CN110719171A - Electronic signature processing method and device based on video network - Google Patents

Electronic signature processing method and device based on video network Download PDF

Info

Publication number
CN110719171A
CN110719171A CN201810766351.1A CN201810766351A CN110719171A CN 110719171 A CN110719171 A CN 110719171A CN 201810766351 A CN201810766351 A CN 201810766351A CN 110719171 A CN110719171 A CN 110719171A
Authority
CN
China
Prior art keywords
electronic signature
user
video network
video
sending
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201810766351.1A
Other languages
Chinese (zh)
Inventor
焦克新
安君超
韩杰
王艳辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visionvera Information Technology Co Ltd
Original Assignee
Visionvera Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visionvera Information Technology Co Ltd filed Critical Visionvera Information Technology Co Ltd
Priority to CN201810766351.1A priority Critical patent/CN110719171A/en
Publication of CN110719171A publication Critical patent/CN110719171A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/60Network streaming of media packets

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides an electronic signature processing method and device based on a video network. Receiving an acquisition request sent by a video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier; determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal; if not, detecting whether the video networking terminal is in communication connection with the electronic signature equipment based on the USB or not; if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device; and sending the electronic signature of the user corresponding to the user identification to the video network server. According to the embodiment of the invention, the video network terminal can obtain the electronic signature of the user through the electronic signature device, so that the video network server can verify the identity of the user by using the electronic signature.

