CN107276969B - A kind of transmission method and device of data - Google Patents
A kind of transmission method and device of data Download PDFInfo
- Publication number
- CN107276969B CN107276969B CN201610217824.3A CN201610217824A CN107276969B CN 107276969 B CN107276969 B CN 107276969B CN 201610217824 A CN201610217824 A CN 201610217824A CN 107276969 B CN107276969 B CN 107276969B
- Authority
- CN
- China
- Prior art keywords
- mpd
- target
- encryption algorithm
- dash
- dash client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Abstract
The embodiment of the invention discloses a kind of transmission method of data and devices, method includes: first, DASH client transmits used first Encryption Algorithm and establishes TLS and connect with DASH server-side negotiation data, DASH client sends MPD request to the DASH server-side, so that the DASH server-side encrypts corresponding MPD according to first Encryption Algorithm, and it will be formed by target MPD after encryption and feed back to the DASH client;Receive the target MPD of the feedback;According to decipherment algorithm corresponding to first Encryption Algorithm, target MPD is decrypted;Target URL to be utilized is selected from URL included by decrypted result;Corresponding slice file is requested to DASH server-side according to target URL.Using the embodiment of the present invention, the data transmitted in DASH system are encrypted with realizing, improve the safety of transmitted data.
Description
Technical field
The present invention relates to video broadcasting field, in particular to the transmission method and device of a kind of data.
Background technique
MPEG (Moving Picture Experts Group, dynamic image expert group) tissue has approved MPEG-DASH
(Dynamic Adaptive Streaming over HTTP, the dynamic self-adapting Streaming Media based on HTTP) consensus standard.With
Afterwards, MPEG-DASH becomes the big hot topic in internet stream media field.Dynamic self-adapting Streaming Media DASH is applied to leading at present
Content distribution platform, transmit audio and video content in a manner of adaptive stream media, support continuous viewing without
Picture is stagnated or intermittent phenomenon.Market is to DASH technical standard using growing.
In the prior art, the DASH server-side in DASH system is generated describes about the media representation of playing video file
MPD and slice file, wherein MPD is expandable mark language XML file, contains all information relevant to slice file
Explanation;DASH client requests MPD to the DASH server-side, and the response of DASH server-side simultaneously sends MPD to the DASH client;
DASH client receives and parses through the MPD, according to the performance information of current network conditions and equipment of itself, selects suitable MPD
In URL (Uniform Resource Locator, uniform resource locator), and using the suitable URL to DASH service
The corresponding slice file of end request, the DASH client terminal playing corresponding slice file, and the current network conditions that timely update.In
In existing DASH system, the entire process for requesting video file is all to carry out in plain text, and allowing for DASH server-side in this way has
It may be by the security attack of illegal DASH client.As one can imagine, unexecuted security mechanism in DASH system, the DASH
The MPD that server-side is transmitted with the DASH client is easy to be stolen, and Information Security is not high.
Summary of the invention
The embodiment of the invention discloses a kind of transmission method of data and device, to realize to being transmitted in DASH system
Data are encrypted, and the safety of transmitted data is improved.Concrete scheme is as follows:
On the one hand, the embodiment of the invention provides a kind of transmission methods of data, are applied to dynamic self-adapting Streaming Media
DASH client, wherein the DASH client is connect with DASH server-side, which comprises
The secure transport layer protocol TLS connection request for carrying default extended field is sent to the DASH server-side, with
Make the DASH server-side that first itself supported be selected to add from default extended field entrained by the TLS connection request
Close algorithm, Xiang Suoshu DASH client send the TLS connection reply for carrying first Encryption Algorithm, with objective with the DASH
TLS connection is established at family end, wherein at least one encryption supported in the default extended field comprising the DASH client
Algorithm;
Media representation is sent to the DASH server-side and describes MPD request, so that the DASH server-side is according to described the
One Encryption Algorithm pair MPD corresponding with MPD request is encrypted, and feeds back to institute for target MPD is formed by after encryption
State DASH client;
Receive the target MPD of the DASH server-side feedback;
According to decipherment algorithm corresponding to first Encryption Algorithm, the target MPD is decrypted;
Target URL to be utilized is selected from uniform resource position mark URL included by decrypted result;
Corresponding slice file is requested to the DASH server-side according to the target URL.
Optionally, the meter of the target value of the check code CRC about the target MPD is also carried in the default extended field
Calculation mode;
The target value of the CRC of the target MPD is also carried in the TLS connection reply, wherein the target
The target value of the CRC of MPD are as follows: DASH server-side calculation according to entrained by the default extended field
The value being calculated;
In the decipherment algorithm according to corresponding to first Encryption Algorithm, before target MPD decryption, the side
Method further include:
According to the target value of the CRC of the target MPD, judge whether the target MPD is effective;
When being judged as effective, the decipherment algorithm according to corresponding to first Encryption Algorithm is executed, to the target
The step of MPD is decrypted.
Optionally, the target value of the CRC according to the target MPD judges whether the target MPD is effective,
Include:
According to calculation entrained by the default extended field, the standard value of the CRC of the target MPD is calculated;
Judge whether the standard value is identical as the target value;
If identical, show that the target MPD is effective;
If it is not the same, showing that the target MPD is invalid.
Optionally, calculation entrained by the default extended field includes:
When the length of the CRC about the target MPD is more than or equal to the first predetermined value, choose the CRC's
First predetermined value byte is calculated, and determines the target value of the CRC of the target MPD;
When the length of the CRC about the target MPD is less than the first predetermined value, to all bytes of the CRC into
Row overall calculation determines the target value of the CRC of the target MPD.
Optionally, the first random number that the DASH client generates, the TLS are also carried in the TLS connection request
Connection also carries the second random number that the DASH server-side generates in replying;
Before the transmission MPD request to the DASH server-side, the method also includes:
According to first random number, second random number and the target value, calculate about the target MPD's
Object decryption key;
The decipherment algorithm according to corresponding to first Encryption Algorithm decrypts the target MPD, comprising:
Using the decipherment algorithm corresponding to the object decryption key and first Encryption Algorithm, to the mesh
Mark MPD decryption.
Optionally, the encryption information about the corresponding slice file of included URL is carried in the target MPD, it is described to add
Confidential information includes the second Encryption Algorithm, wherein at least one that second Encryption Algorithm is supported by DASH client
One of Encryption Algorithm algorithm;
The method also includes:
Receive the slice file;
According to decipherment algorithm corresponding to second Encryption Algorithm, to the slice file decryption;
Slice file after playing the decryption.
It optionally, further include the corresponding target spoke token mark of the slice file in the encryption information;
It is described before the slice file decryption in the decipherment algorithm according to corresponding to second Encryption Algorithm
Method further include:
Judge that the target token is identified whether and the received token mark of institute is identical simultaneously with the slice file;
If so, the decipherment algorithm according to corresponding to second Encryption Algorithm is executed, to the slice file decryption
The step of.
Second aspect, the embodiment of the invention also provides a kind of transmission methods of data, are applied to dynamic self-adapting stream matchmaker
Body DASH server-side, wherein the DASH server-side is connect with DASH client, which comprises
The secure transport layer protocol TLS connection for carrying default extended field that the DASH client is sent is received to ask
It asks, wherein at least one Encryption Algorithm that the DASH client is supported is carried in the default extended field;
From at least one Encryption Algorithm, the first Encryption Algorithm itself supported is determined;
To the DASH client send carry first Encryption Algorithm TLS connection reply, with the DASH
Client establishes TLS connection;
It receives the media representation that the DASH client is sent and describes MPD request;
It is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request;
It is formed by target MPD after sending encryption to the DASH client, so that the DASH client is according to institute
Decipherment algorithm corresponding to the first Encryption Algorithm is stated, after target MPD decryption, the unified resource included by the decrypted result is fixed
Target URL to be utilized is selected in the symbol URL of position, requests corresponding slice text to the DASH server-side according to the target URL
Part;
The target URL is responded, the transmission of Xiang Suoshu DASH client is corresponding with the target URL to be sliced file.
Optionally, the meter of the target value of the check code CRC about the target MPD is also carried in the default extended field
Calculation mode;
It is described before the TLS connection for carrying first Encryption Algorithm to DASH client transmission is replied
Method further include:
According to the calculation entrained by the default extended field, the mesh of the CRC of the target MPD is calculated
Scale value;
It is described that the TLS connection reply for carrying first Encryption Algorithm is sent to the DASH client, comprising:
It is carried described in the CRC of first Encryption Algorithm and the target MPD to DASH client transmission
The TLS connection of target value is replied.
Optionally, the first random number that the DASH client generates, the TLS are also carried in the TLS connection request
Connection also carries the second random number that the DASH server-side generates in replying;
It is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before, the method
Further include:
According to first random number, second random number and the target value, calculate about the target MPD's
Object decryption key;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
According to first Encryption Algorithm and the object decryption key, MPD corresponding with MPD request is carried out
Encryption.
Optionally, it is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before,
The method also includes:
From at least one Encryption Algorithm, the second Encryption Algorithm itself supported is determined;
According to first Encryption Algorithm, it is corresponding to URL slice file encryption information and with the MPD request pair
The MPD answered is encrypted, to form target MPD, wherein the encryption information of the corresponding slice file of the URL includes described the
Two Encryption Algorithm;
In the response target URL, the transmission of Xiang Suoshu DASH client is corresponding with the target URL to be sliced file
Before, the method also includes:
It is encrypted according to the second Encryption Algorithm pair slice file corresponding with the target URL, so that institute
DASH client decipherment algorithm according to corresponding to second Encryption Algorithm entrained in the target MPD is stated, to being received
The slice file decryption arrived.
Optionally, it is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before,
The method also includes:
Determine that target spoke token corresponding to the slice file is identified;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
It is identified and is carried out according to first Encryption Algorithm pair MPD corresponding with MPD request and the target token
Encryption.
The third aspect, the embodiment of the invention provides a kind of transmitting devices of data, are applied to dynamic self-adapting Streaming Media
DASH client, wherein the DASH client is connect with DASH server-side, and described device includes: secure transport layer protocol TLS
Connection request sending module, media representation describe MPD request sending module, target MPD receiving module, target MPD deciphering module,
Destination Uniform Resource finger URL URL selecting module and slice file request module;
The TLS connection request sending module: for carrying default extended field to DASH server-side transmission
TLS connection request, so that the DASH server-side selects itself from default extended field entrained by the TLS connection request
The first Encryption Algorithm supported, Xiang Suoshu DASH client send the TLS connection reply for carrying first Encryption Algorithm,
It is connect with establishing TLS with the DASH client, wherein supported in the default extended field comprising the DASH client
At least one Encryption Algorithm;
The MPD request sending module: for sending MPD request to the DASH server-side, so that the DASH is serviced
End is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, and will be formed by target after encryption
MPD feeds back to the DASH client;
The target MPD receiving module: for receiving the target MPD of the DASH server-side feedback;
The target MPD deciphering module: it is used for the decipherment algorithm according to corresponding to first Encryption Algorithm, to the target
MPD decryption;
The target URL selecting module: for selecting from uniform resource position mark URL included by decrypted result to benefit
Target URL;
The slice file request module: for being cut accordingly according to the target URL to DASH server-side request
Piece file.
Fourth aspect, the embodiment of the invention also provides a kind of transmitting devices of data, are applied to dynamic self-adapting stream matchmaker
Body DASH server-side, wherein the DASH server-side is connect with DASH client, and described device includes: secure transport layer protocol
TLS connection request receiving module, the first Encryption Algorithm determining module, TLS connects back to multiple sending module, media representation describes MPD
Request receiving module, MPD encrypting module, target MPD sending module and slice file sending module;
The TLS connection request receiving module: extension word is preset for receiving carrying for the DASH client transmission
The TLS connection request of section, wherein at least one encryption that the DASH client is supported is carried in the default extended field
Algorithm;
The first Encryption Algorithm determining module: for determining that itself is supported from least one Encryption Algorithm
The first Encryption Algorithm;
The TLS connects back to multiple sending module: calculating for carrying first encryption to DASH client transmission
The TLS connection of method is replied, and is connect with establishing TLS with the DASH client;
The MPD request receiving module: the MPD request sent for receiving the DASH client;
The MPD encrypting module: for being carried out according to first Encryption Algorithm pair MPD corresponding with MPD request
Encryption;
The target MPD sending module: for being formed by target MPD after sending encryption to the DASH client, with
Make the DASH client in the decipherment algorithm according to corresponding to first Encryption Algorithm, after target MPD decryption, from solution
Target URL to be utilized is selected in uniform resource position mark URL included by close result, according to the target URL to described
The corresponding slice file of DASH server-side request;
The slice file sending module: for responding the target URL, Xiang Suoshu DASH client is sent and the mesh
Mark URL is sliced file accordingly.
In the present solution, dynamic self-adapting Streaming Media DASH client carries default extension word to the transmission of DASH server-side
The secure transport layer protocol TLS connection request of section, so that the DASH server-side default extension entrained by the TLS connection request
The first Encryption Algorithm itself supported is selected in field, carries first Encryption Algorithm to DASH client transmission
TLS connection is replied, and is connect with establishing TLS with the DASH client, wherein includes the DASH client in the default extended field
At least one Encryption Algorithm supported;Media representation is sent to the DASH server-side and describes MPD request, so that the DASH is serviced
End is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, and target MPD will be formed by after encryption
Feed back to the DASH client;Receive the target MPD of DASH server-side feedback;It is solved according to corresponding to first Encryption Algorithm
Close algorithm decrypts target MPD;Target to be utilized is selected from uniform resource position mark URL included by decrypted result
URL;Corresponding slice file is requested to the DASH server-side according to target URL.Pass through the side encrypted to target MPD
Formula is stolen to avoid the data in target MPD, improves the safety for the data transmitted in DASH system.Certainly, real
Applying any product or method of the invention must be not necessarily required to reach all the above advantage simultaneously.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of flow diagram of the transmission method of data provided by the embodiment of the present invention;
Fig. 2 is a kind of another flow diagram of the transmission method of data provided by the embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of the transmitting device of data provided by the embodiment of the present invention;
Fig. 4 is a kind of another structural schematic diagram of the transmitting device of data provided by the embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The embodiment of the invention provides a kind of transmission method of data and device, to realize to being transmitted in DASH system
Data are encrypted, and the safety of transmitted data is improved.
The transmission method for being provided for the embodiments of the invention a kind of data first below is introduced.
It should be noted that a kind of transmission method of data provided by the embodiment of the present invention, can be applied to dynamic certainly
Adapt to Streaming Media DASH client, wherein the DASH client is connect with DASH server-side, and in the DASH client and
Between DASH server-side when describing MPD based on HTTP dynamic self-adapting stream media protocol request media representation, it can be used super
File Transfer security protocol (Hypertext Transfer Protocol Secure, HTTPS) and secure transport layer protocol
(Transport layer security protocol, TLS), which mentions between the DASH client and DASH server-side
For confidentiality and data integrity, which is safely for the channel HTTP of target.
As shown in Figure 1, a kind of transmission method of data provided by the embodiment of the present invention, may include step:
S101: the DASH client sends the TLS connection request for carrying default extended field to DASH server-side, so that
The DASH server-side selects itself to be supported from default extended field entrained by secure transport layer protocol TLS connection request
The first Encryption Algorithm, to the DASH client send carry first Encryption Algorithm TLS connection reply, with the DASH
Client establishes TLS connection, wherein at least one encryption supported in the default extended field comprising the DASH client is calculated
Method;
It is understood that before request media representation describes MPD, need the DASH client and DASH server-side it
Between establish TLS connection, unlike the prior art, when establishing the TLS connection, the DASH client to DASH server-side send out
Send the TLS connection request for carrying default extended field, wherein supported in the default extended field comprising the DASH client
At least one Encryption Algorithm, while establishing connection, the DASH client and DASH server-side can consult carry out it is subsequent
Data transmission when, required data encryption relevant information, such as the first Encryption Algorithm, to guarantee the safety of transmitted data
Property.As one embodiment of the present invention, which can be defined as use_encrypt_mpd.
For example, the Encryption Algorithm which is supported can be with are as follows: DES (Data Encryption
Standar, data encryption standards), DSA (Digital Signature Algorithm, Digital Signature Algorithm) and AES
(Advanced Encryption Standard, Advanced Encryption Standard) etc..It is emphasized that the DASH client is propped up
The Encryption Algorithm held can be set according to the actual situation, and it is not limited in the embodiment of the present invention.
S102: to the DASH server-side send media representation describe MPD request so that the DASH server-side according to this first
Encryption Algorithm pair MPD corresponding with MPD request is encrypted, and feeds back to the DASH for target MPD is formed by after encryption
Client;
It should be noted that establishing TLS connection between the DASH client and DASH server-side and consulting subsequent
Data transmission when required the first Encryption Algorithm after, DASH client sends MPD request to the DASH server-side, at this point, should
MPD request can be based on HTTPS.At this point, the safety in order to protect transmitted data, which is receiving this
It after MPD request, can be encrypted according to the first Encryption Algorithm pair MPD corresponding with MPD request for consulting, and by the encryption
After be formed by target MPD and feed back to the DASH client.Target MPD is prevented to be intercepted in transmission process, target MPD
Included in data the case where being stolen.
S103: the target MPD of DASH server-side feedback is received;
Specifically, the DASH server-side can respond MPD request, to this after sending MPD request to the DASH server-side
DASH client is formed by target MPD after sending encryption, which can receive the target of DASH server-side feedback
MPD then carries out the transmission flow of subsequent data, wherein receiving target MPD can not be done herein using the prior art
It repeats.
S104: according to decipherment algorithm corresponding to first Encryption Algorithm, target MPD is decrypted;
It is understood that can use the prior art according to first Encryption Algorithm and be combined into decipherment algorithm, according to this
Target MPD is decrypted in decipherment algorithm, wherein the decrypting process can use the prior art, and this will not be repeated here.
S105: target URL to be utilized is selected from URL included by decrypted result;
It should be noted that including multiple URL (Uniform Resource Locator, unified resource in target MPD
Finger URL), each corresponding to a slice file, after target MPD decryption, the DASH client can according to itself
Network condition and the configuration performance information of itself select target URL to be utilized in the URL included from this.
S106: corresponding slice file is requested to the DASH server-side according to target URL.
It, can be according to target URL to the DASH specifically, after selecting target URL to be utilized in the DASH client
The corresponding slice file of server-side request.
Using the embodiment of the present invention, DASH client sends the TLS company for carrying default extended field to DASH server-side
Request is connect, so that the DASH server-side selects itself to be supported from default extended field entrained by the TLS connection request
First Encryption Algorithm sends the TLS connection reply for carrying first Encryption Algorithm to the DASH client, with objective with the DASH
TLS connection is established at family end, wherein at least one encryption supported in the default extended field comprising the DASH client is calculated
Method;MPD request is sent to the DASH server-side, so that the DASH server-side is requested according to first Encryption Algorithm pair and the MPD
Corresponding MPD is encrypted, and will be formed by target MPD after encryption and fed back to the DASH client;Receive DASH service
Hold the target MPD of feedback;According to decipherment algorithm corresponding to first Encryption Algorithm, target MPD is decrypted;From decrypted result
Target URL to be utilized is selected in included uniform resource position mark URL;It is asked according to target URL to the DASH server-side
Seek corresponding slice file.By way of being encrypted to target MPD, it is stolen, mentions to avoid the data in target MPD
The safety for the data that height is transmitted in DASH system.
As one embodiment of the present invention, for there are many information based on data encryption, guaranteeing the DASH
While intercommunity between client and DASH server-side, the safety and confidentiality of the encryption are improved again, which adds
Information based on close can be it is unfixed, according to the difference of the content of MPD request, and stochastic transformation, specifically, institute
State the calculation that the target value of the check code CRC about target MPD can also be carried in default extended field;
The target value of the CRC of target MPD is also carried in TLS connection reply, wherein the mesh of the CRC of target MPD
Scale value are as follows: the DASH server-side according to this preset extended field entrained by the value that is calculated of calculation;
In the decipherment algorithm according to corresponding to first Encryption Algorithm, before target MPD decryption, the method is also
May include:
According to the target value of the CRC of target MPD, judge whether target MPD is effective;When being judged as effective, execute
S104。
Target MPD may be robbed during transmission to be taken, and is substituted for other MPD, decrypts the mesh to save
The occupied resource of MPD is marked, it, can be first according to the target value of the CRC of target MPD, judgement before decrypting target MPD
Whether target MPD is effective, when judging that target MPD is invalid, target MPD can be abandoned, no longer need to carry out subsequent
Decrypting process re-starts MPD request;When judging effective, continue follow-up process.
Specifically, the target value of the CRC according to target MPD, judges whether target MPD is effective, may include:
According to this preset extended field entrained by calculation, calculate the standard value of the CRC of target MPD;
Judge whether the standard value is identical as the target value;
If identical, show that target MPD is effective;
If it is not the same, showing that target MPD is invalid.
Wherein, between the DASH client carried out data transmission and DASH server-side, which will be carried
The default extended field of the calculation of the target value of check code CRC about target MPD is sent to DASH server-side, should
DASH server-side is according to the calculation, it is determined that the target value of the CRC of target MPD, and the target value is sent to DASH
Client will send the target MPD of the target value to notify the DASH client, when the DASH client receives the target
After MPD, judge whether the target MPD received is that the DASH server will be sent out to the DASH client according to the target value
The target MPD sent, according to calculation same as the DASH server, to the CRC of received target MPD calculate,
Standard value is obtained, judges whether the target value is identical as the standard value, if identical, shows that target MPD is effective;If not phase
Together, show that target MPD is invalid, then abandon the received target MPD of the institute.
Specifically, calculation entrained by the default extended field may include:
When the length of the CRC about target MPD is more than or equal to the first predetermined value, the first of the CRC is chosen
Predetermined value byte is calculated, and determines the target value of the CRC of target MPD;
When the length of the CRC about target MPD is less than the first predetermined value, all bytes of the CRC are carried out whole
Body calculates, and determines the target value of the CRC of target MPD.
As one embodiment of the present invention, the length of different MPD its corresponding CRC can be had differences, it should
First predetermined value can be that 32 bytes can be chosen when the length of the CRC of target MPD is more than or equal to 32 byte
Each 16 bytes, are combined into the data of 32 bytes, calculate the data, obtain CRC32 value before and after the CRC of target MPD
(target value) carries out the verification of target MPD according to the CRC32 value;When the length of the CRC of target MPD is less than 32 byte, then
All bytes of the CRC of target MPD are calculated, CRC32 value is obtained, the school of target MPD is carried out according to the CRC32 value
It tests;It is special, as one embodiment of the present invention, the length of the CRC of target MPD may not be obtained, it at this time can be with
Target MPD is not verified, or the CRC32 value is filled by " 0 ", for example, the length of the CRC of target MPD is 0,
That is SMPDCrc_32_NULL;
If SMPD_AES128_CM mode, which is 0x00000000mpd_keyx;
If SMPD_AES192_CM mode, which is 0x00000000mpd_keyx0000;
If SMPD_AES256_CM mode, which is 0x00000000mpd_keyx00000000.
As one embodiment of the present invention, during the encrypting and decrypting, it is also necessary to key needed for the encryption and decryption,
Wherein the key can be between the DASH client and the DASH server that by appointment is good, be also possible to the DASH
Negotiate at random between client and the DASH server, for the encryption and decryption safety the considerations of, the latter can more preferably, tool
Body, the first random number of DASH client generation is also carried in the TLS connection request, is gone back in the TLS connection reply
Carry the second random number of DASH server-side generation;
It is described to the DASH server-side send media representation describe MPD request before, the method can also include:
According to first random number, second random number and the target value, the object decryption about target MPD is calculated
Key;
The decipherment algorithm according to corresponding to first Encryption Algorithm decrypts target MPD, may include:
Using decipherment algorithm corresponding to the object decryption key and first Encryption Algorithm, target MPD is decrypted.
As one embodiment of the present invention, which can be 4 bytes generated using the prior art
Number, the object decryption key can be by the 4 of the target value of 4 byte, 4 bytes of the first random number and the second random number
A byte composition, wherein 4 bytes of first random number and 4 bytes of the second random number are properly termed as 8 bytes
Privately owned Key, can be indicated with mpd_keyx.
Such as: the number for 4 bytes that the target value generates is 0xaabbccdd,
If SMPD_AES128_CM mode, which is 0xaabbccddmpd_keyx;
If SMPD_AES192_CM mode, which is 0xaabbccddmpd_keyx0000;
If SMPD_AES256_CM mode, which is 0xaabbccddmpd_keyx00000000.
It should be noted that in order to further guarantee the number transmitted between the DASH client and DASH server-side
According to safety, which is encrypted, and then is transmitted.Specifically, carrying in the target MPD about institute
Including URL it is corresponding slice file encryption information, which includes second Encryption Algorithm, wherein this second plus
One of at least one Encryption Algorithm that close algorithm is supported by DASH client algorithm;
The method can also include:
Receive the slice file;
According to decipherment algorithm corresponding to second Encryption Algorithm, to the slice file decryption;
Slice file after playing the decryption.
It further, can also include the corresponding target spoke token mark of the slice file in the encryption information;
In the decipherment algorithm according to corresponding to second Encryption Algorithm, before the slice file decryption, the method
Can also include:
Judge that target token is identified whether and the received token mark of institute is identical simultaneously with the slice file;
If so, the decipherment algorithm according to corresponding to second Encryption Algorithm is executed, to the step of the slice file decryption
Suddenly.
It should be noted that when in order to save the DASH client to the slice file decryption required occupancy resource, In
It can be identified first according to the corresponding target token of the slice file before the slice file is decrypted, judge the slice
Whether file is effective, abandons if invalid to the slice file, if effectively, which is decrypted, and
Carry out subsequent playing process.
It is understood that will be wrapped in the MPD before the DASH server sends target MPD to the DASH client
The token mark (target token mark) that file is sliced corresponding to the URL contained has all been added into target MPD, in addition,
When sending slice file according to the selected target URL, while carrying the corresponding token mark of the slice file, judgement
The institute received token mark identified whether with target token it is identical, to judge whether the slice file is required cut
Whether piece file, i.e. the slice file are effective.
Corresponding to above method embodiment, a kind of transmission method for data that the embodiment of the present invention also provides can be applied
In dynamic self-adapting Streaming Media DASH server-side, wherein the DASH server-side is connect with DASH client, wherein needs to illustrate
, which can connect with multiple DASH clients, as shown in Fig. 2, this method may include step:
S201: the secure transport layer protocol TLS connection for carrying default extended field of DASH client transmission is received
Request, wherein carry at least one Encryption Algorithm that the DASH client is supported in the default extended field;
It is understood that the DASH server by utilizing prior art receive the DASH client transmission carry it is default
The TLS connection request of extended field, this is preset and carries at least one encryption calculation that the DASH client is supported in extended field
Method after the DASH server receives the TLS connection request, could be aware that the DASH client will establish TLS with itself and connect,
And the transmission of subsequent data is carried out, encryption of at least one Encryption Algorithm for the subsequent required data transmitted.
S202: from at least one Encryption Algorithm, the first Encryption Algorithm itself supported is determined;
Specifically, after the DASH server receives TLS connection request, the default expansion that is carried from the TLS connection request
In at least one Encryption Algorithm that exhibition field is included, determines the first Encryption Algorithm itself supported, continue subsequent data
Transmission flow;As one embodiment of the present invention, if the DASH server fails from at least one Encryption Algorithm
In determine the first Encryption Algorithm itself supported, then the encryption of the data is unable to complete, and the transmission flow of the data terminates
Or transmit using data of the prior art to unencryption, etc., this is all reasonable.
S203: sending the TLS connection reply for carrying first Encryption Algorithm to the DASH client, with objective with the DASH
TLS connection is established at family end;
It should be noted that sending TLS connection to the DASH client and replying is to establish TLS with the DASH client
Connection, to inform the DASH client, can carry out the transmission flow of subsequent data, to the DASH client send this
One Encryption Algorithm be in order to inform the DASH client, in the transmission process of subsequent data, can according to this first plus
Close algorithm carries out the encryption of data.
S204: the media representation for receiving DASH client transmission describes MPD request;
Specifically, the DASH server by utilizing prior art receives the MPD request of DASH client transmission, this can be responded
MPD request, selects MPD corresponding with MPD request, carries out the process of the transmission of subsequent data.
S205: it is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request;
Specifically, the DASH server can utilize the first Encryption Algorithm pair and the MPD of the determination according to the prior art
Corresponding MPD is requested to be encrypted.
S206: being formed by target MPD after sending encryption to the DASH client, so that the DASH client should in basis
Decipherment algorithm corresponding to first Encryption Algorithm, after target MPD decryption, the uniform resource locator included by the decrypted result
Target URL to be utilized is selected in URL, requests corresponding slice file to the DASH server-side according to target URL;
It should be noted that forming target MPD after the DASH server-side is encrypted the MPD, target MPD is sent out
The DASH client is given, so that DASH client decipherment algorithm according to corresponding to first Encryption Algorithm consulted,
Target MPD is decrypted using the prior art, and from URL included in the decrypted result, according to DASH visitor
The network state at family end itself selects target URL to be utilized according to device configuration performance information, and to the DASH server-side
Request slice file.
S207: responding target URL, is sliced file to DASH client transmission is corresponding with target URL.
It is understood that target URL uniquely corresponds to a slice file, can be determined accordingly according to target URL
Slice file, which is sent to the DASH client, wherein the slice file can be by encrypted text
Part, is also possible to the file not encrypted, this is all possible.
Using the embodiment of the present invention, the DASH server-side according to the first Encryption Algorithm consulted with the DASH client,
Encrypted transmission is carried out to target MPD, can be stolen to avoid target MPD, causes data corresponding to target MPD stolen
It takes, the safety for the data transmitted in DASH system can be improved.
Specifically, also carrying the calculating of the target value of the check code CRC about target MPD in the default extended field
Mode;
Before the TLS connection for carrying first Encryption Algorithm to DASH client transmission is replied, the method
Can also include:
According to this preset extended field entrained by the calculation, calculate the target value of the CRC of target MPD;
It is described that the TLS connection reply for carrying first Encryption Algorithm is sent to the DASH client, comprising:
The TLS for carrying first Encryption Algorithm and the target value of the CRC of target MPD is sent to the DASH client
Connection is replied.
For the accuracy for guaranteeing the data to be transmitted between the DASH client and DASH server-side, guarantee the peace of data
Entirely, and guarantee the synchronism between the DASH client and DASH server-side, pass can also be carried in the default extended field
In the calculation of the target value of the check code CRC of target MPD, according to the calculation, which can be calculated
The target value of the CRC of target MPD out, meanwhile, which is added into TLS link reply, is transferred to this together
DASH client can root between the DASH client and DASH server-side to guarantee the synchronism of the transmission of subsequent data
It is verified according to target MPD of the target value to the transmission, judges the validity and authenticity of target MPD.
As one embodiment of the present invention, during the encrypting and decrypting, it is also necessary to close needed for the encryption and decryption
Key, wherein the key can be between the DASH client and the DASH server that by appointment is good, be also possible to this
Negotiate at random between DASH client and the DASH server, for the encryption and decryption safety the considerations of, the latter can be more excellent
Choosing, specifically, the first random number of DASH client generation is also carried in the TLS connection request, in TLS connection reply
Also carry the second random number of DASH server-side generation;
It is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before, the method may be used also
To include:
According to first random number, second random number and the target value, the object decryption about target MPD is calculated
Key;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
According to first Encryption Algorithm and the object decryption key, MPD corresponding with MPD request is encrypted.
Further, in order to preferably guarantee the data transmitted between the DASH client and the DASH server
Safety, after which is also possible to encryption, then transmitted, in addition, the encryption for the slice file, the DASH
It is also to be in communication with each other between client and the DASH server, negotiates encryption information relevant to the slice file
's.Specifically, it is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before, the method is also
May include:
From at least one Encryption Algorithm, the second Encryption Algorithm itself supported is determined;
According to first Encryption Algorithm, the slice encryption information of file corresponding to URL and corresponding with MPD request
MPD is encrypted, to form target MPD, wherein the encryption information of the corresponding slice file of the URL includes that second encryption is calculated
Method;
In the response target URL, to the DASH client send it is corresponding with target URL be sliced file before,
The method can also include:
It is encrypted according to second Encryption Algorithm pair slice file corresponding with target URL, so that the DASH is objective
Family end decipherment algorithm according to corresponding to second Encryption Algorithm entrained in target MPD, to received slice file
Decryption.
Further, it is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before,
The method can also include:
Determine that target spoke token corresponding to the slice file is identified;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
It is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request and the target token mark.
It is understood that the accuracy in order to preferably determine the slice file, mitigating DASH client decryption should
Occupied resource when being sliced file, which sends to the DASH client requests that corresponding MPD's is same with the MPD
When, the mark of target token corresponding to the slice file is sent, also this is verified first and cut before decrypting the slice file
Whether piece file is effective, i.e. the authenticity of the slice file.
Corresponding to above method embodiment, as shown in figure 3, a kind of transmission dress of data provided by the embodiment of the present invention
It sets, can be applied to dynamic self-adapting Streaming Media DASH client, wherein the DASH client is connect with DASH server-side,
The apparatus may include: secure transport layer protocol TLS connection request sending module 301, media representation describe MPD request and send
Module 302, target MPD receiving module 303, target MPD deciphering module 304, destination Uniform Resource finger URL URL selecting module
305 and slice file request module 306;
The TLS connection request sending module 301: for being taken to dynamic self-adapting Streaming Media DASH server-side transmission
Secure transport layer protocol TLS connection request with default extended field, so that the DASH server-side is asked from the TLS connection
It asks and selects the first Encryption Algorithm itself supported in entrained default extended field, Xiang Suoshu DASH client, which is sent, to be carried
There is the TLS connection of first Encryption Algorithm to reply, is connect with establishing TLS with the DASH, wherein the default extended field
In at least one Encryption Algorithm for being supported comprising the DASH client;
The MPD request sending module 302: describing MPD request for sending media representation to the DASH server-side, with
Encrypt the DASH server-side according to first Encryption Algorithm pair MPD corresponding with MPD request, and will encryption
After be formed by target MPD and feed back to the DASH client;
The target MPD receiving module 303: for receiving the target MPD of the DASH server-side feedback;
The target MPD deciphering module 304: it is used for the decipherment algorithm according to corresponding to first Encryption Algorithm, to described
Target MPD decryption;
The target URL selecting module 305: for being selected from uniform resource position mark URL included by decrypted result
Target URL to be utilized;
The slice file request module 306: for corresponding to DASH server-side request according to the target URL
It is sliced file.
Using the embodiment of the present invention, DASH client sends the TLS company for carrying default extended field to DASH server-side
Request is connect, so that the DASH server-side selects itself to be supported from default extended field entrained by the TLS connection request
First Encryption Algorithm sends the TLS connection reply for carrying first Encryption Algorithm to the DASH client, with objective with the DASH
TLS connection is established at family end, wherein at least one encryption supported in the default extended field comprising the DASH client is calculated
Method;MPD request is sent to the DASH server-side, so that the DASH server-side is requested according to first Encryption Algorithm pair and the MPD
Corresponding MPD is encrypted, and will be formed by target MPD after encryption and fed back to the DASH client;Receive DASH service
Hold the target MPD of feedback;According to decipherment algorithm corresponding to first Encryption Algorithm, target MPD is decrypted;From decrypted result
Target URL to be utilized is selected in included uniform resource position mark URL;It is asked according to target URL to the DASH server-side
Seek corresponding slice file.By way of being encrypted to target MPD, it is stolen, mentions to avoid the data in target MPD
The safety for the data that height is transmitted in DASH system.
Specifically, also carrying the meter of the target value of the check code CRC about the target MPD in the default extended field
Calculation mode;
The target value of the CRC of the target MPD is also carried in the TLS connection reply, wherein the target
The target value of the CRC of MPD are as follows: DASH server-side calculation according to entrained by the default extended field
The value being calculated;
Described device can also include target MPD judgment module:
The target MPD judgment module: it is used in the decipherment algorithm according to corresponding to first Encryption Algorithm, to institute
Before stating target MPD decryption, according to the target value of the CRC of the target MPD, judge whether the target MPD is effective, when
When being judged as effective, the target MPD deciphering module 304 is triggered.
Specifically, the target MPD judgment module includes standard value computing unit and judging unit;
The standard value computing unit: for the calculation according to entrained by the default extended field, described in calculating
The standard value of the CRC of target MPD;
The judging unit: for judging whether the standard value is identical as the target value;
If identical, show that the target MPD is effective;
If it is not the same, showing that the target MPD is invalid.
Specifically, calculation entrained by the default extended field includes:
When the length of the CRC about the target MPD is more than or equal to the first predetermined value, choose the CRC's
First predetermined value byte is calculated, and determines the target value of the CRC of the target MPD;
When the length of the CRC about the target MPD is less than the first predetermined value, to all bytes of the CRC into
Row overall calculation determines the target value of the CRC of the target MPD.
Specifically, the first random number that the DASH client generates also is carried in the TLS connection request, the TLS
Connection also carries the second random number that the DASH server-side generates in replying;
Described device further includes first object decruption key computing module:
The first object decruption key computing module: for being retouched described to DASH server-side transmission media representation
Before stating MPD request, according to first random number, second random number and the target value, calculate about the mesh
Mark the object decryption key of MPD;
The target MPD deciphering module 304, is specifically used for:
Using the decipherment algorithm corresponding to the object decryption key and first Encryption Algorithm, to the mesh
Mark MPD decryption.
Specifically, the encryption information about the corresponding slice file of included URL is carried in the target MPD, it is described to add
Confidential information includes the second Encryption Algorithm, wherein at least one that second Encryption Algorithm is supported by DASH client
One of Encryption Algorithm algorithm;
Described device further includes slice file reception module, slice file decryption module and slice file playing module:
The slice file reception module: for receiving the slice file;
The slice file decryption module: it is used for the decipherment algorithm according to corresponding to second Encryption Algorithm, is cut to described
Piece file decryption;
The slice file playing module: for playing the slice file after the decryption.
Specifically, further including the corresponding target spoke token mark of the slice file in the encryption information;
Described device further includes token mark judgment module;
The token identifies judgment module: for judge the target token identify whether and with the slice file it is same
When institute received token mark it is identical;If so, triggering the slice file decryption module.
Corresponding to above method embodiment, as shown in figure 4, the embodiment of the invention provides a kind of transmitting device of data,
It can be applied to dynamic self-adapting Streaming Media DASH server-side, wherein the DASH server-side is connect with DASH client, described
Device may include: secure transport layer protocol TLS connection request receiving module 401, the first Encryption Algorithm determining module 402, TLS
Connect back to multiple sending module 403, media representation describes MPD request receiving module 404, MPD encrypting module 405, target MPD are sent
Module 406 and slice file sending module 407;
The TLS connection request receiving module 401: default extension is carried for receive that the DASH client sends
The secure transport layer protocol TLS connection request of field, wherein carry the DASH client in the default extended field and propped up
At least one Encryption Algorithm held;
The first Encryption Algorithm determining module 402: for determining that itself is propped up from least one Encryption Algorithm
The first Encryption Algorithm held;
The TLS connects back to multiple sending module 403: for carrying first encryption to DASH client transmission
The TLS connection of algorithm is replied, and is connect with establishing TLS with the DASH client;
The MPD request receiving module 404: the media representation for receiving the DASH client transmission, which describes MPD, asks
It asks;
The MPD encrypting module 405: for according to first Encryption Algorithm pair MPD corresponding with MPD request into
Row encryption;
The target MPD sending module 406: for being formed by target MPD after sending encryption to the DASH client,
So that the DASH client is in the decipherment algorithm according to corresponding to first Encryption Algorithm, after target MPD decryption, from
Target URL to be utilized is selected in uniform resource position mark URL included by decrypted result, according to the target URL to described
The corresponding slice file of DASH server-side request;
The slice file sending module 407: for responding the target URL, Xiang Suoshu DASH client is sent and institute
It states target URL and is sliced file accordingly.
Using the embodiment of the present invention, the DASH server-side according to the first Encryption Algorithm consulted with the DASH client,
Encrypted transmission is carried out to target MPD, can be stolen to avoid target MPD, causes data corresponding to target MPD stolen
It takes, the safety for the data transmitted in DASH system can be improved.
Specifically, also carrying the meter of the target value of the check code CRC about the target MPD in the default extended field
Calculation mode;
Described device further includes target value computing module;
The target value computing module: first Encryption Algorithm is carried to DASH client transmission for described
TLS connection reply before, according to the calculation entrained by the default extended field, calculate the target MPD's
The target value of CRC;
The TLS connects back to multiple sending module 403, is specifically used for:
The target for carrying first Encryption Algorithm and the CRC of the target MPD is sent to the DASH client
The TLS connection of value is replied.
Specifically, the first random number that the DASH client generates also is carried in the TLS connection request, the TLS
Connection also carries the second random number that the DASH server-side generates in replying;
Described device further includes the second object decryption key computing module;
The second object decryption key computing module: for described according to first Encryption Algorithm pair and the MPD
Before requesting corresponding MPD to be encrypted, according to first random number, second random number and the target value, meter
Calculate the object decryption key about the target MPD;
The MPD encrypting module 405, is specifically used for:
According to first Encryption Algorithm and the object decryption key, MPD corresponding with MPD request is carried out
Encryption.
Specifically, described device further includes the second Encryption Algorithm determining module and slice file encryption module;
The second Encryption Algorithm determining module: it is requested for described according to first Encryption Algorithm pair and the MPD
Before corresponding MPD is encrypted, from least one Encryption Algorithm, the second Encryption Algorithm itself supported is determined;
The MPD encrypting module 405, is specifically used for:
According to first Encryption Algorithm, it is corresponding to URL slice file encryption information and with the MPD request pair
The MPD answered is encrypted, to form target MPD, wherein the encryption information of the corresponding slice file of the URL includes described the
Two Encryption Algorithm;
The slice file encryption module: in the response target URL, Xiang Suoshu DASH client send with
The target URL is sliced before file accordingly, described is cut according to second Encryption Algorithm pair is corresponding with the target URL
Piece file is encrypted, so that the DASH client is according to the second Encryption Algorithm institute entrained in the target MPD
Corresponding decipherment algorithm, to received slice file decryption.
Specifically, described device can also include that target spoke token identifies determining module;
The target token identifies determining module: being requested for described according to first Encryption Algorithm pair and the MPD
Before corresponding MPD is encrypted, determine that target token corresponding to the slice file is identified;
The MPD encrypting module 405, is specifically used for:
It is identified and is carried out according to first Encryption Algorithm pair MPD corresponding with MPD request and the target token
Encryption.
For systems/devices embodiment, since it is substantially similar to the method embodiment, so the comparison of description is simple
Single, the relevent part can refer to the partial explaination of embodiments of method.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
Those of ordinary skill in the art will appreciate that all or part of the steps in realization above method embodiment is can
It is completed with instructing relevant hardware by program, the program can store in computer-readable storage medium,
The storage medium designated herein obtained, such as: ROM/RAM, magnetic disk, CD.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all
Any modification, equivalent replacement, improvement and so within the spirit and principles in the present invention, are all contained in protection scope of the present invention
It is interior.
Claims (14)
1. a kind of transmission method of data, which is characterized in that be applied to dynamic self-adapting Streaming Media DASH client, wherein institute
DASH client is stated to connect with DASH server-side, which comprises
The secure transport layer protocol TLS connection request for carrying default extended field is sent to the DASH server-side, so that institute
State DASH server-side selects first itself supported encryption to calculate from default extended field entrained by the TLS connection request
Method, Xiang Suoshu DASH client send carry first Encryption Algorithm TLS connection reply, with the DASH client
Establish TLS connection, wherein at least one encryption supported in the default extended field comprising the DASH client is calculated
Method;
Media representation is sent to the DASH server-side and describes MPD request, so that the DASH server-side adds according to described first
Close algorithm pair MPD corresponding with MPD request is encrypted, and will be formed by after encryption target MPD feed back to it is described
DASH client;
Receive the target MPD of the DASH server-side feedback;
According to decipherment algorithm corresponding to first Encryption Algorithm, the target MPD is decrypted;
Target URL to be utilized is selected from uniform resource position mark URL included by decrypted result;
Corresponding slice file is requested to the DASH server-side according to the target URL.
2. the method according to claim 1, wherein also being carried about the target in the default extended field
The calculation of the target value of the check code CRC of MPD;
The target value of the CRC of the target MPD is also carried in the TLS connection reply, wherein the target MPD's
The target value of CRC are as follows: DASH server-side calculation according to entrained by the default extended field calculates
Obtained value;
In the decipherment algorithm according to corresponding to first Encryption Algorithm, before target MPD decryption, the method is also
Include:
According to the target value of the CRC of the target MPD, judge whether the target MPD is effective;
When being judged as effective, the decipherment algorithm according to corresponding to first Encryption Algorithm is executed, the target MPD is solved
Close step.
3. according to the method described in claim 2, it is characterized in that, the target of the CRC according to the target MPD
Value, judges whether the target MPD is effective, comprising:
According to calculation entrained by the default extended field, the standard value of the CRC of the target MPD is calculated;
Judge whether the standard value is identical as the target value;
If identical, show that the target MPD is effective;
If it is not the same, showing that the target MPD is invalid.
4. according to the method in claim 2 or 3, which is characterized in that
Calculation entrained by the default extended field includes:
When the length of the CRC about the target MPD is more than or equal to the first predetermined value, the first of the CRC is chosen
Predetermined value byte is calculated, and determines the target value of the CRC of the target MPD;
When the length of the CRC about the target MPD is less than the first predetermined value, all bytes of the CRC are carried out whole
Body calculates, and determines the target value of the CRC of the target MPD.
5. according to the method described in claim 2, it is characterized in that, also carrying the DASH client in the TLS connection request
The first random number generated is held, also carries the second random number that the DASH server-side generates in the TLS connection reply;
Before the transmission MPD request to the DASH server-side, the method also includes:
According to first random number, second random number and the target value, the target about the target MPD is calculated
Decruption key;
The decipherment algorithm according to corresponding to first Encryption Algorithm decrypts the target MPD, comprising:
Using the decipherment algorithm corresponding to the object decryption key and first Encryption Algorithm, to the target
MPD decryption.
6. the method according to claim 1, wherein being carried in the target MPD corresponding about included URL
It is sliced the encryption information of file, the encryption information includes the second Encryption Algorithm, wherein second Encryption Algorithm is DASH visitor
One of at least one Encryption Algorithm that family end is supported algorithm;
The method also includes:
Receive the slice file;
According to decipherment algorithm corresponding to second Encryption Algorithm, to the slice file decryption;
Slice file after playing the decryption.
7. according to the method described in claim 6, it is characterized in that, further including that the slice file is corresponding in the encryption information
Target spoke token mark;
In the decipherment algorithm according to corresponding to second Encryption Algorithm, before the slice file decryption, the method
Further include:
Judge that the target token is identified whether and the received token mark of institute is identical simultaneously with the slice file;
If so, the decipherment algorithm according to corresponding to second Encryption Algorithm is executed, to the step of the slice file decryption
Suddenly.
8. a kind of transmission method of data, which is characterized in that be applied to dynamic self-adapting Streaming Media DASH server-side, wherein institute
DASH server-side is stated to connect with DASH client, which comprises
The secure transport layer protocol TLS connection request for carrying default extended field that the DASH client is sent is received,
In, at least one Encryption Algorithm that the DASH client is supported is carried in the default extended field;
From at least one Encryption Algorithm, the first Encryption Algorithm itself supported is determined;
To the DASH client send carry first Encryption Algorithm TLS connection reply, with the DASH client
TLS connection is established at end;
It receives the media representation that the DASH client is sent and describes MPD request;
It is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request;
It is formed by target MPD after sending encryption to the DASH client, so that the DASH client is according to described the
Decipherment algorithm corresponding to one Encryption Algorithm, after target MPD decryption, the uniform resource locator included by the decrypted result
Target URL to be utilized is selected in URL, requests corresponding slice file to the DASH server-side according to the target URL;
The target URL is responded, the transmission of Xiang Suoshu DASH client is corresponding with the target URL to be sliced file.
9. according to the method described in claim 8, it is characterized in that, also being carried about the target in the default extended field
The calculation of the target value of the check code CRC of MPD;
Before the TLS connection for carrying first Encryption Algorithm to DASH client transmission is replied, the method
Further include:
According to the calculation entrained by the default extended field, the target value of the CRC of the target MPD is calculated;
It is described that the TLS connection reply for carrying first Encryption Algorithm is sent to the DASH client, comprising:
It is sent to the DASH client and carries first Encryption Algorithm and the target value of the CRC of the target MPD
TLS connection is replied.
10. according to the method described in claim 9, it is characterized in that, also carrying the DASH client in the TLS connection request
The first random number generated is held, also carries the second random number that the DASH server-side generates in the TLS connection reply;
It is described encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request before, the method is also wrapped
It includes:
According to first random number, second random number and the target value, the target about the target MPD is calculated
Decruption key;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
According to first Encryption Algorithm and the object decryption key, MPD corresponding with MPD request is added
It is close.
11. according to the method described in claim 8, it is characterized in that, described according to first Encryption Algorithm pair and the MPD
Before requesting corresponding MPD to be encrypted, the method also includes:
From at least one Encryption Algorithm, the second Encryption Algorithm itself supported is determined;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
According to first Encryption Algorithm, the slice encryption information of file corresponding to URL and corresponding with MPD request
MPD is encrypted, to form target MPD, wherein the encryption information of the corresponding slice file of the URL include described second plus
Close algorithm;
In the response target URL, Xiang Suoshu DASH client send it is corresponding with the target URL be sliced file it
Before, the method also includes:
It is encrypted according to the second Encryption Algorithm pair slice file corresponding with the target URL, so that described
DASH client decipherment algorithm according to corresponding to second Encryption Algorithm entrained in the target MPD, to received
Slice file decryption.
12. according to the method for claim 11, which is characterized in that it is described according to first Encryption Algorithm pair with it is described
Before MPD requests corresponding MPD to be encrypted, the method also includes:
Determine that target spoke token corresponding to the slice file is identified;
It is described to be encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, comprising:
Added according to first Encryption Algorithm pair MPD corresponding with MPD request and the target token mark
It is close.
13. a kind of transmitting device of data, which is characterized in that be applied to dynamic self-adapting Streaming Media DASH client, wherein institute
DASH client is stated to connect with DASH server-side, described device include: secure transport layer protocol TLS connection request sending module,
Media representation describes MPD request sending module, target MPD receiving module, target MPD deciphering module, destination Uniform Resource positioning
Accord with URL selecting module and slice file request module;
The TLS connection request sending module: for sending the TLS company for carrying default extended field to the DASH server-side
Request is connect, so that the DASH server-side selects itself to be propped up from default extended field entrained by the TLS connection request
The first Encryption Algorithm held, Xiang Suoshu DASH client send carry first Encryption Algorithm TLS connection reply, with
The DASH client establishes TLS connection, wherein in the default extended field comprising the DASH client supported to
A kind of few Encryption Algorithm;
The MPD request sending module: for sending MPD request to the DASH server-side, so that the DASH server-side root
It is encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request, and target MPD will be formed by after encryption
Feed back to the DASH client;
The target MPD receiving module: for receiving the target MPD of the DASH server-side feedback;
The target MPD deciphering module: it is used for the decipherment algorithm according to corresponding to first Encryption Algorithm, to the target MPD
Decryption;
The target URL selecting module: to be utilized for being selected from uniform resource position mark URL included by decrypted result
Target URL;
The slice file request module: for requesting corresponding slice text to the DASH server-side according to the target URL
Part.
14. a kind of transmitting device of data, which is characterized in that be applied to dynamic self-adapting Streaming Media DASH server-side, wherein institute
DASH server-side is stated to connect with DASH client, described device include: secure transport layer protocol TLS connection request receiving module,
First Encryption Algorithm determining module, TLS connect back to multiple sending module, media representation describes MPD request receiving module, MPD encryption
Module, target MPD sending module and slice file sending module;
The TLS connection request receiving module: the default extended field that carries for receiving that the DASH client sends
TLS connection request, wherein carry at least one encryption that the DASH client is supported in the default extended field and calculate
Method;
The first Encryption Algorithm determining module: for from least one Encryption Algorithm, determining itself supported the
One Encryption Algorithm;
The TLS connects back to multiple sending module: for carrying first Encryption Algorithm to DASH client transmission
TLS connection is replied, and is connect with establishing TLS with the DASH client;
The MPD request receiving module: the MPD request sent for receiving the DASH client;
The MPD encrypting module: for being encrypted according to first Encryption Algorithm pair MPD corresponding with MPD request;
The target MPD sending module: for being formed by target MPD after sending encryption to the DASH client, so that institute
DASH client is stated to tie after target MPD decryption from decryption in the decipherment algorithm according to corresponding to first Encryption Algorithm
Target URL to be utilized is selected in uniform resource position mark URL included by fruit, is taken according to the target URL to the DASH
Being engaged in, end request is corresponding to be sliced file;
The slice file sending module: for responding the target URL, Xiang Suoshu DASH client is sent and the target
URL is sliced file accordingly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610217824.3A CN107276969B (en) | 2016-04-08 | 2016-04-08 | A kind of transmission method and device of data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610217824.3A CN107276969B (en) | 2016-04-08 | 2016-04-08 | A kind of transmission method and device of data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107276969A CN107276969A (en) | 2017-10-20 |
| CN107276969B true CN107276969B (en) | 2019-11-22 |
Family
ID=60052664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610217824.3A Active CN107276969B (en) | 2016-04-08 | 2016-04-08 | A kind of transmission method and device of data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107276969B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108566361B (en) * | 2018-01-05 | 2020-08-21 | 武汉信安珞珈科技有限公司 | Security parameter negotiation method and system based on SSL/TLS protocol |
| CN110035319B (en) * | 2019-04-02 | 2020-05-15 | 北京文香信息技术有限公司 | Audio and video data encryption and decryption methods and devices and playing equipment |
| CN111556340B (en) * | 2020-05-21 | 2022-04-22 | 西安工业大学 | Safe cross-platform video stream playing method |
| CN112738560A (en) * | 2020-12-28 | 2021-04-30 | 厦门市美亚柏科信息股份有限公司 | Video data transmission method, receiving method, server and client |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1658551A (en) * | 2004-02-16 | 2005-08-24 | 华为技术有限公司 | Safety ability consultation method |
| CN103297464A (en) * | 2012-02-29 | 2013-09-11 | 华为技术有限公司 | Program information obtaining method and device |
| CN104255010A (en) * | 2012-04-27 | 2014-12-31 | 华为技术有限公司 | Support for short cryptoperiods in template mode |
| CN104255009A (en) * | 2012-04-25 | 2014-12-31 | 华为技术有限公司 | Systems and methods for segment integrity and authenticity for adaptive streaming |
| CN104854835A (en) * | 2013-01-17 | 2015-08-19 | 英特尔Ip公司 | DASH-aware network application function (D-NAF) |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9646162B2 (en) * | 2013-04-10 | 2017-05-09 | Futurewei Technologies, Inc. | Dynamic adaptive streaming over hypertext transfer protocol service protection |
-
2016
- 2016-04-08 CN CN201610217824.3A patent/CN107276969B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1658551A (en) * | 2004-02-16 | 2005-08-24 | 华为技术有限公司 | Safety ability consultation method |
| CN103297464A (en) * | 2012-02-29 | 2013-09-11 | 华为技术有限公司 | Program information obtaining method and device |
| CN104255009A (en) * | 2012-04-25 | 2014-12-31 | 华为技术有限公司 | Systems and methods for segment integrity and authenticity for adaptive streaming |
| CN104255010A (en) * | 2012-04-27 | 2014-12-31 | 华为技术有限公司 | Support for short cryptoperiods in template mode |
| CN104854835A (en) * | 2013-01-17 | 2015-08-19 | 英特尔Ip公司 | DASH-aware network application function (D-NAF) |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107276969A (en) | 2017-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5686951B2 (en) | Protection of digital media of various content types | |
| CN107276969B (en) | A kind of transmission method and device of data | |
| EP1278112A1 (en) | A process for providing access of a client to a content provider server under control of a resource locator server | |
| CN111030996B (en) | Method and device for accessing resources | |
| US8527762B2 (en) | Method for realizing an authentication center and an authentication system thereof | |
| CN102148798A (en) | Method for efficiently, parallelly and safely encrypting and decrypting high-capacity data packets | |
| CN104917723B (en) | For realizing the shared methods, devices and systems of encryption file security | |
| JPH1127252A (en) | Key management system, key management device, information ciphering device, information decoder and program recording medium | |
| TW201204011A (en) | Systems and methods for securely streaming media content | |
| WO2007008912A2 (en) | Delivering policy updates for protected content | |
| CN109951279B (en) | Anonymous data storage method based on block chain and edge device | |
| US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
| WO2019119238A1 (en) | Data exchange method and system based on unmanned aerial vehicle, and ground control terminal and server | |
| CN106941404A (en) | Cryptographic key protection method and device | |
| CN101436933A (en) | HTTPS encipher access method, system and apparatus | |
| AU2007216943B2 (en) | Method of implementing a state tracking mechanism in a communications session between a server and a client system | |
| EP3614292A1 (en) | File transfer system comprising an upload, storage and download device | |
| CN115766066A (en) | Data transmission method, device, safety communication system and storage medium | |
| KR101737345B1 (en) | Method and apparatus for authenticating Internet-Of-Things device in cloud-based Internet-Of-Things system | |
| CN104065619B (en) | login method and device | |
| JP2010124071A (en) | Communication device, communication method, and program | |
| US9825942B2 (en) | System and method of authenticating a live video stream | |
| CN102882897A (en) | Cookie protecting method and device | |
| KR101714319B1 (en) | Data synchronization system between ship based on geocasting | |
| CN101217532B (en) | An anti-network attack data transmission method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |