CN103888835A - Safety certification method of intelligent set top box - Google Patents
Safety certification method of intelligent set top box Download PDFInfo
- Publication number
- CN103888835A CN103888835A CN201410154227.1A CN201410154227A CN103888835A CN 103888835 A CN103888835 A CN 103888835A CN 201410154227 A CN201410154227 A CN 201410154227A CN 103888835 A CN103888835 A CN 103888835A
- Authority
- CN
- China
- Prior art keywords
- top box
- set top
- intelligent set
- safety
- startup
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a safety certification method of an intelligent set top box. The safety certificate method comprises starting safety certification, identity safety certification and application safety certification. Especially in starting safety certification, encryption and verification on a processor chip, a BootLoader zone, an inner core zone and a file system zone are carried out, the high safety and the complete encryption mechanism are achieved, the safety of production and using of the intelligent network set top box is effectively guaranteed, and good application prospect is achieved.
Description
Technical field
The present invention relates to a kind of safety certifying method of Intelligent set top box, belong to triple play technology field.
Background technology
Be accompanied by broadcasting and television network, telephone network, the develop rapidly of the Internet, the concept of the integration of three networks has caused that academia and industrial circle more and more pay close attention to, Intelligent set top box is widely applied, along with Android is more and more extensive in the application of built-in field, a lot of intelligent network Set Top Box are also brought into use Android system, can select to user like this space of a large amount of third party applications, but due to the opening of Android system, the exploitation threshold of operating system and application program is lower, user must worry to some extent the safety problem of system in the time of application, because Intelligent set top box relates to a large amount of privacy of user, its fail safe is very important, therefore, safe operation is current Intelligent set top box application and development urgent problem.
Summary of the invention
The object of the invention is in order to overcome the deficiencies in the prior art, the safety certifying method of Intelligent set top box provided by the invention, from starting safety certification, online identity safety certification, three verification process of application safety authentication, there is higher fail safe, there is perfect encryption mechanism, the production, the use safety that effectively ensure intelligent network Set Top Box, have a good application prospect.
In order to solve the problems of the technologies described above, the technical solution adopted in the present invention is:
A safety certifying method for Intelligent set top box, is characterized in that: comprises the following steps,
Step (A), the startup safety certification of Intelligent set top box, comprises encryption and the checking in processor chips, BootLoader district, inner core region and four regions of file system area,
(A1) key is cured in the inner ROM of the processor chips district of Intelligent set top box, and the embedded OS of Intelligent set top box is signed;
(A 2) processor chips of Intelligent set top box read the key in ROM district, and the binary system image file that uses key to sign to BootLoader district carries out verification, if verification is passed through, move BootLoader district; Otherwise, exit startup;
The kernel mirror image of having signed in (A 3) Zhong Dui inner core region, BootLoader district after startup carries out verification, if verification is passed through, moves inner core region; Otherwise, exit startup;
The file mirror image of in (A 4) inner core region after startup, file system area having been signed carries out verification, if verification is passed through, carry file system, completes startup safety certification; Otherwise, exit startup;
Step (B), the identification safety authentication of Intelligent set top box, after startup safety certification completes, Intelligent set top box authenticates to the terminal authentication platform of operator's front end by network, only have by the network of the Intelligent set top box ability access carrier of authentication, otherwise Intelligent set top box is denied access the server of operator, and prompting authentication failure;
The application safety authentication of step (C) Intelligent set top box, the application program of Intelligent set top box is being published to before Intelligent set top box, need to sign, only have the application program after signature just can download to Intelligent set top box, and the application program that downloads to Intelligent set top box is authenticated, if verification is passed through, run application; Otherwise, exit.
The safety certifying method of aforesaid a kind of Intelligent set top box, is characterized in that: (A1) embedded OS of Intelligent set top box is signed as the signature of CA company or operator.
The safety certifying method of aforesaid a kind of Intelligent set top box, is characterized in that: the application program of step (C) Intelligent set top box, being published to before Intelligent set top box, need to be signed, and signs as the issuer of unique identification application program.
The invention has the beneficial effects as follows: the safety certifying method of the Intelligent set top box of Intelligent set top box of the present invention, comprise and start safety certification, identification safety authentication, application safety authentication, especially start safety certification, comprise encryption and the checking in processor chips, BootLoader district, inner core region and four regions of file system area, there is higher fail safe and perfect encryption mechanism, the production, the use safety that effectively ensure intelligent network Set Top Box, have a good application prospect.
Accompanying drawing explanation
Fig. 1 is the flow chart of the safety certifying method of Intelligent set top box of the present invention.
Fig. 2 is the distribution map in the cryptographic check region of Intelligent set top box of the present invention.
Fig. 3 is the flow chart of the startup safety certification of Intelligent set top box of the present invention.
Fig. 4 is the flow chart of the application safety authentication method of Intelligent set top box of the present invention.
Embodiment
Below in conjunction with Figure of description, the invention will be further described.Following exemplifying embodiment is only for technical scheme of the present invention is more clearly described, and can not limit the scope of the invention with this.
The safety certifying method of the Intelligent set top box of Intelligent set top box of the present invention, as shown in Figure 1, comprise and start safety certification, identification safety authentication, application safety authentication, there is higher fail safe and perfect encryption mechanism, effectively ensure production, the use safety of intelligent network Set Top Box, specifically comprise the following steps
Step (A), the startup safety certification of Intelligent set top box, as shown in Figure 2, comprises encryption and the checking in processor chips, BootLoader district, inner core region and four regions of file system area, the wherein chip ROM district of processor chips, for solidifying key; BootLoader district is the boot of the embedded OS of Intelligent set top box; Inner core region, is specifically applicable to the customization kernel of embedded system of Intelligent set top box and the start-up parameter of kernel; File system area, comprises root file system and builds on the file system on Flash memory device, the encryption in four regions and proof procedure, as shown in Figure 3, comprise
(A1) key is cured in the inner ROM of the processor chips district of Intelligent set top box, and the embedded OS of Intelligent set top box is signed, sign as the signature of CA company or operator, guarantee that operating software is legal safe;
(A 2) processor chips of Intelligent set top box read the key in ROM district, and the binary system image file that uses key to sign to BootLoader district carries out verification, if verification is passed through, move BootLoader district; Otherwise, exit startup;
The kernel mirror image of having signed in (A 3) Zhong Dui inner core region, BootLoader district after startup carries out verification, if verification is passed through, moves inner core region; Otherwise, exit startup;
The file mirror image of in (A 4) inner core region after startup, file system area having been signed carries out verification, if verification is passed through, carry file system, completes startup safety certification; Otherwise, exit startup;
As shown in Figure 3, step (B), the identification safety authentication of Intelligent set top box, after startup safety certification completes, Intelligent set top box authenticates to the terminal authentication platform of operator's front end by network, only have by the network of the Intelligent set top box ability access carrier of authentication, otherwise Intelligent set top box is denied access the server of operator, and prompting authentication failure;
The application safety authentication of step (C) Intelligent set top box, the application A PK of Intelligent set top box is being published to before Intelligent set top box, need to sign, signature is the issuer of unique identification application program, only have the application A PK after signature just can download to Intelligent set top box, and the application A PK that downloads to Intelligent set top box is authenticated, if verification is passed through, run application; Otherwise, exit.
In sum, the safety certifying method of the Intelligent set top box of Intelligent set top box of the present invention, comprise and start safety certification, identification safety authentication, application safety authentication, especially start safety certification, comprise encryption and the checking in processor chips, BootLoader district, inner core region and four regions of file system area, there is higher fail safe and perfect encryption mechanism, effectively ensure production, the use safety of intelligent network Set Top Box, have a good application prospect.
More than show and described basic principle of the present invention, principal character and advantage.The technical staff of the industry should understand; the present invention is not restricted to the described embodiments; that in above-described embodiment and specification, describes just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications, and these changes and improvements all fall in the claimed scope of the invention.The claimed scope of the present invention is defined by appending claims and equivalent thereof.
Claims (3)
1. a safety certifying method for Intelligent set top box, is characterized in that: comprises the following steps,
Step (A), the startup safety certification of Intelligent set top box, comprises encryption and the checking in processor chips, BootLoader district, inner core region and four regions of file system area,
(A1) key is cured in the inner ROM of the processor chips district of Intelligent set top box, and the embedded OS of Intelligent set top box is signed;
(A 2) processor chips of Intelligent set top box read the key in ROM district, and the binary system image file that uses key to sign to BootLoader district carries out verification, if verification is passed through, move BootLoader district; Otherwise, exit startup;
The kernel mirror image of having signed in (A 3) Zhong Dui inner core region, BootLoader district after startup carries out verification, if verification is passed through, moves inner core region; Otherwise, exit startup;
The file mirror image of in (A 4) inner core region after startup, file system area having been signed carries out verification, if verification is passed through, carry file system, completes startup safety certification; Otherwise, exit startup;
Step (B), the identification safety authentication of Intelligent set top box, after startup safety certification completes, Intelligent set top box authenticates to the terminal authentication platform of operator's front end by network, only have by the network of the Intelligent set top box ability access carrier of authentication, otherwise Intelligent set top box is denied access the server of operator, and prompting authentication failure;
The application safety authentication of step (C) Intelligent set top box, the application program of Intelligent set top box is being published to before Intelligent set top box, need to sign, only have the application program after signature just can download to Intelligent set top box, and the application program that downloads to Intelligent set top box is authenticated, if verification is passed through, run application; Otherwise, exit.
2. the safety certifying method of a kind of Intelligent set top box according to claim 1, is characterized in that: (A1) embedded OS of Intelligent set top box is signed as the signature of CA company or operator.
3. the safety certifying method of a kind of Intelligent set top box according to claim 1, is characterized in that: the application program of step (C) Intelligent set top box, being published to before Intelligent set top box, need to be signed, and signs as the issuer of unique identification application program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410154227.1A CN103888835A (en) | 2014-04-17 | 2014-04-17 | Safety certification method of intelligent set top box |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410154227.1A CN103888835A (en) | 2014-04-17 | 2014-04-17 | Safety certification method of intelligent set top box |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103888835A true CN103888835A (en) | 2014-06-25 |
Family
ID=50957523
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410154227.1A Pending CN103888835A (en) | 2014-04-17 | 2014-04-17 | Safety certification method of intelligent set top box |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103888835A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123505A (en) * | 2014-07-24 | 2014-10-29 | 丹阳市广播电视台 | Android intelligent device anti-getroot system and calibration method thereof |
| CN104778424A (en) * | 2015-03-24 | 2015-07-15 | 四川长虹电器股份有限公司 | Method for preventing ROM (Read Only Memory) root obtaining on basis of smart television |
| CN107016290A (en) * | 2017-04-26 | 2017-08-04 | 贵州省广播电视信息网络股份有限公司 | A kind of method of anti-set top box brush machine |
| CN107239358A (en) * | 2017-06-01 | 2017-10-10 | 捷开通讯(深圳)有限公司 | Startup method, mobile terminal and the device with store function of Android system |
| CN107609403A (en) * | 2017-09-19 | 2018-01-19 | 浙江大华技术股份有限公司 | A kind of safe starting method of embedded device, device, equipment and medium |
| CN108038356A (en) * | 2017-12-08 | 2018-05-15 | 北京联盛德微电子有限责任公司 | A kind of guard method of ROM and two level BOOT to user software |
| CN108154025A (en) * | 2017-12-22 | 2018-06-12 | 北京四达时代软件技术股份有限公司 | Method, the method and device of application program mirror image processing of embedded device startup |
| CN111954073A (en) * | 2020-07-15 | 2020-11-17 | 深圳市九洲电器有限公司 | Method for quickly realizing android set top box production software and related products |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1992735A (en) * | 2005-12-28 | 2007-07-04 | 中兴通讯股份有限公司 | Implementation method for IPTV set-top box access network and service fulfillment |
| CN101291223A (en) * | 2007-12-21 | 2008-10-22 | 任少华 | System and method for a third party to provide identity authentication service |
| WO2011144846A1 (en) * | 2010-05-20 | 2011-11-24 | France Telecom | Technique for enabling a user to access a service |
| CN103729597A (en) * | 2014-01-16 | 2014-04-16 | 宇龙计算机通信科技(深圳)有限公司 | System starting verifying method and device and terminal |
-
2014
- 2014-04-17 CN CN201410154227.1A patent/CN103888835A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1992735A (en) * | 2005-12-28 | 2007-07-04 | 中兴通讯股份有限公司 | Implementation method for IPTV set-top box access network and service fulfillment |
| CN101291223A (en) * | 2007-12-21 | 2008-10-22 | 任少华 | System and method for a third party to provide identity authentication service |
| WO2011144846A1 (en) * | 2010-05-20 | 2011-11-24 | France Telecom | Technique for enabling a user to access a service |
| CN103729597A (en) * | 2014-01-16 | 2014-04-16 | 宇龙计算机通信科技(深圳)有限公司 | System starting verifying method and device and terminal |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123505A (en) * | 2014-07-24 | 2014-10-29 | 丹阳市广播电视台 | Android intelligent device anti-getroot system and calibration method thereof |
| CN104778424A (en) * | 2015-03-24 | 2015-07-15 | 四川长虹电器股份有限公司 | Method for preventing ROM (Read Only Memory) root obtaining on basis of smart television |
| CN104778424B (en) * | 2015-03-24 | 2017-10-27 | 四川长虹电器股份有限公司 | The method that ROM brush machines are prevented based on intelligent television |
| CN107016290A (en) * | 2017-04-26 | 2017-08-04 | 贵州省广播电视信息网络股份有限公司 | A kind of method of anti-set top box brush machine |
| CN107239358A (en) * | 2017-06-01 | 2017-10-10 | 捷开通讯(深圳)有限公司 | Startup method, mobile terminal and the device with store function of Android system |
| CN107609403A (en) * | 2017-09-19 | 2018-01-19 | 浙江大华技术股份有限公司 | A kind of safe starting method of embedded device, device, equipment and medium |
| CN107609403B (en) * | 2017-09-19 | 2020-04-03 | 浙江大华技术股份有限公司 | Safe starting method, device, equipment and medium of embedded equipment |
| CN108038356A (en) * | 2017-12-08 | 2018-05-15 | 北京联盛德微电子有限责任公司 | A kind of guard method of ROM and two level BOOT to user software |
| CN108154025A (en) * | 2017-12-22 | 2018-06-12 | 北京四达时代软件技术股份有限公司 | Method, the method and device of application program mirror image processing of embedded device startup |
| CN111954073A (en) * | 2020-07-15 | 2020-11-17 | 深圳市九洲电器有限公司 | Method for quickly realizing android set top box production software and related products |
| CN111954073B (en) * | 2020-07-15 | 2022-07-12 | 深圳市九洲电器有限公司 | Method for quickly realizing android set top box production software and related products |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103888835A (en) | Safety certification method of intelligent set top box | |
| US11120453B2 (en) | Tap card to securely generate card data to copy to clipboard | |
| CN106778329B (en) | Block chain intelligent contract template dynamic updating method, device and system | |
| TW201923640A (en) | Service authorization method, apparatus and device | |
| CN104008342A (en) | Method for achieving safe and trusted authentication through BIOS and kernel | |
| CN106656513B (en) | The secondary packing signature verification method of APK file on Android platform | |
| CN102571359A (en) | Method for certificating cloud desktop based on smart card | |
| CN105554091A (en) | Method for guaranteeing security of source of web application in mobile terminal | |
| CN110661779B (en) | Block chain network-based electronic certificate management method, system, device and medium | |
| CN103646214A (en) | Method for establishing trusted environment in power distribution terminal | |
| CN104298915A (en) | Installation package tampering preventing method | |
| CN104102499A (en) | Mobile terminal and mobile terminal software upgrading method | |
| CN104123505A (en) | Android intelligent device anti-getroot system and calibration method thereof | |
| CN104657636A (en) | Method of generating a structure and corresponding structure | |
| CN104123488A (en) | Method and device for verifying application program | |
| CN103905919A (en) | Manageable and controllable Android application installation package system based on intelligent platform | |
| CN106446613A (en) | Protection method for pre-installed application in terminal | |
| CN105592072A (en) | Method for obtaining login certification in intelligent terminal, intelligent terminal and operation system thereof | |
| CN105873044B (en) | application program publishing method based on android platform, developer tracing method and device | |
| CN105931042A (en) | Application authority management method and intelligent POS terminal | |
| CN106709281B (en) | Patch granting and acquisition methods, device | |
| CN113221142A (en) | Authorization service processing method, device, equipment and system | |
| CN105873030B (en) | Method for performing countersignature on terminal application | |
| CN102404305A (en) | Network user identity authentication method | |
| CN102647415A (en) | Audio-interface-based method and system for providing identity authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140625 |