CN107360450A - A kind of kindergarten education net cast platform for protecting privacy of user - Google Patents
A kind of kindergarten education net cast platform for protecting privacy of user Download PDFInfo
- Publication number
- CN107360450A CN107360450A CN201710698034.6A CN201710698034A CN107360450A CN 107360450 A CN107360450 A CN 107360450A CN 201710698034 A CN201710698034 A CN 201710698034A CN 107360450 A CN107360450 A CN 107360450A
- Authority
- CN
- China
- Prior art keywords
- live
- information
- client
- user
- platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
Abstract
The invention discloses a kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server, garden side's client, wherein, parent's client includes first information processing module and the first user interface;Garden side's client includes the second message processing module and second user interface;Platform Server includes authorization database, authorizes business logic modules and Platform Server Web page.Complete to authorize in the case where requiring no knowledge about parent subscriber and focusing particularly on information by solving garden side user by modern cryptographic techniques such as existing Proxy Signatures with upper mounting plate, live platform carries out correctly blind matching and data forwarding in the case where requiring no knowledge about any concern information, and parent subscriber can be properly received live (recorded broadcast) information in the case where not revealing any privacy and watch live (recorded broadcast) content.
Description
Technical field
The invention belongs to community network and information security neighborhood, and in particular to a kind of kindergarten education for protecting privacy of user
Net cast platform.
Background technology
From Media Era, various live platforms emerge in an endless stream, and have live to show the amusement show field of the contents such as intelligence and art, also have
All kinds of social softwares are live and electric business is live, also all kinds of live platforms of education etc., and live platform has penetrated into us and lived
Every aspect.Especially after the various cruelties to child in kindergarten frequently exposure, the net cast platform towards kindergarten education obtains
Heat to parent is held in both hands.In this mode, parent can subscribe to the class live-broadcast of kindergarten, and kindergarten and teacher can be from classrooms
Live middle acquisition income, so kindergarten and teacher are ready to open class live-broadcast.
However, all kinds of live platforms, while bringing many convenient to us, also the privacy to platform user is brought
Great threat and potential safety hazard.Protection serious loss of the existing all kinds of live platforms to user privacy information, user take with platform
All data transmitted between business device, between user and user are all that in plain text, these data are easy to expose the hidden of platform user
Personal letter ceases, and brings unnecessary trouble to user, or even serious threat is to their safety of life and property.
By taking the kindergarten education of patent application as an example, if kindergarten and its class's information leakage where child,
The daily schedule of child will just leak completely, and this gives the bad person to hatch a sinister plot to be on the hazard with opportunity, baby safety.Separately
Outside, existing types of applications all assumes that the operator of live platform is believable, so all data are in the air to operator
's.
In fact, in most cases live platform operation side is strictly sincerity in the case where considering the constraint of platform reputation
, it actively will not go to distort, damage data, will not actively go to leak privacy of user, but live platform operation side is likely to pair
Data are curious or considered based on itself commercial interest in the case where strictly observing existing protocol, and data are effectively dug
Pick, so as to carry out some value-added services such as directional advertisement sending etc., these all virtually have leaked the privacy of platform user.Cause
This needs a kind of mechanism effectively to protect the privacy information of user in existing net cast platform.
Careless pseudo-random function based on modern cryptographic technique such as RSA Proxy Signatures (Blind-RSA Signature)
(Oblivious PseudoRandom Function), AES (Advanced Encryption Standard) etc. are that solution is hidden
The effective way of private leakage problem.
At present, the algorithm for having had many scholars to protect privacy of user conducts extensive research, especially social network
It is even more the extensive concern for receiving lot of domestic and foreign scholar in terms of network and video, and has rapidly become the focus studied in the industry.
In the research team of numerous external community networks, the protection technique that they study is mostly hidden for the node in community network
Figure property privacy in private, side privacy and community network, around node K- is anonymous, subgraph K- is anonymous, deduce control and data are disturbed
The technology expansion research such as random.
For example, in the research of weighting community network interior joint secret protection, Y.Li and H.Shen et al. are for weighting
The side weight information for causing identity to be revealed in figure proposes Nogata anonymity technology.The technology can be prevented effectively based on the hidden of weight
Private attack;Researchs of the X.Ying et al. based on community network sensitive relations, it is proposed that in randomization modification figure, moreover it is possible to keep figure
Constant method is composed, they keep the hypothesis of connected state based on community network figure, it is proposed that figure upset method.
Video secret protection technology is can will directly or indirectly to identify that privacy information carries out protection processing in video information,
Realize the safety guarantee for the privacy information that need to be protected.Existing video secret protection technology is broadly divided into following three class:Privacy zone
The extraction in domain, how privacy area is protected and private data access right adaptable therewith how is authorized to different user
Limit.The emphasis of wherein privacy area extraction is how to realize rapid extraction secret protection region, and privacy area protect mainly
What is solved is the preceding protection of coding, with encoding the protection being combined and the protection problem based on image watermarking, privacy access rights control
Technology processed, it refers to that user can just be visited only in the case of access privilege control is authorized when recovering private data
Ask the mandate of private data.However, it is existing all these for social media and the protection algorism of video, because application scenario
With the difference of demand, the system all cannot be directly used to.
The existing live platform of kindergarten education can be divided into garden side user (nursery teacher or kindergarten), family from role
Long user and the live platform operation side of screen.The running of this kind of live platform can be summarized as:
(1) garden side user and parent subscriber are registered in live platform first.
(2) garden side user is irregular announces course live information, including live teacher, class, teaching in live platform
The live informations such as subject.Follow-up writing for convenience, behind live teacher, class, course of instruction etc. identified into live important letter
The keyword of breath is referred to as HashTag, referred to as HT.Specifically a live information can be by multiple keyword identifications, it is assumed that
Use HT1、HT2、…、HTnIt is identified.
(3) live such as some live teacher, class that parent subscriber is concerned about by live platform to garden side user with regard to oneself
Level or course of instruction it is live, apply for that concern authorizes to garden side user, a parent subscriber can pay close attention to multiple live marks
HT1、HT2、…、HTn, be also possible to these mark marks certainly is one live.
(4) after garden side user receives parent subscriber application, audit its qualification and determine whether to agree to concern.
(5) live information that garden side user issue is marked by multiple HT, live information generally include live link, logined close
The information such as code.
(6) live information is given to all such live all users of concern Liao Gai garden sides user by live platform.
(7) parent subscriber receives the live information that live platform push comes, and according to live address and logins password viewing
It is live.
In this process, serious leakage of private information be present, mainly there are following three aspects:
(1) parent subscriber leakage of private information has given live platform.User is live due to needing after live platform is entered
Platform helps to forward concern application, matching and forwarding live information, the child of the privacy information of user as where the child of user
Garden, the information such as class at place will be leaked to live platform completely.
(2) parent subscriber leakage of private information has given garden side user.When concern application is submitted, garden side user can be accurate
Know which teacher the user for paying close attention to him is concerned with, which class, the privacy information of such user has also been leaked to garden side
User.
(3) information leakage of garden side user has given live platform.Live platform is used due to assume responsibility for garden side user and parent
The pairing task of live information between family, therefore the live information of live platform is transparent for live platform.
The content of the invention
In view of it is above-mentioned, the invention provides a kind of kindergarten education net cast platform for protecting privacy of user, ensuring
In the case that platform is by set model correctly operation, the privacy of user is protected.The present invention is modern close by existing Proxy Signature etc.
Code technology solves garden side user and completes to authorize in the case where requiring no knowledge about parent subscriber and focusing particularly on information, and live platform exists
Correctly blind matching and data forwarding are carried out in the case of requiring no knowledge about any concern information, parent subscriber can appoint not revealing
Live information and viewing live content are properly received in the case of what privacy.
The technical scheme is that:
A kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server,
Garden side's client;
Parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption
The concern solicited message of information is sent to main broadcaster's user terminal through Platform Server;For carrying out blind operation to Proxy Signature, then
The legitimacy of the request echo message received is parsed and verified, will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber pair
Feedback information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and agreeing to feelings
Proxy Signature is carried out to the concern solicited message comprising the encryption information under condition, letter then is responded into the request comprising Proxy Signature information
Breath is sent to parent's client through Platform Server;
Second user interface, the concern solicited message sent for showing parent's client, please to concern for garden side user
Information is asked to carry out wish operation;
The Platform Server includes:
Authorization database, confirmation concern information and garden side's client for storing the transmission of parent's client send live
Release news;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, interactive operation is provided for platform user.
Preferably, first information processing module is initialized, the public and private of public key cryptography and private key cryptographic composition is generated
Key pair.
Preferably, the second message processing module is initialized, the public and private of public key cryptography and private key cryptographic composition is generated
Key pair.
Identifying the keyword of live type includes live teacher, class, course of instruction, and this kind of keyword is designated as by the present invention
HT.It can be marked in one live video with multiple keywords.
Preferably, in first information processing module, it is live using this according to the live type oneself liked of selection
One or more keyword HT of type are identified, and are utilized the public key cryptography of the second message processing module and selected random
It is several that these HT are encrypted, form encryption information;Then encryption information, parent's client id and garden side's client will be included
ID concern solicited message is sent to Platform Server to store.
After when garden side, user reaches the standard grade, Platform Server sends the concern solicited message of storage to the second information processing mould.
Preferably, after the second message processing module receives concern solicited message, according to sight of the custom rule to request
Many users carry out title examination, after agreeing to concern, carry out Proxy Signature to encryption information using the private key cryptographic of oneself, form blind label
Name information;Then by the request echo message comprising Proxy Signature information, parent's client id and garden side's client id send to
Platform Server is to store.
The custom rule can be payment etc..
After parent subscriber is reached the standard grade, Platform Server sends the request echo message of storage to parent's client.
Preferably, after first information processing module receives request echo message, using selected random number to reception
Proxy Signature information carries out blind operation, is signed;The cryptographic Hash of garden side's client id, live type, signature, signature is stored
Be in long client, at the same by comprising parent's client id, garden side's client id, the cryptographic Hash of signature confirmation concern information hair
Live platform is delivered to, live platform is stored in authorization database.
Preferably, one or more of second message processing module using the private key cryptographic of itself to the live type of mark
Keyword HT cryptographic Hash is signed one by one, selectes some key S, and live video is added using symmetric encryption method
It is close, encryption live information is formed, wherein, live information includes live link and login password;Then, using the Kazakhstan of multiple signatures
Uncommon value recycles symmetric encryption method that selected key S is encrypted respectively as encryption key;Finally, garden side will be included
The live transmission that releases news of client id, the cryptographic Hash of signature, encryption live information and encrypted key is to authorization data
Storehouse is to store.
Preferably, authorize business logic modules by the cryptographic Hash of the live middle signature that releases news with confirming in concern information
The cryptographic Hash of signature is compared, and completes blind matching, after success, live release news is pushed to parent client by Platform Server
End.
Preferably, fortune is decrypted to the encryption live information of reception by first information processing module in parent's client
Calculate, obtain live link and login password, and then successfully listen to or watch and be live.
When parent subscriber expires or during arrearage, the second message processing module updates public and private secret key pair, close using new private key
Code carries out Proxy Signature to the encryption information in normal concern request, carries out cancelling the concern that need to remove user, so hair next time
During cloth live video, removed parent subscriber will be unable to be correctly decoded, it is impossible to obtain live video.
Carried in order to which the generation result by the cryptographic algorithm logic module of written in Java is embedded into Web page
Hand over, the present invention writes browser frames using JavaFX, and information processing component is interacted in the form of injecting.
When parent subscriber is unable to direct viewing live video due to time relationship, parent subscriber can also watch recorded broadcast and regard
Frequently.In this case, recorded broadcast video is stored in the memory space that live platform provides by garden side user, and form recorded broadcast link letter
Breath, recorded broadcast information is announced by with live identical mode.Live platform by authorize business logic modules to parent subscriber really
Recognize the cryptographic Hash signed in concern information released news with the recorded broadcast of garden side user middle signature cryptographic Hash compared with, completion
After blind matching, recorded broadcast corresponding with the recorded broadcast video, which is released news, to send to parent's client, parent's client passes through first
Computing is decrypted to the encryption recorded broadcast information of reception in message processing module, obtains recorded broadcast link and login password, and then successfully
Listen to or watch recorded broadcast.
The generation type that described recorded broadcast releases news is identical with the live generation type that releases news, and the recorded broadcast
Release news and be also stored in authorization database, the Kazakhstan including garden side's client id, signature the difference is that recorded broadcast releases news
Uncommon value, encryption recorded broadcast information.
The present invention have the advantage that for:
1st, the privacy of parent subscriber is protected.Because its pay close attention to request be encryption information, live platform can store and
Forwarding, but its raw information can not be obtained;Garden side user is the Proxy Signature that the concern request to encryption is carried out, therefore garden side uses
Family only knows that some user has paid close attention to him, but do not know its concern is specifically which class is live.
2nd, the privacy of garden side user (kindergarener or kindergarten) is protected.Because its live information is encryption letter
Breath, live platform can be stored, matched and forwarded, but can not obtain live raw information, and parent subscriber only obtains
Obtained and authorize the user of concern to decrypt, and watched, unauthorized user can not be decrypted.
3rd, parent subscriber and garden side user can be with asynchronous in system, that is, need not be simultaneously online, completely with asynchronous
Mode complete the foundation of concern relation.This greatly expands the use range of patent.
4th, parent subscriber can be paid close attention to simultaneously identifies live multiple keyword HT, and garden side user can issue one by more
This kind of live information correctly can be matched and be forwarded to all paid close attention to by the live information of individual keyword identification, live platform
(the mark HT of possible these parent subscribers concern is simultaneously different) such live parent subscriber.
5th, garden side user will can not be continued to pay dues or be unsatisfactory for the pass of the parent subscriber of requirement by way of more new key pair
Note is cancelled, and other parents remain to normally to watch it is live.
Brief description of the drawings
Fig. 1 is the structural framing of the kindergarten education net cast platform of protection privacy of user provided in an embodiment of the present invention
Figure.
Embodiment
In order to more specifically describe the present invention, below in conjunction with the accompanying drawings and embodiment is to technical scheme
It is described in detail.
Fig. 1 is the structural framing of the kindergarten education net cast platform of protection privacy of user provided in an embodiment of the present invention
Figure.As shown in figure 1, live platform includes:Parent's client, Platform Server, garden side's client.
Wherein, parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption
The concern solicited message of information is sent to main broadcaster's user terminal through Platform Server;For carrying out blind operation to Proxy Signature, then
The legitimacy of the request echo message received is parsed and verified, will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber pair
Feedback information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and agreeing to feelings
Proxy Signature is carried out to the concern solicited message comprising the encryption information under condition, letter then is responded into the request comprising Proxy Signature information
Breath is sent to parent's client through Platform Server;
Second user interface, the concern solicited message sent for showing parent's client, please to concern for garden side user
Information is asked to carry out wish operation;
The Platform Server includes:
Authorization database, confirmation concern information and garden side's client for storing the transmission of parent's client send live
Release news;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, Data Enter, user management and data manipulation etc. are provided for platform administrator.
The course of work of above-mentioned live platform is:
1st, the user's registration stage:
I-th of parent subscriber uiWith j-th of garden side user bjRegistered respectively in live platform, obtain respective user
Name and login password.
2nd, user's concern relation establishment stage:
The detailed process in this stage is:
First information processing module is initialized with the second message processing module, and it is close to generate respective public key cryptography and private key
The public and private key pair of code composition.
The generation of first information processing module belongs to parent's client uiPublic and private key is to including public key cryptography (Nu,i,eu,i)
With private key cryptographic (Nu,i,du,i).Wherein, Nu,i=p × q, p and q are two Big primes, make φ (Nu,i)=(p-1) × (q-1), eu,i
It is and φ (Nu,i) relatively prime Arbitrary Digit, du,iIt is to meet (eu,i×du,i)modφ(Nu,iThe Arbitrary Digit of)=1.Generally, public key is close
Code (Nu,i,eu,i) one of characteristic as spectators user external disclosure.
Similarly, what the second message processing module generated belongs to garden side client bjPublic and private key is to including public key cryptography
(Nb,j,eb,j) and private key cryptographic (Nb,j,db,j).Wherein, Nb,j=p × q, p and q are two Big primes, make φ (Nb,j)=(p-1) ×
(q-1), eb,jIt is and φ (Nb,j) relatively prime Arbitrary Digit, db,jIt is to meet (eb,j×db,j)modφ(Nb,jThe Arbitrary Digit of)=1.It is logical
Often, public key cryptography (Nb,j,eb,j) one of characteristic as main broadcaster user external disclosure.
Public and private key is generated to rear in first information processing module and the second message processing module, is passed through according to parent subscriber
The live type HT oneself liked of first user interface selectionk, first information processing module utilizes garden side client bjPublic key
Password (Nb,j,eb,j) and selected random number riTo HTkIt is encrypted, forms encryption information μk;
Wherein, H () is hash function.
Obtaining encryption information μkAfterwards, first information processing module will include encryption information μk, parent's client id uiWith
And garden side client id bjConcern solicited message (ui,bj,μK (k=1,2 ..., n)) send to Platform Server to store.
After when garden side, user reaches the standard grade, Platform Server is by the concern solicited message (u of storagei,bj,μK (k=1,2 ..., n)) send
To garden side client bjThe second message processing module.
Second message processing module receives concern solicited message (ui,bj,μK (k=1,2 ..., n)) after, garden side user passes through second
User interface carries out title examination according to custom rule (payment) to the parent subscriber of request, after agreeing to concern, the second information
Processing module utilizes the private key cryptographic (N of oneselfb,j,db,j) to encryption information μK (k=1,2 ..., n)Proxy Signature is carried out, forms Proxy Signature
Information
Forming Proxy Signature information μ 'K (k=1,2 ..., n)Afterwards, the second message processing module will include Proxy Signature information
μ′K (k=1,2 ..., n), parent's client id uiAnd garden side client id bjRequest echo message (ui,bj,μ′K (k=1,2 ..., n))
Send to Platform Server to store.
After parent subscriber is reached the standard grade, Platform Server is by the request echo message (u of storagei,bj,μ′K (k=1,2 ..., n)) send
To parent's client ui。
Parent's client uiSelected random number r is utilized by first information processing moduleiTo the Proxy Signature information of reception
μ′K (k=1,2 ..., n)Blind operation is carried out, obtains the δ that signskWith signature δkCryptographic Hash tk;
δk=μ 'k÷riK=1,2 ..., n
tk=H2(δk) k=1,2 ..., n
Wherein, H2() is hash function.
Obtaining the δ that signskWith signature δkCryptographic Hash tkAfterwards, first information processing module is by garden side client id bj, it is live
Type HTk(k=1,2 ..., n), signature δk, signature cryptographic Hash tkAfter be stored in parent's client ui, while parent will be included
Client id ui, garden side client id bj, signature cryptographic Hash tkConfirmation concern information (ui,bj,tK (k=1,2 ..., n)) hair transmission
To authorization database to store.
So far, the concern relation between garden side user and parent subscriber is formally established.
3rd, issue-watch the stage:
The detailed process in this stage is:
Second message processing module utilizes the private key cryptographic (N of itselfb,j,db,j) to the keyword of the live type of markCryptographic Hash signed, select key S, and live information M is entered with symmetric encryption method
Row encryption, form encryption live informationWherein, live information includes live link and login password, then, selectes multiple
Key s is encrypted respectively as encryption key, then using cryptographic symmetrical algorithm for the cryptographic Hash of signature;
Cryptographic calculation is:
Wherein, H (), H2(·)、H1() is hash function,Represent withCarried out for key symmetrical
Cryptographic calculation, EncS() represents to carry out symmetric encryption operation by key of S,
Live information is encrypted being formedAfterwards, the second message processing module will include garden side client id bj, signature Kazakhstan
Uncommon valueEncrypt live informationWith encrypted keyLive release newsSend to authorization database to store.
Business logic modules are authorized to be released news live
The cryptographic Hash of middle signature is with confirming concern information (ui,bj,tK (k=1,2 ..., n)) in signature cryptographic Hash be compared, complete blind
Match somebody with somebody, after success, Platform Server releases news livePush away
Deliver to parent's client.
The detailed process of blind matching is:Judge It is
No establishment, if so, represent that the match is successful, wherein , && is represented and relation, | | expression or relation.
Parent's client live is released news by first information processing module by what is receivedSend to first information processing module and be decrypted;It is right firstComputing is decrypted and obtains key S, the encryption live information then received using S as decryption secret key pairFortune is decrypted
Calculate, obtain live link and login password, and then successfully listen to or watch and be live.
Decrypting detailed process is:
JudgeWhether set up, if one of formula is equal,
Then representLive information M is recovered by following computing:
Kk=H1(δk) k=1,2 ..., n
Wherein,Expression passes through key KkSymmetrical decryption computing is carried out,Expression is entered by key S
The symmetrical decryption computing of row, live link and login password are obtained by live information M, successfully can listen to or watch it is live, but
Be unauthorized user due to can not correctly decrypt, then can not listen to or watch and be live.
When parent subscriber expires or during arrearage, the mode that the second message processing module updates public and private secret key pair is cancelled and needs to move
Except the concern of user, so that removed parent subscriber will be unable to be correctly decoded, it is impossible to obtain live information.
The present embodiment is with parent subscriber uaExemplified by expiring, it is specifically described concern authority and recalls problem.
As garden side user bdMessage is sent to Platform Server first, informs that Platform Server should not be again by its live video
It is transmitted to parent subscriber ua.While in order to prevent Platform Server and parent subscriber uaConspire, garden side user bmFurther by more
The mode of new private key cryptographic is to parent subscriber uaCancel concern, so, even if parent subscriber uaLive video is received, also can not be just
Really decryption.
Cancelling the detailed process paid close attention to is:
Garden side client bmThe second message processing module renewal private key cryptographic beAnd utilize new private key
PasswordEstablished by the way of above-mentioned user's concern relation establishment stage except parent subscriber uaOuter all families
The new concern relation of long user;
After new concern relation establishes, new private key cryptographic is utilizedUsing above-mentioned issue-watch the stage
Mode sends live release news and watching video information.
Due in user's concern relation establishment stage, parent subscriber uaNot with garden side user bmNew concern relation is established, is led
Cause Platform Server can not be to parent subscriber uaWith garden side user bmCorrectly matched, and then parent subscriber uaIt can not receive live
Release news, can not be correctly decoded, can not finally watch garden side user bmThe live video of transmission.
Therefore, garden side user is limited by way of updating private key cryptographic well expires or arrearage parent subscriber
Viewing.
When parent subscriber is unable to direct viewing live video, parent subscriber can also watch recorded broadcast video.
In this case, with garden side user bmWith parent subscriber uaExemplified by, it is specifically described the process for watching recorded broadcast:
Garden side user bmRecorded broadcast video N is stored in live platform, recorded broadcast chain is issued using with live identical mode
Information is connect, authorizes business logic modules to parent subscriber uaConfirmation concern information in the cryptographic Hash signed and garden side user bm
The release news cryptographic Hash of middle signature of recorded broadcast be compared, after completing blind matching, recorded broadcast corresponding with the recorded broadcast video is sent out
Cloth information sends to parent's client, parent's client and the encryption recorded broadcast information of reception is carried out by first information processing module
Computing is decrypted, obtains recorded broadcast link and login password, and then successfully listen to or watch and be live.
Technical scheme and beneficial effect are described in detail above-described embodiment, Ying Li
Solution is to the foregoing is only presently most preferred embodiment of the invention, is not intended to limit the invention, all principle models in the present invention
Interior done any modification, supplement and equivalent substitution etc. are enclosed, should be included in the scope of the protection.
Claims (10)
1. a kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server, garden
Square client, it is characterised in that
Parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption information
Concern solicited message sent through Platform Server to main broadcaster's user terminal;For carrying out blind operation to Proxy Signature, then parse
And the legitimacy of the request echo message received is verified, it will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber to feedback
Information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and in the case of agreement
Proxy Signature is carried out to the concern solicited message comprising the encryption information, then passed through the request echo message comprising Proxy Signature information
Platform Server is sent to parent's client;
Second user interface, the concern solicited message sent for showing parent's client, for garden side user to concern request letter
Breath carries out wish operation;
The Platform Server includes:
Authorization database, the live issue that confirmation concern information and garden side's client for storing the transmission of parent's client are sent
Information;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, interactive operation is provided for platform user.
2. the kindergarten education net cast platform of protection privacy of user as claimed in claim 1, it is characterised in that described
First information processing module is initialized, and generates the public and private key pair of public key cryptography and private key cryptographic composition;Described second
Message processing module is initialized, and generates the public and private key pair of public key cryptography and private key cryptographic composition.
3. the kindergarten education net cast platform of protection privacy of user as claimed in claim 2, it is characterised in that first
It is crucial using the one or more of these live types according to the live type oneself liked of selection in message processing module
Word HT is identified, and these HT are encrypted using the public key cryptography and selected random number of the second message processing module,
Form encryption information;Then the concern solicited message comprising encryption information, parent's client id and garden side's client id is sent out
Platform Server is delivered to store.
4. the kindergarten education net cast platform of protection privacy of user as claimed in claim 3, it is characterised in that the second letter
After breath processing module receives concern solicited message, title examination is carried out to the spectators user of request according to custom rule, agreed to
After concern, Proxy Signature is carried out to encryption information using the private key cryptographic of oneself, forms Proxy Signature information;Then Proxy Signature will be included
The request echo message of information, parent's client id and garden side's client id is sent to Platform Server to store.
5. the kindergarten education net cast platform of protection privacy of user as claimed in claim 4, it is characterised in that the first letter
After breath processing module receives request echo message, blind operation is carried out to the Proxy Signature information of reception using selected random number,
Signed;The cryptographic Hash of garden side's client id, live type, signature, signature is stored in parent's client, while will be included
Parent's client id, garden side's client id, the confirmation concern information of the cryptographic Hash of signature send to live platform, live platform and incited somebody to action
It is stored in authorization database.
6. the kindergarten education net cast platform of protection privacy of user as claimed in claim 5, it is characterised in that the second letter
Cease processing module using the private key cryptographic of itself to identify live type one or more keyword HT cryptographic Hash progress by
Individual signature, some key S is selected, and live video is encrypted using symmetric encryption method, form encryption live information, its
In, live information includes live link and login password;Then, using multiple signatures cryptographic Hash respectively as encryption key,
Recycle symmetric encryption method that selected key S is encrypted;Finally, by including garden side's client id, signature cryptographic Hash,
Live release news of encryption live information and encrypted key is sent to authorization database to store.
7. the kindergarten education net cast platform of protection privacy of user as claimed in claim 6, it is characterised in that authorize industry
It is complete compared with the cryptographic Hash of the live middle signature that releases news is paid close attention to the cryptographic Hash signed in information by business logic module with confirmation
Cecutiency is matched, and after success, live release news is pushed to parent's client by Platform Server.
8. the kindergarten education net cast platform of protection privacy of user as claimed in claim 7, it is characterised in that family's long-traveller
Live release news received is decrypted by first information processing module for family end, is obtained live link and is logged in close
Code, and then successfully listen to or watch and be live.
9. the kindergarten education net cast platform of the protection privacy of user as described in claim 1~8 is any, its feature exist
In when parent subscriber expires or during arrearage, the second message processing module updates public and private secret key pair, is aligned using new private key cryptographic
Encryption information in normal concern request carries out Proxy Signature, and then cancels the concern that need to remove user.
10. the kindergarten education net cast platform of the protection privacy of user as described in claim 1~8 is any, its feature exist
In, recorded broadcast video is stored in the memory space that live platform provides by garden side user, and forms recorded broadcast link information, by with it is straight
Broadcast identical mode and announce recorded broadcast information;Live platform is by authorizing confirmation of the business logic modules to parent subscriber to pay close attention to information
The cryptographic Hash of middle signature and the recorded broadcast of garden side user release news middle signature cryptographic Hash compared with, after completing blind matching,
Recorded broadcast corresponding with the recorded broadcast video is released news to send to parent's client, parent's client mould is handled by the first information
Computing is decrypted to the encryption recorded broadcast information of reception in block, obtains recorded broadcast link and login password, and then successfully listen to or watch
Recorded broadcast.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710698034.6A CN107360450A (en) | 2017-08-15 | 2017-08-15 | A kind of kindergarten education net cast platform for protecting privacy of user |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710698034.6A CN107360450A (en) | 2017-08-15 | 2017-08-15 | A kind of kindergarten education net cast platform for protecting privacy of user |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107360450A true CN107360450A (en) | 2017-11-17 |
Family
ID=60287915
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710698034.6A Pending CN107360450A (en) | 2017-08-15 | 2017-08-15 | A kind of kindergarten education net cast platform for protecting privacy of user |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107360450A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107959725A (en) * | 2017-12-14 | 2018-04-24 | 浙江工商大学 | The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve |
CN108055194A (en) * | 2017-12-14 | 2018-05-18 | 浙江工商大学 | Multi-tag and the newer method for secret protection of user are supported in microblog system |
CN108289096A (en) * | 2018-01-05 | 2018-07-17 | 武汉斗鱼网络科技有限公司 | The method and device of direct broadcasting room concern is paid close attention to, verified to a kind of direct broadcasting room |
CN109151493A (en) * | 2018-10-12 | 2019-01-04 | 上海思依暄机器人科技股份有限公司 | Net cast method and net cast robot |
CN110046318A (en) * | 2019-03-29 | 2019-07-23 | 成都乐陪信息科技有限公司 | Campus intelligent terminal synchronizing information methods of exhibiting and system based on class's main body |
CN113014949A (en) * | 2021-03-10 | 2021-06-22 | 读书郎教育科技有限公司 | Student privacy protection system and method for smart classroom course playback |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090070884A1 (en) * | 2007-09-11 | 2009-03-12 | General Instrument Corporation | Method, system and device for secured access to protected digital material |
CN105553979A (en) * | 2015-12-15 | 2016-05-04 | 国网智能电网研究院 | Encryption publishing method for privacy information in smart power grid |
-
2017
- 2017-08-15 CN CN201710698034.6A patent/CN107360450A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090070884A1 (en) * | 2007-09-11 | 2009-03-12 | General Instrument Corporation | Method, system and device for secured access to protected digital material |
CN105553979A (en) * | 2015-12-15 | 2016-05-04 | 国网智能电网研究院 | Encryption publishing method for privacy information in smart power grid |
Non-Patent Citations (1)
Title |
---|
赵威: "视频直播平台中的用户隐私保护研究", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107959725A (en) * | 2017-12-14 | 2018-04-24 | 浙江工商大学 | The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve |
CN108055194A (en) * | 2017-12-14 | 2018-05-18 | 浙江工商大学 | Multi-tag and the newer method for secret protection of user are supported in microblog system |
CN107959725B (en) * | 2017-12-14 | 2020-08-25 | 浙江工商大学 | Data interaction method considering privacy of both issuing and subscribing parties based on elliptic curve |
CN108055194B (en) * | 2017-12-14 | 2020-10-30 | 浙江工商大学 | Privacy protection method supporting multi-label and user updating in microblog system |
CN108289096A (en) * | 2018-01-05 | 2018-07-17 | 武汉斗鱼网络科技有限公司 | The method and device of direct broadcasting room concern is paid close attention to, verified to a kind of direct broadcasting room |
CN108289096B (en) * | 2018-01-05 | 2020-10-16 | 武汉斗鱼网络科技有限公司 | Method and device for paying attention to live broadcast room and verifying attention to live broadcast room |
CN109151493A (en) * | 2018-10-12 | 2019-01-04 | 上海思依暄机器人科技股份有限公司 | Net cast method and net cast robot |
CN110046318A (en) * | 2019-03-29 | 2019-07-23 | 成都乐陪信息科技有限公司 | Campus intelligent terminal synchronizing information methods of exhibiting and system based on class's main body |
CN113014949A (en) * | 2021-03-10 | 2021-06-22 | 读书郎教育科技有限公司 | Student privacy protection system and method for smart classroom course playback |
CN113014949B (en) * | 2021-03-10 | 2022-05-06 | 读书郎教育科技有限公司 | Student privacy protection system and method for smart classroom course playback |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107360450A (en) | A kind of kindergarten education net cast platform for protecting privacy of user | |
CN110084068B (en) | Block chain system and data processing method for block chain system | |
Kumari et al. | Cryptanalysis and improvement of ‘a robust smart‐card‐based remote user password authentication scheme’ | |
US9106407B2 (en) | Key generation using multiple sets of secret shares | |
CN109804374A (en) | Digital Right Management based on block chain | |
CN106716914A (en) | Secure key management for roaming protected content | |
CN106104562A (en) | Safety of secret data stores and recovery system and method | |
CN105721903B (en) | The online method and system for playing video | |
CN107251035A (en) | Account recovers agreement | |
CN107113286A (en) | The roaming content erasing operation of striding equipment | |
KR20050074494A (en) | Method and device for authorizing content operations | |
CN104243494B (en) | A kind of data processing method | |
CN107690079A (en) | Privacy of user guard method in live platform | |
US9369464B2 (en) | Scalable authentication system | |
CN103237010B (en) | The server end of digital content is cryptographically provided | |
KR100677152B1 (en) | Method for transmitting content in home network using user-binding | |
CN107613316A (en) | A kind of network direct broadcasting plug-flow verification method and system | |
CN110268719A (en) | Protect media content | |
JP2014530554A (en) | Group secret management by group members | |
Bokslag et al. | Evaluating e-voting: theory and practice | |
CN105191332B (en) | For the method and apparatus of the embedded watermark in unpressed video data | |
Safi et al. | Privacy protection scheme for mobile social network | |
CN102938759A (en) | Cryptographic sanction server and methods for use therewith | |
CN109981271A (en) | A kind of network multimedia security protection encryption method | |
CN107959725A (en) | The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171117 |