CN104378379B - A kind of digital content encrypted transmission method, equipment and system - Google Patents
A kind of digital content encrypted transmission method, equipment and system Download PDFInfo
- Publication number
- CN104378379B CN104378379B CN201410697582.3A CN201410697582A CN104378379B CN 104378379 B CN104378379 B CN 104378379B CN 201410697582 A CN201410697582 A CN 201410697582A CN 104378379 B CN104378379 B CN 104378379B
- Authority
- CN
- China
- Prior art keywords
- information
- digital content
- request
- data
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The present invention relates to network technique field, especially a kind of digital content encrypted transmission method, including:The first request of data that client is sent is received, the first request of data is used to ask the address of digital content;The identification information of client is obtained according to the first request of data and first time corresponding with the first request of data stabs information, the address of information encrypted digital content is stabbed using identification information and first time, the address information for obtaining encrypted digital content sends the address information of encrypted digital content to the client;The second request of data that the client is sent is received, second request of data is for asking the digital content, second request of data to include the address information of the encrypted digital content;Second request of data is verified, check results are obtained;When the check results show that verification passes through, digital content corresponding with second request of data is sent to the client.
Description
Technical field
The present invention relates to network technique fields, more particularly to a kind of digital content encrypted transmission method, equipment and system.
Background technology
With the development of computer networking technology, digital content services have obtained extensive development.For example, user can make
The digital contents such as video, the audio of server offer are provided with client by internet.Since traditional digital content takes
Supplier's (such as video website) generally use of being engaged in HTTP (Hypertext transfer protocol, Hyper text transfer association
View) agreement transmission digital content, and the URL (Uniform Resource Locator, uniform resource locator) of digital content
Address is that plaintext version is present in network transmission process, is easily obtained and is usurped by third party.Therefore, how number is improved
Safety of the content in network transmission process protects copyrighted digital content to be allowed to not to be stolen, abuses and become and urgently solve
Certainly the problem of.
A kind of method exists in the prior art, in order to verify whether client is true, effective client, server is wanted
It asks client to be attached to the key that itself is stored in the addresses video URL that server is sent to client, and will be added to close
The addresses video URL of key value return to server and carry out validation verification for server.Server is regarded from what client returned
Frequency URL extracts key value in address, and the key value preserved with server is compared, to carry out validation verification.If close
Key value is identical, then is verified.
Inventor has found that the method that the prior art provides needs client to store one in the implementation of the present invention
Fixed key value is simultaneously verified using the key value, however in the addresses video URL of client return, key value is with close
The form of plaintext exists so that the key value is easily acquired.Third party can utilize the key value obtained directly to construct most
The addresses whole effective video URL, to obtain final effective video file.For example, the final addresses effective video URL are by close
When key value and the addresses URL collectively form, if third party obtains the addresses URL of unencryption and obtains almost with plaintext version
When existing key, then the addresses effective video URL are easily constructed.Therefore, there are safeties for the method that the prior art provides
It is not high, easily by third party attack and the risk usurped.
Invention content
In order to solve the above technical problems, an embodiment of the present invention provides a kind of digital content encrypted transmission method, equipment and
System reduces its risk attacked, usurped to improve safety of the digital content in network transmission process.
According to a first aspect of the embodiments of the present invention, a kind of digital content encrypted transmission method is disclosed, the method is answered
For server end, including:
The first request of data that client is sent is received, first request of data is used to ask the address of digital content;
According to first request of data obtain the client identification information and with first request of data pair
The first time stamp information answered encrypts the ground of the digital content using the identification information and first time stamp information
Location obtains the address information of encrypted digital content, and the address information of encrypted digital content is sent to the client;
The second request of data that the client is sent is received, second request of data is for asking in the number
Hold, second request of data includes the address information of the encrypted digital content;
Second request of data is verified, check results are obtained;
When the check results show that verification passes through, sent to the client corresponding with second request of data
Digital content.
Preferably, the identification information of the client includes that the IP address, client identifier, client of client correspond to
User identity information in any one, for client described in unique mark.
Preferably, described to be verified to second request of data, obtaining check results includes:
The address information for the encrypted digital content for including to second request of data is decrypted, and obtains
The identification information and the first time after must decrypting stab information;
By after the decryption of acquisition the identification information and the first time stamp information and the server end preserve
Client identification information and at the first time stamp information be compared, obtain comparison result;
The identification information and the first time stamp information after comparison result shows the decryption and institute
When stating the identification information of the client of server end preservation and stabbing information matches at the first time, determine that verification passes through.
Preferably, the method further includes:
When the check results show to verify obstructed out-of-date, it is not responding to the second request of data of the client or to institute
It states client and sends error message.
According to a second aspect of the embodiments of the present invention, a kind of digital content encrypted transmission method is disclosed, the method is answered
For client, including:
The first request of data is sent to server end, first request of data is used to ask the address of digital content;
Receive the address information for the encrypted digital content that the server end is sent;
The second request of data is sent to the server end, second request of data is used to ask the digital content,
Second request of data includes the address information of the encrypted digital content;
It receives the server end and is directed to the response that second request of data is sent.
Preferably, the reception server end includes for the response of second request of data transmission:
Receive the server second request of data is verified and verify by when the digital content that sends;
Or
The server is received in the error letter that obstructed out-of-date transmission is verified and verified to second request of data
Breath.
According to a third aspect of the embodiments of the present invention, a kind of server apparatus is disclosed, the server apparatus includes:
First receiving unit, the first request of data for receiving client transmission, first request of data is for asking
Ask the address of digital content;
Encryption unit, identification information for obtaining the client according to first request of data and with described
One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption
The address of digital content obtains the address information of encrypted digital content, is sent in encrypted number to the client
The address information of appearance;
Second receiving unit, the second request of data sent for receiving the client, second request of data are used
Include the address information of the encrypted digital content in asking the digital content, second request of data;
Verification unit obtains check results for being verified to second request of data;
Transmission unit, for when the check results show that verification passes through, being sent and described second to the client
The corresponding digital content of request of data.
Preferably, the verification unit includes:
Decryption unit, the address information of the encrypted digital content for including to second request of data into
Row decryption processing, the identification information and the first time after being decrypted stab information;
Comparing unit, for after the decryption that will obtain the identification information and the first time stab information with it is described
The identification information and first time stamp information for the client that server end preserves are compared, and obtain comparison result;
Determination unit, for after the comparison result shows the decryption the identification information and it is described first when
Between the identification information of client that preserves of stamp information and the server end and at the first time stamp information matches when, determine verification
Pass through.
Preferably, the equipment further includes:
Trigger element is responded, shows to verify obstructed out-of-date for working as the check results, is not responding to the of the client
Two request of data send error message to the client.
According to a fourth aspect of the embodiments of the present invention, a kind of client device is disclosed, the client device includes:
First request of data transmission unit, for sending the first request of data, first request of data to server end
Address for asking digital content;
First receiving unit, the address information for receiving the encrypted digital content that the server end is sent;
Second request of data transmission unit, for sending the second request of data, second data to the server end
Request is for asking the digital content, second request of data to include the address information of the encrypted digital content;
Second receiving unit is directed to the response that second request of data is sent for receiving the server end.
Preferably, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends;
Alternatively, receiving the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data.
According to a fifth aspect of the embodiments of the present invention, a kind of digital content encryption transmission system, including server are disclosed
Equipment and client device, wherein:
The client device is used to send the first request of data to the server apparatus, and first request of data is used
In the address of request digital content;Receive the address information for the encrypted digital content that the server apparatus is sent;To institute
It states server apparatus and sends the second request of data, second request of data is for asking the digital content, second number
Include the address information of the encrypted digital content according to request;The server apparatus is received to ask for second data
Ask the response of transmission;
The server apparatus is used to receive the first request of data of client device transmission, and first request of data is used
In the address of request digital content;According to first request of data obtain the client device identification information and with institute
The corresponding first time stamp information of the first request of data is stated, is encrypted using the identification information and first time stamp information
The address of the digital content obtains the address information of encrypted digital content, after sending encryption to the client device
Digital content address information;The second request of data that the client is sent is received, second request of data is for asking
The digital content, second request of data is asked to include the address information of the encrypted digital content;To described second
Request of data is verified, and check results are obtained;When the check results show that verification passes through, sent out to the client device
Send digital content corresponding with second request of data.
What the embodiment of the present invention can reach has the beneficial effect that:In method provided in an embodiment of the present invention, in server
End is carried out with client in the request and transmission process of digital content, utilizes the client of the real information close association with client
End identification information and timestamp information the address of digital content is encrypted, and using encrypted digital content address into
The verification of row client so that the address of digital content is not easy to be cracked and forge, to improve digital content in the transmission
Safety, reduce digital content by third party attack and the risk usurped.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments described in invention, for those of ordinary skill in the art, without creative efforts,
Other drawings may also be obtained based on these drawings.
Fig. 1 is digital content encrypted transmission method first embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 2 is digital content encrypted transmission method second embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 3 is digital content encrypted transmission method 3rd embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 4 is server apparatus schematic diagram provided in an embodiment of the present invention;
Fig. 5 is client device schematic diagram provided in an embodiment of the present invention;
Fig. 6 is digital content encryption transmission system schematic diagram provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of digital content encrypted transmission method, equipment and systems, to improve digital content
Safety in network transmission process reduces its risk attacked, usurped.
In order to make those skilled in the art more fully understand the technical solution in the present invention, below in conjunction with of the invention real
The attached drawing in example is applied, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described implementation
Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common
The every other embodiment that technical staff is obtained without making creative work, should all belong to protection of the present invention
Range.
Herein, it is to be understood that text existing for involved term " digital content " expression in digital form,
The contents such as image, sound, it can be stored on such as CD, hard disk digital carrier, can also be propagated by means such as networks,
But it is also not limited to this.
(full name in English is Uniform Resource Locator, English to involved term " uniform resource locator "
Be abbreviated as URL) be the resource to that can be obtained from internet position and access method a kind of succinct expression, be interconnection
The address of online standard resource.For each file on internet there are one unique URL, the information that it includes points out file
How position and browser should handle it.
Involved term " client " and it is properly termed as user terminal, it is corresponding with server end, it is a kind of to be carried for client
For the program of local service, generally requires and work in coordination operation with server-side.Client according to the present invention can be applied to
In electronic equipment, the electronic equipment can be existing, researching and developing or research and development in the future any electronic equipments, including but
It is not limited to:Existing, researching and developing or research and development in the future, desktop computer, laptop computer, mobile terminal (including intelligence
Energy mobile phone, non-smart mobile phone, various tablet computers) etc..The client can also include but not limited to web browser, immediately
The client etc. of communication software.
Involved term " server end " is generally corresponding with client, can be connected with one or more clients
Into row data communication.
Below with reference to several representative embodiments of the present invention, the principle and spirit of the invention are illustrated in detail.
It is digital content encrypted transmission method first embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 1.Fig. 1
The method is applied to server end, may include:
S101, the first request of data that received server-side client is sent, first request of data are used for number of request
The address of word content.
In this embodiment of the invention, method shown in FIG. 1 is applied to server end side, and the server end can be with visitor
Family end interaction data.When user end to server sends the first request of data, when address for asking digital content, the clothes
Business device receives the request and is responded to the request.Further, first request of data may include client
Identification information, the identification information of the client includes the internet protocol address of client, client identifier, client
Any one in corresponding user identity information is held, for client described in unique mark.For example, the mark of the client
Information can be the information with client (or user) Identity Association, for example, client id, User ID corresponding with client,
The mail address of user, the phone number of user, the identity information of user, the sequence number of client, MAC Address, IP address etc.,
But not limited to this.Preferably, first request of data includes the IP address of the client.Further, described first
Request of data can also include the identification information of the digital content to be asked, the identification information and digital content of the digital content
With one-to-one relationship, it is used for unique identification number content, concrete form can be various, not limit herein.Service
Device end can be determined according to the mark of the digital content corresponding with the first request of data of client digital content with
And information corresponding with the digital content, such as may include the address of digital content.
S102, server end according to first request of data obtain the identification information of the client and with described
One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption
The address of digital content obtains the address information of encrypted digital content, is sent in encrypted number to the client
The address information of appearance.
In this of the invention embodiment, server end can obtain real information corresponding with the client for plus
The address of close digital content.Specifically, server end obtains corresponding with first request of data according to the first request of data
The identification information of client and first time corresponding with first request of data stab information.The first time stabs information
The first request of data for identifying client, such as can be the first request of data that server receives the client
Time.Since the identification information of client is used for unique mark client, information is stabbed at the first time and generally only has server or visitor
Family end can obtain, therefore greatly improve the difficulty that above- mentioned information is cracked, and improve the safety of digital content address transmission
Property.
Server end encrypts the digital content using the identification information obtained and first time stamp information
Address, obtain the address information of encrypted digital content.In one implementation, server end can be to the mark
Information and first time stamp information are encrypted, and encrypted identification information and first time stamp information are added
Client is returned in the addresses URL of digital content, and by the addresses URL of treated digital content.It is realized in another kind
In mode, server end directly can also stab information as described in key pair using the identification information and the first time
The addresses URL of digital content are encrypted, to obtain the URL address informations of encrypted digital content.The present invention is to specific
Encryption method is without restriction, such as may include AES-128 methods, DES algorithms (Data Encrypt ion
Algorithm, data encryption algorithm, a kind of symmetric encipherment algorithm), 3DES algorithms (Triple hybrid), TDEA algorithms it is (triple
Data encryption algorithm), Blowfish algorithms (it is a kind of be used for encrypt 64Bit length character string symmetric encryption method), RC5 calculate
(full name is IntelliJ IDEA, a kind of number based on JAVA for method (a kind of block cipher of changeable parameters), IDEA algorithms
According to encryption method) etc..
S103, the second request of data that client described in received server-side is sent, second request of data is for asking
The digital content, second request of data is asked to include the address information of the encrypted digital content.
The second request of data that received server-side client is sent, second request of data include described encrypted
The address information of digital content.
S104, server end verify second request of data, obtain check results.
When specific implementation, the address for the encrypted digital content that server end includes to second request of data
Information is decrypted, and the identification information and the first time after being decrypted stab information;Server end will obtain
The identification information and the first time after the decryption obtained stab information is preserved with the server end and client
It holds corresponding identification information and stamp information is compared at the first time, obtain comparison result;When the comparison result shows institute
State the mark of the identification information after decryption and first time stamp information and the client of server end preservation
When information and at the first time stamp information matches, determine that verification passes through.Described in after the comparison result shows the decryption
When identification information and first time stamp information are with the identification information of the client of server end preservation and first
Between stamp information mismatch when, determine verification does not pass through.
S105, when the check results show that verification passes through, server end is sent and described second to the client
The corresponding digital content of request of data.
When passed the verification, server end sends digital content corresponding with the second request of data to client.Work as verification
Obstructed out-of-date, server end is not responding to the second request of data of the client or sends error message to the client.
In method provided in an embodiment of the present invention, the request and transmission of digital content are carried out in server end and client
In the process, using the client identification information and timestamp information of the real information close association with client to digital content
Address be encrypted, and utilize encrypted digital content address carry out client verification so that the address of digital content
It is not easy to be cracked and forge, to improve the safety of digital content in the transmission, reduce digital content and attacked by third party
The risk hit and usurped.
It is digital content encrypted transmission method second embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 2.Fig. 2
Shown in method be applied to client-side, may include:
S201, client send the first request of data, and first request of data is for asking in number
The address of appearance.
When client needs playing digital content, the first request of data can be sent to server to ask the number
The address of content.Preferably, first request of data includes the identification information of the client and/or the digital content
Identification information.
S202, client receive the address information for the encrypted digital content that the server end is sent.
It should be noted that respective handling of the server end after the first request of data for receiving client transmission, it can
Realized that details are not described herein in the method in illustrated embodiment referring to Fig.1.
Client receives the address information for the encrypted digital content that server is sent.Wherein, the encrypted number
The address information of word content is the identification information of client that server by utilizing obtains and corresponding with first request of data
First time stamp information the address of the digital content is encrypted and is obtained.
S203, client send the second request of data to the server end, and second request of data is for asking institute
Digital content is stated, second request of data includes the address information of the encrypted digital content.
S204, client receive the server end and are directed to the response that second request of data is sent.
Wherein, client receive the server end for second request of data send response include:
Client receive the server second request of data is verified and verify by when the number that sends
Word content;Or
Client receives the server and is being verified to second request of data and verifying obstructed out-of-date transmission
Error message.
When client obtains digital content, you can to play the digital content.Preferably, the digital content is passed through
Encryption.The client utilizes the decryption method shared with the server that the digital content is decrypted.
It is digital content encrypted transmission method 3rd embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 3.It needs
Illustrate, in conjunction with first embodiment and second embodiment, in server end, with client interact the server of processing with
And it can be same server that the server of authentication, which is encrypted, can also be different server.Embodiment shown in Fig. 3
In, server end interactive server and authentication server, wherein interactive server are mainly used for carrying out request of data with client
Interaction process, authentication server is mainly used for being encrypted, checking treatment.Below by taking digital content is video as an example, number
The address of content is the addresses URL, the identification information of client be client IP address for method shown in Fig. 3 is said
It is bright, it is merely illustrative below, is not intended as limitation of the present invention.
S301, client send the first request of data, the addresses URL for asking video to interactive server.
S302, the interactive server receive the first request of data that client is sent, and obtain the IP with the client
Address and server time stab information, and send CIPHERING REQUEST to authentication server.
When specific implementation, the CIPHERING REQUEST includes the IP address and server time stamp letter of the client of the acquisition
Breath.The CIPHERING REQUEST can also include the addresses URL of the video of request.
S303, authentication server are encrypted the addresses URL of the IP address, server time stamp information, video, obtain
Obtain the addresses encrypted video URL.
S304, authentication server send the addresses encrypted video URL to the interactive server.
S305, interactive server send the addresses encrypted video URL to client.
S306, client sends the second request of data to interactive server, for asking video file.Wherein, described
Two request of data include the addresses encrypted video URL.
S307, interactive server send authentication request to authentication server.Wherein, the authentication request includes the encryption
The addresses video URL afterwards.
The addresses encrypted video URL are decrypted in S308, authentication server, with obtaining the IP of client
Information is stabbed in location, server time, and it is compared with the client ip address of preservation, server time stamp information,
To obtain authenticating result.
S309, authentication server send authenticating result to the interactive server.
S310, interactive server receives the authenticating result, when the authenticating result shows that the authentication is passed, to client
Send effective video file;When the authenticating result show to authenticate it is obstructed out-of-date, to the client send error message.
Embodiment of the method provided by the invention is described above, it will be appreciated by persons skilled in the art that on
It states embodiment and can change, deform, combine and obtain other realization methods, all belong to the scope of protection of the present invention.
Fig. 4 is server apparatus schematic diagram provided in an embodiment of the present invention.
A kind of server apparatus 400, the server apparatus include:
First receiving unit 401, the first request of data for receiving client transmission, first request of data are used for
Ask the address of digital content.
Encryption unit 402, identification information for obtaining the client according to first request of data and with institute
The corresponding first time stamp information of the first request of data is stated, is encrypted using the identification information and first time stamp information
The address of the digital content obtains the address information of encrypted digital content, and encrypted number is sent to the client
The address information of word content.
Second receiving unit 403, the second request of data sent for receiving the client, second request of data
For asking the digital content, second request of data to include the address information of the encrypted digital content.
Verification unit 404 obtains check results for being verified to second request of data.
Transmission unit 405, for when the check results show that verification passes through, being sent and described the to the client
The corresponding digital content of two request of data.
Preferably, the verification unit 404 includes:
Decryption unit, the address information of the encrypted digital content for including to second request of data into
Row decryption processing, the identification information and the first time after being decrypted stab information.
Comparing unit, for after the decryption that will obtain the identification information and the first time stab information with it is described
The identification information and first time stamp information for the client that server end preserves are compared, and obtain comparison result.
Determination unit, for after the comparison result shows the decryption the identification information and it is described first when
Between the identification information of client that preserves of stamp information and the server end and at the first time stamp information matches when, determine verification
Pass through.
Preferably, the equipment further includes:
Trigger element is responded, shows to verify obstructed out-of-date for working as the check results, is not responding to the of the client
Two request of data send error message to the client.
It is client device schematic diagram provided in an embodiment of the present invention referring to Fig. 5.
A kind of client device 500, the client device include:
First request of data transmission unit 501, for sending the first request of data to server end, first data are asked
Ask the address for asking digital content;
First receiving unit 502, the address information for receiving the encrypted digital content that the server end is sent;
Second request of data transmission unit 503, for sending the second request of data, second number to the server end
According to request for asking the digital content, address of second request of data comprising the encrypted digital content to be believed
Breath;
Second receiving unit 504 is directed to the response that second request of data is sent for receiving the server end.
Preferably, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends;
Alternatively, receiving the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data.
It is digital content encryption transmission system schematic diagram provided in an embodiment of the present invention referring to Fig. 6.
A kind of digital content encryption transmission system, including server apparatus 400 and client device 500, wherein:
The client device 500 is used to send the first request of data to the server apparatus, and first data are asked
Ask the address for asking digital content;Receive the address information for the encrypted digital content that the server apparatus is sent;
The second request of data is sent to the server apparatus, second request of data is for asking the digital content, and described the
Two request of data include the address information of the encrypted digital content;The server apparatus is received to count for described second
The response sent according to request;
The server apparatus 400 is used to receive the first request of data of client device transmission, and first data are asked
Ask the address for asking digital content;According to first request of data obtain the client device identification information and
First time corresponding with first request of data stabs information, and information is stabbed using the identification information and the first time
The address for encrypting the digital content obtains the address information of encrypted digital content, sends and adds to the client device
The address information of digital content after close;The second request of data that the client is sent is received, second request of data is used
Include the address information of the encrypted digital content in asking the digital content, second request of data;To described
Second request of data is verified, and check results are obtained;When the check results show that verification passes through, set to the client
Preparation send digital content corresponding with second request of data.
It should be noted that client device 500 and server-side devices that digital content encryption transmission system 600 includes
400 are referred to Fig. 4 and device shown in fig. 5 realization, and details are not described herein.
It should be noted that more simple to the introduction of device embodiment above, the realization of device is referred to method reality
It applies the introduction of example part and realizes.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
The present invention can describe in the general context of computer-executable instructions executed by a computer, such as program
Unit.Usually, program unit includes routines performing specific tasks or implementing specific abstract data types, program, object, group
Part, data structure etc..The present invention can also be put into practice in a distributed computing environment, in these distributed computing environments, by
Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program unit can be with
In the local and remote computer storage media including storage device.
The above is only the specific implementation mode of the present invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.
Claims (8)
1. a kind of digital content encrypted transmission method, which is characterized in that the method is applied to server end, including:
The first request of data that client is sent is received, first request of data is used to ask the address of digital content;
The identification information of the client and corresponding with first request of data is obtained according to first request of data
Stamp information at the first time encrypts the address of the digital content using the identification information and first time stamp information,
The address information for obtaining encrypted digital content sends the address information of encrypted digital content to the client;
The address of the digital content is encrypted using the identification information and first time stamp information, is obtained encrypted
The address information of digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first
Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information
Encryption, to obtain the address information of encrypted digital content;
The second request of data that the client is sent is received, second request of data is for asking the digital content, institute
State the address information that the second request of data includes the encrypted digital content;
Second request of data is verified, check results are obtained;
When the check results show that verification passes through, number corresponding with second request of data is sent to the client
Content;
Wherein, the verification passes through the address according to the encrypted digital content for including to second request of data
Information is decrypted, and the identification information and the first time after being decrypted stab information;By the decryption of acquisition
The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with
And stamp information is compared at the first time, obtains comparison result;The mark after comparison result shows the decryption
The identification information for the client that information and first time stamp information are preserved with the server end and at the first time stamp
When information matches, determine that verification passes through.
2. according to the method described in claim 1, it is characterized in that, the identification information of the client includes the interconnection of client
Any one in the corresponding user identity information of fidonetFido IP address, client identifier, client is used for unique mark institute
State client.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
When the check results show to verify obstructed out-of-date, it is not responding to the second request of data of the client or to the visitor
Family end sends error message.
4. a kind of digital content encrypted transmission method, which is characterized in that the method is applied to client, including:
The first request of data is sent to server end, first request of data is used to ask the address of digital content;
Receive the address information for the encrypted digital content that the server end is sent;
Wherein, the address information of the encrypted digital content is that the server end is obtained according to first request of data
The identification information of the client and first time corresponding with first request of data stab information, are believed using the mark
Breath and first time stamp information encrypt the information of the address of the digital content;
The server end encrypts the address of the digital content using the identification information and first time stamp information,
The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first
Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information
Encryption, to obtain the address information of encrypted digital content;
The second request of data is sent to the server end, second request of data is described for asking the digital content
Second request of data includes the address information of the encrypted digital content;
It receives the server end and is directed to the response that second request of data is sent;
The reception server end is directed to the response that second request of data is sent and includes:
Receive the server second request of data is verified and verify by when the digital content that sends;Or
The server is received in the error message that obstructed out-of-date transmission is verified and verified to second request of data;
Wherein, described to verify through the server according to the encrypted number for including to second request of data
The address information of content is decrypted, and the identification information and the first time after being decrypted stab information;It will
The client that the identification information and first time stamp information after the decryption of acquisition are preserved with the server end
Identification information and first time stamp information are compared, and obtain comparison result;After the comparison result shows the decryption
The identification information and the identification information of client that preserves of the first time stamp information and the server end and
At the first time when stamp information matches, determine that verification passes through.
5. a kind of server apparatus, which is characterized in that the server apparatus includes:
First receiving unit, the first request of data for receiving client transmission, first request of data are used for number of request
The address of word content;
Encryption unit, identification information for obtaining the client according to first request of data and with first number
According to asking corresponding first time to stab information, the number is encrypted using the identification information and first time stamp information
The address of content obtains the address information of encrypted digital content, and encrypted digital content is sent to the client
Address information;
The server end encrypts the address of the digital content using the identification information and first time stamp information,
The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first
Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information
Encryption, to obtain the address information of encrypted digital content;
Second receiving unit, the second request of data sent for receiving the client, second request of data is for asking
The digital content, second request of data is asked to include the address information of the encrypted digital content;
Verification unit obtains check results for being verified to second request of data;
Transmission unit, for when the check results show that verification passes through, being sent and second data to the client
Ask corresponding digital content;
Wherein, the verification passes through the encrypted number for including to second request of data according to the verification unit
The address information of word content is decrypted, and the identification information and the first time after being decrypted stab information;
By the client of the identification information and first time stamp information and server end preservation after the decryption of acquisition
Identification information and at the first time stamp information be compared, obtain comparison result;When the comparison result shows the decryption
The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with
And when stabbing information matches at the first time, determine that verification passes through.
6. equipment according to claim 5, which is characterized in that the equipment further includes:
Respond trigger element, for work as the check results show to verify it is obstructed out-of-date, be not responding to the client second number
Error message is sent according to request or to the client.
7. a kind of client device, which is characterized in that the client device includes:
First request of data transmission unit, for sending the first request of data to server end, first request of data is used for
Ask the address of digital content;
First receiving unit, the address information for receiving the encrypted digital content that the server end is sent;
Wherein, the address information of the encrypted digital content obtains institute for the server according to first request of data
The identification information and first time corresponding with first request of data stamp information for stating client, utilize the identification information
And the first time stamp information encrypts the information of the address of the digital content;
The server end encrypts the address of the digital content using the identification information and first time stamp information,
The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first
Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information
Encryption, to obtain the address information of encrypted digital content;
Second request of data transmission unit, for sending the second request of data, second request of data to the server end
For asking the digital content, second request of data to include the address information of the encrypted digital content;
Second receiving unit is directed to the response that second request of data is sent for receiving the server end;
Wherein, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends;Or
Person receives the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data;
Wherein, described to verify through the server according to the encrypted number for including to second request of data
The address information of content is decrypted, and the identification information and the first time after being decrypted stab information;It will
The client that the identification information and first time stamp information after the decryption of acquisition are preserved with the server end
Identification information and first time stamp information are compared, and obtain comparison result;After the comparison result shows the decryption
The identification information and the identification information of client that preserves of the first time stamp information and the server end and
At the first time when stamp information matches, determine that verification passes through.
8. a kind of digital content encryption transmission system, which is characterized in that including server apparatus and client device, wherein:
The client device is used to send the first request of data to the server apparatus, and first request of data is for asking
Ask the address of digital content;Receive the address information for the encrypted digital content that the server apparatus is sent;To the clothes
Device equipment of being engaged in sends the second request of data, and second request of data is for asking the digital content, second data to be asked
Seek the address information for including the encrypted digital content;The server apparatus is received to send out for second request of data
The response sent;
The server apparatus is used to receive the first request of data of client device transmission, and first request of data is for asking
Ask the address of digital content;The identification information of the client device is obtained according to first request of data and with described
One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption
The address of digital content obtains the address information of encrypted digital content, and encrypted number is sent to the client device
The address information of word content;The second request of data that the client is sent is received, second request of data is for asking institute
Digital content is stated, second request of data includes the address information of the encrypted digital content;To second data
Request is verified, and check results are obtained;When the check results show verification pass through when, to the client device send with
The corresponding digital content of second request of data;
Wherein, the server end encrypts the digital content using the identification information and first time stamp information
Address obtains the address information of encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first
Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information
Encryption, to obtain the address information of encrypted digital content;
Wherein, the verification passes through the address according to the encrypted digital content for including to second request of data
Information is decrypted, and the identification information and the first time after being decrypted stab information;By the decryption of acquisition
The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with
And stamp information is compared at the first time, obtains comparison result;The mark after comparison result shows the decryption
The identification information for the client that information and first time stamp information are preserved with the server end and at the first time stamp
When information matches, determine that verification passes through.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410697582.3A CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410697582.3A CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104378379A CN104378379A (en) | 2015-02-25 |
CN104378379B true CN104378379B (en) | 2018-10-16 |
Family
ID=52557035
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410697582.3A Active CN104378379B (en) | 2014-11-26 | 2014-11-26 | A kind of digital content encrypted transmission method, equipment and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104378379B (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104735484B (en) * | 2015-03-05 | 2017-12-15 | 天脉聚源(北京)科技有限公司 | A kind of method and device for playing video |
CN105491073B (en) * | 2016-01-21 | 2020-07-14 | 腾讯科技(深圳)有限公司 | Data downloading method, device and system |
CN106230824A (en) * | 2016-07-29 | 2016-12-14 | 浙商银行股份有限公司 | A kind of mobile device authentic authentication system and method |
CN106331055B (en) * | 2016-08-09 | 2019-08-16 | 努比亚技术有限公司 | Identifier generating means and method |
CN106658093B (en) * | 2016-12-27 | 2019-07-09 | 深圳市九洲电器有限公司 | The exchange method and system of set-top box and server |
CN107579977A (en) * | 2017-09-04 | 2018-01-12 | 珠海迈科智能科技股份有限公司 | A kind of key theft preventing method and device |
CN108737412B (en) * | 2018-05-15 | 2021-06-25 | 福建天晴数码有限公司 | Method and terminal for realizing data request |
CN109450858B (en) * | 2018-10-15 | 2021-11-23 | 杭州迪普科技股份有限公司 | Resource request method, device, equipment and storage medium |
CN109922068B (en) * | 2019-03-13 | 2020-01-31 | 特斯联(北京)科技有限公司 | Security patrol robot, security system and security communication method thereof |
CN111541758B (en) * | 2020-04-17 | 2023-06-16 | 支付宝(杭州)信息技术有限公司 | Page updating method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100562016C (en) * | 2006-01-16 | 2009-11-18 | 北京北方烽火科技有限公司 | A kind of WEB service anti-stealing link method |
CN103067156B (en) * | 2012-12-28 | 2016-01-20 | 北京移数通电讯有限公司 | The URL encryption of mobile Internet user resources access, verification method and device |
CN104144160A (en) * | 2014-07-08 | 2014-11-12 | 北京彩云动力教育科技有限公司 | Online video resource downloading prevention method and system |
-
2014
- 2014-11-26 CN CN201410697582.3A patent/CN104378379B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
CN102025749A (en) * | 2011-01-18 | 2011-04-20 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
Also Published As
Publication number | Publication date |
---|---|
CN104378379A (en) | 2015-02-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104378379B (en) | A kind of digital content encrypted transmission method, equipment and system | |
US9992176B2 (en) | Systems and methods for encrypted communication in a secure network | |
EP3661120A1 (en) | Method and apparatus for security authentication | |
CN108476133A (en) | The key carried out by the believable third party in part exchanges | |
US8275984B2 (en) | TLS key and CGI session ID pairing | |
CN101919202B (en) | Information distribution system and program for the same | |
CN104009989B (en) | A kind of anti-stealing link method of media file, system and server | |
CN104869102B (en) | Authorization method, device and system based on xAuth agreement | |
JP2017524287A (en) | System and method for secure communication over a network using linking addresses | |
CN108809633B (en) | Identity authentication method, device and system | |
Sari et al. | Comparative analysis of wireless security protocols: WEP vs WPA | |
CN104283680A (en) | Data transmission method, client side, server and system | |
CN104135471B (en) | The anti-abduction communication means of DNS | |
CN110493162A (en) | Identity identifying method and system based on wearable device | |
CN103475474A (en) | Method for providing and acquiring shared enciphered data and identity authentication equipment | |
CN109492424A (en) | Data assets management method, data assets managing device and computer-readable medium | |
Alizai et al. | Key-based cookie-less session management framework for application layer security | |
TWI556618B (en) | Network Group Authentication System and Method | |
JP2008258663A (en) | Information communication system | |
CN103368918A (en) | Method, device and system for dynamic password authentication | |
Elemam et al. | Formal verification for a PMQTT protocol | |
CN107229874A (en) | A kind of method for realizing VR Key, device and server | |
CN111698203A (en) | Cloud data encryption method | |
CN103916372B (en) | A kind of third party's log-on message trustship method and system | |
CN102014136B (en) | Peer to peer (P2P) network secure communication method based on random handshake |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |