CN103188222B - A kind of method, system and device of data message distribution - Google Patents
A kind of method, system and device of data message distribution Download PDFInfo
- Publication number
- CN103188222B CN103188222B CN201110448780.2A CN201110448780A CN103188222B CN 103188222 B CN103188222 B CN 103188222B CN 201110448780 A CN201110448780 A CN 201110448780A CN 103188222 B CN103188222 B CN 103188222B
- Authority
- CN
- China
- Prior art keywords
- subsystem
- authorization identifying
- identifying information
- certificate server
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000009826 distribution Methods 0.000 title claims abstract description 56
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000013475 authorization Methods 0.000 claims abstract description 129
- 230000005540 biological transmission Effects 0.000 claims description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000007423 decrease Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses the method, system and device of a kind of data message distribution, in order to improve the safe class of data message, add strong copyright protection.The method comprises: publish subsystem when prime and obtain the first authorization identifying information from described certificate server, according to the encrypted public key in described first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generate copyright information ciphertext, and send described copyright information ciphertext and publish subsystem to next stage, make described next stage publish subsystem to be decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtain the second corresponding copyright message file.
Description
Technical field
The present invention relates to technical field of digital information, particularly the method, system and device distributed of a kind of data message.
Background technology
In digital publishing industry, copyright protection is particularly important.But, when publication subsystem is generally issued homegrown resource, the protection of the data content of often too much concern resource itself, and seldom can be concerned for the disguise of copyright information.
At present, publishing subsystem adopts the mode of data message distribution to issue resource.Such as: the transmission mode using contribution encryption, distributing data information between publication subsystem at different levels.The mode of this data message distribution only relates to encryption and the distribution of the data content of resource itself, and does not relate to protection and the distribution of copyright information.
Therefore, copyright information is seldom protected when transmitting as a part for resource data, like this, is easy to be acquired, causes the leakage of copyright information, be unfavorable for copyright protection, also have impact on the distribution of resource.
Summary of the invention
The method, system and device that the embodiment of the present invention provides a kind of data message to distribute, in order to improve the safe class of data message, add strong copyright protection.
A kind of method that the embodiment of the present invention provides data message to distribute, is applied to and comprises certificate server, and at least two-stage is published in the data message dissemination system of subsystem, comprising:
Publish subsystem when prime and obtain the first authorization identifying information from described certificate server;
According to the encrypted public key in described first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generates copyright information ciphertext;
Send described copyright information ciphertext and publish subsystem to next stage, make described next stage publish subsystem to be decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtain the second corresponding copyright message file.
The embodiment of the present invention provides a kind of data message dissemination system, comprising: certificate server and at least two-stage publish subsystem, wherein,
When prime publishes subsystem, for obtaining the first authorization identifying information from described certificate server, according to the encrypted public key in described first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generate copyright information ciphertext, and send to next stage to publish subsystem;
Next stage publishes subsystem, for receiving described copyright information ciphertext, and is decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtains the second corresponding copyright message file;
Described certificate server, for sending the first authorization identifying information to described prime publication subsystem of working as, and sends the second authorization identifying information to described next stage publication subsystem.
The publication subsystem that the embodiment of the present invention provides a kind of data message to distribute, is applied in above-mentioned data message dissemination system, comprises:
Acquiring unit, for obtaining the first authorization identifying information;
Ciphering unit, for being encrypted at least one copyright element in the first copyright message file according to the encrypted public key in described first authorization identifying information, generates copyright information ciphertext;
Transmitting element, for sending described copyright information ciphertext.
The certificate server that the embodiment of the present invention provides a kind of data message to distribute, is applied in above-mentioned data message dissemination system, comprises:
Receiving element, for authorization identifying request;
Authentication ' unit, for carrying out certification according to described authorization identifying request, after determining that certification is passed through, generate and the authorization identifying information of record, described authorization identifying information comprises: encrypted public key and decrypted private key;
Transmitting element, for sending described authorization identifying information.
In the embodiment of the present invention, when prime publishes subsystem, and next stage publishes subsystem all from certificate server acquisition authorization identifying information, and be encrypted according to the published information of authorization identifying information to data message distribution procedure or decipher, like this, in data message dissemination system, publish subsystem for every grade and be all through the legal publication subsystem that certificate server certification passes through, decrease the probability that copyright information is revealed.And the copyright information of distribution is encrypted, ensure that the disguise of copyright information.This improves the safe class of data message, add strong copyright protection.
Accompanying drawing explanation
Fig. 1 is the flow chart of data message distribution in the embodiment of the present invention;
Fig. 2 is the Organization Chart of data message dissemination system in the embodiment of the present invention;
Fig. 3 is the structure chart of the publication subsystem of data message distribution in the embodiment of the present invention;
Fig. 4 is the structure chart of the certificate server of data message distribution in the embodiment of the present invention.
Embodiment
In the embodiment of the present invention, in the system of data message distribution, add certificate server, after every one-level publication subsystem all has to pass through this certificate server Certificate Authority, just can carry out the distribution of data message, obtain corresponding copyright information.
According to the feature of resource distribution in digital publishing industry, the system of data message distribution comprises: two-stage or multistage publication subsystem.Every one-level is published in subsystem can only have one, two, or multiple publication subsystem.Each publication subsystem has a unique mark.Data message is distributed downwards according to the rank publishing subsystem, namely distributes downwards step by step from five-star publication subsystem.
The authorization identifying information of all publication subsystems is managed in certificate server, and the mark of each publication subsystem, the certification PKI of each publication subsystem and decrypted private key, and the relationship between superior and subordinate between each publication subsystem.Like this, when receive one publish the authorization identifying request of subsystem after, carry out certification according to this authorization identifying request, certification is by rear generation and record the authorization identifying information corresponding with this publication subsystem, then returns this authorization identifying information.Authorization identifying information comprises: encrypted public key and decrypted private key.
Wherein, when also comprising upper level in this authorization identifying request and publishing the mark of subsystem, namely when this publication subsystem is not the superlative degree publication subsystem in dissemination system, also need the mark publishing subsystem according to upper level, judge whether and pass through certification this upper level publishes subsystem, if after determining that certification is passed through, could continue to carry out certification to this certificate server, after certification is all passed through, could generate and record the authorization identifying information corresponding with this publication subsystem, and publish subsystem return authorization authentication information by this upper level, or directly return authorization certification is believed.
Visible, publish subsystem and want to obtain copyright information, not only itself is authorized, and the publication subsystem of higher level also must be authorized to.Namely distribute in the publication subsystem that copyright information can only just have been authorized, uncommitted publication subsystem can not get copyright information, ensure that the disguise of copyright information, improves the safe class of data message, adds strong copyright protection.
Below in conjunction with Figure of description, the embodiment of the present invention is described in further detail.
In the embodiment of the present invention, data message dissemination system comprises certificate server, and two-stage or multistage publication subsystem, will wherein one-level publish subsystem and be defined as current publication subsystem, for this current publication subsystem, the process of its Data dissemination, see Fig. 1, specifically comprises:
Step 101: publish subsystem when prime and obtain the first authorization identifying information from certificate server.
First authorization identifying information comprises: encrypted public key and decrypted private key.
Here, if when prime publication subsystem is the superlative degree publication subsystem in data message dissemination system, the process obtaining the first authorization identifying information comprises:
Publish subsystem when prime and send authorization identifying request to certificate server, certificate server carries out certification according to the authorization identifying request received to publishing subsystem when prime, certification by rear generation and record the first authorization identifying information, then, the first authorization identifying information is returned to publishing subsystem when prime.Namely publish subsystem reception certificate server when prime and confirm generation after prime publication subsystem certification passes through and the first authorization identifying information of record according to authorization identifying request.
If when prime publication subsystem is not the superlative degree publication subsystem in data message dissemination system, the process obtaining the first authorization identifying information comprises:
Publish subsystem when prime and send authorization identifying request to certificate server, first certificate server publishes the mark of subsystem according to the upper level carried in authorization identifying request, determine upper level publish subsystem whether certification pass through, if determine, certification is passed through, continue to carry out certification according to this authorization identifying request to publishing subsystem when prime, after certification is passed through, generate and record the first authorization identifying information, then, publish subsystem by upper level and return the first authorization identifying information to publishing subsystem when prime.The i.e. mark of the first authorization identifying information to be certificate server according to the upper level carried in authorization identifying request publish subsystem, confirm upper level publish subsystem certification pass through, and determine when prime publish subsystem certification by after generation and recording.
Like this, publishing subsystem when prime is legal entity, and compares when prime publishes the higher publication subsystem Ye Shi legal entity of subsystem level.
In the embodiment of the present invention, the certification of certificate server generates the first authorization identifying information process can have various ways, comprising: some attributes of random selecting are encrypted from authentication property set, generates the first authorization identifying information.Like this, ensure that the key information that each publication subsystem uses is all different by random function, and then ensure the difference of authorization identifying information of each publication subsystem.
Step 102: when prime publish subsystem according to the encrypted public key in the first authorization identifying information to the first copyright message file at least one copyright element be encrypted, generate copyright information ciphertext.
Copyright information can be distributed as a kind of resource data, and copyright information comprises multiple copyright element, namely comprises: publishing house, copyright owner, title, owner, publication time, the one or more copyright element in price etc.Every one-level publishes the copyright element difference that subsystem is paid close attention to, although namely copyright element is interrelated, but its sensitivity is different, some publication subsystems pay close attention to the right informations such as copyright owner, title and owner, and have a publication subsystem to pay close attention to title, publication time, the sale property such as price information.Therefore, the copyright information of each publication subsystem needs transmission can be different.
General copyright information exists with the form of copyright information file, and preferably, copyright information file is structured document, such as: TXT file.The copyright information published in subsystem when prime exists with the first copyright message file, and for the difference of the copyright element that distribution object is paid close attention to, generate corresponding copyright information ciphertext, concrete process comprises:
First, according to the encrypted public key in the first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing at least one copyright element in the first copyright message file, generating content ciphertext, some copyright element that distribution object is paid close attention to can be encrypted, or, do not distinguish distribution object, all copyright element be encrypted.Then, by encrypted public key, cryptographic algorithm, content ciphertext, and the mark of distribution object combines, and forms copyright information ciphertext.
In the embodiment of the present invention, cryptographic algorithm can oneself generate, or obtain from certificate server.Like this, in certificate server, also saving cryptographic algorithm, and transmission gives publication subsystem.Cryptographic algorithm can be one, also can be multiple.When there being multiple cryptographic algorithm, a cryptographic algorithm can be adopted for each copyright element, or multiple copyright element adopts a cryptographic algorithm.
Step 103: publish subsystem when prime and send to next stage to publish subsystem copyright information ciphertext.
To comprise encrypted public key, cryptographic algorithm, content ciphertext, and the copyright information ciphertext of the mark of distribution object sends to next stage to publish subsystem, namely carries out data message distribution.
Step 104: next stage is published subsystem and is decrypted copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from certificate server, obtains the second corresponding copyright message file.
Next stage publication subsystem is also through the legal entity that certificate server certification is passed through, and namely next stage is published subsystem and obtained the second authorization identifying information from certificate server.Process and the step 101 of acquisition are similar, have just been not repeated.Second authorization identifying information also comprises: the encrypted public key of this publication subsystem and decrypted private key.
Like this, encrypted public key is comprised when next stage publication subsystem receives, cryptographic algorithm, content ciphertext, and after the copyright information ciphertext of the mark of distribution object, first, identify the encrypted public key of carrying in copyright information ciphertext respectively, cryptographic algorithm, content ciphertext, and the mark of distribution object, then judge that whether the mark of this distribution object identified is consistent with the mark of self, if when the mark of the distribution object identified is consistent with the mark of self, then utilize the decrypted private key carried in the second authorization identifying information, and the encrypted public key identified and cryptographic algorithm, the content ciphertext of carrying in copyright information ciphertext is decrypted, obtain at least one copyright element, and form the second corresponding copyright message file.Because content ciphertext utilizes cryptographic algorithm to be encrypted computing at least one copyright element in the first copyright message file in step 102 to generate, therefore, decrypting process, utilize decrypted private key, and the encrypted public key identified and cryptographic algorithm, be decrypted computing, just can obtain at least one copyright element, then the second copyright message file is organized into, such as: structured document.
So far, the flow process of level one data distribution of information terminates, and the data dissemination process of other grades is also like this, such as: will publish subsystem as current publication subsystem next time, and then adopt above-mentioned flow process to proceed the distribution of data message.
In above-mentioned enforcement, publish subsystem for every grade and be all through the legal publication subsystem that certificate server certification passes through, namely only have the legal publication subsystem passed through through certificate server certification just can participate in data message distribution procedure.Like this, copyright information, in the process of distribution, can not be obtained by the publication subsystem of unauthenticated.Ensure that the disguise of copyright information, improve the safe class of data message, add strong copyright protection.
Further, in ciphering process, for different distribution objects, select some copyright element to be encrypted, like this, some copyright element that distribution object can only be corresponding according to authority acquiring, further enhance copyright protection.
According to the flow process of above-mentioned data message distribution, the system of above-mentioned data message distribution comprises certificate server and at least two publication subsystems.See Fig. 2, the system of this data message distribution comprises: when prime publishes subsystem 100, next stage publishes subsystem 200, and certificate server 300, wherein,
When prime publishes subsystem 100, for obtaining the first authorization identifying information from certificate server 300, according to the encrypted public key in the first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generate copyright information ciphertext, and send to next stage to publish subsystem 200.
Next stage publishes subsystem 200, for receiving copyright information ciphertext, and is decrypted copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from certificate server 300, obtains the second corresponding copyright message file.
Certificate server 300, for sending the first authorization identifying information to publishing subsystem 110 when prime, and sends the second authorization identifying information to next stage publication subsystem 200.
In the embodiment of the present invention, when prime publishes subsystem 100, specifically for sending authorization identifying request to certificate server 300, and receive the first authorization identifying information that certificate server 300 returns;
Certificate server 300, specifically for carrying out certification according to authorization identifying request to publishing subsystem 100 when prime, after certification is passed through, generates and record the first authorization identifying information, and returns the first authorization identifying information to publishing subsystem 100 when prime.
Publish subsystem when this system also comprises upper level, then,
When prime publishes subsystem 100, specifically for sending authorization identifying request to certificate server 300, and receive the first authorization identifying information returned by upper level publication subsystem to certificate server 300;
Certificate server 300, specifically for publishing the mark of subsystem according to the upper level carried in authorization identifying request, judge that whether upper level publishes subsystem certification, when determining that upper level publishes subsystem after certification is passed through, certification is carried out to current publication subsystem 100, after certification is passed through, generate and record the first authorization identifying information, and return the first authorization identifying information by upper level publication subsystem to publishing subsystem 100 when prime.
Wherein, when prime publishes subsystem 100, specifically for according to the encrypted public key in the first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing at least one copyright element in the first copyright message file, generating content ciphertext, by encrypted public key, cryptographic algorithm, content ciphertext, and the mark of object to be distributed combines, form copyright information ciphertext.
When prime publishes subsystem 100, also for obtaining cryptographic algorithm from certificate server.
Next stage publishes subsystem 200, specifically for identifying encrypted public key, cryptographic algorithm respectively from copyright information ciphertext, content ciphertext, and the mark of distribution object, when the mark identified is consistent with the mark of self, utilize the decrypted private key the second authorization identifying information obtained from certificate server 300, and the encrypted public key identified and cryptographic algorithm, the content ciphertext identified is decrypted, obtains at least one copyright element, and form the second corresponding copyright message file.
The publication subsystem being applied to a kind of data message distribution in above-mentioned data message dissemination system thus, as Fig. 3, comprising: acquiring unit 310, ciphering unit 320 and transmitting element 330.
Acquiring unit 310, for obtaining the first authorization identifying information.
Ciphering unit 320, for being encrypted at least one copyright element in the first copyright message file according to the encrypted public key in the first authorization identifying information, generates copyright information ciphertext.
Transmitting element 330, for sending copyright information ciphertext.
This transmitting element 330, also for sending authorization identifying request.Or, also carry for sending the authorization identifying request that upper level publishes the mark of subsystem.
Ciphering unit 320, for according to the encrypted public key in the first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing at least one copyright element in the first copyright message file, generating content ciphertext, and by encrypted public key, cryptographic algorithm, content ciphertext, and the mark of distribution object combines, and forms copyright information ciphertext.
Acquiring unit 310, also for obtaining cryptographic algorithm.
In the embodiment of the present invention, when publishing subsystem and not being the superlative degree publication subsystem in data message dissemination system, then also comprise:
Recognition unit, for identifying encrypted public key, cryptographic algorithm respectively from copyright information ciphertext, content ciphertext, and the mark of distribution object.
Decryption unit, also for when the mark of the distribution object identified is consistent with the mark of self, utilize the decrypted private key the second authorization identifying information obtained from certificate server, and the encrypted public key identified and cryptographic algorithm, the content ciphertext identified is decrypted, obtain at least one copyright element, and form the second corresponding copyright message file.
And be applied to certificate server in above-mentioned data message dissemination system as shown in Figure 4, comprising: receiving element 410, authentication ' unit 420 and transmitting element 430, wherein,
Receiving element 410, for authorization identifying request.
Authentication ' unit 420, for carrying out certification according to authorization identifying request, after determining that certification is passed through, generate and the authorization identifying information of record, authorization identifying information comprises: encrypted public key and decrypted private key.
Transmitting element 430, for sending authorization identifying information.
Wherein, this authentication ' unit 420, also for publishing the mark of subsystem according to the upper level carried in authorization identifying request, whether certification is passed through to confirm to publish subsystem by upper level.
This transmitting element 430, also for sending cryptographic algorithm.
In the embodiment of the present invention, in data message dissemination system, publish subsystem for every grade and be all through the legal publication subsystem that certificate server certification passes through, namely only have the legal publication subsystem passed through through certificate server certification just can participate in data message distribution procedure.Like this, copyright information, in the process of distribution, can not be obtained by the publication subsystem of unauthenticated, decreases the probability that copyright information is revealed.Further, copyright information is encrypted at distribution procedure, ensure that the disguise of copyright information.This improves the safe class of data message, add strong copyright protection.
In addition, in ciphering process, for different distribution objects, select some copyright element to be encrypted, like this, some copyright element that distribution object can only be corresponding according to authority acquiring, further enhance copyright protection.
Obviously, those skilled in the art can carry out various change and modification to the present invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.
Claims (18)
1. a method for data message distribution, is characterized in that, be applied to and comprise certificate server, and at least two-stage is published in the data message dissemination system of subsystem, comprising:
Publish subsystem when prime and obtain the first authorization identifying information from described certificate server;
According to the encrypted public key in described first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generates copyright information ciphertext;
Send described copyright information ciphertext and publish subsystem to next stage, make described next stage publish subsystem to be decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtain the second corresponding copyright message file;
Described current publication subsystem obtains the first authorization identifying information from described certificate server and comprises:
If when prime publication subsystem is the superlative degree publication subsystem in described data message dissemination system, describedly publish subsystem when prime and send authorization identifying request to described certificate server, and receive described certificate server according to described authorization identifying request determine described current publication subsystem certification by rear generation and the first authorization identifying information of record;
If when prime publication subsystem is not the superlative degree publication subsystem in described data message dissemination system, described when prime publication subsystem is to the request of described certificate server transmission authorization identifying, and receive described certificate server and publish the first authorization identifying information of returning of subsystem by upper level, wherein, described first authorization identifying information is that described certificate server publishes the mark of subsystem according to the described upper level carried in described authorization identifying request, confirm described upper level publish subsystem certification pass through, and determine described when prime publish subsystem certification by after generation and to record.
2. the method for claim 1, is characterized in that, is encrypted at least one copyright element in the first copyright message file according to the encrypted public key in described first authorization identifying information, generates copyright information ciphertext and comprises:
According to the encrypted public key in described first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing, generating content ciphertext at least one copyright element in described first copyright message file;
By described encrypted public key, described cryptographic algorithm, described content ciphertext, and the mark of distribution object combines, and forms copyright information ciphertext.
3. method as claimed in claim 2, is characterized in that, before generating copyright information ciphertext, also comprises:
Cryptographic algorithm is obtained from described certificate server.
4. method as claimed in claim 2, it is characterized in that, described next stage is published subsystem and is decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtains the second corresponding copyright message file and comprises:
Described next stage is published subsystem and from described copyright information ciphertext, is identified encrypted public key, cryptographic algorithm respectively, content ciphertext, and the mark of distribution object;
When the mark of the distribution object identified is consistent with the mark of self, utilize from the decrypted private key the second authorization identifying information that described certificate server obtains, and the encrypted public key identified and cryptographic algorithm, the content ciphertext identified is decrypted, obtain at least one copyright element, and form the second corresponding copyright message file.
5. a data message dissemination system, is characterized in that, comprising: certificate server and at least two-stage publish subsystem, wherein,
When prime publishes subsystem, for obtaining the first authorization identifying information from described certificate server, according to the encrypted public key in described first authorization identifying information, at least one copyright element in the first copyright message file is encrypted, generate copyright information ciphertext, and send to next stage to publish subsystem;
Next stage publishes subsystem, for receiving described copyright information ciphertext, and is decrypted described copyright information ciphertext according to the decrypted private key in the second authorization identifying information obtained from described certificate server, obtains the second corresponding copyright message file;
Described certificate server, for sending the first authorization identifying information to described prime publication subsystem of working as, and sends the second authorization identifying information to described next stage publication subsystem;
Publish subsystem when this system also comprises upper level, then,
Described when prime publication subsystem, specifically for sending authorization identifying request to described certificate server, and receive the first authorization identifying information returned by described upper level publication subsystem to described certificate server;
Described certificate server, specifically for publishing the mark of subsystem according to the described upper level carried in described authorization identifying request, judge that whether described upper level publishes subsystem certification, when determining that described upper level publishes subsystem after certification is passed through, certification is carried out to described current publication subsystem, after certification is passed through, generate and record the first authorization identifying information, and return described first authorization identifying information by described upper level publication subsystem to described prime publication subsystem of working as.
6. system as claimed in claim 5, is characterized in that,
Describedly publishing subsystem when prime, specifically for sending authorization identifying request to described certificate server, and receiving the first authorization identifying information that described certificate server returns;
Described certificate server, specifically for carrying out certification according to described authorization identifying request to described prime publication subsystem of working as, after certification is passed through, generate and record the first authorization identifying information, and return described first authorization identifying information to described prime publication subsystem of working as.
7. system as claimed in claim 5, is characterized in that,
Described when prime publication subsystem, specifically for according to the encrypted public key in described first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing at least one copyright element in described first copyright message file, generating content ciphertext, by described encrypted public key, described cryptographic algorithm, described content ciphertext, and the mark of object to be distributed combines, and forms copyright information ciphertext.
8. system as claimed in claim 7, is characterized in that,
Described when prime publication subsystem, also for obtaining cryptographic algorithm from described certificate server.
9. system as claimed in claim 7, is characterized in that,
Described next stage publishes subsystem, specifically for identifying encrypted public key, cryptographic algorithm respectively from described copyright information ciphertext, content ciphertext, and the mark of distribution object, when the mark identified is consistent with the mark of self, utilize from the decrypted private key the second authorization identifying information that described certificate server obtains, and the encrypted public key identified and cryptographic algorithm, the content ciphertext identified is decrypted, obtain at least one copyright element, and form the second corresponding copyright message file.
10. a publication subsystem for data message distribution, is characterized in that, be applied in the data message dissemination system in the claims 5-9 described in arbitrary claim, comprise:
Acquiring unit, for obtaining the first authorization identifying information;
Ciphering unit, for being encrypted at least one copyright element in the first copyright message file according to the encrypted public key in described first authorization identifying information, generates copyright information ciphertext;
Transmitting element, for sending described copyright information ciphertext.
11. publish subsystem as claimed in claim 10, it is characterized in that,
Described transmitting element, also for sending authorization identifying request.
12. publish subsystem as claimed in claim 10, it is characterized in that,
Described transmitting element, also carries for sending the authorization identifying request that upper level publishes the mark of subsystem.
13. publish subsystem as claimed in claim 11, it is characterized in that,
Described ciphering unit, for according to the encrypted public key in described first authorization identifying information, cryptographic algorithm is utilized to be encrypted computing at least one copyright element in described first copyright message file, generating content ciphertext, and by described encrypted public key, described cryptographic algorithm, described content ciphertext, and the mark of distribution object combines, and forms copyright information ciphertext.
14. publish subsystem as claimed in claim 13, it is characterized in that,
Described acquiring unit, also for obtaining cryptographic algorithm.
15. publish subsystem as claimed in claim 13, it is characterized in that, also comprise:
Recognition unit, for identifying encrypted public key, cryptographic algorithm respectively from described copyright information ciphertext, content ciphertext, and the mark of distribution object;
Decryption unit, also for when the mark of the distribution object identified is consistent with the mark of self, utilize from the decrypted private key the second authorization identifying information that described certificate server obtains, and the encrypted public key identified and cryptographic algorithm, the content ciphertext identified is decrypted, obtain at least one copyright element, and form the second corresponding copyright message file.
The certificate server of 16. 1 kinds of data message distributions, is characterized in that, be applied in the data message dissemination system in the claims 5-9 described in arbitrary claim, comprise:
Receiving element, for authorization identifying request;
Authentication ' unit, for carrying out certification according to described authorization identifying request, after determining that certification is passed through, generate and the authorization identifying information of record, described authorization identifying information comprises: encrypted public key and decrypted private key;
Transmitting element, for sending described authorization identifying information.
17. certificate servers as claimed in claim 16, is characterized in that,
Described authentication ' unit, also for publishing the mark of subsystem according to the described upper level carried in described authorization identifying request, whether certification is passed through to confirm to publish subsystem by described upper level.
18. certificate servers as claimed in claim 16, is characterized in that,
Described transmitting element, also for sending cryptographic algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110448780.2A CN103188222B (en) | 2011-12-28 | 2011-12-28 | A kind of method, system and device of data message distribution |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110448780.2A CN103188222B (en) | 2011-12-28 | 2011-12-28 | A kind of method, system and device of data message distribution |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103188222A CN103188222A (en) | 2013-07-03 |
| CN103188222B true CN103188222B (en) | 2016-03-30 |
Family
ID=48679191
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110448780.2A Expired - Fee Related CN103188222B (en) | 2011-12-28 | 2011-12-28 | A kind of method, system and device of data message distribution |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103188222B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1274461A (en) * | 1998-07-22 | 2000-11-22 | 松下电器产业株式会社 | Digital data recording device and method for protecting copyright and easily reproducing encrypted digital data and computer readable recording medium recording program |
| CN1909465A (en) * | 2006-08-29 | 2007-02-07 | 华为技术有限公司 | Charging method and device and system for digital multimedia broadcast system |
| CN101009551A (en) * | 2006-01-24 | 2007-08-01 | 华为技术有限公司 | Secret key management system and method of media stream based on IP multi-media sub-system |
| CN101223514A (en) * | 2005-04-11 | 2008-07-16 | 莱斯特美通信有限公司 | A communications network |
| EP1956510A2 (en) * | 2007-02-12 | 2008-08-13 | Samsung Electronics Co., Ltd. | Method for implementing DRM function and additional function using DRM device and system thereof |
-
2011
- 2011-12-28 CN CN201110448780.2A patent/CN103188222B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1274461A (en) * | 1998-07-22 | 2000-11-22 | 松下电器产业株式会社 | Digital data recording device and method for protecting copyright and easily reproducing encrypted digital data and computer readable recording medium recording program |
| CN101223514A (en) * | 2005-04-11 | 2008-07-16 | 莱斯特美通信有限公司 | A communications network |
| CN101009551A (en) * | 2006-01-24 | 2007-08-01 | 华为技术有限公司 | Secret key management system and method of media stream based on IP multi-media sub-system |
| CN1909465A (en) * | 2006-08-29 | 2007-02-07 | 华为技术有限公司 | Charging method and device and system for digital multimedia broadcast system |
| EP1956510A2 (en) * | 2007-02-12 | 2008-08-13 | Samsung Electronics Co., Ltd. | Method for implementing DRM function and additional function using DRM device and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103188222A (en) | 2013-07-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067801B (en) | Identity authentication method, identity authentication device and computer readable medium | |
| CN107770115B (en) | Method and system for distributing digital content in a peer-to-peer network | |
| US11483161B2 (en) | Method for information processing and non-transitory computer readable storage medium | |
| CN107146120B (en) | Electronic invoice generation method and generation device | |
| US7246379B2 (en) | Method and system for validating software code | |
| CN103078858A (en) | Web service and signature certificate-based software trial authorization method | |
| CN111538784B (en) | Digital asset transaction method, device and storage medium based on blockchain | |
| CN102694794B (en) | A kind of scene information guard method for Android application program | |
| CN105162772A (en) | IoT equipment authentication and key agreement method and device | |
| CA2774155A1 (en) | Auction verification | |
| CN103491097A (en) | Software authorization system based on public key cryptosystem | |
| WO2005119557B1 (en) | Secure communication and real-time watermarking using mutating identifiers | |
| JP2006067602A5 (en) | ||
| CN104123491A (en) | Method and device for detecting whether application program installation package is tempered | |
| CN109492424B (en) | Data asset management method, data asset management device, and computer-readable medium | |
| CN108712263B (en) | Information verification method, device, system and computer readable storage medium | |
| KR101326732B1 (en) | Automatic meter reading method using encryption key | |
| CN111193755B (en) | Data access method, data encryption method and data encryption and access system | |
| KR100725918B1 (en) | System and method of issuing licenses to protect the multi-level distributed digital content | |
| CN103701612B (en) | Method for obtaining and issuing identity private key | |
| CN114731293A (en) | Preventing data manipulation and protecting user privacy when determining accurate location event measurements | |
| CN102546822A (en) | Network hard drive utilization method for ensuring file not to be stolen | |
| CN103188222B (en) | A kind of method, system and device of data message distribution | |
| CN111628860B (en) | Method for generating digital certificate of double-key system and application method | |
| CN116975815A (en) | Express mail information protection system based on block chain network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20161208 Address after: 100871 Beijing, Haidian District into the house road, founder of the building on the 9 floor, No. 298 Patentee after: PEKING UNIVERSITY FOUNDER GROUP Co.,Ltd. Patentee after: FOUNDER APABI TECHNOLOGY Ltd. Patentee after: CHINESE ACADEMY OF PRESS AND PUBLICATION Address before: 100871 Beijing, Haidian District into the house road, founder of the building on the 9 floor, No. 298 Patentee before: PEKING UNIVERSITY FOUNDER GROUP Co.,Ltd. Patentee before: FOUNDER APABI TECHNOLOGY Ltd. |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20220729 Address after: 3007, Hengqin international financial center building, No. 58, Huajin street, Hengqin new area, Zhuhai, Guangdong 519031 Patentee after: New founder holdings development Co.,Ltd. Patentee after: FOUNDER APABI TECHNOLOGY Ltd. Patentee after: CHINESE ACADEMY OF PRESS AND PUBLICATION Address before: 100871, Beijing, Haidian District Cheng Fu Road 298, founder building, 9 floor Patentee before: PEKING UNIVERSITY FOUNDER GROUP Co.,Ltd. Patentee before: FOUNDER APABI TECHNOLOGY Ltd. Patentee before: CHINESE ACADEMY OF PRESS AND PUBLICATION |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160330 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |