CN104378379B - A kind of digital content encrypted transmission method, equipment and system - Google Patents

A kind of digital content encrypted transmission method, equipment and system Download PDF

Info

Publication number
CN104378379B
CN104378379B CN201410697582.3A CN201410697582A CN104378379B CN 104378379 B CN104378379 B CN 104378379B CN 201410697582 A CN201410697582 A CN 201410697582A CN 104378379 B CN104378379 B CN 104378379B
Authority
CN
China
Prior art keywords
information
digital content
request
data
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410697582.3A
Other languages
Chinese (zh)
Other versions
CN104378379A (en
Inventor
曹中洪
姜洋
刘畅
张宁
沈佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN201410697582.3A priority Critical patent/CN104378379B/en
Publication of CN104378379A publication Critical patent/CN104378379A/en
Application granted granted Critical
Publication of CN104378379B publication Critical patent/CN104378379B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Abstract

The present invention relates to network technique field, especially a kind of digital content encrypted transmission method, including:The first request of data that client is sent is received, the first request of data is used to ask the address of digital content;The identification information of client is obtained according to the first request of data and first time corresponding with the first request of data stabs information, the address of information encrypted digital content is stabbed using identification information and first time, the address information for obtaining encrypted digital content sends the address information of encrypted digital content to the client;The second request of data that the client is sent is received, second request of data is for asking the digital content, second request of data to include the address information of the encrypted digital content;Second request of data is verified, check results are obtained;When the check results show that verification passes through, digital content corresponding with second request of data is sent to the client.

Description

A kind of digital content encrypted transmission method, equipment and system
Technical field
The present invention relates to network technique fields, more particularly to a kind of digital content encrypted transmission method, equipment and system.
Background technology
With the development of computer networking technology, digital content services have obtained extensive development.For example, user can make The digital contents such as video, the audio of server offer are provided with client by internet.Since traditional digital content takes Supplier's (such as video website) generally use of being engaged in HTTP (Hypertext transfer protocol, Hyper text transfer association View) agreement transmission digital content, and the URL (Uniform Resource Locator, uniform resource locator) of digital content Address is that plaintext version is present in network transmission process, is easily obtained and is usurped by third party.Therefore, how number is improved Safety of the content in network transmission process protects copyrighted digital content to be allowed to not to be stolen, abuses and become and urgently solve Certainly the problem of.
A kind of method exists in the prior art, in order to verify whether client is true, effective client, server is wanted It asks client to be attached to the key that itself is stored in the addresses video URL that server is sent to client, and will be added to close The addresses video URL of key value return to server and carry out validation verification for server.Server is regarded from what client returned Frequency URL extracts key value in address, and the key value preserved with server is compared, to carry out validation verification.If close Key value is identical, then is verified.
Inventor has found that the method that the prior art provides needs client to store one in the implementation of the present invention Fixed key value is simultaneously verified using the key value, however in the addresses video URL of client return, key value is with close The form of plaintext exists so that the key value is easily acquired.Third party can utilize the key value obtained directly to construct most The addresses whole effective video URL, to obtain final effective video file.For example, the final addresses effective video URL are by close When key value and the addresses URL collectively form, if third party obtains the addresses URL of unencryption and obtains almost with plaintext version When existing key, then the addresses effective video URL are easily constructed.Therefore, there are safeties for the method that the prior art provides It is not high, easily by third party attack and the risk usurped.
Invention content
In order to solve the above technical problems, an embodiment of the present invention provides a kind of digital content encrypted transmission method, equipment and System reduces its risk attacked, usurped to improve safety of the digital content in network transmission process.
According to a first aspect of the embodiments of the present invention, a kind of digital content encrypted transmission method is disclosed, the method is answered For server end, including:
The first request of data that client is sent is received, first request of data is used to ask the address of digital content;
According to first request of data obtain the client identification information and with first request of data pair The first time stamp information answered encrypts the ground of the digital content using the identification information and first time stamp information Location obtains the address information of encrypted digital content, and the address information of encrypted digital content is sent to the client;
The second request of data that the client is sent is received, second request of data is for asking in the number Hold, second request of data includes the address information of the encrypted digital content;
Second request of data is verified, check results are obtained;
When the check results show that verification passes through, sent to the client corresponding with second request of data Digital content.
Preferably, the identification information of the client includes that the IP address, client identifier, client of client correspond to User identity information in any one, for client described in unique mark.
Preferably, described to be verified to second request of data, obtaining check results includes:
The address information for the encrypted digital content for including to second request of data is decrypted, and obtains The identification information and the first time after must decrypting stab information;
By after the decryption of acquisition the identification information and the first time stamp information and the server end preserve Client identification information and at the first time stamp information be compared, obtain comparison result;
The identification information and the first time stamp information after comparison result shows the decryption and institute When stating the identification information of the client of server end preservation and stabbing information matches at the first time, determine that verification passes through.
Preferably, the method further includes:
When the check results show to verify obstructed out-of-date, it is not responding to the second request of data of the client or to institute It states client and sends error message.
According to a second aspect of the embodiments of the present invention, a kind of digital content encrypted transmission method is disclosed, the method is answered For client, including:
The first request of data is sent to server end, first request of data is used to ask the address of digital content;
Receive the address information for the encrypted digital content that the server end is sent;
The second request of data is sent to the server end, second request of data is used to ask the digital content, Second request of data includes the address information of the encrypted digital content;
It receives the server end and is directed to the response that second request of data is sent.
Preferably, the reception server end includes for the response of second request of data transmission:
Receive the server second request of data is verified and verify by when the digital content that sends; Or
The server is received in the error letter that obstructed out-of-date transmission is verified and verified to second request of data Breath.
According to a third aspect of the embodiments of the present invention, a kind of server apparatus is disclosed, the server apparatus includes:
First receiving unit, the first request of data for receiving client transmission, first request of data is for asking Ask the address of digital content;
Encryption unit, identification information for obtaining the client according to first request of data and with described One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption The address of digital content obtains the address information of encrypted digital content, is sent in encrypted number to the client The address information of appearance;
Second receiving unit, the second request of data sent for receiving the client, second request of data are used Include the address information of the encrypted digital content in asking the digital content, second request of data;
Verification unit obtains check results for being verified to second request of data;
Transmission unit, for when the check results show that verification passes through, being sent and described second to the client The corresponding digital content of request of data.
Preferably, the verification unit includes:
Decryption unit, the address information of the encrypted digital content for including to second request of data into Row decryption processing, the identification information and the first time after being decrypted stab information;
Comparing unit, for after the decryption that will obtain the identification information and the first time stab information with it is described The identification information and first time stamp information for the client that server end preserves are compared, and obtain comparison result;
Determination unit, for after the comparison result shows the decryption the identification information and it is described first when Between the identification information of client that preserves of stamp information and the server end and at the first time stamp information matches when, determine verification Pass through.
Preferably, the equipment further includes:
Trigger element is responded, shows to verify obstructed out-of-date for working as the check results, is not responding to the of the client Two request of data send error message to the client.
According to a fourth aspect of the embodiments of the present invention, a kind of client device is disclosed, the client device includes:
First request of data transmission unit, for sending the first request of data, first request of data to server end Address for asking digital content;
First receiving unit, the address information for receiving the encrypted digital content that the server end is sent;
Second request of data transmission unit, for sending the second request of data, second data to the server end Request is for asking the digital content, second request of data to include the address information of the encrypted digital content;
Second receiving unit is directed to the response that second request of data is sent for receiving the server end.
Preferably, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends; Alternatively, receiving the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data.
According to a fifth aspect of the embodiments of the present invention, a kind of digital content encryption transmission system, including server are disclosed Equipment and client device, wherein:
The client device is used to send the first request of data to the server apparatus, and first request of data is used In the address of request digital content;Receive the address information for the encrypted digital content that the server apparatus is sent;To institute It states server apparatus and sends the second request of data, second request of data is for asking the digital content, second number Include the address information of the encrypted digital content according to request;The server apparatus is received to ask for second data Ask the response of transmission;
The server apparatus is used to receive the first request of data of client device transmission, and first request of data is used In the address of request digital content;According to first request of data obtain the client device identification information and with institute The corresponding first time stamp information of the first request of data is stated, is encrypted using the identification information and first time stamp information The address of the digital content obtains the address information of encrypted digital content, after sending encryption to the client device Digital content address information;The second request of data that the client is sent is received, second request of data is for asking The digital content, second request of data is asked to include the address information of the encrypted digital content;To described second Request of data is verified, and check results are obtained;When the check results show that verification passes through, sent out to the client device Send digital content corresponding with second request of data.
What the embodiment of the present invention can reach has the beneficial effect that:In method provided in an embodiment of the present invention, in server End is carried out with client in the request and transmission process of digital content, utilizes the client of the real information close association with client End identification information and timestamp information the address of digital content is encrypted, and using encrypted digital content address into The verification of row client so that the address of digital content is not easy to be cracked and forge, to improve digital content in the transmission Safety, reduce digital content by third party attack and the risk usurped.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments described in invention, for those of ordinary skill in the art, without creative efforts, Other drawings may also be obtained based on these drawings.
Fig. 1 is digital content encrypted transmission method first embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 2 is digital content encrypted transmission method second embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 3 is digital content encrypted transmission method 3rd embodiment schematic diagram provided in an embodiment of the present invention;
Fig. 4 is server apparatus schematic diagram provided in an embodiment of the present invention;
Fig. 5 is client device schematic diagram provided in an embodiment of the present invention;
Fig. 6 is digital content encryption transmission system schematic diagram provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of digital content encrypted transmission method, equipment and systems, to improve digital content Safety in network transmission process reduces its risk attacked, usurped.
In order to make those skilled in the art more fully understand the technical solution in the present invention, below in conjunction with of the invention real The attached drawing in example is applied, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described implementation Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common The every other embodiment that technical staff is obtained without making creative work, should all belong to protection of the present invention Range.
Herein, it is to be understood that text existing for involved term " digital content " expression in digital form, The contents such as image, sound, it can be stored on such as CD, hard disk digital carrier, can also be propagated by means such as networks, But it is also not limited to this.
(full name in English is Uniform Resource Locator, English to involved term " uniform resource locator " Be abbreviated as URL) be the resource to that can be obtained from internet position and access method a kind of succinct expression, be interconnection The address of online standard resource.For each file on internet there are one unique URL, the information that it includes points out file How position and browser should handle it.
Involved term " client " and it is properly termed as user terminal, it is corresponding with server end, it is a kind of to be carried for client For the program of local service, generally requires and work in coordination operation with server-side.Client according to the present invention can be applied to In electronic equipment, the electronic equipment can be existing, researching and developing or research and development in the future any electronic equipments, including but It is not limited to:Existing, researching and developing or research and development in the future, desktop computer, laptop computer, mobile terminal (including intelligence Energy mobile phone, non-smart mobile phone, various tablet computers) etc..The client can also include but not limited to web browser, immediately The client etc. of communication software.
Involved term " server end " is generally corresponding with client, can be connected with one or more clients Into row data communication.
Below with reference to several representative embodiments of the present invention, the principle and spirit of the invention are illustrated in detail.
It is digital content encrypted transmission method first embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 1.Fig. 1 The method is applied to server end, may include:
S101, the first request of data that received server-side client is sent, first request of data are used for number of request The address of word content.
In this embodiment of the invention, method shown in FIG. 1 is applied to server end side, and the server end can be with visitor Family end interaction data.When user end to server sends the first request of data, when address for asking digital content, the clothes Business device receives the request and is responded to the request.Further, first request of data may include client Identification information, the identification information of the client includes the internet protocol address of client, client identifier, client Any one in corresponding user identity information is held, for client described in unique mark.For example, the mark of the client Information can be the information with client (or user) Identity Association, for example, client id, User ID corresponding with client, The mail address of user, the phone number of user, the identity information of user, the sequence number of client, MAC Address, IP address etc., But not limited to this.Preferably, first request of data includes the IP address of the client.Further, described first Request of data can also include the identification information of the digital content to be asked, the identification information and digital content of the digital content With one-to-one relationship, it is used for unique identification number content, concrete form can be various, not limit herein.Service Device end can be determined according to the mark of the digital content corresponding with the first request of data of client digital content with And information corresponding with the digital content, such as may include the address of digital content.
S102, server end according to first request of data obtain the identification information of the client and with described One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption The address of digital content obtains the address information of encrypted digital content, is sent in encrypted number to the client The address information of appearance.
In this of the invention embodiment, server end can obtain real information corresponding with the client for plus The address of close digital content.Specifically, server end obtains corresponding with first request of data according to the first request of data The identification information of client and first time corresponding with first request of data stab information.The first time stabs information The first request of data for identifying client, such as can be the first request of data that server receives the client Time.Since the identification information of client is used for unique mark client, information is stabbed at the first time and generally only has server or visitor Family end can obtain, therefore greatly improve the difficulty that above- mentioned information is cracked, and improve the safety of digital content address transmission Property.
Server end encrypts the digital content using the identification information obtained and first time stamp information Address, obtain the address information of encrypted digital content.In one implementation, server end can be to the mark Information and first time stamp information are encrypted, and encrypted identification information and first time stamp information are added Client is returned in the addresses URL of digital content, and by the addresses URL of treated digital content.It is realized in another kind In mode, server end directly can also stab information as described in key pair using the identification information and the first time The addresses URL of digital content are encrypted, to obtain the URL address informations of encrypted digital content.The present invention is to specific Encryption method is without restriction, such as may include AES-128 methods, DES algorithms (Data Encrypt ion Algorithm, data encryption algorithm, a kind of symmetric encipherment algorithm), 3DES algorithms (Triple hybrid), TDEA algorithms it is (triple Data encryption algorithm), Blowfish algorithms (it is a kind of be used for encrypt 64Bit length character string symmetric encryption method), RC5 calculate (full name is IntelliJ IDEA, a kind of number based on JAVA for method (a kind of block cipher of changeable parameters), IDEA algorithms According to encryption method) etc..
S103, the second request of data that client described in received server-side is sent, second request of data is for asking The digital content, second request of data is asked to include the address information of the encrypted digital content.
The second request of data that received server-side client is sent, second request of data include described encrypted The address information of digital content.
S104, server end verify second request of data, obtain check results.
When specific implementation, the address for the encrypted digital content that server end includes to second request of data Information is decrypted, and the identification information and the first time after being decrypted stab information;Server end will obtain The identification information and the first time after the decryption obtained stab information is preserved with the server end and client It holds corresponding identification information and stamp information is compared at the first time, obtain comparison result;When the comparison result shows institute State the mark of the identification information after decryption and first time stamp information and the client of server end preservation When information and at the first time stamp information matches, determine that verification passes through.Described in after the comparison result shows the decryption When identification information and first time stamp information are with the identification information of the client of server end preservation and first Between stamp information mismatch when, determine verification does not pass through.
S105, when the check results show that verification passes through, server end is sent and described second to the client The corresponding digital content of request of data.
When passed the verification, server end sends digital content corresponding with the second request of data to client.Work as verification Obstructed out-of-date, server end is not responding to the second request of data of the client or sends error message to the client.
In method provided in an embodiment of the present invention, the request and transmission of digital content are carried out in server end and client In the process, using the client identification information and timestamp information of the real information close association with client to digital content Address be encrypted, and utilize encrypted digital content address carry out client verification so that the address of digital content It is not easy to be cracked and forge, to improve the safety of digital content in the transmission, reduce digital content and attacked by third party The risk hit and usurped.
It is digital content encrypted transmission method second embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 2.Fig. 2 Shown in method be applied to client-side, may include:
S201, client send the first request of data, and first request of data is for asking in number The address of appearance.
When client needs playing digital content, the first request of data can be sent to server to ask the number The address of content.Preferably, first request of data includes the identification information of the client and/or the digital content Identification information.
S202, client receive the address information for the encrypted digital content that the server end is sent.
It should be noted that respective handling of the server end after the first request of data for receiving client transmission, it can Realized that details are not described herein in the method in illustrated embodiment referring to Fig.1.
Client receives the address information for the encrypted digital content that server is sent.Wherein, the encrypted number The address information of word content is the identification information of client that server by utilizing obtains and corresponding with first request of data First time stamp information the address of the digital content is encrypted and is obtained.
S203, client send the second request of data to the server end, and second request of data is for asking institute Digital content is stated, second request of data includes the address information of the encrypted digital content.
S204, client receive the server end and are directed to the response that second request of data is sent.
Wherein, client receive the server end for second request of data send response include:
Client receive the server second request of data is verified and verify by when the number that sends Word content;Or
Client receives the server and is being verified to second request of data and verifying obstructed out-of-date transmission Error message.
When client obtains digital content, you can to play the digital content.Preferably, the digital content is passed through Encryption.The client utilizes the decryption method shared with the server that the digital content is decrypted.
It is digital content encrypted transmission method 3rd embodiment schematic diagram provided in an embodiment of the present invention referring to Fig. 3.It needs Illustrate, in conjunction with first embodiment and second embodiment, in server end, with client interact the server of processing with And it can be same server that the server of authentication, which is encrypted, can also be different server.Embodiment shown in Fig. 3 In, server end interactive server and authentication server, wherein interactive server are mainly used for carrying out request of data with client Interaction process, authentication server is mainly used for being encrypted, checking treatment.Below by taking digital content is video as an example, number The address of content is the addresses URL, the identification information of client be client IP address for method shown in Fig. 3 is said It is bright, it is merely illustrative below, is not intended as limitation of the present invention.
S301, client send the first request of data, the addresses URL for asking video to interactive server.
S302, the interactive server receive the first request of data that client is sent, and obtain the IP with the client Address and server time stab information, and send CIPHERING REQUEST to authentication server.
When specific implementation, the CIPHERING REQUEST includes the IP address and server time stamp letter of the client of the acquisition Breath.The CIPHERING REQUEST can also include the addresses URL of the video of request.
S303, authentication server are encrypted the addresses URL of the IP address, server time stamp information, video, obtain Obtain the addresses encrypted video URL.
S304, authentication server send the addresses encrypted video URL to the interactive server.
S305, interactive server send the addresses encrypted video URL to client.
S306, client sends the second request of data to interactive server, for asking video file.Wherein, described Two request of data include the addresses encrypted video URL.
S307, interactive server send authentication request to authentication server.Wherein, the authentication request includes the encryption The addresses video URL afterwards.
The addresses encrypted video URL are decrypted in S308, authentication server, with obtaining the IP of client Information is stabbed in location, server time, and it is compared with the client ip address of preservation, server time stamp information, To obtain authenticating result.
S309, authentication server send authenticating result to the interactive server.
S310, interactive server receives the authenticating result, when the authenticating result shows that the authentication is passed, to client Send effective video file;When the authenticating result show to authenticate it is obstructed out-of-date, to the client send error message.
Embodiment of the method provided by the invention is described above, it will be appreciated by persons skilled in the art that on It states embodiment and can change, deform, combine and obtain other realization methods, all belong to the scope of protection of the present invention.
Fig. 4 is server apparatus schematic diagram provided in an embodiment of the present invention.
A kind of server apparatus 400, the server apparatus include:
First receiving unit 401, the first request of data for receiving client transmission, first request of data are used for Ask the address of digital content.
Encryption unit 402, identification information for obtaining the client according to first request of data and with institute The corresponding first time stamp information of the first request of data is stated, is encrypted using the identification information and first time stamp information The address of the digital content obtains the address information of encrypted digital content, and encrypted number is sent to the client The address information of word content.
Second receiving unit 403, the second request of data sent for receiving the client, second request of data For asking the digital content, second request of data to include the address information of the encrypted digital content.
Verification unit 404 obtains check results for being verified to second request of data.
Transmission unit 405, for when the check results show that verification passes through, being sent and described the to the client The corresponding digital content of two request of data.
Preferably, the verification unit 404 includes:
Decryption unit, the address information of the encrypted digital content for including to second request of data into Row decryption processing, the identification information and the first time after being decrypted stab information.
Comparing unit, for after the decryption that will obtain the identification information and the first time stab information with it is described The identification information and first time stamp information for the client that server end preserves are compared, and obtain comparison result.
Determination unit, for after the comparison result shows the decryption the identification information and it is described first when Between the identification information of client that preserves of stamp information and the server end and at the first time stamp information matches when, determine verification Pass through.
Preferably, the equipment further includes:
Trigger element is responded, shows to verify obstructed out-of-date for working as the check results, is not responding to the of the client Two request of data send error message to the client.
It is client device schematic diagram provided in an embodiment of the present invention referring to Fig. 5.
A kind of client device 500, the client device include:
First request of data transmission unit 501, for sending the first request of data to server end, first data are asked Ask the address for asking digital content;
First receiving unit 502, the address information for receiving the encrypted digital content that the server end is sent;
Second request of data transmission unit 503, for sending the second request of data, second number to the server end According to request for asking the digital content, address of second request of data comprising the encrypted digital content to be believed Breath;
Second receiving unit 504 is directed to the response that second request of data is sent for receiving the server end.
Preferably, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends; Alternatively, receiving the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data.
It is digital content encryption transmission system schematic diagram provided in an embodiment of the present invention referring to Fig. 6.
A kind of digital content encryption transmission system, including server apparatus 400 and client device 500, wherein:
The client device 500 is used to send the first request of data to the server apparatus, and first data are asked Ask the address for asking digital content;Receive the address information for the encrypted digital content that the server apparatus is sent; The second request of data is sent to the server apparatus, second request of data is for asking the digital content, and described the Two request of data include the address information of the encrypted digital content;The server apparatus is received to count for described second The response sent according to request;
The server apparatus 400 is used to receive the first request of data of client device transmission, and first data are asked Ask the address for asking digital content;According to first request of data obtain the client device identification information and First time corresponding with first request of data stabs information, and information is stabbed using the identification information and the first time The address for encrypting the digital content obtains the address information of encrypted digital content, sends and adds to the client device The address information of digital content after close;The second request of data that the client is sent is received, second request of data is used Include the address information of the encrypted digital content in asking the digital content, second request of data;To described Second request of data is verified, and check results are obtained;When the check results show that verification passes through, set to the client Preparation send digital content corresponding with second request of data.
It should be noted that client device 500 and server-side devices that digital content encryption transmission system 600 includes 400 are referred to Fig. 4 and device shown in fig. 5 realization, and details are not described herein.
It should be noted that more simple to the introduction of device embodiment above, the realization of device is referred to method reality It applies the introduction of example part and realizes.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
The present invention can describe in the general context of computer-executable instructions executed by a computer, such as program Unit.Usually, program unit includes routines performing specific tasks or implementing specific abstract data types, program, object, group Part, data structure etc..The present invention can also be put into practice in a distributed computing environment, in these distributed computing environments, by Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program unit can be with In the local and remote computer storage media including storage device.
The above is only the specific implementation mode of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Claims (8)

1. a kind of digital content encrypted transmission method, which is characterized in that the method is applied to server end, including:
The first request of data that client is sent is received, first request of data is used to ask the address of digital content;
The identification information of the client and corresponding with first request of data is obtained according to first request of data Stamp information at the first time encrypts the address of the digital content using the identification information and first time stamp information, The address information for obtaining encrypted digital content sends the address information of encrypted digital content to the client;
The address of the digital content is encrypted using the identification information and first time stamp information, is obtained encrypted The address information of digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information Encryption, to obtain the address information of encrypted digital content;
The second request of data that the client is sent is received, second request of data is for asking the digital content, institute State the address information that the second request of data includes the encrypted digital content;
Second request of data is verified, check results are obtained;
When the check results show that verification passes through, number corresponding with second request of data is sent to the client Content;
Wherein, the verification passes through the address according to the encrypted digital content for including to second request of data Information is decrypted, and the identification information and the first time after being decrypted stab information;By the decryption of acquisition The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with And stamp information is compared at the first time, obtains comparison result;The mark after comparison result shows the decryption The identification information for the client that information and first time stamp information are preserved with the server end and at the first time stamp When information matches, determine that verification passes through.
2. according to the method described in claim 1, it is characterized in that, the identification information of the client includes the interconnection of client Any one in the corresponding user identity information of fidonetFido IP address, client identifier, client is used for unique mark institute State client.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
When the check results show to verify obstructed out-of-date, it is not responding to the second request of data of the client or to the visitor Family end sends error message.
4. a kind of digital content encrypted transmission method, which is characterized in that the method is applied to client, including:
The first request of data is sent to server end, first request of data is used to ask the address of digital content;
Receive the address information for the encrypted digital content that the server end is sent;
Wherein, the address information of the encrypted digital content is that the server end is obtained according to first request of data The identification information of the client and first time corresponding with first request of data stab information, are believed using the mark Breath and first time stamp information encrypt the information of the address of the digital content;
The server end encrypts the address of the digital content using the identification information and first time stamp information, The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information Encryption, to obtain the address information of encrypted digital content;
The second request of data is sent to the server end, second request of data is described for asking the digital content Second request of data includes the address information of the encrypted digital content;
It receives the server end and is directed to the response that second request of data is sent;
The reception server end is directed to the response that second request of data is sent and includes:
Receive the server second request of data is verified and verify by when the digital content that sends;Or
The server is received in the error message that obstructed out-of-date transmission is verified and verified to second request of data;
Wherein, described to verify through the server according to the encrypted number for including to second request of data The address information of content is decrypted, and the identification information and the first time after being decrypted stab information;It will The client that the identification information and first time stamp information after the decryption of acquisition are preserved with the server end Identification information and first time stamp information are compared, and obtain comparison result;After the comparison result shows the decryption The identification information and the identification information of client that preserves of the first time stamp information and the server end and At the first time when stamp information matches, determine that verification passes through.
5. a kind of server apparatus, which is characterized in that the server apparatus includes:
First receiving unit, the first request of data for receiving client transmission, first request of data are used for number of request The address of word content;
Encryption unit, identification information for obtaining the client according to first request of data and with first number According to asking corresponding first time to stab information, the number is encrypted using the identification information and first time stamp information The address of content obtains the address information of encrypted digital content, and encrypted digital content is sent to the client Address information;
The server end encrypts the address of the digital content using the identification information and first time stamp information, The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information Encryption, to obtain the address information of encrypted digital content;
Second receiving unit, the second request of data sent for receiving the client, second request of data is for asking The digital content, second request of data is asked to include the address information of the encrypted digital content;
Verification unit obtains check results for being verified to second request of data;
Transmission unit, for when the check results show that verification passes through, being sent and second data to the client Ask corresponding digital content;
Wherein, the verification passes through the encrypted number for including to second request of data according to the verification unit The address information of word content is decrypted, and the identification information and the first time after being decrypted stab information; By the client of the identification information and first time stamp information and server end preservation after the decryption of acquisition Identification information and at the first time stamp information be compared, obtain comparison result;When the comparison result shows the decryption The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with And when stabbing information matches at the first time, determine that verification passes through.
6. equipment according to claim 5, which is characterized in that the equipment further includes:
Respond trigger element, for work as the check results show to verify it is obstructed out-of-date, be not responding to the client second number Error message is sent according to request or to the client.
7. a kind of client device, which is characterized in that the client device includes:
First request of data transmission unit, for sending the first request of data to server end, first request of data is used for Ask the address of digital content;
First receiving unit, the address information for receiving the encrypted digital content that the server end is sent;
Wherein, the address information of the encrypted digital content obtains institute for the server according to first request of data The identification information and first time corresponding with first request of data stamp information for stating client, utilize the identification information And the first time stamp information encrypts the information of the address of the digital content;
The server end encrypts the address of the digital content using the identification information and first time stamp information, The address information for obtaining encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information Encryption, to obtain the address information of encrypted digital content;
Second request of data transmission unit, for sending the second request of data, second request of data to the server end For asking the digital content, second request of data to include the address information of the encrypted digital content;
Second receiving unit is directed to the response that second request of data is sent for receiving the server end;
Wherein, second receiving unit is specifically used for:
Receive the server second request of data is verified and verify by when the digital content that sends;Or Person receives the server in the error message that obstructed out-of-date transmission is verified and verified to second request of data;
Wherein, described to verify through the server according to the encrypted number for including to second request of data The address information of content is decrypted, and the identification information and the first time after being decrypted stab information;It will The client that the identification information and first time stamp information after the decryption of acquisition are preserved with the server end Identification information and first time stamp information are compared, and obtain comparison result;After the comparison result shows the decryption The identification information and the identification information of client that preserves of the first time stamp information and the server end and At the first time when stamp information matches, determine that verification passes through.
8. a kind of digital content encryption transmission system, which is characterized in that including server apparatus and client device, wherein:
The client device is used to send the first request of data to the server apparatus, and first request of data is for asking Ask the address of digital content;Receive the address information for the encrypted digital content that the server apparatus is sent;To the clothes Device equipment of being engaged in sends the second request of data, and second request of data is for asking the digital content, second data to be asked Seek the address information for including the encrypted digital content;The server apparatus is received to send out for second request of data The response sent;
The server apparatus is used to receive the first request of data of client device transmission, and first request of data is for asking Ask the address of digital content;The identification information of the client device is obtained according to first request of data and with described One request of data corresponding first time stabs information, described in the identification information and first time stamp information encryption The address of digital content obtains the address information of encrypted digital content, and encrypted number is sent to the client device The address information of word content;The second request of data that the client is sent is received, second request of data is for asking institute Digital content is stated, second request of data includes the address information of the encrypted digital content;To second data Request is verified, and check results are obtained;When the check results show verification pass through when, to the client device send with The corresponding digital content of second request of data;
Wherein, the server end encrypts the digital content using the identification information and first time stamp information Address obtains the address information of encrypted digital content, specifically includes:
The identification information and first time stamp information are encrypted, and by encrypted identification information and first Timestamp information adds in the addresses URL of digital content, to obtain the address information of encrypted digital content;Or
It is carried out as the addresses URL of digital content described in key pair using the identification information and first time stamp information Encryption, to obtain the address information of encrypted digital content;
Wherein, the verification passes through the address according to the encrypted digital content for including to second request of data Information is decrypted, and the identification information and the first time after being decrypted stab information;By the decryption of acquisition The identification information for the client that the rear identification information and first time stamp information are preserved with the server end with And stamp information is compared at the first time, obtains comparison result;The mark after comparison result shows the decryption The identification information for the client that information and first time stamp information are preserved with the server end and at the first time stamp When information matches, determine that verification passes through.
CN201410697582.3A 2014-11-26 2014-11-26 A kind of digital content encrypted transmission method, equipment and system Active CN104378379B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410697582.3A CN104378379B (en) 2014-11-26 2014-11-26 A kind of digital content encrypted transmission method, equipment and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410697582.3A CN104378379B (en) 2014-11-26 2014-11-26 A kind of digital content encrypted transmission method, equipment and system

Publications (2)

Publication Number Publication Date
CN104378379A CN104378379A (en) 2015-02-25
CN104378379B true CN104378379B (en) 2018-10-16

Family

ID=52557035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410697582.3A Active CN104378379B (en) 2014-11-26 2014-11-26 A kind of digital content encrypted transmission method, equipment and system

Country Status (1)

Country Link
CN (1) CN104378379B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104735484B (en) * 2015-03-05 2017-12-15 天脉聚源(北京)科技有限公司 A kind of method and device for playing video
CN105491073B (en) * 2016-01-21 2020-07-14 腾讯科技(深圳)有限公司 Data downloading method, device and system
CN106230824A (en) * 2016-07-29 2016-12-14 浙商银行股份有限公司 A kind of mobile device authentic authentication system and method
CN106331055B (en) * 2016-08-09 2019-08-16 努比亚技术有限公司 Identifier generating means and method
CN106658093B (en) * 2016-12-27 2019-07-09 深圳市九洲电器有限公司 The exchange method and system of set-top box and server
CN107579977A (en) * 2017-09-04 2018-01-12 珠海迈科智能科技股份有限公司 A kind of key theft preventing method and device
CN108737412B (en) * 2018-05-15 2021-06-25 福建天晴数码有限公司 Method and terminal for realizing data request
CN109450858B (en) * 2018-10-15 2021-11-23 杭州迪普科技股份有限公司 Resource request method, device, equipment and storage medium
CN109922068B (en) * 2019-03-13 2020-01-31 特斯联(北京)科技有限公司 Security patrol robot, security system and security communication method thereof
CN111541758B (en) * 2020-04-17 2023-06-16 支付宝(杭州)信息技术有限公司 Page updating method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873298A (en) * 2009-04-21 2010-10-27 华为软件技术有限公司 Registration method, terminal, server and system
CN102025749A (en) * 2011-01-18 2011-04-20 中国联合网络通信集团有限公司 Anti-theft method of mobile streaming media service

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100562016C (en) * 2006-01-16 2009-11-18 北京北方烽火科技有限公司 A kind of WEB service anti-stealing link method
CN103067156B (en) * 2012-12-28 2016-01-20 北京移数通电讯有限公司 The URL encryption of mobile Internet user resources access, verification method and device
CN104144160A (en) * 2014-07-08 2014-11-12 北京彩云动力教育科技有限公司 Online video resource downloading prevention method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873298A (en) * 2009-04-21 2010-10-27 华为软件技术有限公司 Registration method, terminal, server and system
CN102025749A (en) * 2011-01-18 2011-04-20 中国联合网络通信集团有限公司 Anti-theft method of mobile streaming media service

Also Published As

Publication number Publication date
CN104378379A (en) 2015-02-25

Similar Documents

Publication Publication Date Title
CN104378379B (en) A kind of digital content encrypted transmission method, equipment and system
US9992176B2 (en) Systems and methods for encrypted communication in a secure network
EP3661120A1 (en) Method and apparatus for security authentication
CN108476133A (en) The key carried out by the believable third party in part exchanges
US8275984B2 (en) TLS key and CGI session ID pairing
CN101919202B (en) Information distribution system and program for the same
CN104009989B (en) A kind of anti-stealing link method of media file, system and server
CN104869102B (en) Authorization method, device and system based on xAuth agreement
JP2017524287A (en) System and method for secure communication over a network using linking addresses
CN108809633B (en) Identity authentication method, device and system
Sari et al. Comparative analysis of wireless security protocols: WEP vs WPA
CN104283680A (en) Data transmission method, client side, server and system
CN104135471B (en) The anti-abduction communication means of DNS
CN110493162A (en) Identity identifying method and system based on wearable device
CN103475474A (en) Method for providing and acquiring shared enciphered data and identity authentication equipment
CN109492424A (en) Data assets management method, data assets managing device and computer-readable medium
Alizai et al. Key-based cookie-less session management framework for application layer security
TWI556618B (en) Network Group Authentication System and Method
JP2008258663A (en) Information communication system
CN103368918A (en) Method, device and system for dynamic password authentication
Elemam et al. Formal verification for a PMQTT protocol
CN107229874A (en) A kind of method for realizing VR Key, device and server
CN111698203A (en) Cloud data encryption method
CN103916372B (en) A kind of third party's log-on message trustship method and system
CN102014136B (en) Peer to peer (P2P) network secure communication method based on random handshake

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant