CN107360450A - A kind of kindergarten education net cast platform for protecting privacy of user - Google Patents

A kind of kindergarten education net cast platform for protecting privacy of user Download PDF

Info

Publication number
CN107360450A
CN107360450A CN201710698034.6A CN201710698034A CN107360450A CN 107360450 A CN107360450 A CN 107360450A CN 201710698034 A CN201710698034 A CN 201710698034A CN 107360450 A CN107360450 A CN 107360450A
Authority
CN
China
Prior art keywords
live
information
client
user
platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710698034.6A
Other languages
Chinese (zh)
Inventor
谢满德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN201710698034.6A priority Critical patent/CN107360450A/en
Publication of CN107360450A publication Critical patent/CN107360450A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4408Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys

Abstract

The invention discloses a kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server, garden side's client, wherein, parent's client includes first information processing module and the first user interface;Garden side's client includes the second message processing module and second user interface;Platform Server includes authorization database, authorizes business logic modules and Platform Server Web page.Complete to authorize in the case where requiring no knowledge about parent subscriber and focusing particularly on information by solving garden side user by modern cryptographic techniques such as existing Proxy Signatures with upper mounting plate, live platform carries out correctly blind matching and data forwarding in the case where requiring no knowledge about any concern information, and parent subscriber can be properly received live (recorded broadcast) information in the case where not revealing any privacy and watch live (recorded broadcast) content.

Description

A kind of kindergarten education net cast platform for protecting privacy of user
Technical field
The invention belongs to community network and information security neighborhood, and in particular to a kind of kindergarten education for protecting privacy of user Net cast platform.
Background technology
From Media Era, various live platforms emerge in an endless stream, and have live to show the amusement show field of the contents such as intelligence and art, also have All kinds of social softwares are live and electric business is live, also all kinds of live platforms of education etc., and live platform has penetrated into us and lived Every aspect.Especially after the various cruelties to child in kindergarten frequently exposure, the net cast platform towards kindergarten education obtains Heat to parent is held in both hands.In this mode, parent can subscribe to the class live-broadcast of kindergarten, and kindergarten and teacher can be from classrooms Live middle acquisition income, so kindergarten and teacher are ready to open class live-broadcast.
However, all kinds of live platforms, while bringing many convenient to us, also the privacy to platform user is brought Great threat and potential safety hazard.Protection serious loss of the existing all kinds of live platforms to user privacy information, user take with platform All data transmitted between business device, between user and user are all that in plain text, these data are easy to expose the hidden of platform user Personal letter ceases, and brings unnecessary trouble to user, or even serious threat is to their safety of life and property.
By taking the kindergarten education of patent application as an example, if kindergarten and its class's information leakage where child, The daily schedule of child will just leak completely, and this gives the bad person to hatch a sinister plot to be on the hazard with opportunity, baby safety.Separately Outside, existing types of applications all assumes that the operator of live platform is believable, so all data are in the air to operator 's.
In fact, in most cases live platform operation side is strictly sincerity in the case where considering the constraint of platform reputation , it actively will not go to distort, damage data, will not actively go to leak privacy of user, but live platform operation side is likely to pair Data are curious or considered based on itself commercial interest in the case where strictly observing existing protocol, and data are effectively dug Pick, so as to carry out some value-added services such as directional advertisement sending etc., these all virtually have leaked the privacy of platform user.Cause This needs a kind of mechanism effectively to protect the privacy information of user in existing net cast platform.
Careless pseudo-random function based on modern cryptographic technique such as RSA Proxy Signatures (Blind-RSA Signature) (Oblivious PseudoRandom Function), AES (Advanced Encryption Standard) etc. are that solution is hidden The effective way of private leakage problem.
At present, the algorithm for having had many scholars to protect privacy of user conducts extensive research, especially social network It is even more the extensive concern for receiving lot of domestic and foreign scholar in terms of network and video, and has rapidly become the focus studied in the industry. In the research team of numerous external community networks, the protection technique that they study is mostly hidden for the node in community network Figure property privacy in private, side privacy and community network, around node K- is anonymous, subgraph K- is anonymous, deduce control and data are disturbed The technology expansion research such as random.
For example, in the research of weighting community network interior joint secret protection, Y.Li and H.Shen et al. are for weighting The side weight information for causing identity to be revealed in figure proposes Nogata anonymity technology.The technology can be prevented effectively based on the hidden of weight Private attack;Researchs of the X.Ying et al. based on community network sensitive relations, it is proposed that in randomization modification figure, moreover it is possible to keep figure Constant method is composed, they keep the hypothesis of connected state based on community network figure, it is proposed that figure upset method.
Video secret protection technology is can will directly or indirectly to identify that privacy information carries out protection processing in video information, Realize the safety guarantee for the privacy information that need to be protected.Existing video secret protection technology is broadly divided into following three class:Privacy zone The extraction in domain, how privacy area is protected and private data access right adaptable therewith how is authorized to different user Limit.The emphasis of wherein privacy area extraction is how to realize rapid extraction secret protection region, and privacy area protect mainly What is solved is the preceding protection of coding, with encoding the protection being combined and the protection problem based on image watermarking, privacy access rights control Technology processed, it refers to that user can just be visited only in the case of access privilege control is authorized when recovering private data Ask the mandate of private data.However, it is existing all these for social media and the protection algorism of video, because application scenario With the difference of demand, the system all cannot be directly used to.
The existing live platform of kindergarten education can be divided into garden side user (nursery teacher or kindergarten), family from role Long user and the live platform operation side of screen.The running of this kind of live platform can be summarized as:
(1) garden side user and parent subscriber are registered in live platform first.
(2) garden side user is irregular announces course live information, including live teacher, class, teaching in live platform The live informations such as subject.Follow-up writing for convenience, behind live teacher, class, course of instruction etc. identified into live important letter The keyword of breath is referred to as HashTag, referred to as HT.Specifically a live information can be by multiple keyword identifications, it is assumed that Use HT1、HT2、…、HTnIt is identified.
(3) live such as some live teacher, class that parent subscriber is concerned about by live platform to garden side user with regard to oneself Level or course of instruction it is live, apply for that concern authorizes to garden side user, a parent subscriber can pay close attention to multiple live marks HT1、HT2、…、HTn, be also possible to these mark marks certainly is one live.
(4) after garden side user receives parent subscriber application, audit its qualification and determine whether to agree to concern.
(5) live information that garden side user issue is marked by multiple HT, live information generally include live link, logined close The information such as code.
(6) live information is given to all such live all users of concern Liao Gai garden sides user by live platform.
(7) parent subscriber receives the live information that live platform push comes, and according to live address and logins password viewing It is live.
In this process, serious leakage of private information be present, mainly there are following three aspects:
(1) parent subscriber leakage of private information has given live platform.User is live due to needing after live platform is entered Platform helps to forward concern application, matching and forwarding live information, the child of the privacy information of user as where the child of user Garden, the information such as class at place will be leaked to live platform completely.
(2) parent subscriber leakage of private information has given garden side user.When concern application is submitted, garden side user can be accurate Know which teacher the user for paying close attention to him is concerned with, which class, the privacy information of such user has also been leaked to garden side User.
(3) information leakage of garden side user has given live platform.Live platform is used due to assume responsibility for garden side user and parent The pairing task of live information between family, therefore the live information of live platform is transparent for live platform.
The content of the invention
In view of it is above-mentioned, the invention provides a kind of kindergarten education net cast platform for protecting privacy of user, ensuring In the case that platform is by set model correctly operation, the privacy of user is protected.The present invention is modern close by existing Proxy Signature etc. Code technology solves garden side user and completes to authorize in the case where requiring no knowledge about parent subscriber and focusing particularly on information, and live platform exists Correctly blind matching and data forwarding are carried out in the case of requiring no knowledge about any concern information, parent subscriber can appoint not revealing Live information and viewing live content are properly received in the case of what privacy.
The technical scheme is that:
A kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server, Garden side's client;
Parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption The concern solicited message of information is sent to main broadcaster's user terminal through Platform Server;For carrying out blind operation to Proxy Signature, then The legitimacy of the request echo message received is parsed and verified, will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber pair Feedback information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and agreeing to feelings Proxy Signature is carried out to the concern solicited message comprising the encryption information under condition, letter then is responded into the request comprising Proxy Signature information Breath is sent to parent's client through Platform Server;
Second user interface, the concern solicited message sent for showing parent's client, please to concern for garden side user Information is asked to carry out wish operation;
The Platform Server includes:
Authorization database, confirmation concern information and garden side's client for storing the transmission of parent's client send live Release news;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, interactive operation is provided for platform user.
Preferably, first information processing module is initialized, the public and private of public key cryptography and private key cryptographic composition is generated Key pair.
Preferably, the second message processing module is initialized, the public and private of public key cryptography and private key cryptographic composition is generated Key pair.
Identifying the keyword of live type includes live teacher, class, course of instruction, and this kind of keyword is designated as by the present invention HT.It can be marked in one live video with multiple keywords.
Preferably, in first information processing module, it is live using this according to the live type oneself liked of selection One or more keyword HT of type are identified, and are utilized the public key cryptography of the second message processing module and selected random It is several that these HT are encrypted, form encryption information;Then encryption information, parent's client id and garden side's client will be included ID concern solicited message is sent to Platform Server to store.
After when garden side, user reaches the standard grade, Platform Server sends the concern solicited message of storage to the second information processing mould.
Preferably, after the second message processing module receives concern solicited message, according to sight of the custom rule to request Many users carry out title examination, after agreeing to concern, carry out Proxy Signature to encryption information using the private key cryptographic of oneself, form blind label Name information;Then by the request echo message comprising Proxy Signature information, parent's client id and garden side's client id send to Platform Server is to store.
The custom rule can be payment etc..
After parent subscriber is reached the standard grade, Platform Server sends the request echo message of storage to parent's client.
Preferably, after first information processing module receives request echo message, using selected random number to reception Proxy Signature information carries out blind operation, is signed;The cryptographic Hash of garden side's client id, live type, signature, signature is stored Be in long client, at the same by comprising parent's client id, garden side's client id, the cryptographic Hash of signature confirmation concern information hair Live platform is delivered to, live platform is stored in authorization database.
Preferably, one or more of second message processing module using the private key cryptographic of itself to the live type of mark Keyword HT cryptographic Hash is signed one by one, selectes some key S, and live video is added using symmetric encryption method It is close, encryption live information is formed, wherein, live information includes live link and login password;Then, using the Kazakhstan of multiple signatures Uncommon value recycles symmetric encryption method that selected key S is encrypted respectively as encryption key;Finally, garden side will be included The live transmission that releases news of client id, the cryptographic Hash of signature, encryption live information and encrypted key is to authorization data Storehouse is to store.
Preferably, authorize business logic modules by the cryptographic Hash of the live middle signature that releases news with confirming in concern information The cryptographic Hash of signature is compared, and completes blind matching, after success, live release news is pushed to parent client by Platform Server End.
Preferably, fortune is decrypted to the encryption live information of reception by first information processing module in parent's client Calculate, obtain live link and login password, and then successfully listen to or watch and be live.
When parent subscriber expires or during arrearage, the second message processing module updates public and private secret key pair, close using new private key Code carries out Proxy Signature to the encryption information in normal concern request, carries out cancelling the concern that need to remove user, so hair next time During cloth live video, removed parent subscriber will be unable to be correctly decoded, it is impossible to obtain live video.
Carried in order to which the generation result by the cryptographic algorithm logic module of written in Java is embedded into Web page Hand over, the present invention writes browser frames using JavaFX, and information processing component is interacted in the form of injecting.
When parent subscriber is unable to direct viewing live video due to time relationship, parent subscriber can also watch recorded broadcast and regard Frequently.In this case, recorded broadcast video is stored in the memory space that live platform provides by garden side user, and form recorded broadcast link letter Breath, recorded broadcast information is announced by with live identical mode.Live platform by authorize business logic modules to parent subscriber really Recognize the cryptographic Hash signed in concern information released news with the recorded broadcast of garden side user middle signature cryptographic Hash compared with, completion After blind matching, recorded broadcast corresponding with the recorded broadcast video, which is released news, to send to parent's client, parent's client passes through first Computing is decrypted to the encryption recorded broadcast information of reception in message processing module, obtains recorded broadcast link and login password, and then successfully Listen to or watch recorded broadcast.
The generation type that described recorded broadcast releases news is identical with the live generation type that releases news, and the recorded broadcast Release news and be also stored in authorization database, the Kazakhstan including garden side's client id, signature the difference is that recorded broadcast releases news Uncommon value, encryption recorded broadcast information.
The present invention have the advantage that for:
1st, the privacy of parent subscriber is protected.Because its pay close attention to request be encryption information, live platform can store and Forwarding, but its raw information can not be obtained;Garden side user is the Proxy Signature that the concern request to encryption is carried out, therefore garden side uses Family only knows that some user has paid close attention to him, but do not know its concern is specifically which class is live.
2nd, the privacy of garden side user (kindergarener or kindergarten) is protected.Because its live information is encryption letter Breath, live platform can be stored, matched and forwarded, but can not obtain live raw information, and parent subscriber only obtains Obtained and authorize the user of concern to decrypt, and watched, unauthorized user can not be decrypted.
3rd, parent subscriber and garden side user can be with asynchronous in system, that is, need not be simultaneously online, completely with asynchronous Mode complete the foundation of concern relation.This greatly expands the use range of patent.
4th, parent subscriber can be paid close attention to simultaneously identifies live multiple keyword HT, and garden side user can issue one by more This kind of live information correctly can be matched and be forwarded to all paid close attention to by the live information of individual keyword identification, live platform (the mark HT of possible these parent subscribers concern is simultaneously different) such live parent subscriber.
5th, garden side user will can not be continued to pay dues or be unsatisfactory for the pass of the parent subscriber of requirement by way of more new key pair Note is cancelled, and other parents remain to normally to watch it is live.
Brief description of the drawings
Fig. 1 is the structural framing of the kindergarten education net cast platform of protection privacy of user provided in an embodiment of the present invention Figure.
Embodiment
In order to more specifically describe the present invention, below in conjunction with the accompanying drawings and embodiment is to technical scheme It is described in detail.
Fig. 1 is the structural framing of the kindergarten education net cast platform of protection privacy of user provided in an embodiment of the present invention Figure.As shown in figure 1, live platform includes:Parent's client, Platform Server, garden side's client.
Wherein, parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption The concern solicited message of information is sent to main broadcaster's user terminal through Platform Server;For carrying out blind operation to Proxy Signature, then The legitimacy of the request echo message received is parsed and verified, will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber pair Feedback information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and agreeing to feelings Proxy Signature is carried out to the concern solicited message comprising the encryption information under condition, letter then is responded into the request comprising Proxy Signature information Breath is sent to parent's client through Platform Server;
Second user interface, the concern solicited message sent for showing parent's client, please to concern for garden side user Information is asked to carry out wish operation;
The Platform Server includes:
Authorization database, confirmation concern information and garden side's client for storing the transmission of parent's client send live Release news;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, Data Enter, user management and data manipulation etc. are provided for platform administrator.
The course of work of above-mentioned live platform is:
1st, the user's registration stage:
I-th of parent subscriber uiWith j-th of garden side user bjRegistered respectively in live platform, obtain respective user Name and login password.
2nd, user's concern relation establishment stage:
The detailed process in this stage is:
First information processing module is initialized with the second message processing module, and it is close to generate respective public key cryptography and private key The public and private key pair of code composition.
The generation of first information processing module belongs to parent's client uiPublic and private key is to including public key cryptography (Nu,i,eu,i) With private key cryptographic (Nu,i,du,i).Wherein, Nu,i=p × q, p and q are two Big primes, make φ (Nu,i)=(p-1) × (q-1), eu,i It is and φ (Nu,i) relatively prime Arbitrary Digit, du,iIt is to meet (eu,i×du,i)modφ(Nu,iThe Arbitrary Digit of)=1.Generally, public key is close Code (Nu,i,eu,i) one of characteristic as spectators user external disclosure.
Similarly, what the second message processing module generated belongs to garden side client bjPublic and private key is to including public key cryptography (Nb,j,eb,j) and private key cryptographic (Nb,j,db,j).Wherein, Nb,j=p × q, p and q are two Big primes, make φ (Nb,j)=(p-1) × (q-1), eb,jIt is and φ (Nb,j) relatively prime Arbitrary Digit, db,jIt is to meet (eb,j×db,j)modφ(Nb,jThe Arbitrary Digit of)=1.It is logical Often, public key cryptography (Nb,j,eb,j) one of characteristic as main broadcaster user external disclosure.
Public and private key is generated to rear in first information processing module and the second message processing module, is passed through according to parent subscriber The live type HT oneself liked of first user interface selectionk, first information processing module utilizes garden side client bjPublic key Password (Nb,j,eb,j) and selected random number riTo HTkIt is encrypted, forms encryption information μk
Wherein, H () is hash function.
Obtaining encryption information μkAfterwards, first information processing module will include encryption information μk, parent's client id uiWith And garden side client id bjConcern solicited message (ui,bjK (k=1,2 ..., n)) send to Platform Server to store.
After when garden side, user reaches the standard grade, Platform Server is by the concern solicited message (u of storagei,bjK (k=1,2 ..., n)) send To garden side client bjThe second message processing module.
Second message processing module receives concern solicited message (ui,bjK (k=1,2 ..., n)) after, garden side user passes through second User interface carries out title examination according to custom rule (payment) to the parent subscriber of request, after agreeing to concern, the second information Processing module utilizes the private key cryptographic (N of oneselfb,j,db,j) to encryption information μK (k=1,2 ..., n)Proxy Signature is carried out, forms Proxy Signature Information
Forming Proxy Signature information μ 'K (k=1,2 ..., n)Afterwards, the second message processing module will include Proxy Signature information μ′K (k=1,2 ..., n), parent's client id uiAnd garden side client id bjRequest echo message (ui,bj,μ′K (k=1,2 ..., n)) Send to Platform Server to store.
After parent subscriber is reached the standard grade, Platform Server is by the request echo message (u of storagei,bj,μ′K (k=1,2 ..., n)) send To parent's client ui
Parent's client uiSelected random number r is utilized by first information processing moduleiTo the Proxy Signature information of reception μ′K (k=1,2 ..., n)Blind operation is carried out, obtains the δ that signskWith signature δkCryptographic Hash tk
δk=μ 'k÷riK=1,2 ..., n
tk=H2k) k=1,2 ..., n
Wherein, H2() is hash function.
Obtaining the δ that signskWith signature δkCryptographic Hash tkAfterwards, first information processing module is by garden side client id bj, it is live Type HTk(k=1,2 ..., n), signature δk, signature cryptographic Hash tkAfter be stored in parent's client ui, while parent will be included Client id ui, garden side client id bj, signature cryptographic Hash tkConfirmation concern information (ui,bj,tK (k=1,2 ..., n)) hair transmission To authorization database to store.
So far, the concern relation between garden side user and parent subscriber is formally established.
3rd, issue-watch the stage:
The detailed process in this stage is:
Second message processing module utilizes the private key cryptographic (N of itselfb,j,db,j) to the keyword of the live type of markCryptographic Hash signed, select key S, and live information M is entered with symmetric encryption method Row encryption, form encryption live informationWherein, live information includes live link and login password, then, selectes multiple Key s is encrypted respectively as encryption key, then using cryptographic symmetrical algorithm for the cryptographic Hash of signature;
Cryptographic calculation is:
Wherein, H (), H2(·)、H1() is hash function,Represent withCarried out for key symmetrical Cryptographic calculation, EncS() represents to carry out symmetric encryption operation by key of S,
Live information is encrypted being formedAfterwards, the second message processing module will include garden side client id bj, signature Kazakhstan Uncommon valueEncrypt live informationWith encrypted keyLive release newsSend to authorization database to store.
Business logic modules are authorized to be released news live The cryptographic Hash of middle signature is with confirming concern information (ui,bj,tK (k=1,2 ..., n)) in signature cryptographic Hash be compared, complete blind Match somebody with somebody, after success, Platform Server releases news livePush away Deliver to parent's client.
The detailed process of blind matching is:Judge It is No establishment, if so, represent that the match is successful, wherein , && is represented and relation, | | expression or relation.
Parent's client live is released news by first information processing module by what is receivedSend to first information processing module and be decrypted;It is right firstComputing is decrypted and obtains key S, the encryption live information then received using S as decryption secret key pairFortune is decrypted Calculate, obtain live link and login password, and then successfully listen to or watch and be live.
Decrypting detailed process is:
JudgeWhether set up, if one of formula is equal, Then representLive information M is recovered by following computing:
Kk=H1k) k=1,2 ..., n
Wherein,Expression passes through key KkSymmetrical decryption computing is carried out,Expression is entered by key S The symmetrical decryption computing of row, live link and login password are obtained by live information M, successfully can listen to or watch it is live, but Be unauthorized user due to can not correctly decrypt, then can not listen to or watch and be live.
When parent subscriber expires or during arrearage, the mode that the second message processing module updates public and private secret key pair is cancelled and needs to move Except the concern of user, so that removed parent subscriber will be unable to be correctly decoded, it is impossible to obtain live information.
The present embodiment is with parent subscriber uaExemplified by expiring, it is specifically described concern authority and recalls problem.
As garden side user bdMessage is sent to Platform Server first, informs that Platform Server should not be again by its live video It is transmitted to parent subscriber ua.While in order to prevent Platform Server and parent subscriber uaConspire, garden side user bmFurther by more The mode of new private key cryptographic is to parent subscriber uaCancel concern, so, even if parent subscriber uaLive video is received, also can not be just Really decryption.
Cancelling the detailed process paid close attention to is:
Garden side client bmThe second message processing module renewal private key cryptographic beAnd utilize new private key PasswordEstablished by the way of above-mentioned user's concern relation establishment stage except parent subscriber uaOuter all families The new concern relation of long user;
After new concern relation establishes, new private key cryptographic is utilizedUsing above-mentioned issue-watch the stage Mode sends live release news and watching video information.
Due in user's concern relation establishment stage, parent subscriber uaNot with garden side user bmNew concern relation is established, is led Cause Platform Server can not be to parent subscriber uaWith garden side user bmCorrectly matched, and then parent subscriber uaIt can not receive live Release news, can not be correctly decoded, can not finally watch garden side user bmThe live video of transmission.
Therefore, garden side user is limited by way of updating private key cryptographic well expires or arrearage parent subscriber Viewing.
When parent subscriber is unable to direct viewing live video, parent subscriber can also watch recorded broadcast video.
In this case, with garden side user bmWith parent subscriber uaExemplified by, it is specifically described the process for watching recorded broadcast:
Garden side user bmRecorded broadcast video N is stored in live platform, recorded broadcast chain is issued using with live identical mode Information is connect, authorizes business logic modules to parent subscriber uaConfirmation concern information in the cryptographic Hash signed and garden side user bm The release news cryptographic Hash of middle signature of recorded broadcast be compared, after completing blind matching, recorded broadcast corresponding with the recorded broadcast video is sent out Cloth information sends to parent's client, parent's client and the encryption recorded broadcast information of reception is carried out by first information processing module Computing is decrypted, obtains recorded broadcast link and login password, and then successfully listen to or watch and be live.
Technical scheme and beneficial effect are described in detail above-described embodiment, Ying Li Solution is to the foregoing is only presently most preferred embodiment of the invention, is not intended to limit the invention, all principle models in the present invention Interior done any modification, supplement and equivalent substitution etc. are enclosed, should be included in the scope of the protection.

Claims (10)

1. a kind of kindergarten education net cast platform for protecting privacy of user, including:Parent's client, Platform Server, garden Square client, it is characterised in that
Parent's client includes:
First information processing module, for the keyword for identifying live type to be encrypted, it then will include the encryption information Concern solicited message sent through Platform Server to main broadcaster's user terminal;For carrying out blind operation to Proxy Signature, then parse And the legitimacy of the request echo message received is verified, it will confirm that concern information is sent to live platform to store;
First user interface, for showing feedback information of garden side's client to concern solicited message, for parent subscriber to feedback Information carries out wish operation;
Garden side's client includes:
Second message processing module, for according to custom rule, it is determined whether receive concern request, and in the case of agreement Proxy Signature is carried out to the concern solicited message comprising the encryption information, then passed through the request echo message comprising Proxy Signature information Platform Server is sent to parent's client;
Second user interface, the concern solicited message sent for showing parent's client, for garden side user to concern request letter Breath carries out wish operation;
The Platform Server includes:
Authorization database, the live issue that confirmation concern information and garden side's client for storing the transmission of parent's client are sent Information;
Business logic modules are authorized, for being released news live with confirming that concern information carries out blind matching;
Platform Server Web page, interactive operation is provided for platform user.
2. the kindergarten education net cast platform of protection privacy of user as claimed in claim 1, it is characterised in that described First information processing module is initialized, and generates the public and private key pair of public key cryptography and private key cryptographic composition;Described second Message processing module is initialized, and generates the public and private key pair of public key cryptography and private key cryptographic composition.
3. the kindergarten education net cast platform of protection privacy of user as claimed in claim 2, it is characterised in that first It is crucial using the one or more of these live types according to the live type oneself liked of selection in message processing module Word HT is identified, and these HT are encrypted using the public key cryptography and selected random number of the second message processing module, Form encryption information;Then the concern solicited message comprising encryption information, parent's client id and garden side's client id is sent out Platform Server is delivered to store.
4. the kindergarten education net cast platform of protection privacy of user as claimed in claim 3, it is characterised in that the second letter After breath processing module receives concern solicited message, title examination is carried out to the spectators user of request according to custom rule, agreed to After concern, Proxy Signature is carried out to encryption information using the private key cryptographic of oneself, forms Proxy Signature information;Then Proxy Signature will be included The request echo message of information, parent's client id and garden side's client id is sent to Platform Server to store.
5. the kindergarten education net cast platform of protection privacy of user as claimed in claim 4, it is characterised in that the first letter After breath processing module receives request echo message, blind operation is carried out to the Proxy Signature information of reception using selected random number, Signed;The cryptographic Hash of garden side's client id, live type, signature, signature is stored in parent's client, while will be included Parent's client id, garden side's client id, the confirmation concern information of the cryptographic Hash of signature send to live platform, live platform and incited somebody to action It is stored in authorization database.
6. the kindergarten education net cast platform of protection privacy of user as claimed in claim 5, it is characterised in that the second letter Cease processing module using the private key cryptographic of itself to identify live type one or more keyword HT cryptographic Hash progress by Individual signature, some key S is selected, and live video is encrypted using symmetric encryption method, form encryption live information, its In, live information includes live link and login password;Then, using multiple signatures cryptographic Hash respectively as encryption key, Recycle symmetric encryption method that selected key S is encrypted;Finally, by including garden side's client id, signature cryptographic Hash, Live release news of encryption live information and encrypted key is sent to authorization database to store.
7. the kindergarten education net cast platform of protection privacy of user as claimed in claim 6, it is characterised in that authorize industry It is complete compared with the cryptographic Hash of the live middle signature that releases news is paid close attention to the cryptographic Hash signed in information by business logic module with confirmation Cecutiency is matched, and after success, live release news is pushed to parent's client by Platform Server.
8. the kindergarten education net cast platform of protection privacy of user as claimed in claim 7, it is characterised in that family's long-traveller Live release news received is decrypted by first information processing module for family end, is obtained live link and is logged in close Code, and then successfully listen to or watch and be live.
9. the kindergarten education net cast platform of the protection privacy of user as described in claim 1~8 is any, its feature exist In when parent subscriber expires or during arrearage, the second message processing module updates public and private secret key pair, is aligned using new private key cryptographic Encryption information in normal concern request carries out Proxy Signature, and then cancels the concern that need to remove user.
10. the kindergarten education net cast platform of the protection privacy of user as described in claim 1~8 is any, its feature exist In, recorded broadcast video is stored in the memory space that live platform provides by garden side user, and forms recorded broadcast link information, by with it is straight Broadcast identical mode and announce recorded broadcast information;Live platform is by authorizing confirmation of the business logic modules to parent subscriber to pay close attention to information The cryptographic Hash of middle signature and the recorded broadcast of garden side user release news middle signature cryptographic Hash compared with, after completing blind matching, Recorded broadcast corresponding with the recorded broadcast video is released news to send to parent's client, parent's client mould is handled by the first information Computing is decrypted to the encryption recorded broadcast information of reception in block, obtains recorded broadcast link and login password, and then successfully listen to or watch Recorded broadcast.
CN201710698034.6A 2017-08-15 2017-08-15 A kind of kindergarten education net cast platform for protecting privacy of user Pending CN107360450A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710698034.6A CN107360450A (en) 2017-08-15 2017-08-15 A kind of kindergarten education net cast platform for protecting privacy of user

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710698034.6A CN107360450A (en) 2017-08-15 2017-08-15 A kind of kindergarten education net cast platform for protecting privacy of user

Publications (1)

Publication Number Publication Date
CN107360450A true CN107360450A (en) 2017-11-17

Family

ID=60287915

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710698034.6A Pending CN107360450A (en) 2017-08-15 2017-08-15 A kind of kindergarten education net cast platform for protecting privacy of user

Country Status (1)

Country Link
CN (1) CN107360450A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107959725A (en) * 2017-12-14 2018-04-24 浙江工商大学 The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve
CN108055194A (en) * 2017-12-14 2018-05-18 浙江工商大学 Multi-tag and the newer method for secret protection of user are supported in microblog system
CN108289096A (en) * 2018-01-05 2018-07-17 武汉斗鱼网络科技有限公司 The method and device of direct broadcasting room concern is paid close attention to, verified to a kind of direct broadcasting room
CN109151493A (en) * 2018-10-12 2019-01-04 上海思依暄机器人科技股份有限公司 Net cast method and net cast robot
CN110046318A (en) * 2019-03-29 2019-07-23 成都乐陪信息科技有限公司 Campus intelligent terminal synchronizing information methods of exhibiting and system based on class's main body
CN113014949A (en) * 2021-03-10 2021-06-22 读书郎教育科技有限公司 Student privacy protection system and method for smart classroom course playback

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090070884A1 (en) * 2007-09-11 2009-03-12 General Instrument Corporation Method, system and device for secured access to protected digital material
CN105553979A (en) * 2015-12-15 2016-05-04 国网智能电网研究院 Encryption publishing method for privacy information in smart power grid

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090070884A1 (en) * 2007-09-11 2009-03-12 General Instrument Corporation Method, system and device for secured access to protected digital material
CN105553979A (en) * 2015-12-15 2016-05-04 国网智能电网研究院 Encryption publishing method for privacy information in smart power grid

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵威: "视频直播平台中的用户隐私保护研究", 《中国优秀硕士学位论文全文数据库》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107959725A (en) * 2017-12-14 2018-04-24 浙江工商大学 The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve
CN108055194A (en) * 2017-12-14 2018-05-18 浙江工商大学 Multi-tag and the newer method for secret protection of user are supported in microblog system
CN107959725B (en) * 2017-12-14 2020-08-25 浙江工商大学 Data interaction method considering privacy of both issuing and subscribing parties based on elliptic curve
CN108055194B (en) * 2017-12-14 2020-10-30 浙江工商大学 Privacy protection method supporting multi-label and user updating in microblog system
CN108289096A (en) * 2018-01-05 2018-07-17 武汉斗鱼网络科技有限公司 The method and device of direct broadcasting room concern is paid close attention to, verified to a kind of direct broadcasting room
CN108289096B (en) * 2018-01-05 2020-10-16 武汉斗鱼网络科技有限公司 Method and device for paying attention to live broadcast room and verifying attention to live broadcast room
CN109151493A (en) * 2018-10-12 2019-01-04 上海思依暄机器人科技股份有限公司 Net cast method and net cast robot
CN110046318A (en) * 2019-03-29 2019-07-23 成都乐陪信息科技有限公司 Campus intelligent terminal synchronizing information methods of exhibiting and system based on class's main body
CN113014949A (en) * 2021-03-10 2021-06-22 读书郎教育科技有限公司 Student privacy protection system and method for smart classroom course playback
CN113014949B (en) * 2021-03-10 2022-05-06 读书郎教育科技有限公司 Student privacy protection system and method for smart classroom course playback

Similar Documents

Publication Publication Date Title
CN107360450A (en) A kind of kindergarten education net cast platform for protecting privacy of user
CN110084068B (en) Block chain system and data processing method for block chain system
Kumari et al. Cryptanalysis and improvement of ‘a robust smart‐card‐based remote user password authentication scheme’
US9106407B2 (en) Key generation using multiple sets of secret shares
CN109804374A (en) Digital Right Management based on block chain
CN106716914A (en) Secure key management for roaming protected content
CN106104562A (en) Safety of secret data stores and recovery system and method
CN105721903B (en) The online method and system for playing video
CN107251035A (en) Account recovers agreement
CN107113286A (en) The roaming content erasing operation of striding equipment
KR20050074494A (en) Method and device for authorizing content operations
CN104243494B (en) A kind of data processing method
CN107690079A (en) Privacy of user guard method in live platform
US9369464B2 (en) Scalable authentication system
CN103237010B (en) The server end of digital content is cryptographically provided
KR100677152B1 (en) Method for transmitting content in home network using user-binding
CN107613316A (en) A kind of network direct broadcasting plug-flow verification method and system
CN110268719A (en) Protect media content
JP2014530554A (en) Group secret management by group members
Bokslag et al. Evaluating e-voting: theory and practice
CN105191332B (en) For the method and apparatus of the embedded watermark in unpressed video data
Safi et al. Privacy protection scheme for mobile social network
CN102938759A (en) Cryptographic sanction server and methods for use therewith
CN109981271A (en) A kind of network multimedia security protection encryption method
CN107959725A (en) The Publish-subscribe class service agreement of consideration privacy of user based on elliptic curve

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171117