Description

Electronic signature processing method and device based on video network
Technical Field
The invention relates to the technical field of video networking, in particular to an electronic signature processing method and device based on the video networking.
Background
With the rapid development of the technology, users generally use terminals to perform service interaction with a server. For example, when the terminal is used for paying for a certain commodity online, the payment data needs to be sent to the payment server. For another example, the user needs to participate in a video conference, and may specifically participate in a video conference via the server.
Under normal conditions, a user uses a terminal to perform service interaction with a server, in order to avoid an imposition event, the server usually needs to verify whether identity information of the user is legal, if the identity information of the user is legal, the server can open the authority of the user for performing service interaction with the terminal and the server, and if the identity information of the user is illegal, the server cannot open the authority of the user for performing service interaction with the terminal and the server.
Currently, a server usually verifies whether the identity information of a user is legal by acquiring an electronic signature of the user, and the electronic signature is used for identifying the identity information of the user.
Disclosure of Invention
In a first aspect, an embodiment of the present invention shows an electronic signature processing method based on a video network, where the video network includes a video network terminal and a video network server, the video network terminal and the video network server are in communication connection based on a video network protocol, and the method is applied to the video network terminal, and the method includes;
receiving an acquisition request sent by a video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier;
determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal;
if the electronic signature of the user corresponding to the user identification is not stored, detecting whether the video networking terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB);
if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device;
and sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation manner, the obtaining, by the electronic signature device, an electronic signature of a user corresponding to the user identifier includes:
sending first prompt information, wherein the first prompt is used for prompting the user to input the electronic signature corresponding to the user identification in the electronic signature equipment;
and acquiring the electronic signature of the user corresponding to the user identification, which is input in the electronic signature equipment.
In an optional implementation, the method further includes:
and if the electronic signature of the user corresponding to the user identification is stored, sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation, the method further includes:
if the communication connection between the electronic signature equipment and the USB is not based on the communication connection between the USB and the electronic signature equipment, sending second prompt information, wherein the second prompt information is used for prompting the establishment of the communication connection based on the USB between the request and the electronic signature equipment;
when detecting that the electronic signature equipment is inserted into a USB interface of the video network terminal through a broadcast receiver, acquiring a driver of the electronic signature equipment;
installing the driver in the video network terminal;
acquiring an electronic signature of a user corresponding to the user identification input in real time on the electronic signature device through the driving program;
and sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation manner, after the obtaining, by the electronic signature device, the electronic signature of the user corresponding to the user identifier, the method further includes:
and storing the electronic signature of the user corresponding to the user identification in the video network terminal.
In an optional implementation manner, the sending, to the video network server, the electronic signature of the user corresponding to the user identifier includes:
compressing the electronic signature to obtain a compressed electronic signature;
and sending the compressed electronic signature to the video network server.
In an optional implementation manner, the sending, to the video network server, the electronic signature of the user corresponding to the user identifier includes:
encrypting the electronic signature to obtain an encrypted electronic signature;
and sending the encrypted electronic signature to the video network server.
In a second aspect, the embodiment of the present invention shows an electronic signature processing apparatus based on a video network, where the video network includes a video network terminal and a video network server, the video network terminal and the video network server are in communication connection based on a video network protocol, the apparatus is applied in the video network terminal, and the apparatus includes;
the receiving module is used for receiving an acquisition request sent by the video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier;
the determining module is used for determining whether the electronic signature of the user corresponding to the user identifier is stored in the video networking terminal;
the detection module is used for detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB) or not if the electronic signature of the user corresponding to the user identifier is not stored;
the first acquisition module is used for acquiring the electronic signature of the user corresponding to the user identifier through the electronic signature device if the first acquisition module is in communication connection with the electronic signature device;
and the sending module is used for sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation manner, the first obtaining module includes:
the sending unit is used for sending first prompt information, and the first prompt is used for prompting the user to input the electronic signature corresponding to the user identifier in the electronic signature equipment;
and the acquisition unit is used for acquiring the electronic signature of the user corresponding to the user identification, which is input in the electronic signature equipment.
In an optional implementation, the apparatus further comprises:
the sending module is further configured to: and if the electronic signature of the user corresponding to the user identification is stored, sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation, the apparatus further comprises:
the sending module is used for sending second prompt information if the communication connection between the electronic signature equipment and the USB is not based on the USB, and the second prompt information is used for prompting the establishment of the communication connection between the request and the electronic signature equipment based on the USB;
the second acquisition module is used for acquiring a driving program of the electronic signature equipment when the broadcast receiver detects that the electronic signature equipment is inserted into a USB interface of the video network terminal;
the installation module is used for installing the driver in the video network terminal;
a third obtaining module, configured to obtain, through the driver, an electronic signature of a user corresponding to the user identifier input in real time on the electronic signature device;
the sending module is further configured to: and sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation, the apparatus further comprises:
and the storage module is used for storing the electronic signature of the user corresponding to the user identification in the video network terminal.
In an optional implementation manner, the sending module includes:
the compression unit is used for compressing the electronic signature to obtain a compressed electronic signature;
and the first sending unit is used for sending the compressed electronic signature to the video networking server.
In an optional implementation manner, the sending module includes:
the encryption unit is used for encrypting the electronic signature to obtain an encrypted electronic signature;
and the second sending unit is used for sending the encrypted electronic signature to the video network server.
The embodiment of the invention has the following advantages:
in the embodiment of the invention, an acquisition request sent by a video network server is received; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier; determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal; if the electronic signature of the user corresponding to the user identification is not stored, detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB); if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device; and sending the electronic signature of the user corresponding to the user identification to the video network server. According to the embodiment of the invention, the video network terminal can obtain the electronic signature of the user through the electronic signature device, so that the video network server can verify the identity of the user by using the electronic signature.
Drawings
FIG. 1 is a schematic networking diagram of a video network of the present invention;
FIG. 2 is a schematic diagram of a hardware architecture of a node server according to the present invention;
fig. 3 is a schematic diagram of a hardware structure of an access switch of the present invention;
fig. 4 is a schematic diagram of a hardware structure of an ethernet protocol conversion gateway according to the present invention;
FIG. 5 is a block diagram of an embodiment of an electronic signature processing system based on a video network according to the invention;
FIG. 6 is a flowchart illustrating the steps of an embodiment of a method for processing an electronic signature over a video network according to the present invention;
fig. 7 is a block diagram of an embodiment of an electronic signature processing device based on a video network according to the invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
The video networking is an important milestone for network development, is a real-time network, can realize high-definition video real-time transmission, and pushes a plurality of internet applications to high-definition video, and high-definition faces each other.
The video networking adopts a real-time high-definition video exchange technology, can integrate required services such as dozens of services of video, voice, pictures, characters, communication, data and the like on a system platform on a network platform, such as high-definition video conference, video monitoring, intelligent monitoring analysis, emergency command, digital broadcast television, delayed television, network teaching, live broadcast, VOD on demand, television mail, Personal Video Recorder (PVR), intranet (self-office) channels, intelligent video broadcast control, information distribution and the like, and realizes high-definition quality video broadcast through a television or a computer.
To better understand the embodiments of the present invention, the following description refers to the internet of view:
some of the technologies applied in the video networking are as follows:
network Technology (Network Technology)
Network technology innovation in video networking has improved over traditional Ethernet (Ethernet) to face the potentially enormous video traffic on the network. Unlike pure network Packet Switching (Packet Switching) or network circuit Switching (circuit Switching), the Packet Switching is adopted by the technology of the video networking to meet the Streaming requirement. The video networking technology has the advantages of flexibility, simplicity and low price of packet switching, and simultaneously has the quality and safety guarantee of circuit switching, thereby realizing the seamless connection of the whole network switching type virtual circuit and the data format.
Switching Technology (Switching Technology)
The video network adopts two advantages of asynchronism and packet switching of the Ethernet, eliminates the defects of the Ethernet on the premise of full compatibility, has end-to-end seamless connection of the whole network, is directly communicated with a user terminal, and directly bears an IP data packet. The user data does not require any format conversion across the entire network. The video networking is a higher-level form of the Ethernet, is a real-time exchange platform, can realize the real-time transmission of the whole-network large-scale high-definition video which cannot be realized by the existing Internet, and pushes a plurality of network video applications to high-definition and unification.
Server Technology (Server Technology)
The server technology on the video networking and unified video platform is different from the traditional server, the streaming media transmission of the video networking and unified video platform is established on the basis of connection orientation, the data processing capacity of the video networking and unified video platform is independent of flow and communication time, and a single network layer can contain signaling and data transmission. For voice and video services, the complexity of video networking and unified video platform streaming media processing is much simpler than that of data processing, and the efficiency is greatly improved by more than one hundred times compared with that of a traditional server.
Storage Technology (Storage Technology)
The super-high speed storage technology of the unified video platform adopts the most advanced real-time operating system in order to adapt to the media content with super-large capacity and super-large flow, the program information in the server instruction is mapped to the specific hard disk space, the media content is not passed through the server any more, and is directly sent to the user terminal instantly, and the general waiting time of the user is less than 0.2 second. The optimized sector distribution greatly reduces the mechanical motion of the magnetic head track seeking of the hard disk, the resource consumption only accounts for 20% of that of the IP internet of the same grade, but concurrent flow which is 3 times larger than that of the traditional hard disk array is generated, and the comprehensive efficiency is improved by more than 10 times.
Network Security Technology (Network Security Technology)
The structural design of the video network completely eliminates the network security problem troubling the internet structurally by the modes of independent service permission control each time, complete isolation of equipment and user data and the like, generally does not need antivirus programs and firewalls, avoids the attack of hackers and viruses, and provides a structural carefree security network for users.
Service Innovation Technology (Service Innovation Technology)
The unified video platform integrates services and transmission, and is not only automatically connected once whether a single user, a private network user or a network aggregate. The user terminal, the set-top box or the PC are directly connected to the unified video platform to obtain various multimedia video services in various forms. The unified video platform adopts a menu type configuration table mode to replace the traditional complex application programming, can realize complex application by using very few codes, and realizes infinite new service innovation.
Networking of the video network is as follows:
the video network is a centralized control network structure, and the network can be a tree network, a star network, a ring network and the like, but on the basis of the centralized control node, the whole network is controlled by the centralized control node in the network.
As shown in fig. 1, the video network is divided into an access network and a metropolitan network.
The devices of the access network part can be mainly classified into 3 types: node server, access switch, terminal (including various set-top boxes, coding boards, memories, etc.). The node server is connected to an access switch, which may be connected to a plurality of terminals and may be connected to an ethernet network.
The node server is a node which plays a centralized control function in the access network and can control the access switch and the terminal. The node server can be directly connected with the access switch or directly connected with the terminal.
Similarly, devices of the metropolitan network portion may also be classified into 3 types: a metropolitan area server, a node switch and a node server. The metro server is connected to a node switch, which may be connected to a plurality of node servers.
The node server is a node server of the access network part, namely the node server belongs to both the access network part and the metropolitan area network part.
The metropolitan area server is a node which plays a centralized control function in the metropolitan area network and can control a node switch and a node server. The metropolitan area server can be directly connected with the node switch or directly connected with the node server.
Therefore, the whole video network is a network structure with layered centralized control, and the network controlled by the node server and the metropolitan area server can be in various structures such as tree, star and ring.
The access network part can form a unified video platform (the part in the dotted circle), and a plurality of unified video platforms can form a video network; each unified video platform may be interconnected via metropolitan area and wide area video networking.
Video networking device classification
1.1 devices in the video network of the embodiment of the present invention can be mainly classified into 3 types: servers, switches (including ethernet gateways), terminals (including various set-top boxes, code boards, memories, etc.). The video network as a whole can be divided into a metropolitan area network (or national network, global network, etc.) and an access network.
1.2 wherein the devices of the access network part can be mainly classified into 3 types: node servers, access switches (including ethernet gateways), terminals (including various set-top boxes, code boards, memories, etc.).
The specific hardware structure of each access network device is as follows:
a node server:
as shown in fig. 2, the system mainly includes a network interface module 201, a switching engine module 202, a CPU module 203, and a disk array module 204;
the network interface module 201, the CPU module 203, and the disk array module 204 all enter the switching engine module 202; the switching engine module 202 performs an operation of looking up the address table 205 on the incoming packet, thereby obtaining the direction information of the packet; and stores the packet in a queue of the corresponding packet buffer 206 based on the packet's steering information; if the queue of the packet buffer 206 is nearly full, it is discarded; the switching engine module 202 polls all packet buffer queues for forwarding if the following conditions are met: 1) the port send buffer is not full; 2) the queue packet counter is greater than zero. The disk array module 204 mainly implements control over the hard disk, including initialization, read-write, and other operations on the hard disk; the CPU module 203 is mainly responsible for protocol processing with an access switch and a terminal (not shown in the figure), configuring an address table 205 (including a downlink protocol packet address table, an uplink protocol packet address table, and a data packet address table), and configuring the disk array module 204.
The access switch:
as shown in fig. 3, the network interface module mainly includes a network interface module (a downlink network interface module 301 and an uplink network interface module 302), a switching engine module 303 and a CPU module 304;
wherein, the packet (uplink data) coming from the downlink network interface module 301 enters the packet detection module 305; the packet detection module 305 detects whether the Destination Address (DA), the Source Address (SA), the packet type, and the packet length of the packet meet the requirements, and if so, allocates a corresponding stream identifier (stream-id) and enters the switching engine module 303, otherwise, discards the stream identifier; the packet (downstream data) coming from the upstream network interface module 302 enters the switching engine module 303; the data packet coming from the CPU module 204 enters the switching engine module 303; the switching engine module 303 performs an operation of looking up the address table 306 on the incoming packet, thereby obtaining the direction information of the packet; if the packet entering the switching engine module 303 is from the downstream network interface to the upstream network interface, the packet is stored in the queue of the corresponding packet buffer 307 in association with the stream-id; if the queue of the packet buffer 307 is nearly full, it is discarded; if the packet entering the switching engine module 303 is not from the downlink network interface to the uplink network interface, the data packet is stored in the queue of the corresponding packet buffer 307 according to the guiding information of the packet; if the queue of the packet buffer 307 is nearly full, it is discarded.
The switching engine module 303 polls all packet buffer queues, which in this embodiment of the present invention is divided into two cases:
if the queue is from the downlink network interface to the uplink network interface, the following conditions are met for forwarding: 1) the port send buffer is not full; 2) the queued packet counter is greater than zero; 3) obtaining a token generated by a code rate control module;
if the queue is not from the downlink network interface to the uplink network interface, the following conditions are met for forwarding: 1) the port send buffer is not full; 2) the queue packet counter is greater than zero.
The rate control module 208 is configured by the CPU module 204, and generates tokens for packet buffer queues from all downstream network interfaces to upstream network interfaces at programmable intervals to control the rate of upstream forwarding.
The CPU module 304 is mainly responsible for protocol processing with the node server, configuration of the address table 306, and configuration of the code rate control module 308.
Ethernet protocol conversion gateway
As shown in fig. 4, the apparatus mainly includes a network interface module (a downlink network interface module 401 and an uplink network interface module 402), a switching engine module 403, a CPU module 404, a packet detection module 405, a rate control module 408, an address table 406, a packet buffer 407, a MAC adding module 409, and a MAC deleting module 410.
Wherein, the data packet coming from the downlink network interface module 401 enters the packet detection module 405; the packet detection module 405 detects whether the ethernet MAC DA, the ethernet MAC SA, the ethernet length or frame type, the video network destination address DA, the video network source address SA, the video network packet type, and the packet length of the packet meet the requirements, and if so, allocates a corresponding stream identifier (stream-id); then, the MAC deletion module 410 subtracts MAC DA, MAC SA, length or frame type (2byte) and enters the corresponding receiving buffer, otherwise, discards it;
the downlink network interface module 401 detects the sending buffer of the port, and if there is a packet, obtains the ethernet MAC DA of the corresponding terminal according to the destination address DA of the packet, adds the ethernet MAC DA of the terminal, the MACSA of the ethernet coordination gateway, and the ethernet length or frame type, and sends the packet.
The other modules in the ethernet protocol gateway function similarly to the access switch.
A terminal:
the system mainly comprises a network interface module, a service processing module and a CPU module; for example, the set-top box mainly comprises a network interface module, a video and audio coding and decoding engine module and a CPU module; the coding board mainly comprises a network interface module, a video and audio coding engine module and a CPU module; the memory mainly comprises a network interface module, a CPU module and a disk array module.
1.3 devices of the metropolitan area network part can be mainly classified into 2 types: node server, node exchanger, metropolitan area server. The node switch mainly comprises a network interface module, a switching engine module and a CPU module; the metropolitan area server mainly comprises a network interface module, a switching engine module and a CPU module.
2. Video networking packet definition
2.1 Access network packet definition
The data packet of the access network mainly comprises the following parts: destination Address (DA), Source Address (SA), reserved bytes, payload (pdu), CRC.
As shown in the following table, the data packet of the access network mainly includes the following parts:
DA SA Reserved Payload CRC
wherein:
the Destination Address (DA) is composed of 8 bytes (byte), the first byte represents the type of the data packet (such as various protocol packets, multicast data packets, unicast data packets, etc.), there are 256 possibilities at most, the second byte to the sixth byte are metropolitan area network addresses, and the seventh byte and the eighth byte are access network addresses;
the Source Address (SA) is also composed of 8 bytes (byte), defined as the same as the Destination Address (DA);
the reserved byte consists of 2 bytes;
the payload part has different lengths according to different types of datagrams, and is 64 bytes if the datagram is various types of protocol packets, and is 32+1024 or 1056 bytes if the datagram is a unicast packet, of course, the length is not limited to the above 2 types;
the CRC consists of 4 bytes and is calculated in accordance with the standard ethernet CRC algorithm.
2.2 metropolitan area network packet definition
The topology of a metropolitan area network is a graph and there may be 2, or even more than 2, connections between two devices, i.e., there may be more than 2 connections between a node switch and a node server, a node switch and a node switch, and a node switch and a node server. However, the metro network address of the metro network device is unique, and in order to accurately describe the connection relationship between the metro network devices, parameters are introduced in the embodiment of the present invention: a label to uniquely describe a metropolitan area network device.
In this specification, the definition of the Label is similar to that of the Label of MPLS (Multi-Protocol Label Switch), and assuming that there are two connections between the device a and the device B, there are 2 labels for the packet from the device a to the device B, and 2 labels for the packet from the device B to the device a. The label is classified into an incoming label and an outgoing label, and assuming that the label (incoming label) of the packet entering the device a is 0x0000, the label (outgoing label) of the packet leaving the device a may become 0x 0001. The network access process of the metro network is a network access process under centralized control, that is, address allocation and label allocation of the metro network are both dominated by the metro server, and the node switch and the node server are both passively executed, which is different from label allocation of MPLS, and label allocation of MPLS is a result of mutual negotiation between the switch and the server.
As shown in the following table, the data packet of the metro network mainly includes the following parts:
DA SA Reserved label (R) Payload CRC
Namely Destination Address (DA), Source Address (SA), Reserved byte (Reserved), tag, payload (pdu), CRC. The format of the tag may be defined by reference to the following: the tag is 32 bits with the upper 16 bits reserved and only the lower 16 bits used, and its position is between the reserved bytes and payload of the packet.
Based on the characteristics of the video network, one of the core concepts of the embodiment of the invention is provided, following the protocol of the video network, the video network terminal can obtain the electronic signature of the user through the electronic signature device, and further the video network server can use the electronic signature to verify the identity of the user.
Referring to fig. 5, a block diagram of an embodiment of the electronic signature processing system based on the video network according to the present invention is shown, the system includes a video network terminal 01 and a video network server 02, and the video network terminal 01 and the video network server 02 are connected based on the video network protocol.
Referring to fig. 6, a flowchart illustrating steps of an embodiment of an electronic signature processing method based on a video network according to the present invention is shown, where the method may be applied to the video network terminal 01 shown in fig. 5, and the method may specifically include the following steps:
in step S101, an acquisition request sent by a video network server is received, where the acquisition request carries a user identifier, and the acquisition request is used to acquire an electronic signature of a user corresponding to the user identifier;
in the embodiment of the invention, in the process of service interaction between the video network terminal and the video network server, sometimes the video network server needs to verify whether the identity of the user is legal, wherein the identity of the user can be verified to be legal through the electronic signature of the user. In order to obtain the electronic signature of the user, the video network server may send an obtaining request to the video network terminal, where the obtaining request carries the user identifier of the user, and the obtaining request is used to obtain the electronic signature of the user corresponding to the user identifier; and the video network terminal receives the acquisition request.
In step S102, determining whether the electronic signature of the user corresponding to the user identifier is stored in the terminal of the internet of view;
in the embodiment of the invention, in the history process, when the video network terminal obtains the electronic signature of a user, the user identification of the user and the electronic signature of the user form a corresponding table item, and the corresponding table item is stored in the corresponding relation between the stored user identification and the electronic signature.
Thus, in this step, it is possible to search whether an electronic signature corresponding to the user identifier exists in the stored correspondence between the user identifier and the electronic signature; if the electronic signature corresponding to the user identification exists, determining that the electronic signature of the user corresponding to the user identification is stored in the video network terminal; and if the electronic signature corresponding to the user identification does not exist, determining that the electronic signature of the user corresponding to the user identification is not stored in the video network terminal.
If the electronic signature of the user corresponding to the user identifier is stored, in step S103, the electronic signature is sent to the video network server.
So that the video network server detects whether the identity of the user is legal or not through the electronic signature.
In an embodiment of the present invention, the electronic signature occupies network resources between the video network terminal and the video network server in the process of transmitting from the video network terminal to the video network server, however, the network resources between the video network terminal and the video network server are often limited, and in order to enable the network resources to support more services, the network resources occupied by the electronic signature in the process of transmitting from the video network terminal to the video network server need to be saved, so, in this step, the video network terminal can compress the electronic signature to obtain a compressed electronic signature; and then sending the compressed electronic signature to the video network server. The space occupied by the compressed electronic signature is smaller than that occupied by the uncompressed electronic signature, so that network resources occupied by the electronic signature in the process of transmitting the electronic signature from the video network terminal to the video network server can be saved.
Then, after the video network server receives the compressed electronic signature, the compressed electronic signature can be decompressed to obtain a decompressed electronic signature, and then whether the identity of the user is legal or not is detected through the decompressed electronic signature.
In another embodiment of the present invention, the electronic signature is used to identify the identity information of the user, however, a lawbreaker can steal the electronic signature during the transmission of the electronic signature from the terminal of the video network to the server of the video network, and can use the electronic signature to engage in illegal activities, which brings economic loss to the user.
Therefore, in order to avoid that the electronic signature is stolen in the process of transmitting the electronic signature from the video network terminal to the video network server to bring economic loss to the user, in the step, the video network terminal can encrypt the electronic signature to obtain the encrypted electronic signature; and sending the encrypted electronic signature to the video network server. Therefore, even if a lawbreaker steals the encrypted electronic signature, the decrypted electronic signature cannot be obtained, and further the decrypted electronic signature cannot be used, so that economic loss cannot be brought to users.
And then, after the video network server receives the encrypted electronic signature, decrypting the encrypted electronic signature to obtain a decrypted electronic signature, and then detecting whether the identity of the user is legal or not through the decrypted electronic signature.
If the electronic signature of the user corresponding to the user identifier is not stored, in step S104, detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB);
in the embodiment of the present invention, if the electronic signature of the user corresponding to the user identifier is not stored, the electronic signature of the user needs to be obtained in real time, for example, the electronic signature input by the user in real time is obtained, however, the user cannot input the electronic signature in the video network terminal, and thus the video network terminal can only obtain the electronic signature of the user by means of the electronic signature device. Wherein the user can directly input the user's electronic signature on the electronic signature.
In order to acquire the electronic signature of the user by means of the electronic signature device, the video network terminal needs to detect whether the video network terminal is in communication connection with the electronic signature device based on the USB;
if the USB-based electronic signature device is in communication connection with the electronic signature device, in step S105, acquiring an electronic signature of the user corresponding to the user identifier through the electronic signature device, and then performing step S110;
in order to enable the user to know that the electronic signature of the user needs to be input into the electronic signature device at this time, the video network terminal may send first prompt information, for example, display the first prompt information on a screen or play the prompt information by using a microphone, where the first prompt information is used to prompt the user to input the electronic signature of the user corresponding to the user identifier into the electronic signature device; after sensing the first prompt message, the user can know that the user needs to input the electronic signature in the electronic signature device, and then input the electronic signature in the electronic signature device, and the video network terminal can acquire the electronic signature of the user input by the user in the electronic signature device.
Further, after the electronic signature is acquired by the electronic signature device, the video network terminal may further use the electronic signature as an electronic signature of the user corresponding to the user identifier, and store the electronic signature in the video network terminal. For example, the user identifier of the user and the acquired electronic signature are combined into a corresponding table, and are stored in the corresponding relationship between the stored user identifier and the electronic signature. Therefore, after the electronic signature of the user corresponding to the user identifier needs to be obtained again, the electronic signature of the user corresponding to the user identifier can be directly obtained from the video network terminal, and the electronic signature of the user corresponding to the user identifier does not need to be obtained again through the electronic signature device, so that the operation of the user can be simplified.
If the communication connection with the electronic signature device is not based on the USB, in step S106, sending second prompt information, wherein the second prompt information is used for prompting the establishment of the communication connection based on the USB between the request and the electronic signature device;
after the user perceives the second prompt message, the electronic signature device can be inserted into the USB interface of the video network terminal, so that the USB-based communication connection between the video network terminal and the electronic signature device is established.
In step S107, when it is detected through the broadcast receiver that the electronic signature device is inserted into the USB interface of the video network terminal, a driver of the electronic signature device is acquired;
in the embodiment of the present invention, after the video network terminal sends the second prompt message, the broadcast receiver may detect that the electronic signature device is inserted into the USB interface of the video network terminal, and when the broadcast receiver detects that the electronic signature device is inserted into the USB interface of the video network terminal, the driver of the electronic signature device needs to be acquired, and then step S108 is executed.
In step S108, a driver is installed in the terminal of the video network;
in step S109, the electronic signature of the user corresponding to the user identifier input in real time on the electronic signature device is acquired through the driver, and then step S103 is executed.
In the embodiment of the invention, an acquisition request sent by a video network server is received; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier; determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal; if the electronic signature of the user corresponding to the user identification is not stored, detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB); if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device; and sending the electronic signature of the user corresponding to the user identification to the video network server. According to the embodiment of the invention, the video network terminal can obtain the electronic signature of the user through the electronic signature device, so that the video network server can verify the identity of the user by using the electronic signature.
It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the illustrated order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments of the present invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Referring to fig. 7, a block diagram of an embodiment of an electronic signature processing apparatus based on a video network according to the present invention is shown, the video network includes a video network terminal and a video network server, the video network terminal and the video network server are connected based on a video network protocol, the apparatus is applied to the video network terminal, the apparatus includes;
a receiving module 11, configured to receive an acquisition request sent by a video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier;
a determining module 12, configured to determine whether an electronic signature of a user corresponding to the user identifier is stored in the video networking terminal;
the detection module 13 is configured to detect whether the video networking terminal is in communication connection with an electronic signature device based on a Universal Serial Bus (USB) if the electronic signature of the user corresponding to the user identifier is not stored;
a first obtaining module 14, configured to obtain, by the electronic signature device, an electronic signature of a user corresponding to the user identifier if the electronic signature device is in communication connection with the electronic signature device;
and the sending module 15 is configured to send the electronic signature of the user corresponding to the user identifier to the video network server.
In an optional implementation manner, the first obtaining module 14 includes:
the sending unit is used for sending first prompt information, and the first prompt is used for prompting the user to input the electronic signature corresponding to the user identifier in the electronic signature equipment;
and the acquisition unit is used for acquiring the electronic signature of the user corresponding to the user identification, which is input in the electronic signature equipment.
In an optional implementation, the apparatus further comprises:
the sending module 15 is further configured to: and if the electronic signature of the user corresponding to the user identification is stored, sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation, the apparatus further comprises:
the sending module is used for sending second prompt information if the communication connection between the electronic signature equipment and the USB is not based on the USB, and the second prompt information is used for prompting the establishment of the communication connection between the request and the electronic signature equipment based on the USB;
the second acquisition module is used for acquiring a driving program of the electronic signature equipment when the broadcast receiver detects that the electronic signature equipment is inserted into a USB interface of the video network terminal;
the installation module is used for installing the driver in the video network terminal;
a third obtaining module, configured to obtain, through the driver, an electronic signature of a user corresponding to the user identifier input in real time on the electronic signature device;
the sending module 15 is further configured to: and sending the electronic signature of the user corresponding to the user identification to the video network server.
In an optional implementation, the apparatus further comprises:
and the storage module is used for storing the electronic signature of the user corresponding to the user identification in the video network terminal.
In an optional implementation manner, the sending module 15 includes:
the compression unit is used for compressing the electronic signature to obtain a compressed electronic signature;
and the first sending unit is used for sending the compressed electronic signature to the video networking server.
In an optional implementation manner, the sending module 15 includes:
the encryption unit is used for encrypting the electronic signature to obtain an encrypted electronic signature;
and the second sending unit is used for sending the encrypted electronic signature to the video network server.
In the embodiment of the invention, an acquisition request sent by a video network server is received; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier; determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal; if the electronic signature of the user corresponding to the user identification is not stored, detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB); if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device; and sending the electronic signature of the user corresponding to the user identification to the video network server. According to the embodiment of the invention, the video network terminal can obtain the electronic signature of the user through the electronic signature device, so that the video network server can verify the identity of the user by using the electronic signature.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present invention are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the invention.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The electronic signature processing method and device based on the video network provided by the invention are introduced in detail, and the principle and the implementation mode of the invention are explained by applying specific examples in the text, and the description of the above examples is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (10)

1. An electronic signature processing method based on video networking is characterized in that the video networking comprises a video networking terminal and a video networking server, the video networking terminal and the video networking server are in communication connection based on a video networking protocol, the method is applied to the video networking terminal, and the method comprises the following steps of;
receiving an acquisition request sent by a video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier;
determining whether the electronic signature of the user corresponding to the user identifier is stored in the video network terminal;
if the electronic signature of the user corresponding to the user identification is not stored, detecting whether the video networking terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB);
if the electronic signature device is in communication connection with the electronic signature device, acquiring an electronic signature of a user corresponding to the user identifier through the electronic signature device;
and sending the electronic signature of the user corresponding to the user identification to the video network server.
2. The method according to claim 1, wherein the obtaining, by the electronic signature device, the electronic signature of the user corresponding to the user identifier includes:
sending first prompt information, wherein the first prompt is used for prompting the user to input the electronic signature corresponding to the user identification in the electronic signature equipment;
and acquiring the electronic signature of the user corresponding to the user identification, which is input in the electronic signature equipment.
3. The method of claim 1, further comprising:
and if the electronic signature of the user corresponding to the user identification is stored, sending the electronic signature of the user corresponding to the user identification to the video network server.
4. The method of claim 1, further comprising:
if the communication connection between the electronic signature equipment and the USB is not based on the communication connection between the USB and the electronic signature equipment, sending second prompt information, wherein the second prompt information is used for prompting the establishment of the communication connection based on the USB between the request and the electronic signature equipment;
when detecting that the electronic signature equipment is inserted into a USB interface of the video network terminal through a broadcast receiver, acquiring a driver of the electronic signature equipment;
installing the driver in the video network terminal;
acquiring an electronic signature of a user corresponding to the user identification input in real time on the electronic signature device through the driving program;
and sending the electronic signature of the user corresponding to the user identification to the video network server.
5. The method according to claim 1, wherein after the obtaining, by the electronic signature device, the electronic signature of the user corresponding to the user identifier, further comprises:
and storing the electronic signature of the user corresponding to the user identification in the video network terminal.
6. The method of claim 1, wherein sending the electronic signature of the user corresponding to the user identifier to the internet-of-view server comprises:
compressing the electronic signature to obtain a compressed electronic signature;
and sending the compressed electronic signature to the video network server.
7. The method of claim 1, wherein sending the electronic signature of the user corresponding to the user identifier to the internet-of-view server comprises:
encrypting the electronic signature to obtain an encrypted electronic signature;
and sending the encrypted electronic signature to the video network server.
8. An electronic signature processing device based on a video network is characterized in that the video network comprises a video network terminal and a video network server, the video network terminal and the video network server are in communication connection based on a video network protocol, the device is applied to the video network terminal, and the device comprises a video network server and a video network server;
the receiving module is used for receiving an acquisition request sent by the video networking server; the obtaining request carries a user identifier, and is used for obtaining an electronic signature of a user corresponding to the user identifier;
the determining module is used for determining whether the electronic signature of the user corresponding to the user identifier is stored in the video networking terminal;
the detection module is used for detecting whether the video network terminal is in communication connection with the electronic signature device based on a Universal Serial Bus (USB) or not if the electronic signature of the user corresponding to the user identifier is not stored;
the first acquisition module is used for acquiring the electronic signature of the user corresponding to the user identifier through the electronic signature device if the first acquisition module is in communication connection with the electronic signature device;
and the sending module is used for sending the electronic signature of the user corresponding to the user identification to the video network server.
9. The apparatus of claim 8, wherein the first obtaining module comprises:
the sending unit is used for sending first prompt information, and the first prompt is used for prompting the user to input the electronic signature corresponding to the user identifier in the electronic signature equipment;
and the acquisition unit is used for acquiring the electronic signature of the user corresponding to the user identification, which is input in the electronic signature equipment.
10. The apparatus of claim 8, further comprising:
the sending module is further configured to: and if the electronic signature of the user corresponding to the user identification is stored, sending the electronic signature of the user corresponding to the user identification to the video network server.
CN201810766351.1A 2018-07-12 2018-07-12 Electronic signature processing method and device based on video network Withdrawn CN110719171A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810766351.1A CN110719171A (en) 2018-07-12 2018-07-12 Electronic signature processing method and device based on video network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810766351.1A CN110719171A (en) 2018-07-12 2018-07-12 Electronic signature processing method and device based on video network

Publications (1)

Publication Number Publication Date
CN110719171A true CN110719171A (en) 2020-01-21

Family

ID=69209222

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810766351.1A Withdrawn CN110719171A (en) 2018-07-12 2018-07-12 Electronic signature processing method and device based on video network

Country Status (1)

Country Link
CN (1) CN110719171A (en)

Similar Documents

Publication Publication Date Title
CN108965224B (en) Video-on-demand method and device
CN108881815B (en) Video data transmission method and device
CN108574818B (en) Information display method and device and server
CN109167960B (en) Method and system for processing video stream data
CN109769123B (en) Method and system for processing video networking data
CN108965226B (en) Data acquisition method and device based on video network
CN109788247B (en) Method and device for identifying monitoring instruction
CN108965227B (en) Data processing method and video networking conference server
CN110460469B (en) System upgrading method and device and storage medium
CN109743555B (en) Information processing method and system based on video network
CN109743284B (en) Video processing method and system based on video network
CN111786778A (en) Method and device for updating key
CN109347844B (en) Method and device for accessing equipment to Internet
CN112203149B (en) Video networking software updating method and device based on domestic password
CN110535856B (en) User authentication method, device and storage medium
CN110072154B (en) Video networking-based clustering method and transfer server
CN112291072A (en) Secure video communication method, device, equipment and medium based on management plane protocol
CN110022500B (en) Packet loss processing method and device
CN109640194B (en) Method and device for acquiring terminal permission through two-dimensional code based on video network
CN109376507B (en) Data security management method and system
CN108965219B (en) Data processing method and device based on video network
CN108881148B (en) Data acquisition method and device
CN110620936B (en) Video network video backup method and device, electronic equipment and storage medium
CN110809023B (en) Communication connection establishing method and device based on video networking
CN109587436B (en) Video networking conference management platform login method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20200121