CN104102859A - JavaScript-based middleware authorization method and device - Google Patents
JavaScript-based middleware authorization method and device Download PDFInfo
- Publication number
- CN104102859A CN104102859A CN201410325822.7A CN201410325822A CN104102859A CN 104102859 A CN104102859 A CN 104102859A CN 201410325822 A CN201410325822 A CN 201410325822A CN 104102859 A CN104102859 A CN 104102859A
- Authority
- CN
- China
- Prior art keywords
- hardware identifier
- middleware
- local terminal
- javascript
- authority checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/443—OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
- H04N21/4433—Implementing client middleware, e.g. Multimedia Home Platform [MHP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention is adaptable to the technical field of set-top boxes and provides a JavaScript-based middleware authorization method and device. The authorization method includes acquiring an authorized validation method of presetting the JavaScript to describe an approved hardware identifier; reading a home-terminal hardware identification through an application programming interface (API) of a portability layer; and calling the authorized validation method to validate whether the home-terminal hardware identification is in a range of the approved hardware identifier or not, and if so, confirming that the home-terminal middleware is legal. By the authorization method and the authorization device, the validation method and validation process are comprehensively described in a JavaScript manner and flexibly set and modified.
Description
Technical field
The invention belongs to set-top box technique field, relate in particular to a kind of middleware authorization method and device based on JavaScript.
Background technology
At present, Set Top Box Dou Shi hardware supplier and middleware provider cooperate, and provide solution to operator, under this pattern, have the situation of middleware piracy, the existing technology addressing this problem is to use encrypted private key license hardware identifier scope to obtain encryption identification; Described encryption identification and PKI are implanted to respectively in middleware, and described PKI and described private key are a pair of digital signature; When operation, use described PKI to decipher described encryption identification and obtain described license hardware identifier scope; Api interface by graft layers reads hardware identifier, judge that described hardware identifier is whether within the scope of described license hardware identifier, if, obtain authorization identifying and exist, encrypted private key license hardware identifier scope for technology like this, PKI deciphering license hardware identifier scope, asymmetric cryptosystem in whole process makes the security of whole authorization identifying, but the mode that this method only can be transmitted STBID scope by authorization module is to verify, the mode underaction of encryption and decryption.
Summary of the invention
The embodiment of the present invention provides a kind of middleware authorization method and device based on JavaScript, and being intended to solve the mode that prior art only can transmit STBID scope by authorization module is to verify, the problem of the mode underaction of encryption and decryption.
On the one hand, provide a kind of middleware authorization method based on JavaScript, described method comprises:
Obtain the authority checking method that default JavaScript describes license hardware identifier;
Read local terminal hardware identifier by the api interface of graft layers;
Call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
On the other hand, provide a kind of middleware authorization device based on JavaScript, described device comprises:
Method acquiring unit, describes the authority checking method of permitting hardware identifier for obtaining default JavaScript;
Mark acquiring unit, reads local terminal hardware identifier for identifying by the api interface of graft layers;
ID authentication unit, for calling described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
In the embodiment of the present invention, obtain default JavaScript and describe the authority checking method of permitting hardware identifier; Read local terminal hardware identifier by the api interface of graft layers; Call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if, local terminal middleware is legal middleware, the present invention, with the complete description of the mode of JavaScript verification method and process, can arrange flexibly and revise verification method and process.
Brief description of the drawings
Fig. 1 is the process flow diagram of the middleware authorization method based on JavaScript that provides of the embodiment of the present invention one;
Fig. 2 is the structured flowchart of the middleware authorization device based on JavaScript that provides of the embodiment of the present invention four.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
In embodiments of the present invention, obtain default JavaScript and describe the authority checking method of permitting hardware identifier; Read local terminal hardware identifier by the api interface of graft layers; Call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
Below in conjunction with specific embodiment, realization of the present invention is described in detail:
Embodiment mono-
Fig. 1 shows the realization flow of the middleware authorization method based on JavaScript that the embodiment of the present invention one provides, and details are as follows:
In step S101, obtain default JavaScript and describe the authority checking method of permitting hardware identifier.
In the present embodiment, described JavaScript is a kind of based on object and event-driven and have the client script language of relative safety.Also be a kind of script that is widely used in client Web exploitation, be commonly used to add dynamic function to html web page, such as response user's various operations simultaneously.Concrete verification method and complete being described in JavaScript code of process, then all write into authorization module, verification method is only relevant with authorization module with process like this, if need to revise verification method and process, only need to change authorization module, change authorization module, can not affect the function of middleware.Make by this way authority checking Method and Process more flexibly with changeable, increased and cracked difficulty.
In step S102, read local terminal hardware identifier by the api interface of graft layers.
In the present embodiment, described hardware identifier is Set Top Box ID, is unique identification.Obtain and read local terminal hardware identifier by the getSTBID () of graft layers.
In step S103, call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
In the present embodiment, call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.Preferably, if local terminal hardware identifier is not within the scope of described license hardware identifier described in described authority checking method validation, pointing out user's local terminal middleware is pirate middleware.When local terminal hardware identifier described in described authority checking method validation is not within the scope of described license hardware identifier, be pirate middleware by calling show () prompting user local terminal middleware, show () is a method being realized by watermark module, be used for showing checking message on televisor, with this reminding user, use be pirate middleware.This method, in realizing, can only, in intrinsic call, namely can not be called in actual html page in mandatory provision, can avoid by third party's error calls to the method.
As a preferred version be, can also read hardware identifier by the api interface of graft layers to not timing, again call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier.
The present embodiment, with the complete description of the mode of JavaScript verification method and process, can arrange flexibly and revise verification method and process.
Embodiment bis-
Fig. 2 shows the concrete structure block diagram of the middleware authorization device based on JavaScript that the embodiment of the present invention two provides, and for convenience of explanation, only shows the part relevant to the embodiment of the present invention.In the present embodiment, middleware authorization device that should be based on JavaScript comprises: method acquiring unit 21, mark acquiring unit 22, ID authentication unit 23, pirate Tip element 24 and again authentication unit 25.
Wherein, method acquiring unit 21, describes the authority checking method of permitting hardware identifier for obtaining default JavaScript;
Mark acquiring unit 22, reads local terminal hardware identifier for identifying by the api interface of graft layers;
ID authentication unit 23, for calling described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
Further, described device also comprises:
Pirate Tip element 24, if for local terminal hardware identifier described in described authority checking method validation not within the scope of described license hardware identifier, pointing out user's local terminal middleware is pirate middleware.
Further, described device also comprises:
Authentication unit 25 again, for not timing read hardware identifier by the api interface of graft layers, again call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier.
Further, described hardware identifier is Set Top Box ID.
The middleware authorization device based on JavaScript that the embodiment of the present invention provides can be applied in the embodiment of the method one of aforementioned correspondence, and details, referring to the description of above-described embodiment one, do not repeat them here.
It should be noted that in said system embodiment, included unit is just divided according to function logic, but is not limited to above-mentioned division, as long as can realize corresponding function; In addition, the concrete title of each functional unit also, just for the ease of mutual differentiation, is not limited to protection scope of the present invention.
In addition, one of ordinary skill in the art will appreciate that all or part of step realizing in the various embodiments described above method is can carry out the hardware that instruction is relevant by program to complete, corresponding program can be stored in a computer read/write memory medium, described storage medium, as ROM/RAM, disk or CD etc.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments of doing within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.
Claims (8)
1. the middleware authorization method based on JavaScript, is characterized in that, described method comprises:
Obtain the authority checking method that default JavaScript describes license hardware identifier;
Read local terminal hardware identifier by the api interface of graft layers;
Call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
2. the method for claim 1, is characterized in that, described method also comprises:
If local terminal hardware identifier is not within the scope of described license hardware identifier described in described authority checking method validation, pointing out user's local terminal middleware is pirate middleware.
3. the method for claim 1, is characterized in that, described method also comprises:
Read hardware identifier by the api interface of graft layers to not timing, again call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier.
4. the method as described in claim 1,2 or 3, is characterized in that, described hardware identifier is Set Top Box ID.
5. the middleware authorization device based on JavaScript, is characterized in that, described device comprises:
Method acquiring unit, describes the authority checking method of permitting hardware identifier for obtaining default JavaScript;
Mark acquiring unit, reads local terminal hardware identifier for identifying by the api interface of graft layers;
ID authentication unit, for calling described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier, if so, local terminal middleware is legal middleware.
6. device as claimed in claim 5, is characterized in that, described device also comprises:
Pirate Tip element, if for local terminal hardware identifier described in described authority checking method validation not within the scope of described license hardware identifier, pointing out user's local terminal middleware is pirate middleware.
7. device as claimed in claim 5, is characterized in that, described device also comprises:
Authentication unit again, for not timing read hardware identifier by the api interface of graft layers, again call described in described authority checking method validation local terminal hardware identifier whether within the scope of described license hardware identifier.
8. the device as described in claim 5,6 or 7, is characterized in that, described hardware identifier is Set Top Box ID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410325822.7A CN104102859B (en) | 2014-07-09 | 2014-07-09 | A kind of middleware authorization method and device based on JavaScript |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410325822.7A CN104102859B (en) | 2014-07-09 | 2014-07-09 | A kind of middleware authorization method and device based on JavaScript |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104102859A true CN104102859A (en) | 2014-10-15 |
| CN104102859B CN104102859B (en) | 2017-12-19 |
Family
ID=51671003
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410325822.7A Active CN104102859B (en) | 2014-07-09 | 2014-07-09 | A kind of middleware authorization method and device based on JavaScript |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104102859B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871901A (en) * | 2016-05-25 | 2016-08-17 | 深圳时瑞鸿科技有限公司 | Dynamic security encryption method for Internet of Things |
| CN106385631A (en) * | 2016-11-02 | 2017-02-08 | 北京数码视讯软件技术发展有限公司 | Set-top box middleware system authorization method, set-top box middleware system authorization device and set-top box |
| CN106792186A (en) * | 2016-11-29 | 2017-05-31 | 青岛海信宽带多媒体技术有限公司 | The middleware access control method and device of media network terminal |
| CN106778193A (en) * | 2016-11-14 | 2017-05-31 | 北京握奇智能科技有限公司 | A kind of client and UI exchange methods |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102202092A (en) * | 2011-04-28 | 2011-09-28 | 李波 | Television bank public service platform |
| CN102609647A (en) * | 2011-01-25 | 2012-07-25 | 微软公司 | Factoring middleware for anti-piracy |
| CN102867138A (en) * | 2012-08-23 | 2013-01-09 | 深圳市同洲电子股份有限公司 | Copyright protection method and device for STB (set top box) middleware |
| CN102904925A (en) * | 2012-08-29 | 2013-01-30 | 四川长虹电器股份有限公司 | Three-screen-interaction-based cross-platform widget middleware system |
-
2014
- 2014-07-09 CN CN201410325822.7A patent/CN104102859B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102609647A (en) * | 2011-01-25 | 2012-07-25 | 微软公司 | Factoring middleware for anti-piracy |
| CN102202092A (en) * | 2011-04-28 | 2011-09-28 | 李波 | Television bank public service platform |
| CN102867138A (en) * | 2012-08-23 | 2013-01-09 | 深圳市同洲电子股份有限公司 | Copyright protection method and device for STB (set top box) middleware |
| CN102904925A (en) * | 2012-08-29 | 2013-01-30 | 四川长虹电器股份有限公司 | Three-screen-interaction-based cross-platform widget middleware system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871901A (en) * | 2016-05-25 | 2016-08-17 | 深圳时瑞鸿科技有限公司 | Dynamic security encryption method for Internet of Things |
| CN105871901B (en) * | 2016-05-25 | 2019-09-20 | 深圳时瑞鸿科技有限公司 | The method that dynamic Internet of Things encrypts safely |
| CN106385631A (en) * | 2016-11-02 | 2017-02-08 | 北京数码视讯软件技术发展有限公司 | Set-top box middleware system authorization method, set-top box middleware system authorization device and set-top box |
| CN106385631B (en) * | 2016-11-02 | 2019-07-05 | 北京数码视讯软件技术发展有限公司 | A kind of middleware of set top box system authorization method, apparatus and set-top box |
| CN106778193A (en) * | 2016-11-14 | 2017-05-31 | 北京握奇智能科技有限公司 | A kind of client and UI exchange methods |
| CN106778193B (en) * | 2016-11-14 | 2023-02-03 | 北京握奇智能科技有限公司 | Client and UI interaction method |
| CN106792186A (en) * | 2016-11-29 | 2017-05-31 | 青岛海信宽带多媒体技术有限公司 | The middleware access control method and device of media network terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104102859B (en) | 2017-12-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100583083C (en) | Apparatus and method for processing digital rights object | |
| KR101509377B1 (en) | Device and method for a backup of rights objects | |
| JP2019502997A (en) | Securing web pages, web apps, and applications | |
| CN111741028B (en) | Service processing method, device, equipment and system | |
| JP2016520265A (en) | Generation of working security keys based on security parameters | |
| CN104471581A (en) | Protecting media items using a media security controller | |
| TW201530344A (en) | Application program access protection method and application program access protection device | |
| CN107944234B (en) | Machine refreshing control method for Android equipment | |
| CN103678993A (en) | Method and device controlling terminal | |
| CN108599959B (en) | Authorization certificate checking method and device, readable storage medium and application equipment | |
| CN104102859A (en) | JavaScript-based middleware authorization method and device | |
| CN103971034A (en) | Method and device for protecting Java software | |
| CN102289632A (en) | Method for encrypting executable file under condition of unknown software source code | |
| CN103592927A (en) | Method for binding product server and service function through license | |
| CN111479265B (en) | Information dissemination method and device, computer equipment and storage medium | |
| CN105634884B (en) | A kind of control instruction wiring method, intelligent home furnishing control method and relevant apparatus | |
| CN114223176B (en) | Certificate management method and device | |
| CN103297816A (en) | Safety downloading method and digital television receiving terminal | |
| CN112866987A (en) | Networking verification method, equipment and computer readable storage medium | |
| CN105743651A (en) | Method and apparatus for utilizing card application in chip security domain, and application terminal | |
| JP6357091B2 (en) | Information processing apparatus and computer program | |
| CN113766496A (en) | Cross-platform binding method and system of intelligent equipment and related equipment | |
| CN107135074B (en) | Advanced security method and device | |
| CN103838997A (en) | Single-chip microcomputer password verification method and device | |
| CN110533128B (en) | Encryption-based anti-counterfeiting traceability data processing method, device, system and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |