple, and efficiency is higher;Engineering operation is simple, beneficial to engineering construction, generation Valency is relatively low.
Fig. 3 is the flow chart of the management method of function License of the embodiment of the present invention one, as illustrated, including following Step:
Step 101:Before SDH equipment delivery, can as agreed, according to create-rule by plaintext LICESEN, this SDH The IP of equipment generates corresponding ciphertext LICENSE, and plaintext LICESEN and ciphertext LICENSE are stored together into SDH equipment In License catalogues.
Wherein, plaintext LICESEN can be defined with following rule:Production time(Date, 8 character bits)+ Contract number(32, zero padding before deficiency)+ serial number(Start to add up successively from 1)+ function number.Function number is SDH equipment The numbering for supporting function is needed, multiple functions can be simultaneously controlled using coding rule.
Step 102:License Management module when the master control board starting of SDH equipment, in SDH equipment(Equivalent to above The device of described management function License)License clear text files and License ciphertexts below loading License catalogues File, if lack wherein any one, terminate.
Step 103:License Management module reads the IP address of SDH equipment, calls the MD5 of itself(Message Digest 5 5th edition)AES is encrypted to plaintext License and IP address, generates ciphertext License.
Wherein, encryption rule is:Using irreversible encryption algorithm MD5, while in encryption, by IP address of equipment and plaintext Encrypt together, it is ensured that each equipment must buy License, it is to avoid a License is used for multiple equipment simultaneously.
Step 104:It is right that License Management module carries out the ciphertext of Program Generating and the License cryptograph files for reading Than if it does, then explanation ciphertext is strictly what is generated by plaintext License according to pre-defined rule, the control specified can be loaded Plane management function processed;If mismatching or without License, being not loaded with control plane management function.
On startup without correct License clear text files and License cryptograph files, or it is not this network element pair The plaintext License for answering and ciphertext License, then can not load the control plane management function specified.If subsequently got The License clear text files and License cryptograph files of the network element, the then external interface that can be provided by SDH equipment, is swashed Serve sb. right License, makes it possible to the management of Loading Control plane, that is, provide License hot-swapping functions.
Fig. 4 is the flow chart of the management method of function License of the embodiment of the present invention two, as illustrated, including following Step:
Step 201:Using FTP(File Transfer Protocol, file transfer protocol (FTP))Upload in plain text to SDH equipment License and ciphertext License.
Step 202:SDH equipment is downloaded after corresponding plaintext License and ciphertext License, by webmaster or telnet(The Internet)Activation License orders are sent to SDH equipment.
Step 203:The License Management module of SDH equipment is received after activation License orders, loads License mesh The following License clear text files of record and License cryptograph files, turn to step 204;If lacking License clear text files With License cryptograph files wherein any one, then return activation failure, terminate.
Step 204:License Management module reads the IP address of SDH equipment, calls the MD5 of itself(Message Digest 5 5th edition)AES is encrypted to plaintext License and IP address, generates ciphertext License.
Step 205:It is right that License Management module carries out the ciphertext of Program Generating and the License cryptograph files for reading Than if it does, then explanation ciphertext is strictly what is generated by plaintext License according to pre-defined rule, the control specified can be loaded Plane management function processed;If mismatching or without License, being not loaded with control plane management function.
One of ordinary skill in the art will appreciate that all or part of step in said method can be instructed by program Related hardware is completed, and described program can be stored in computer-readable recording medium, such as read only memory, disk or CD Deng.Alternatively, all or part of step of above-described embodiment can also be realized using one or more integrated circuits.Accordingly Ground, each module/unit in above-described embodiment can be realized in the form of hardware, it would however also be possible to employ the shape of software function module Formula is realized.The present invention is not restricted to the combination of the hardware and software of any particular form.
These are only the preferred embodiments of the present invention, it is noted that above-mentioned specific embodiment can be to needing in system The function of licensing is controlled, it is to avoid the waste and use without compensation of partial function.Certainly, the present invention can also have other many Embodiment is planted, in the case of without departing substantially from spirit of the invention and its essence, those of ordinary skill in the art work as can be according to this It is bright to make various corresponding changes and deformation, but these corresponding changes and deformation should all belong to appended claims of the invention Protection domain.

Claims (11)

1. a kind of function permits the management method of (License), including:
Loading plaintext License and corresponding ciphertext License;
The IP address of the plaintext License and this network element device is encrypted by predetermined AES, is generated One ciphertext;
If the ciphertext for generating is matched with ciphertext License, the function program that the plaintext License is specified is loaded.
2. the method for claim 1, it is characterised in that:The plaintext License and ciphertext License are advance Storage.
3. the method for claim 1, it is characterised in that:The step of loading plaintext License and ciphertext License Including:
Download the plaintext License and ciphertext License;
After receiving activation License orders, the plaintext License and ciphertext License for downloading is loaded.
4. the method as described in any one of claim 1-3, it is characterised in that:The AES is irreversible encryption algorithm.
5. the method as described in any one of claim 1-3, it is characterised in that:The plaintext License at least includes the finger The number information of fixed function program.
6. a kind of management function permits the device of (License), in being applied to network element device, including:
First load-on module, for loading plaintext License and corresponding ciphertext License;
Encrypting module, for carrying out adding to the IP address of the plaintext License and the network element by predetermined AES Close process, generates a ciphertext;
Second load-on module, in the case of matching with ciphertext License in the ciphertext that the encrypting module is generated, plus Carry the function program that the plaintext License is specified.
7. device as claimed in claim 6, it is characterised in that:Described device also includes:
Memory module, for prestoring the plaintext License and ciphertext License.
8. device as claimed in claim 6, it is characterised in that:Described device also includes:
Download module, for downloading the plaintext License and ciphertext License;
First load-on module, is after activation License orders are received, to load the plaintext that the download module is downloaded License and ciphertext License.
9. the device as described in any one of claim 6-8, it is characterised in that:The AES is irreversible encryption algorithm.
10. the device as described in any one of claim 6-8, it is characterised in that:The plaintext License at least includes the finger The number information of fixed function program.
11. a kind of network element devices, including the device as described in any one of claim 6-10.
CN201110162279.XA 2011-06-16 2011-06-16 Management method and device of functional License Active CN102215131B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201110162279.XA CN102215131B (en) 2011-06-16 2011-06-16 Management method and device of functional License
PCT/CN2012/076728 WO2012171449A1 (en) 2011-06-16 2012-06-11 Management method and apparatus for function license

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110162279.XA CN102215131B (en) 2011-06-16 2011-06-16 Management method and device of functional License

Publications (2)

Publication Number Publication Date
CN102215131A CN102215131A (en) 2011-10-12
CN102215131B true CN102215131B (en) 2017-04-12

Family

ID=44746270

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110162279.XA Active CN102215131B (en) 2011-06-16 2011-06-16 Management method and device of functional License

Country Status (2)

Country Link
CN (1) CN102215131B (en)
WO (1) WO2012171449A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102215131B (en) * 2011-06-16 2017-04-12 中兴通讯股份有限公司 Management method and device of functional License
CN103592927A (en) * 2013-11-26 2014-02-19 蓝盾信息安全技术股份有限公司 Method for binding product server and service function through license
CN104469756B (en) * 2014-12-09 2018-11-02 京信通信系统(中国)有限公司 BTS service processing method and system
CN109460639A (en) * 2018-12-04 2019-03-12 郑州云海信息技术有限公司 A kind of license authentication control method, device, terminal and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1582422A (en) * 2001-09-04 2005-02-16 诺基亚有限公司 Method to protect software against unauthorized use
CN1780218A (en) * 2004-11-18 2006-05-31 华为技术有限公司 User tracking control method
CN1791005A (en) * 2004-12-16 2006-06-21 华为技术有限公司 Wireless network ability controlled centralized management system and method
CN101051909A (en) * 2007-05-16 2007-10-10 华为技术有限公司 Authorizing method for controling multiple device and commmunication device and server
CN101930516A (en) * 2010-09-09 2010-12-29 南京中兴特种软件有限责任公司 Method for using license of embedded equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4958671B2 (en) * 2007-07-24 2012-06-20 キヤノン株式会社 License management apparatus, license management method, and computer program
CN101197677A (en) * 2007-12-27 2008-06-11 腾讯科技(深圳)有限公司 Internet product login method and apparatus supporting extra parameter login
CN102215131B (en) * 2011-06-16 2017-04-12 中兴通讯股份有限公司 Management method and device of functional License

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1582422A (en) * 2001-09-04 2005-02-16 诺基亚有限公司 Method to protect software against unauthorized use
CN1780218A (en) * 2004-11-18 2006-05-31 华为技术有限公司 User tracking control method
CN1791005A (en) * 2004-12-16 2006-06-21 华为技术有限公司 Wireless network ability controlled centralized management system and method
CN101051909A (en) * 2007-05-16 2007-10-10 华为技术有限公司 Authorizing method for controling multiple device and commmunication device and server
CN101930516A (en) * 2010-09-09 2010-12-29 南京中兴特种软件有限责任公司 Method for using license of embedded equipment

Also Published As

Publication number Publication date
CN102215131A (en) 2011-10-12
WO2012171449A1 (en) 2012-12-20

Similar Documents

Publication Publication Date Title
TWI763710B (en) Nuts: encrypted userdata transit and storage
CN104520805B (en) According to the security application ecosystem with key and data exchange of company information control strategy
RU2523216C2 (en) File uploading method and system for web application
TWI420339B (en) Software authorization system and method
CN101571900B (en) Software copyright protection method, device and system
CN106951788A (en) Client vehicles data security methods
CN111492355B (en) Method and control system for controlling and/or monitoring a device
CN104246784B (en) For protecting the method, apparatus and system with safely transmission media content
CN103685554A (en) Upgrading method, device and system
CN105468990A (en) Sensitive information management control method and apparatus
CN103329121A (en) Document management system and method
CN107231490A (en) Dynamic updates method, client and the server of IOS system applications
US10630722B2 (en) System and method for sharing information in a private ecosystem
CN105227565A (en) Anti-reversing for Android system cracks the method and apparatus of shared object file
CN113055380B (en) Message processing method and device, electronic equipment and medium
CN102215131B (en) Management method and device of functional License
CN112860791A (en) Cross-network data synchronous control system, method and storage medium
CN103905557A (en) Data storage method and device used for cloud environment and downloading method and device
EP2556461A1 (en) Digital asset authentication system and method
JP2004171367A (en) Circuit operation simulation device, circuit operation simulation method, circuit operation simulation program, and circuit information decoding program
CN111984989A (en) Method, device, system and medium for verifying, issuing and accessing URL (uniform resource locator)
CN112270007A (en) Data safe box implementation method based on block chain
CN110880965A (en) Outgoing electronic document encryption method, system, terminal and storage medium
CN103001775B (en) A kind of safety management system based on ESB and method
CN108512824A (en) The management method and mobile terminal of a kind of family high in the clouds file

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant