CN102523232A - Method for granting display license based on participation of digital content providers - Google Patents

Method for granting display license based on participation of digital content providers Download PDF

Info

Publication number
CN102523232A
CN102523232A CN2011104476780A CN201110447678A CN102523232A CN 102523232 A CN102523232 A CN 102523232A CN 2011104476780 A CN2011104476780 A CN 2011104476780A CN 201110447678 A CN201110447678 A CN 201110447678A CN 102523232 A CN102523232 A CN 102523232A
Authority
CN
China
Prior art keywords
server
license
streaming media
licence
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2011104476780A
Other languages
Chinese (zh)
Inventor
王汝传
虞传明
孙力娟
韩志杰
李致远
林巧民
肖甫
黄海平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post and Telecommunication University
Original Assignee
Nanjing Post and Telecommunication University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post and Telecommunication University filed Critical Nanjing Post and Telecommunication University
Priority to CN2011104476780A priority Critical patent/CN102523232A/en
Publication of CN102523232A publication Critical patent/CN102523232A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

一种基于数字内容提供商参与的播放许可证书发放方法来提供播放许可证书发放的过程的完整性与机密性保护。当用户需要观看某一个节目时,第一步,UE需要与SN-T相连并发起业务请求,UE再与SN-C相连并进行后续动作;第二步,UE与SN-C相连并发起业务请求,然后SN-C联系Portal获取流媒体CS服务器信息;第三步,SN-C选择合适的CS服务器获得第一个流媒体内容分片;第四步,在SN-C与DRM服务器之间建立起一条安全通信链路,流媒体文件头部发送给DRM服务器;第五步,DRM服务器将生成的许可证发送给SN-C;第六步,SN-C联系收到播放许可证后,与UE的归属SN-C交互扣除用户费用,加密播放许可证书,并发送给UE。

Figure 201110447678

A method for issuing broadcast license certificates based on the participation of digital content providers provides integrity and confidentiality protection for the process of issuing broadcast license certificates. When a user needs to watch a certain program, the first step is that the UE needs to connect to SN-T and initiate a service request, and the UE then connects to SN-C and perform follow-up actions; the second step is that UE connects to SN-C and initiates a service request, and then SN-C contacts Portal to obtain the streaming media CS server information; the third step, SN-C selects the appropriate CS server to obtain the first streaming media content fragment; the fourth step, between SN-C and the DRM server A secure communication link is established, and the header of the streaming media file is sent to the DRM server; the fifth step, the DRM server sends the generated license to SN-C; the sixth step, after SN-C contacts and receives the playback license, Interact with the UE's home SN-C to deduct the user fee, encrypt the playback license certificate, and send it to the UE.

Figure 201110447678

Description

一种基于数字内容提供商参与的播放许可证书发放方法A Method for Issuing Playing Licenses Based on the Participation of Digital Content Providers

技术领域 technical field

本发明是一种基于数字内容提供商参与的播放许可证书发放方案。主要用于解决数字版权保护中播放许可证书发放的安全问题,属于软件技术领域。The present invention is a play license issue scheme based on the participation of digital content providers. It is mainly used to solve the security problem of broadcast license issuance in digital copyright protection, and belongs to the field of software technology.

背景技术 Background technique

基于公钥密码体制的公钥基础设施PKI,是实现安全电子商务、电子政务、公共信息安全交换的有效基础设施,是实现信息机密性、鉴别性、完整性和不可否认性的有效技术。PKI的核心是权威认证机构CA,负责证书——捆绑实体身份和公钥的数据结构——发放与管理。其中,证书的请求与发放是证书管理的重要环节之一,保证证书发放过程的安全性、完整性、可鉴别性是确保证书有效性和过程有效性的关键。一般,证书请求与发放的方法有两种:一是“集中式机制”,该机制无需初始鉴别CA/RA,不需在线鉴别请求,密钥对可以在RA/CA处产生(集中生成),信息传递无需确认;另一种是基本鉴别机制”,该机制对初始化、请求和确认的各个环节进行鉴别。公共网络(Internet/Intranet)充满了各种潜在的威胁与攻击,随时可能有攻击者截获、篡改关键信息。如用户证书请求信息或RA/CA签发的证书遭到截获并篡改,都会使得证书失去有效性。The public key infrastructure PKI based on the public key cryptography system is an effective infrastructure for secure e-commerce, e-government, and public information security exchange, and an effective technology for information confidentiality, authentication, integrity, and non-repudiation. The core of PKI is the authoritative certification authority CA, which is responsible for the issuance and management of certificates—a data structure that binds entity identities and public keys. Among them, the request and issuance of certificates is one of the important links of certificate management. Ensuring the security, integrity and authenticity of the certificate issuance process is the key to ensure the validity of certificates and the effectiveness of the process. Generally, there are two methods for certificate request and issuance: one is "centralized mechanism", which does not require initial authentication of CA/RA and online authentication request, and the key pair can be generated at RA/CA (centralized generation), Information transmission does not need to be confirmed; the other is the basic authentication mechanism, which authenticates each link of initialization, request and confirmation. The public network (Internet/Intranet) is full of various potential threats and attacks, and there may be attackers at any time Interception and tampering of key information. For example, if the user certificate request information or the certificate issued by RA/CA is intercepted and tampered with, the certificate will lose its validity.

发明内容 Contents of the invention

技术问题:本发明的目的是提供一种基于数字内容提供商参与的播放许可证书发放方法,基于数字内容提供商参与的播放许可证书发放方案在播放许可证书发放的过程中引入数字内容提供商部署的节点来参与到播放许可证书的发放过程,并通过与数字版权保护服务器建立安全通信链路来提供完整性与机密性保护。Technical problem: The purpose of this invention is to provide a method for issuing broadcast license certificates based on the participation of digital content providers, and to introduce the deployment of digital content providers in the process of issuing broadcast license certificates. The nodes participate in the issuance process of the playback license certificate, and provide integrity and confidentiality protection by establishing a secure communication link with the digital copyright protection server.

技术方案:本发明的基于数字内容提供商参与的播放许可证书发放方法是一种在数字版权保护播放许可证书发放过程中引入数字内容提供商参与的许可证书发放方案,在播放许可证书发放过程中,通过SN-C节点数字版权保护服务器之间建立安全通信链路,并提供完整性和机密性保护来保障播放许可证书发放过程的安全性。Technical solution: The broadcasting license issuance method based on the participation of digital content providers in the present invention is a license issuance scheme that introduces the participation of digital content providers in the digital copyright protection broadcasting license issuance process. , establish a secure communication link between the SN-C node digital copyright protection servers, and provide integrity and confidentiality protection to ensure the security of the broadcast license issuance process.

每一个用户有一个各不相同的名字,一个可信的认证中心给每一个用户分配一个惟一的名字并签发一个包含名字和用户公开密钥的证书。Each user has a different name, and a trusted certification center assigns a unique name to each user and issues a certificate containing the name and the user's public key.

如果甲和乙通信,他首先必须从数据库中取得乙的证书,然后对它进行验证,同样乙也要对甲进行证书验证,这样交易双方的身份就可以确认了。验证完成后,持证人甲向持证人乙传送数字信息,为了保证信息传送的真实性、完整性和不可否认性,需要对要传送的信息进行数字加密和数字签名,其传送过程如下:If A and B communicate, he must first obtain B's certificate from the database, and then verify it, and B also needs to verify A's certificate, so that the identities of both parties can be confirmed. After the verification is completed, the holder A transmits digital information to the holder B. In order to ensure the authenticity, integrity and non-repudiation of the information transmission, it is necessary to digitally encrypt and digitally sign the information to be transmitted. The transmission process is as follows:

(1)采用数字证书的原理,甲将要发送的信息生成一个摘要。(1) Using the principle of digital certificates, A generates a summary of the information to be sent.

(2)甲对这个摘要进行数字签名,即用他的私钥对这个摘要进行加密,加密后的摘要发送到乙方,如果乙可以用甲的公钥对加密后的摘要解密,甲就无法否认这个摘要是他发送的,即解决了信息的不可抵赖性。(2) A digitally signs the abstract, that is, encrypts the abstract with his private key, and sends the encrypted abstract to Party B. If B can decrypt the encrypted abstract with A’s public key, A cannot deny This digest was sent by him, which resolves the non-repudiation of the information.

(3)甲随机产生一个对称密钥,并用此密钥对要发送的信息(与之前要发送的信息相同)进行加密,加密后生成密文。(3) A randomly generates a symmetric key, and uses this key to encrypt the information to be sent (same as the information to be sent before), and generates ciphertext after encryption.

(4)甲用乙的公钥对随机产生的那把对称密钥加密,将加密后的密钥和密文一同发送到乙方。由于甲是用乙的公钥对对称密钥加密的,因此只有乙用他的私钥可以对其解密,然后将解开的对称密钥将密文解密,这样就保证了信息的保密性。(4) A uses B's public key to encrypt the randomly generated symmetric key, and sends the encrypted key and ciphertext to Party B. Since A encrypts the symmetric key with B's public key, only B can decrypt it with his private key, and then decrypt the ciphertext with the decrypted symmetric key, thus ensuring the confidentiality of the information.

(5)乙将密文解开后同样采用数字证书技术将解开的信息生成一个摘要,将这个新产生的摘要和甲发送给他的摘要相比较,如果这两个摘要相同,则说明乙收到的信息没有被修改过,这样就可以来验证信息的完整性。(5) After B decrypts the ciphertext, he also uses digital certificate technology to generate a summary of the decrypted information, and compares the newly generated summary with the summary sent to him by A. If the two summaries are the same, it means that B The information received has not been modified so that the integrity of the information can be verified.

为:在播放许可证书发放的过程中引入数字内容提供商部署的节点,来参与到播放许可证书的发放过程,并通过与数字版权保护服务器建立安全通信链路来提供完整性与机密性保护,具体需要部署的节点包括核心超级节点SN-C、缓存服务器CS、入口服务器portal:To: Introduce nodes deployed by digital content providers in the process of issuing license certificates to participate in the process of issuing license certificates, and provide integrity and confidentiality protection by establishing a secure communication link with the digital copyright protection server, The specific nodes that need to be deployed include the core super node SN-C, the cache server CS, and the entry server portal:

核心超级节点SN-C:是核心网中用来提供信令服务的节点;Core super node SN-C: a node used to provide signaling services in the core network;

缓存服务器CS:负责内容的中转和向用户UE发送流数据;Cache server CS: responsible for transferring content and sending stream data to user UE;

入口服务器portal:提供直播的频道列表和点播的节目列表,并向用户提供检索服务。Entrance server portal: Provides a list of live channels and on-demand programs, and provides retrieval services to users.

基于数字内容提供商参与的播放许可证书发放过程的具体步骤为:The specific steps of the broadcast license issuance process based on the participation of digital content providers are as follows:

1)客户端向核心超级节点SN-C发起业务请求,核心超级节点SN-C选择合适的缓存服务器CS获得第一个流媒体内容分片,包含打包文件的头;1) The client initiates a service request to the core supernode SN-C, and the core supernode SN-C selects an appropriate cache server CS to obtain the first streaming media content segment, including the header of the packaged file;

2)播放客户端检查本地是否拥有该流媒体文件的播放许可证,如已拥有未过期或尚有播放次数的播放许可证,则直接播放;否则,继续第3)步;2) The playback client checks whether there is a playback license for the streaming media file locally, if it has a playback license that has not expired or has a number of times to play, it will play directly; otherwise, continue to step 3);

3)播放客户端将定制服务类型、流媒体文件头部发送到核心超级节点SN-C;3) The playback client sends the customized service type and streaming media file header to the core super node SN-C;

4)核心超级节点SN-C与入口服务器portal进行交互,确定数字版权保护服务器DRM的地址,并与数字版权保护服务器DRM之间建立起一条通信链路,提供机密性和完整性保护,将用户定制服务类型、流媒体文件头部发送给数字版权保护服务器DRM;4) The core super node SN-C interacts with the entrance server portal, determines the address of the digital rights protection server DRM, and establishes a communication link with the digital rights protection server DRM to provide confidentiality and integrity protection, and the user Customize the service type and stream media file header and send it to the digital rights protection server DRM;

5)数字版权保护服务器DRM用打包器的公钥对文件头的签名进行验证,查询解密密钥,生成播放许可证,证书中包含的信息有流媒体解密密码、流媒体解密技术、播放次数、许可证过期时间等;然后生成该播放许可证的加密密钥,对其进行加密处理;5) The digital rights protection server DRM uses the public key of the packager to verify the signature of the file header, query the decryption key, and generate a playback license. The information contained in the certificate includes streaming media decryption password, streaming media decryption technology, playback times, License expiration time, etc.; then generate the encryption key of the playback license and encrypt it;

6)数字版权保护服务器DRM将加密的播放许可证传送给核心超级节点SN-C,该核心超级节点SN-C依次进行如下操作:6) The digital rights protection server DRM transmits the encrypted playback license to the core supernode SN-C, and the core supernode SN-C performs the following operations in turn:

a)首先使用用户IP多媒体私有标识IMPI号加密流媒体解密密钥;a) first use the user IP multimedia private identification IMPI number to encrypt the streaming media decryption key;

b)再使用会话密钥加密播放许可证;b) use the session key to encrypt the playback license;

c)然后与用户的归属核心超级节点SN-C交互扣除用户费用;c) Then interact with the user's home core super node SN-C to deduct user fees;

d)最后将播放许可证发放给播放客户端;d) finally issue the playback license to the playback client;

7)客户端解密播放许可证、流媒体解密密钥得到流媒体解密相关信息;7) The client decrypts the playback license and the streaming media decryption key to obtain information related to streaming media decryption;

至此为止,客户端已经完成了获取播放许可证的过程,此后,播放客户端继续向流媒体服务器请求流媒体内容,并进行解密播放。So far, the client has completed the process of obtaining the playback license. After that, the playback client continues to request the streaming media content from the streaming media server, and decrypt and play it.

有益效果:本发明提出一种基于数字内容提供商参与的播放许可证书发放方案,其特征在于该方案在播放许可证书发放的过程中引入数字内容提供商部署的节点来参与到播放许可证书的发放过程,并通过与数字版权保护服务器建立安全通信链路来提供完整性与机密性保护,保证证书申请与发放全过程的完整、有效。Beneficial effects: the present invention proposes a broadcasting license issuance scheme based on the participation of digital content providers, which is characterized in that the scheme introduces nodes deployed by digital content providers to participate in the issuance of broadcasting licenses in the process of issuing broadcasting licenses process, and provide integrity and confidentiality protection by establishing a secure communication link with the digital copyright protection server to ensure the integrity and validity of the entire process of certificate application and issuance.

本方案有效地保证了证书申请中的信息安全要求特性:This solution effectively guarantees the information security requirements in the certificate application:

(1)保密性:用户提交的请求信息、证书返回的响应信息、用户的确认信息都封装在数字信封中,保证传递信息的机密性。虽然证书最后是公开的,但在正式批准发布前可能不希望信息外漏(如申请信息中可能涉及正式证书中不包括个人隐私)。(1) Confidentiality: The request information submitted by the user, the response information returned by the certificate, and the user's confirmation information are all encapsulated in a digital envelope to ensure the confidentiality of the transmitted information. Although the certificate is finally made public, it may not be desirable for information to be leaked before it is officially approved for release (for example, the application information may involve formal certificates that do not include personal privacy).

(2)鉴别性:包括对证书的鉴别和拥有私钥端用户的鉴别。用户在证书请求信息中加入私钥签名,证书可验证请求者拥有有效私钥。用户拆解数字信封并私钥签名确认信息,表明该证书被用户正确获取,因为只有真正拥有有效私钥者才能拆解证书响应信息,获得证书中证书签名,并用用户私钥签名该证书签名。(2) Authentication: including authentication of certificates and authentication of end users with private keys. The user adds a private key signature to the certificate request information, and the certificate can verify that the requester has a valid private key. The user disassembles the digital envelope and signs the confirmation information with the private key, indicating that the certificate has been correctly obtained by the user, because only those who have a valid private key can disassemble the certificate response information, obtain the certificate signature in the certificate, and sign the certificate signature with the user's private key.

(3)完整性:在会话的每个过程,使用数字签名,保证信息的完整性,可以发现传输过程中的篡改或传输错误。(3) Integrity: In each process of the session, digital signatures are used to ensure the integrity of the information, and tampering or transmission errors in the transmission process can be found.

(4)不可否认性:证书用私钥签发的响应信息,用户签发的确认信息都有不可否认性,保证证书源的可靠和用户获得并确认证书的不可抵赖性(用户的不可抵赖来源于他真正拥有私钥),这里不涉及法律范畴。(4) Non-repudiation: The response information issued by the certificate with the private key and the confirmation information issued by the user are all non-repudiable, ensuring the reliability of the certificate source and the non-repudiation of the certificate obtained and confirmed by the user (the user's non-repudiation comes from others Really own the private key), there is no legal scope involved here.

(5)这种鉴别传输过程可以有效防止中间人攻击。首先可以保证端用户获得公钥证书(通过公开媒体、公开散列值)有效性;最后的签名证书保证证书发放的有效性,中间人在协议的任何一个阶段的篡改都将导致全过程的失败。(5) This authentication transmission process can effectively prevent man-in-the-middle attacks. First of all, it can ensure the validity of the public key certificate obtained by the end user (through public media and public hash value); the final signature certificate guarantees the validity of the certificate issuance, and tampering by the middleman at any stage of the agreement will lead to the failure of the whole process.

附图说明 Description of drawings

图1是数字版权保护机制总体结构,Figure 1 is the overall structure of the digital copyright protection mechanism,

图2是数字版权保护机制的场景设定,Figure 2 is the scene setting of the digital copyright protection mechanism.

图3是播放许可证发放过程。Figure 3 is the process of issuing licenses.

具体实施方式 Detailed ways

本发明是一种在数字版权保护播放许可证书发放过程中引入数字内容提供商参与的许可证书发放方案,在播放许可证书发放过程中,通过SN-C节点数字版权保护服务器之间建立安全通信链路,并提供完整性和机密性保护来保障播放许可证书发放过程的安全性。具体方案为:The present invention is a license issuing scheme that introduces digital content providers to participate in the issuing process of digital copyright protection playing licenses. In the issuing process of playing licenses, a secure communication link is established between digital copyright protection servers of SN-C nodes and provide integrity and confidentiality protection to ensure the security of the broadcast license issuance process. The specific plan is:

首先,UE需要与SN-T相连并发起业务请求,然后SN-T通过portal的资源查询确定适合的SN-C,然后再将SN-C的地址告诉UE,UE再与SN-C相连并进行后续动作;First, the UE needs to connect with SN-T and initiate a service request, then SN-T determines the suitable SN-C through the resource query of the portal, and then tells the UE the address of SN-C, and the UE connects to SN-C and proceeds follow-up action;

其次,UE与SN-C相连并发起业务请求,然后SN-C联系Portal获取流媒体CS服务器信息;Secondly, UE connects to SN-C and initiates a service request, and then SN-C contacts Portal to obtain streaming media CS server information;

接着,SN-C选择合适的CS服务器获得第一个流媒体内容分片(包含打包文件的头)。Next, the SN-C selects an appropriate CS server to obtain the first streaming media content segment (including the header of the packaged file).

至此,客户端检查用户是否已经拥有播放许可证。若没有播放许可证或播放许可证已过期,则客户端将流媒体文件头部一起发送给SN-C,该SN-C节点再与Portal节点进行交互,获取DRM服务器地址,然后SN-C与DRM服务器之间建立起一条安全通信链路,提供机密性和完整性保护,并将用户定制服务类型,流媒体文件头部发送给DRM服务器;DRM服务器将生成的许可证发送给SN-C;SN-C联系收到播放许可证后,与UE的归属SN-C交互扣除用户费用,加密播放许可证书,并发送给UE。详细过程描述如下:At this point, the client checks whether the user already has a playback license. If there is no playback license or the playback license has expired, the client sends the streaming media file header to the SN-C, and the SN-C node interacts with the Portal node to obtain the DRM server address, and then the SN-C communicates with the A secure communication link is established between the DRM servers to provide confidentiality and integrity protection, and the user-defined service type and stream media file header are sent to the DRM server; the DRM server sends the generated license to the SN-C; After the SN-C contacts and receives the playback license, it interacts with the UE's SN-C to deduct the user fee, encrypts the playback license certificate, and sends it to the UE. The detailed process is described as follows:

(1)客户端向SN-C发起业务请求,SN-C选择合适的CS服务器获得第一个流媒体内容分片(包含打包文件的头)。(1) The client initiates a service request to the SN-C, and the SN-C selects an appropriate CS server to obtain the first streaming media content segment (including the header of the packaged file).

(2)播放客户端检查本地是否拥有该流媒体文件的播放许可证,如已拥有未过期或尚有播放次数的播放许可证,则直接播放;否则,继续第(3)步。(2) The play client checks whether there is a play license for the streaming media file locally, if it has a play license that has not expired or has a number of play times, it will play directly; otherwise, continue to step (3).

(3)播放客户端将定制服务类型、流媒体文件头部等发送到SN-C节点。(3) The playback client sends the customized service type, stream media file header, etc. to the SN-C node.

(4)SN-C节点与portal节点进行交互,确定DRM服务器的地址,并与DRM服务器之间建立起一条通信链路,提供机密性和完整性保护,将用户定制服务类型,流媒体文件头部发送给DRM服务器。(4) The SN-C node interacts with the portal node, determines the address of the DRM server, and establishes a communication link with the DRM server to provide confidentiality and integrity protection, and customize the service type and stream media file header of the user not sent to the DRM server.

(5)DRM服务器用打包器的公钥对文件头的签名进行验证,查询解密密钥,生成播放许可证(流媒体解密密码、流媒体解密技术、播放次数、许可证过期时间等);生成播放许可证加密密钥,加密播放许可证。(5) The DRM server uses the public key of the packager to verify the signature of the file header, query the decryption key, and generate a playback license (streaming media decryption password, streaming media decryption technology, playback times, license expiration time, etc.); generate Play license encryption key, encrypt play license.

(6)DRM服务器将播放许可证传送给SN-C,该SN-C依次进行如下操作:(6) The DRM server transmits the playing license to the SN-C, and the SN-C performs the following operations in turn:

1)首先使用用户IMPI号加密流媒体解密密钥;1) First use the user's IMPI number to encrypt the streaming media decryption key;

2)再使用会话密钥加密播放许可证;2) Use the session key to encrypt the playback license;

3)然后与UE的归属SN-C交互扣除用户费用;3) Then interact with the home SN-C of the UE to deduct the user fee;

4)最后将播放许可证发放给播放客户端。4) Finally, the playback license is issued to the playback client.

(7)客户端解密播放许可证、流媒体解密密钥得到流媒体解密相关信息。(7) The client side decrypts the playback license and the streaming media decryption key to obtain information related to streaming media decryption.

至此为止,客户端已经完成了获取播放许可证的过程。此后,播放客户端继续向流媒体服务器请求流媒体内容,并进行解密播放。So far, the client has completed the process of obtaining the playback license. Thereafter, the playback client continues to request the streaming media content from the streaming server, and decrypts and plays it.

Claims (1)

1. broadcast license passport distribution method of participating in based on digital content provider; It is characterized in that this method node that the introducing digital content provider is disposed in the process of playing the license passport granting; Participate in the distribution process of playing license passport; And integrality and Confidentiality protection are provided through setting up secure communications links with the digital copyright protecting server, the node that specifically needs to dispose comprises core super node SN-C, caching server CS, portal server portal:
Core super node SN-C: be the node that is used to provide the signaling service in the core net;
Caching server CS: be responsible for the transfer of content and send flow data to user UE;
Portal server portal: live channel list and the rendition list of program request are provided, and retrieval service are provided to the user;
The concrete steps of the broadcast license passport distribution process of participating in based on digital content provider are:
1) client is initiated service request to core super node SN-C, and core super node SN-C selects suitable caching server CS to obtain first streaming medium content burst, comprises the head of packaging file;
2) the local broadcast licence that whether has this files in stream media of client end of playing back inspection as having not out of date or the broadcast licence of broadcasting time still being arranged, is then play-overed; Otherwise, continue the 3rd) and the step;
3) client end of playing back sends to core super node SN-C with customize services type, files in stream media head;
4) core super node SN-C and portal server portal carry out alternately; Confirm the address of digital copyright protecting server DRM; And and digital copyright protecting server DRM between set up a communication link; The confidentiality and integrity protection is provided, user customized service type, files in stream media head are sent to digital copyright protecting server DRM;
5) digital copyright protecting server DRM verifies the signature of file header with the PKI of packing device; The inquiry decruption key; Generate and play licence, the information that comprises in the certificate has Streaming Media clear crytpographic key, Streaming Media decryption technology, broadcasting time, licence expired time etc.; Generate the encryption key of this broadcast licence then, it is carried out encryption;
6) the broadcast licence that will encrypt of digital copyright protecting server DRM sends core super node SN-C to, and this core super node SN-C operates successively as follows:
A) at first use user's IP multimedia private identity IMPI encryption stream medium decruption key;
B) re-use session key and play licence;
C) deduct customer charge alternately with user's homing core super node SN-C then;
D) will play license issuance at last and give client end of playing back;
7) licence is play in the client deciphering, the Streaming Media decruption key obtains Streaming Media deciphering relevant information;
Hereto, client has been accomplished and has been obtained the process of playing licence, and after this, client end of playing back continues to streaming media server request streaming medium content, and deciphers broadcast.
CN2011104476780A 2011-12-28 2011-12-28 Method for granting display license based on participation of digital content providers Pending CN102523232A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011104476780A CN102523232A (en) 2011-12-28 2011-12-28 Method for granting display license based on participation of digital content providers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011104476780A CN102523232A (en) 2011-12-28 2011-12-28 Method for granting display license based on participation of digital content providers

Publications (1)

Publication Number Publication Date
CN102523232A true CN102523232A (en) 2012-06-27

Family

ID=46294024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011104476780A Pending CN102523232A (en) 2011-12-28 2011-12-28 Method for granting display license based on participation of digital content providers

Country Status (1)

Country Link
CN (1) CN102523232A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107609355A (en) * 2016-07-12 2018-01-19 厦门简帛信息科技有限公司 It is a kind of to realize the polynary system and method sold of digital resource
CN107911210A (en) * 2017-10-20 2018-04-13 广东省南方数字电视无线传播有限公司 Video segment encryption and decryption method and related device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852420A (en) * 2005-10-24 2006-10-25 华为技术有限公司 Method for realizing digital copyright management of altermative network TV system
CN101183417A (en) * 2006-11-16 2008-05-21 达诺媒体有限公司 Systems and methods for collaborative content distribution and generation
CN102143232A (en) * 2011-04-02 2011-08-03 南京邮电大学 Peer-to-peer network based digital copyright protection method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852420A (en) * 2005-10-24 2006-10-25 华为技术有限公司 Method for realizing digital copyright management of altermative network TV system
CN101183417A (en) * 2006-11-16 2008-05-21 达诺媒体有限公司 Systems and methods for collaborative content distribution and generation
CN102143232A (en) * 2011-04-02 2011-08-03 南京邮电大学 Peer-to-peer network based digital copyright protection method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
申双奇: "一种基于DRM的数字媒体文件版权保护系统的设计与实现方法和系统", 《万方数据库》 *
陈超: "数字版权理论研究与系统设计实现", 《万方数据库》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107609355A (en) * 2016-07-12 2018-01-19 厦门简帛信息科技有限公司 It is a kind of to realize the polynary system and method sold of digital resource
CN107609355B (en) * 2016-07-12 2020-11-10 厦门润丰投资有限公司 System and method for realizing multi-element sale of digital resources
CN107911210A (en) * 2017-10-20 2018-04-13 广东省南方数字电视无线传播有限公司 Video segment encryption and decryption method and related device
CN107911210B (en) * 2017-10-20 2019-01-22 广东省南方数字电视无线传播有限公司 Video segment encryption and decryption method and related device

Similar Documents

Publication Publication Date Title
CN110022217B (en) Advertisement media service data credible storage system based on block chain
US7818792B2 (en) Method and system for providing third party authentication of authorization
KR101078455B1 (en) Key management protocol and authentication system for secure internet protocol rights management architecture
CN101431415B (en) Bidirectional authentication method
CN103763356B (en) A kind of SSL establishment of connection method, apparatus and system
US20030063750A1 (en) Unique on-line provisioning of user terminals allowing user authentication
US20090144541A1 (en) Method and apparatus of mutual authentication and key distribution for downloadable conditional access system in digital cable broadcasting network
CN104113409B (en) A key management method and system for a SIP video surveillance networking system
CN101094062B (en) Method for implementing safe distribution and use of digital content by using memory card
KR101452708B1 (en) CE device management server, method for issuing DRM key using CE device management server, and computer readable medium
CN105939484A (en) Audio/video encrypted playing method and system thereof
JP2011172276A (en) Method, device and system for relating entities for protecting content to each other
CN102355663B (en) Credible inter-domain rapid authentication method on basis of separation mechanism network
CN111934884B (en) Certificate management method and device
US20220171832A1 (en) Scalable key management for encrypting digital rights management authorization tokens
KR20050004173A (en) Association of security parameters for a collection of related streaming protocols
CN101834853A (en) Anonymous resource sharing method and system
CN108880995A (en) Strange social network user information and message based on block chain push encryption method
CN102143178A (en) Network teaching management system
CN102546660A (en) Digital rights protection method supporting dynamic licensing authorization
CN114513339A (en) A security authentication method, system and device
CN101263472A (en) Inter-entity interconnection method, device and system for service protection
CN102523232A (en) Method for granting display license based on participation of digital content providers
CN113886781B (en) Multi-authentication encryption method, system, electronic equipment and medium based on block chain
CN117118706A (en) Single sign-on transparentization method and system supporting bill privacy protection

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20120627